Lucene search
+L
SeebugRecent

56796 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Snipe Gallery 3.1.4 view.php gallery_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15844/info Snipe Gallery is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabiliti...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Blazix 1.2 Special Character Handling Server Side Script Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/5566/info Blazix is a freely available, open source web server written in Java. It is available for Linux and Microsoft Windows operating systems. When a user passes a request to the web server that ends in either a plus ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.79 views

Serendipity <= 1.0.3 (comment.php) Local File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

OnlineArts DailyDose 1.1 dose.pl Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9000/info It has been reported that DailyDose may be prone to a remote command execution vulnerability due to insufficient sanitization of $temp variable in dose.pl script. An attacker may submit arbitrary commands that...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

FreeBSD 3.3 gdc Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/834/info There is a buffer overflow vulnerability known to be present in the version of gdc shipped with the 3.3-RELEASE version of FreeBSD. By default, only users in group wheel have execute access to gdc. The overflow...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.8 views

Gore <= 1.50 Socket Unreacheable Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h / winerr.h + amp2zero.c / [email protected] / / Header file used for manage errors in Windows It support socket and errno too this header replace the previous...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities

No description provided by source. Advisory: Serendipity 1.7.5 Backend - Multiple security vulnerabilities Advisory ID: SSCHADV2014-003 Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.7.5 Vendor URL: http://www.s9y.org/ Vendor Status: fixed =========================...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Autentificator 2.01 Aut_Verifica.Inc.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19813/info Autentificator is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.26 views

mybulletinboard (mybb) <= 1.2.10 Multiple Vulnerabilities

No description provided by source. waraxe-2008-SA061 - Remote Code Execution in MyBB 1.2.10 =============================================================================== Author: Janek Vind waraxe Independent discovery: koziolek Date: 16. January 2008 Location: Estonia, Tartu Web:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.38 views

IKE Aggressive Mode Shared Secret Hash Leakage Weakness

No description provided by source. source: http://www.securityfocus.com/bid/7423/info When a VPN is configured to use a pre-shared master secret and a client attempts to negotiate keys in aggressive mode, a hash of the secret is transmitted across the network in clear-text. This may result in the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Xunlei Web Thunder 5.6.9.344 ActiveX Control DownURL2 Method Remote Buffer Overflow Vulnerability

No description provided by source. var she132132132132llc13ode = unescape “%u9090 " + " %u9090 " + “%uefe9%u0000%u5a00%ua164%u0030%u0000%u408b%u8b0c” + “%u1c70%u8bad%u0840%ud88b%u738b%u8b3c%u1e74%u0378” + “%u8bf3%u207e%ufb03%u4e8b%u3314%u56ed%u5157%u3f8b” +...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.32 views

Invision Power Board 2.x - 'Signature' iFrame Security Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28466/info Invision Power Board IP.Board is prone to a security vulnerability that can aid attackers in social-engineering attacks. Attacker-supplied script code could exploit vulnerabilities in the user's browser or give...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.30 views

YOOtheme Warp5 Joomla! Component 'yt_color' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37239/info The Warp5 component for Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.22 views

Telekorn Signkorn Guestbook 1.x entry.php dir_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and t...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

NetPilot/Soho Blue Router 6.1.15 - Privilege Escalation

No description provided by source. pdf...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.22 views

ECI Telecom B-FOCuS Router 312+ Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14364/info B-FOCuS Router 312+ is affected by a vulnerability that can allow unauthorized attackers to gain access to an affected device. An attacker can disclose the administrator password through the Web interface of th...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

WordPress Tune Library plugin <= 2.17 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Tune Library plugin = 2.17 SQL Injection Vulnerability Date: 2011-09-10 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/tune-library.zip Version: 1.5.1 tested Notes:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.20 views

MyBB MyStatus 3.1 - SQL Injection Vulnerability

No description provided by source. ?--------------------------------------------------------------------- Exploit Title : MyBB MyStatus 3.1 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ : mariovsato2.pl...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

YourArcadeScript 2.4 (index.php id parameter) SQL Injection

No description provided by source. Exploit Title: YourArcadeScript 2.4 SQLi Vulnerability Version: 2.4 Date: 17/08/2012 Author: DaOne LCA Software Link: http://www.yourarcadescript.com Google Dork: intext:Powered by YourArcadeScript 2.4 Exploit http://localhost/index.php?act=cat&id=Error Based...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

BlogWorx 1.0 Blog Database Disclosure Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.26 views

PsychoStats <= 2.3.3 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. Viva IslaM Viva IslaM rEm0te SQL InjEction VulnErability PsychoStats Versions - v2.3 - v2.3.1 - v2.3.3 - map.php id & weapon.php id AuTh0r : Mr.SQL -:: ThE Geek InjEcT0r ::- H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] Script Name : PsychoStats Versions - v2...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

OpenEMR 4.0.0 - Multiple Vulnerabilities

No description provided by source. ------------------------------------------------------------------------ Software................OpenEMR 4.0.0 Vulnerability...........Local File Inclusion Threat Level............Critical 4/5 Download................http://www.oemr.org/ Discovery...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

ideacart 0.02 (lfi/sql) Multiple Vulnerabilities

No description provided by source. IdeaCart 0.02 LFI/SQL Multiple Remote Vulnerabilities Author: nuclear LFI: http://127.0.0.1/index.php?page=../../../../../../../../../etc/passwd%00 SQL: http://127.0.0.1/secure/index.php?cID=1%20union%20select%201,2,3,4,5,6,@@version,8%23 notes: get ur sql resul...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.17 views

Mambo Open Source 4.5 index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/9890/info It has been reported that the Mambo 'index.php' script is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. This issue...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

