Lucene search
+L
SeebugRecent

56796 matches found

seebug
seebug
•added 2014/07/01 12:0 a.m.•24 views

MyBulletinBoard 1.x UserCP.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19193/info MyBulletinBoard is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the brows...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•9 views

Instant Photo Gallery 1.0 content.php cid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15659/info Instant Photo Gallery is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successfu...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•8 views

Juniper Networks Secure Access 2000 Web - Root Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28037/info Juniper Networks Secure Access 2000 is prone to a path-disclosure vulnerability. Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks. Secure Access 20...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•16 views

WordPress Community Events plugin <= 1.2.1 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Community Events plugin = 1.2.1 SQL Injection Vulnerability Date: 2011-09-07 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/community-events.zip Version: 1.2.1 tested...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•22 views

Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3139/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. A buffer overflow has been discovered in the handling of $ORACLEHOME ...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•17 views

IT!CMS 0.2 titletext-ed.php wndtitle Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•20 views

Panda ActiveScan 5.0 ascontrol.dll Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10067/info It has been reported that Panda ActiveScan may be prone to a denial of service vulnerability that may cause an instance of Internet Explorer to crash. The issue may present it self when the 'SetSitesFile' is...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•13 views

Elastic Path 4.1 - manager/fileManager.jsp dir Variable Traversal Arbitrary Directory Listing

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•23 views

Windows Mobile 6.5 TR (WinCE 5.2) MessageBox Shellcode (ARM)

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•25 views

Madness Pro <= 1.14 - Persistent XSS

No description provided by source. !/usr/bin/env python2 -- coding: utf-8 -- Exploit Title: Madness Pro %3C%2Fscript%3E%3C%2Fa%3E" "%3Ca%20href%3D%22%23%22%20onclick%3D%5C%22setstatus\'12345".formatpanelindexurl, beefhookurl print f.read installbeefhookbeefhook, panelurl...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•12 views

Apple Safari 3 for Windows Document.Location Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24499/info Apple Safari for Windows is prone to a denial-of-service vulnerability because it fails to properly handle user-supplied input. An attacker may exploit this issue by enticing victims into opening a maliciously...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•21 views

phpBB <= 2.0.21 (Poison NULL Byte) Remote Exploit

No description provided by source. !/usr/bin/perl -w Author: ShAnKaR Title: multiple PHP application poison NULL byte vulnerability Applications: phpBB 2.0.21, punBB 1.2.12 Threat Level: Critical Original advisory in Russian: http://www.security.nnov.ru/Odocument221.html Poison NULL byte...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•30 views

Monalbum 0.8.7 - Remote Code Execution Exploit

No description provided by source. ?php / \|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ /...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•11 views

MMHAQ CMS sqli vulnersbility

No description provided by source. MMHAQ CMS sqli vulnersbility +Title: MMHAQ CMS sqli vulnersbility +Version: only one version is released +Download: http://www.mmhaq.net/index.php?page=packlinux +Author: s1ayer +Contact: [email protected] Description: MMHAQ CMS fully functional Content...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•16 views

Centreon IT & Network Monitoring 2.1.5 - Injection SQL

No description provided by source. !/usr/bin/perl //--------PoC---------// Title : Centreon IT & Network Monitoring v2.1.5 - Injection SQL Version : 2.1.5 Author : Jonathan Salwan [email protected] Vuln sql injection http://localhost/centreon/main.php?p=201&hostid=-1%20SQL Injection&o=p&min=1...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•16 views

Bit Weaver 2.7 - Local File Inclusion Vulnerability

No description provided by source. ------------------------------------------------------------------------ Software................Bit Weaver 2.7 Vulnerability...........Local File Inclusion Download................http://www.bitweaver.org/ Release Date............7/1/2010 Tested...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•14 views

FreeFloat FTP Server REST Buffer Overflow (MSF)

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•17 views

MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (3)

No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•15 views

CarLine Forum Russian Board 4.2 line.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•10 views

Contrexx CMS 1.0.x Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17128/info Contrexx CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•10 views

Campsite CMS remote Persistent XSS vulnerability

No description provided by source. Exploit Title: Campsite CMS remote Persistent XSS vulnerability Date: 15th july 2010 Author: D4rk357 Critical:Low Contact:bd4rk357atyahoodotin Software Link:bhttp://www.sourcefabric.org/en/home/web/78/Demo--Documentation.htm?tpl=18 Greetz to:bb0nd,...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•13 views

All In One Control Panel 1.3.x cp_downloads.php did Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/22032/info All In One Control Panel is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•22 views

Rational Software Hidden Administrator 1.7 - Auth Bypass Exploit

No description provided by source. Hidden Administrator Authenticaiton Bypass Exploit ahmedatrewterz.com http://www.securityfocus.com/bid/24049 C:\python rewt-ha-exp.py Usage: rewt-ha-exp.py -h host ip -p port -t tftpd server ip make sure nc.exe exists on tftpd server C:\telnet 192.168.1.4 4444...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•15 views

Basit 1.0 Search Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7142/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•13 views

Beehive Forum 0.6.2 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16002/info Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•34 views

MPM Guestbook 1.2 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8958/info MPM Guestbook is reported to be prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of HTML from URI parameters, which will be displayed in web pages that are dynamically...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•11 views

ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Remote BOF Exploit

No description provided by source. !/usr/bin/python ProSysInfo TFTP Server TFTPDWIN 0.4.2 Coded by Wraith import os import sys import struct import socket import time print \nProSysInfo TFTP Server TFTPDWIN 0.4.2 print Note: This vuln is sensitive to different buffer length\n if lensys.argv!=2:...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•16 views

