Lucene search
+L
SeebugRecent

56796 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

Red Hat TUX 2.1 .0-2 HTTP Server Oversized Host Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3506/info TUX is a kernel based HTTP server released under the GNU General Public License. It is able to serve static content, cache dynamic content, and coordinate with other HTTP servers to produce dynamic content. An...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

makit news/blog poster 3.1 - DB Download Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.6 views

Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7899/info Sphera HostingDirector VDS Control Panel has been reported prone to several cross-site scripting attacks. The vulnerabilities exist due to insufficient sanitization of user-supplied input for certain URI...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17406/info Bitweaver CMS is prone to multiple cross-site scripting vulnerabilities. Thess issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSuserCGI.exe' Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28222/info Cisco User-Changeable Password UCP is prone to multiple remote vulnerabilities, including cross-site scripting and buffer-overflow vulnerabilities. Exploiting the cross-site scripting issues may help the attack...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/197/info On January 28, 1999, Georgi Guninski originally reported a vulnerability in Internet Explorer 4.x. Internet Explorer 4.x's implentation of Cross-frame security could be bypassed if %01 is appended to an arbitrary...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.26 views

e107 <= 0.7.15 - (extended_user_fields) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/env perl e107 = 0.7.15 extendeduserfields Blind SQL Injection Exploit Description ------------------------------------------------------------------- e107 contains one flaw that allows an attacker to carry out an SQL injection attack. The issue is due ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

Symantec Remote Management Buffer Overflow

No description provided by source. $Id: symantecrtvscan.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Data 1 Systems UltraBB 1.17 'view_post.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38097/info Data 1 Systems UltraBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)

No description provided by source. / Exploit Title: Microsoft Windows Movie Maker = 2.6.4038.0 DLL Hijacking Exploit hhctrl.ocx Date: 24/08/2010 Author: TheLeader Email: gsog2009 a7 hotmail d0t com Software Link:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

SoftBiz Web Hosting Directory Script 1.1 browsecats.php cid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Check Point Firewall-1 4 SecureRemote Network Information Leak Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3058/info SecureRemote is the proprietary VPN infrastructure designed by Check Point Software, and included with some versions of Firewall-1. A problem with the package allows remote users to gain information about intern...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Trend Micro Virus Control System 1.8 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6617/info A denial of service vulnerability has been reported for Trend Micro TVCS. The vulnerability occurs when numerous requests for 'activesupport.exe' are made. This will cause the web server to stop responding to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.17 views

iOS SideBooks 1.0 - Directory Traversal

No description provided by source. Exploit Title: SideBooks v1.0 for iPhone / iPod touch, Directory Traversal Date: 02/22/2011 Author: R3d@l3rt, Sp@2K, Sunlight, Hackkey Software Link: http://itunes.apple.com/kr/app/sidebooks/id409777225?mt=8 Version: 1.0 Tested on: iPhone, iPod 3GS with 4.2.1...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

TFTP Server TFTPDWin 0.4.2 Unspecified Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23937/info TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.27 views

ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BOF Exploit

No description provided by source. !/usr/bin/perl ProSysInfo TFTP server TFTPDWIN = 0.4.2 Universal Remote Buffer Overflow Exploit Works on all Windows versions. ---------------------------------------- Exploit by SkD [email protected] Let's take a description from their page at:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

CSSearch 2.3 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to execute Pe...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.43 views

MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

9.3CVSS0.73753EPSS
Exploits14
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

AwStats <= 6.4 - Denial of Service

No description provided by source. !/usr/bin/perl Summarized the advisory www.ghc.ru GHC: /str0ke 0 Exploitable example raw log plugin: Attacker can read sensitive information http://server/cgi-bin/awstats-6.4/awstats.pl?pluginmode=rawlog&loadplugin=rawlog 1 Perl code execution. This script...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Joomla Component com_software SQL Injection Vulnerability

No description provided by source. Title : Joomla Component comsoftware SQL Injection Vulnerability Author: DevilZ TM Data : 2010-03-24 InformatioN Title : Joomla Component comsoftware SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Email :...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Joomla Component com_ops SQL Injection Vulnerability

No description provided by source. Title : Joomla Component comops SQL Injection Vulnerability Author: DevilZ TM Data : 2010-04-02 InformatioN Title : Joomla Component comops SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Email : [email protected]...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.20 views

Joomla Component com_sbsfile Local File Inclusion

No description provided by source. InformatioN Title : Joomla Component comsbsfile Local File Inclusion Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.20 views

TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit

No description provided by source. !-- Title : TaskTracker All Version Remote Add Admin Exploit Author : ajann Contact : : S.Page : http://www.geckovich.com $$ : $39.99 - $19.99 -- FORM NAME=AddUser METHOD=POST ACTION=http://target/path/Customize.asp?a=Add style=word-spacing: 0; margin-top: 0;...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

AWStats (6.0-6.2) configdir Remote Command Execution Exploit (perl code)

No description provided by source. !/usr/bin/perl ---GHC--------------------------------- Remote command execution exploit Product: Advanced Web Statistics 6.0 - 6.2 URL:http://awstats.sourceforge.net Greets & respects to our friends: 1dt.w0lf and all rst.void.ru Special greets 2 d0G4 & cr0n for...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.61 views

LANDesk Management Gateway 'gsb/drivers.php'代码注入漏洞

No description provided by source. 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date published: 2010-11-10 Date of last update: 2010-11-10 Vendors contacted:...

