Lucene search
+L
SeebugRecent

56796 matches found

seebug
seebug
added 2014/07/01 12:0 a.m.18 views

MzK Blog Katgoster.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24909/info MzK Blog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.23 views

Creative Software UK Community Portal 1.1 EventView.php event_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.246 views

Serendipity 0.x Exit.PHP HTTP Response Splitting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11497/info Serendipity is reported prone to an HTTP response splitting vulnerability. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached or interpreted. This...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Passport PC To Host Malformed .zws file Memory Corruption Vulnerability

No description provided by source. Exploit Title: Passport PC To Host Malformed .zws file Memory Corruption Date: 3-3-12 Author: Silent Dream Software Link: http://www.zephyrcorp.com/terminal-emulation/ Version: Latest 2011-506-S Tested on: Windows XP SP3 my $file = passportpwn.zws; my $head =...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.31 views

SCO Unixware 7.0/7.0.1/7.1/7.1.1 'uidadmin' Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/842/info Certain versions of SCO Unixware ship with an exploitable version of the /usr/bin/uidadmin program. The problem lies in that 'uidadmin' runs with root privileges and performs insecure writes to a scratch director...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

N-13 News 1.2 - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15643/info N-13 News is prone to an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

VUPlayer <= 2.49 - (.cue) Universal Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl VUPlayer = 2.49 .cue Universal Buffer Overflow Exploit By Stack Big THnx to Simo-Soft Reference http://www.milw0rm.com/exploits/8138 this exploit work just on Xp SP2 Other exploit http://www.milw0rm.com/related.php?program=VUplayer use strict; use...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.8 views

ProNews 1.5 admin/change.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21516/info ProNews is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues, an SQL-injection issue, and a cross-site scripting issue, because the application fails to sufficiently...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.22 views

plesk <= 8.1.1 login.php3 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23639/info Plesk is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Siteman 2.0.x2 - 'module' Parameter Cross-Site Scripting and Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28943/info Siteman is prone to a local file-include vulnerability and a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this as a...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

Xmail 0.5/0.6 CTRLServer Remote Arbitrary Commands Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2360/info Versions of CTRLServer are vulnerable to malicious user-supplied input. A failure to properly bounds-check data passed to the cfgfileget command leads to an overflow, which, properly exploited, can result in...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.25 views

fims File Management System <= 1.2.1a Multiple Vulnerabilities

No description provided by source. Exploit Title: fims - File Management System = 1.2.1a SQL Injection and Vulnerability Date: 2011-10-19 Author: Skraps jackie.craig.sparksatlive.com jackie.craig.sparksatgmail.com @skrapsfoo Software Link: http://fims.codeplex.com/ Version: 1.2.1a tested...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.25 views

Sagem Routers Remote Reset Exploit

No description provided by source. !/usr/bin/perl Exploit Title: Sagem routers Remote Reset Exploit Date: 04/03/2010 Author: AlpHaNiX Software Link: null Version: Sagem Routers F@ST 1200/1240/1400/1400W/1500/1500-WG/2404 Tested on: Sagem F@ST 2404 Code : use HTTP::Request; use HTTP::Headers; use...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.35 views

PHP 4.x SafeMode Arbitrary File Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2954/info PHP is the Personal HomePage development toolkit, distributed by the PHP.net, and maintained by the PHP Development Team in public domain. A problem with the toolkit could allow elevated privileges, and...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.17 views

Piwigo 2.6.1 - CSRF Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

VisionGate 1.6 'login.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37569/info VisionGate is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

NETObserve 2.0 Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9319/info NETObserve is prone to a vulnerability that may permit remote unauthenticated users to access functions of the software. Due to the nature of the software, this could permit an attacker to execute commands...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

PHP-Nuke 5.6 Modules.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6088/info A SQL injection vulnerability has been reported for PHP-Nuke 5.6. The vulnerability is due to insufficient sanitization of variables used to construct SQL queries in some scripts. It is possible to modify the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.113 views

Umbraco CMS Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Moodle 2.3.8, 2.4.5 - Multiple Vulnerabilities

No description provided by source. Ciaran McNally Application: Moodle http://download.moodle.org/ Versions: = 2.3.8, 2.4.5 Platforms: Windows, Mac, Linux Bug: Persistant XSS / CSRF Exploitation: WEB Date: 9 September 2013. Author: Ciaran McNally Web:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHPWebSite = 0.10.2 remote cmmnds xctn\r\n; echo - arbitrary local inclusion, works with magicquotesgpc = Off\r\n; echo by rgod, mail: [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; if $argc4...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

LibreOffice 3.5.2.2 Memory Corruption

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ?php ------------------------------------------------------------------------------ LibreOffice 3.5.2.2 - soffice.exe\soffice.bin memory corruption author: shinnai mail: shinnaiatautisticidotorg site:...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

PHP FFI Extension 5.0.5 - Local Safe_mode Bypass Exploit

No description provided by source. ?php ---------------------------------------------------- -----PHP FFI Extension Safemode Bypass Exploit----- ---------------------------------------------------- -Tested on 5.0.5------------------------------------...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.448 views

Jax Guestbook 3.50 Page Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17560/info Jax Guestbook is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browse...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

W-Agora 4.0 - add_user.php bn_dir_default Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Elite Gaming Ladders 3.5 - SQL Injection Vulnerability (ladder[id])

No description provided by source. - Elite Gaming Ladders v3.5 SQL Injection Vulnerability - ---Date : 2010-06-19 ---Author : ahwak2000 ---Email : z.u5athotmail.com - Script Info - ---Home : http://eliteladders.com/ - Vulnerability - http://site.com/path/standings.php?ladderid=SQL INj...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Linux Kernel 'pipe.c' - Local Privilege Escalation Vulnerability