Fool's Workshop Owl's Workshop 1.0 multiplechoice/index.php Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•15 views

Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC)

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include stdarg.h include time.h include zlib.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•9 views

Tekno.Portal Bolum.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18216/info Tekno.Portal is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•15 views

SkyBlueCanvas CMS - Remote Code Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•31 views

McKesson Pathways Homecare 6.5 Weak Username and Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3653/info McKesson Pathways Homecare is a client/server application which is used to track patient information, billing information and medical records for home care patients. The administrative username and password are...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•21 views

REZERVI 3.0.2 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•14 views

PHP <= 5.2.1 - Multiple Functions Reference Parameter Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23202/info PHP is prone to an information-disclosure vulnerability due to a design error. The vulnerability resides in various functions that accept parameters as references. Successful exploits will allow attackers to...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•59 views

Webkit Normalize Bug - Android 2.2

No description provided by source. !-- CVE-2010-1759 webkit normalize bug Tested on Moto Droidx2 running 2.2. Droidx2 running 2.3 is vulnerable but exploit fails due to non-executable heap. Still working on a way around that : 2.1 - 2.3 emulator. The changes needed are documented in the code. The...

9.3CVSS8.8AI score0.15733EPSS
Exploits6
seebug
seebug
•added 2014/07/01 12:0 a.m.•18 views

Joomla Component com_xgallery 1.0 - Local File Inclusion Vulnerability

No description provided by source. Exploit Title: Joomla Component comxgallery 1.0 Local File Inclusion Vulnerability Author: KelvinX [email protected] Websites: http://xgroup.vn, http://kelvinx.net, http://facebook.com/kelvinxgr Date: December, 21-2010 Location: HCM City, Vietnam...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•41 views

Cartweaver 2.16.11 Results.cfm category Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17941/info Cartweaver ColdFusion is prone to SQL-injection vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input before using it in SQL queries. Successful exploits...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•17 views

nginx 0.7.61 - WebDAV Directory Traversal

No description provided by source. Bug Title: nginx webdav copy/move method directory traversal Program: nginx Version: nginx/0.7.61 - other versions may also be affected Website: http://sysoev.ru/nginx/ Severity: Low Date discovered: 23 September 2009 The webdav component has to be enabled and t...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•18 views

Magic List Pro view_archive.cfm ListID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to inject malicious SQL co...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•14 views

IBM Websphere Edge Server 3.69/4.0 HTTP Header Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6001/info A vulnerability has been discovered in the Caching Proxy component bundled with the IBM Websphere Edge Server. Due to insufficient sanitization of user-supplied input it is possible for an attacker to construct ...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•14 views

Magic Photo Storage Website user/user_membership_password.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•24 views

Magic Photo Storage Website user/login.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•16 views

netwin netauth 4.2 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1587/info A remote user is capable of gaining read access to any known file residing on a host running Netwin Netauth through directory traversal. Appending a series of '../' and the desired file name to the 'page' variab...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•34 views

pChart 2.1.3 - Multiple Vulnerabilities

No description provided by source. Exploit Title: pChart 2.1.3 Directory Traversal and Reflected XSS Date: 2014-01-24 Exploit Author: Balazs Makany Vendor Homepage: www.pchart.net Software Link: www.pchart.net/download Google Dork: intitle:pChart 2.x - examples intext:2.1.3 Version: 2.1.3 Tested...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•41 views

WebCalendar <= 1.2.4 (install/index.php) Remote Code Execution

No description provided by source. ?php / ----------------------------------------------------------------------- WebCalendar = 1.2.4 install/index.php Remote Code Executionn Exploit ----------------------------------------------------------------------- author..........: Egidio Romano aka EgiX...

9.2AI score0.79764EPSS
Exploits15
seebug
seebug
•added 2014/07/01 12:0 a.m.•24 views

Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)

No description provided by source. Pure-FTPd Crash PoC Null Pointer Dereference, tested with pure-ftpd v1.0.21 centos 6.2, ubuntu 8.04 latest version v1.0.36 is not affected !! discovered by Kingcope root@ubuntu: grep seg /var/log/syslog Aug 13 13:55:28 ubuntu kernel: 226.791747 pure-ftpd4825:...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•37 views

AWStats 5.x/6.x Logfile Parameter Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12572/info AWStats is reported prone to a remote arbitrary command-execution vulnerability. This issue occurs because the application fails to properly sanitize user-supplied data. Specifically, the user-specified 'logfil...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•33 views

Quicktech SQL Injection Vulnerability

No description provided by source. + Exploit Title : Quicktech Sql Injection Vulnerability + Author : eXeSoul + Contact : [email protected] + Date : 02-03-2011 + category: Web Apps SQli + HomePage : www.indishell.in + Version : all + Tested on : windows/linux + Vulnerability Style : PHP Sql...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•18 views

Firebird 1.5 - Local Inet_Server Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17077/info Firebird is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly check boundaries of user-supplied command-line argument data before copying it to an...

7.1AI score
Exploits0
seebug
seebug
•added 2014/07/01 12:0 a.m.•31 views

Joomla Component (com_remository) Remote Upload File

No description provided by source. I N F O Exploit Title: Joomla comremository Remote Upload File Date: 2010-08-26 Author: J3yk0ob Home : http://www.J3yk0ob.com E X P L O I T 1. Register On Site 2. http://www.Target.com/index.php?option=comremository&Itemid=Itemid&func=addfile 3. Add your php fil...

7.1AI score
Exploits0
Total number of security vulnerabilities56796