Docebo 3.6.0.3 - Multiple SQL-Injection Vulnerabilities

No description provided by source. Application: Docebo Version affected: 3.6.0.3 Website: http://www.docebo.com Discovered By: Andrea Fabrizi Email: andrea.fabrizi at gmail dot com email concealed Web: http://www.andreafabrizi.it Vuln: Multiple SQL-Injection Vulnerabilities EXAMPLE 1...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.53 views

Java Statement.invoke() Trusted Method Chain Exploit

No description provided by source. $Id: javatrustedchain.rb 11345 2010-12-15 22:46:22Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

7.5CVSS0.2AI score0.96319EPSS
Exploits5
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit

No description provided by source. ?php / This exploit was designed to work with PHP versions 4.3.10 and 4.4.0 under Windows XP SP 1. If another operating system is used, the replacement EIP must be changed. The replacement EIP is written 261 bytes into our string. For this exploit, I used a CALL...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Bedder CMS Blind SQL Injection Vulnerability

No description provided by source. +Exploit Title: Bedder CMS Blind SQL Injection Vulnerability +Author : ^Xecuti0n3r + Date : 15.04.2011 + Hour : 13:37 PM + E-mail : xecuti0n3ryahoo.com + dork : intext:Design by Bedder + Category : Web Apps Blind SQli Choose any site that comes up when you enter...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.76 views

Sudo 1.6.x Password Prompt Heap Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4593/info Sudo is a widely used Linux/Unix utility allow users to securely run commands as other users. Sudo is vulnerable to a heap overflow condition related to it's customizable password prompt feature. The nature of t...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Microsoft Windows NT 4.0 Invalid LPC Request DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1743/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedure Call that takes place between differen...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

NuKed-Klan 1.x Submit Link Function HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11733/info NuKed-Klan 'submit URI link' function is reported prone to a HTML injection vulnerability. It is reported that the issue exists due to a lack of sufficient input validation performed on the 'website name' input...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Mutiny Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.36 views

Press Release Script (page.php id) SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Scry Gallery Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17649/info Scry Gallery is prone to a directory-traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.20 views

PlanetSearch + Planetsearchplus.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17527/info PlanetSearch + is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the brows...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

RedHat Linux <= 6.0, Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)

No description provided by source. source: http://www.securityfocus.com/bid/588/info A buffer overflow existed in libtermcap's tgetent function, which could cause the user to execute arbitrary code if they were able to supply their own termcap file. Versions of libtermcap 2.0.8 and earliear are...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.20 views

AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow

No description provided by source. Title: ====== AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=492 VL-ID: ===== 492 Introduction: ============= An all-in-one user-friendly DVD ripper,...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.32 views

Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

No description provided by source. Exploit Title: Dolibarr 3.4.0 SQLi Date: 10/7/2013 Exploit author: drone @dronesec More information: http://forelsec.blogspot.com/2013/10/dolibarr-340-multiple-vulnerabilities.html Vendor homepage: http://www.dolibarr.org/ Software link: Version: 3.4.0 Fixed in:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.33 views

Singapore 0.9.7 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17874/info The 'singapore' application is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.39 views

Check Point Software Firewall-1 3.0/1 4.0 Session Agent Impersonation Vulnerability

source: http://www.securityfocus.com/bid/1661/info A vulnerability exists in the Session Agent portion of Firewall-1, from Check Point. This vulnerability appears to affect all versions of the session agent prior to the one shipped in FW-1 4.1. The session agent listens on a Windows 9x or NT box...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Xtreme ASP Photo Gallery 2.0 displaypic.asp sortorder Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21138/info Xtreme ASP Photo Gallery is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues and an HTML-injection issue because the application fails to properly...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Apache Tomcat 3.2.3/3.2.4 RealPath.JSP Malformed Request Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/4878/info Apache Tomcat is a freely available, open source web server maintained by the Apache Foundation. Under some circumstances, Tomcat may yield sensitive information about the web server configuration. When the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

OTRS Open Technology Real Services 3.1.8 and 3.1.9 XSS Vulnerability

No description provided by source. !/usr/bin/python ''' Author: Mike Eduard - Znuny - Enterprise Services for OTRS Product: OTRS Open Technology Real Services Version: 3.1.8 and 3.1.9 Vendor Homepage: http://otrs.org CVE: 2012-4600 Timeline: 22 Aug 2012: Vulnerability reported to vendor and CERT ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.38 views

Pre News Manager <= 1.0 (index.php id) SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV97$2008 ----------------------------------------------------------------------------------------- ECHOADV97$2008 Pre News Manager = 1.0 index.php id Sql Injection...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

idevspot Text ads 2.08 sqli vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.10 views

Bytehoard 0.7 File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8850/info Bytehoard is prone to directory traversal attacks. This could potentially permit remote attackers to gain unauthorized access to sensitive files hosted on the system running the software...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.36 views

Adobe eBook Reader 2.2 File Restoration Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5273/info Adobe eBook Reader is a client side application which is able to view Adobe eBooks, available for Microsoft Windows and Macintosh OS 9. eBooks are electronic books which provide some protection for content. User...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.22 views

wftpd server 3.30 Multiple Vulnerabilities (0day)

No description provided by source. includestdio.h includesys/types.h includesys/socket.h includenetinet/in.h includeunistd.h define ALOCtip,n tipmallocsizeoftipn define POCNAME WFTPD 3.30 Multiple remote vulnerabilities0day define AUTHOR fl0 fl0w typedef int i32; typedef char i8; typedef short i1...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Dating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary...

7.1AI score
Exploits0
Total number of security vulnerabilities56796