No description provided by source. while : ; do echo y ; sleep 1 ; | while read ; do echo z$REPLY; done ; & PID=$! OUT=$ps -efl | grep 'sleep 1' | grep -v grep | read PID REST ; echo $PID; OUT=$OUT%% DELAY=$RANDOM 1000 / 32768 usleep $DELAY 1000 + RANDOM % 1000 echo n /proc/$OUT/fd/1 Trigger defe...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Prototype of an PHP application 0.1 gestion/index.php path_inc Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

free QBoard 1.1 faq.php qb_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

Feindura File Manager 1.0(rc) - Remote File Upload

No description provided by source. =================================================== Feindura File Manager 1.0rc - Remote File Upload =================================================== My + Author : KnocKout Contact : [email protected] Software info Web App. : Feindura - Flat File Content...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

Simpli Easy (AFC Simple) Newsletter <= 4.2 XSS/Information Leakage

No description provided by source. Simpli Easy AFC Simple Newsletter = 4.2 XSS/Information Leakage Date: 30.10.2010 Author: p0deje | http://p0deje.blogspot.com Software Link: http://scubadivingcalculators.com/simpli-easy-newsletter.php Version: = 4.2 1. Cross-site Scripting Vulnerable code: cp.ph...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.29 views

Solaris 2.6 FTP Core Dump Shadow Password Recovery Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2601/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on machines varying...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.11 views

LG U8120 Mobile Phone MIDI File Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13154/info A remote denial of service vulnerability is reported to affect the LG U8120 Mobile Phone. The report indicates that the issue manifests when an affected phone processes a malicious MIDI file. The following...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

event calendar Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11693/info Event Calendar is prone to multiple input validation vulnerabilities. These issues include HTML injection and cross-site scripting. The following specific vulnerabilities were reported: A cross-site scripting...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.14 views

Xftp FTP Client 3.0 PWD Remote Buffer Overflow Exploit

No description provided by source. $Id: xftpclientpwd.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.12 views

McAfee Network Security Manager < 5.1.11.8.1 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.19 views

extent technologies rbs isp 2.5 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1704/info A remote user is capable of gaining read access to any file residing in the same directory of a host running Extent RBS ISP through directory traversal. Appending '../' to the 'image' variable request on port 80...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.37 views

DMXReady Billboard Manager <= 1.1 - Remote File Upload Vulnerability

No description provided by source. Title : DMXReady Billboard Manager = 1.1 Remote File Upload Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 49.97 $ Dork : inurl:incbillboardmanager.asp?ItemID= DorkEx :...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.15 views

Nuked-Klan Module Boutique Blind SQL Injection

No description provided by source. Exploit Title: module boutique nuked klan Google Dork: inurl:index.php?file=Boutique Date: 15/11/2010 Author: AR51Kevinos index.php?file=Boutique&op=cat&catid='...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

Altiris Client 6.0.88 Service Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13409/info A local privilege escalation vulnerability affects the Altiris Client Service. This issue is due to a failure of the application to properly secure access to privileged interfaces. An attacker may leverage this...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.17 views

Realtor Real Estate Agent (idproperty) SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.22 views

Kloxo 6.1.18 Stable - CSRF Vulnerability

No description provided by source. Exploit Title :Kloxo 6.1.18 Stable CSRF Vulnerability Vendor Homepage :http://lxcenter.org/software/kloxo Version :6.1.18 Exploit Author :Necmettin COSKUN =@babayarisi Blog :http://www.ncoskun.com http://www.grisapka.org Discovery date :03/12/2014 CVE :N/A Kloxo...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

WhatsApp Status Changer 0.2 - Exploit

No description provided by source. !/bin/bash WhatsApp Status changer v0.2 stable A slim exploit able to change the WhatsApp user status in a remote way. This program is released under the terms of the GNU General Public License GPL, which is distributed with this software in the file COPYING. Th...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.27 views

joomla component The Estate Agent (com_estateagent) SQL injection Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '72776' ssvid version = '1.0' author = 'kikay' vulDate = '2011-11-29' createDate ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.18 views

LookStrike Lan Manager 0.9 - Remote / Local File Inclusion Vulnerabilities

No description provided by source. --==+================================================================================+==-- --==+ LookStrike Lan Manager v0.9 Remote\Local File Inclusion +==-- --==+================================================================================+==-- Author: MhZ9...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.13 views

IceWarp Web Mail 5.5.1 calendar_w.html createdataCX Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14980/info IceWarp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.9 views

Microsoft Internet Explorer 6.0 Internet.HHCtrl Click Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19109/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue is triggered when an attacker convinces a victim user to visit a malicious website. Remote attackers may exploit this issue ...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.31 views

CyberStrong eShop 4.2 10expand.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14103/info CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. The attacker may accomplish this by...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.21 views

PHP Event Calendar 1.4 Calendar.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18965/info PHP Event Calendar is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...

7.1AI score
Exploits0
seebug
seebug
added 2014/07/01 12:0 a.m.24 views

Apple QuickTime <= 6.5.2.10 (.qtif) Image Parsing Vulnerability

No description provided by source. Added qtif on milw0rm's sploits archive/ /str0ke Application: QuickTime http://www.apple.com/quicktime/ AFFECTED VERSION: Versions verified to be vulnerable: QuickTime.qts 6.5.2.10 and prior versions are affected. The bug: The problem specifically exists when...

7.1AI score
Exploits0
Total number of security vulnerabilities56796