8.5CVSS6.5AI score0.03508EPSS
Exploits6
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

BlogPHP 2.0 - Persistent XSS Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

WSMP3 0.0.x Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7642/info A vulnerability has been reported in WsMp3. The problem occurs due to insufficient sanitization of HTTP GET requests. As a result, an attacker may be capable of accessing the contents of sensitive system...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

Microsoft MSHTML.DLL CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak (0day)

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

PHP-post Web Forum 0.x.1.0 pm.php replyuser Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application fails to sanitize user-supplied...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

Phorum <= 5.2.11 Permanent Cross Site Scripting Vulnerabilities

No description provided by source. //----- Advisory Program : Phorum 5.2.11 and prior Homepage : http://www.phorum.org/ Discovery : 2009/07/16 Author Contacted : 2009/07/17 Found by : CrashFr This Advisory : CrashFr //----- Application description Started in 1998, Phorum was the original PHP and...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

PHP 5.2 FOpen Safe_Mode Restriction-Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22261/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations; other attacks may also be possible. This vulnerability would ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/11456/info It is reported that cPanel is susceptible to an information disclosure vulnerability in its function to enable Front Page extensions. This vulnerability reportedly allows attackers to gain access to the content...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.8 views

Le Forum 'Fichier_Acceuil' Parameter - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28423/info Le Forum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute malicious PHP code in the context of the webserv...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Microsoft Paint Integer Overflow Vulnerability (DoS) MS10-005

No description provided by source. Date: 2010-05-04 Version: 5.1.2600.2180 Tested on: Windows XP SP2 Exploit-DB Notes: Tested under 32-bit Windows XP SP3 ENG, MS Paint crashes. However, please note this exploit might not actually be related to MS10-005. Thanks to Yaniv Miron. !/usr/bin/perl $PoC ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.26 views

phpMyAdmin <= 3.0.1 'pmd_pdf.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31928/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS

No description provided by source. source: http://www.securityfocus.com/bid/31855/info Google Chrome 0.2.149 is prone to a cross-site scripting weakness that arises because the software fails to handle specially crafted files served using the FTP protocol. Successfully exploiting this issue may...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

PhpMyAdmin 2.x sql.php pos Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.20 views

WordPress Trashbin Plugin 0.1 'mtb_undelete' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37097/info The Trashbin plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass

No description provided by source. source: http://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.29 views

Kaspersky Internet Security 2013 - Denial of Service Vulnerability

No description provided by source. I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any other Kaspersky...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.36 views

FlashBB <= 1.1.8 (sendmsg.php) Remote File Inclusion Vulnerability

No description provided by source. !/usr/bin/perl Flashbb = 1.1.7 - Remote File Inclusion Exploit Url: http://rapidshare.com/files/41426468/FlashBBAaeDueHFcu.zip Exploit: http://site.com/path/phpbb/sendmsg.php?phpbbrootpath=EvilScript: coded and f0und3d by kw3rln officeatrosecuritygroupdotnet...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Foojan PHPWeblog Html Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.28 views

Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability

No description provided by source. Exploit Title: ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability Date: 2010-04-08 Author: ZSploit.com Software Link: N/A Version: N/A Tested on: IBM Informix Dynamic Server 10.0 CVE : CVE-2009-2754 ! /usr/bin/env python...

10CVSS0.3AI score0.40321EPSS
Exploits5
seebug
seebug
added 2014/07/01 12:0 a.m.16 views

Manic Web MWGuest 2.1 MWguest.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17630/info MWGuest is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script cod...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Gnat-TGP <= 1.2.20 Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class GnatTGPRemoteFileIncludePOCBase: vulID = '67834' version = '1' vulDate = '2010-03-03' author = ' '...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

MoinMoin 1.5.x Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23676/info MoinMoin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Microsoft Internet Explorer 6.0 Nested OBJECT Tag Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17658/info Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This issue is due to a flaw in the application in handling nested OBJECT tags in HTML content. An attacker could exploit this issue via...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Rapid Classified 3.1 search.asp SH1 Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Asterisk Recording Interface 0.7.15 Audio.PHP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17641/info Asterisk Recording Interface is prone to an information-disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...

7.1AI score
Exploits0
Total number of security vulnerabilities56796