Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

Phorum 5.0.11 Read.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14095/info Phoroum is prone to SQL injection attacks. Insufficient sanitization of user input may allow a malicious user to manipulate the structure and logic of database queries. Successful exploitation could allow the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

PHPTB Topic Board 2.0 tech_o.php absolutepath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

4images 1.7.1 member.php sessionid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17748/info 4Images is prone to multiple, unspecified SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successf...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Play [EX] 2.1 Playlist File (M3U/PLS/LST) DoS Exploit

No description provided by source. !/usr/bin/perl Play EX 2.1 Playlist File M3U/PLS/LST DoS Exploit Exploit discovered and coded by Death Shadow Dark Tested on Windows 7 Pro 64 bit and Windows XP SP3 Pro Sofware Link http://www.nautrup.com/pex/PlayEXPlayer.html [email protected]...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

INND/NNRP < 1.6.x - Remote Root Overflow Exploit

No description provided by source. / INND/NNRP remote root overflow / include stdio.h include stdlib.h include unistd.h include sys/types.h define DEFAULTOFFSET 792 define BUFFERSIZE 796 define ADDRS 80 define RET 0xefbf95e4 define NOP \x08\x21\x02\x80 int mainargc, argv int argc; char argv; char...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Phorum 5.2 admin/users.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

ANE CMD CRSF - Add Admin

No description provided by source. ======================================================================= AneCMS CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•34 views

MyGuestbook 0.6.1 Form.Inc.PHP3 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

MyWeb HTTP Server 3.3 GET Request Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10303/info A vulnerability has been reported for MyWeb HTTP server. The problem occurs due to insufficient bounds checking when handling GET requests. As a result, an attacker may be capable of corrupting sensitive data...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

GSC Client 1.00 2067 - Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29718/info GSC Client is prone to a privilege-escalation vulnerability because it fails to sufficiently validate administrator credentials. An attacker can exploit this vulnerability to perform unauthorized administrative...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

php php/fi 2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2250/info PHP/FI is an software suite designed to offer enhanced features to sites served via the World Wide Web. It is open source, freely available, and maintained by the PHP development team. A problem with the softwar...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Mail-it Now! Upload2Server 1.5 - Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14821/info Mail-it Now! Upload2Server is prone to an arbitrary file upload vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before uploading files. Successful...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

@Mail 5.42 and @Mail WebMail 5.0.5 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30992/info @Mail and @Mail WebMail are prone to multiple cross-site scripting vulnerabilities because the applications fail to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•95 views

Adobe ColdFusion APSB13-03 Remote Exploit

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'digest/sha1'...

10CVSS0.93797EPSS
Exploits12
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•30 views

Google FeedBurner FeedSmith 2.2 Cross-Site Request Forgery Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25921/info FeedBurner FeedSmith is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to use a victim's currently active session to perform actions with the application...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

EazyPortal <= 1.0 (COOKIE) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Vendor url: http://www.eazyportal.com/ by Iron - http://www.randombase.com exploit goes through $COOKIE use LWP::UserAgent; use MIME::Base64; print EazyPortal = 1.0 SQL Injection Exploit By Iron - www.randombase.com Greets to everyone at RootShell...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Apple WebKit build 18794 WebCore Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22059/info Apple WebKit is prone to a denial-of-service vulnerability. Attackers may exploit this issue by enticing victims into opening a malicious HTML document with an application using the affected framework. Successf...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Claroline 1.8.9 exercise/exercise.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

XGB 1.2 - Remote Form Field Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4515/info xGB is guestbook software. It is written in PHP and will run on most Unix and Linux variants as well as Microsoft Windows operating systems. xGB does not sufficiently validate input that is supplied via form...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

OpenNetAdmin 13.03.01 - Remote Code Execution

No description provided by source. Exploit Title: OpenNetAdmin Remote Code Execution Date: 03/04/13 Exploit Author: Mandat0ry aka Matthew Bryant Vendor Homepage: http://opennetadmin.com/ Software Link: http://opennetadmin.com/download.html Version: 13.03.01 Tested on: Ubuntu CVE : No CVE exists -...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

WordPress <= 2.2.3 wp-admin/edit.php backup Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27123/info WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

ShopCartCGI 2.3 gotopage.cgi Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/9670/info It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input. Upon successful exploitation of this issue an attack...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

FlatFile Login System - Remote Password Disclosure Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Zend Server 5.6.0 - Multiple Remote Script Insertion Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

Pre Web Host System Authentication Bypass

No description provided by source. Exploit Title: Pre webhost System authentication bypass Date: 16th july 2010 Author: D4rk357 Critical:high contact:d4rk357atyahoodotin Price : 150$ Software Link:http://preproject.com/preweb.asp Greetz to :b0nd, Fbih2s,Beenu,rockey killer,The empty,...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/670/info A vulnerability in the Linux kernel allows remote users to guess the initial sequence number of TCP sessions. This can be used to create spoofed TCP sessions bypassing some types of IP based access controls. The...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Orb 2.0.01.0049 - 2.54.0018 - DirectShow DoS

No description provided by source. When Orb is first installed it registers several Direct Show filters with the system. When registered these filters are then called whenever a file which has a dependency on such a required filter is accessed. By specially crafting specific headers embedded into...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•9 views

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

No description provided by source. $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•201 views

Papoo CMS 3.2 IBrowser Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19807/info Papoo CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious P...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

Computalynx CMail 2.3 Web File Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/281/info A vulnerability in Computalynx's CMail allows remote malicious users to steal local files. Compulynx's CMail is a Win32 mail server program. One of its features is allowing users to access their email with a web...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•1241 views

ArticleBeach Script <= 2.0 (index.php) Remote File Inclusion Vulnerability

No description provided by source. ------------------------------------------------------------------------------ ArticleBeach Script = 2.0 page Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•9 views

Zomplog 3.3/3.4 Detail.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15168/info Zomplog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplie...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Joomla Component graphics (com_graphics) 1.0.6 - LFI Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Softbiz Jobs (news_desc) SQL Injection Vulnerability

No description provided by source. Softbiz Jobs newsdesc SQL Injection Vulnerability Author : Baybora Homepage : http://www.1923turk.com Blog : http://baybora.wordpress.com/ Script : softbizscripts Download : http://www.softbizscripts.com/ Exploat :newsdesc.php?id=SQL...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

Cscope 13.0/15.x Insecure Temporary File Creation Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/11697/info Cscope creates temporary files in an insecure way. A design error causes the application to fail to verify the presence of a file before writing to it. During execution, the utility reportedly creates temporary...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

Ask.com Toolbar askBar.dll ActiveX Control Buffer Overflow

No description provided by source. $Id: askshortformat.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

NullLogic Null HTTPd 0.5 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8697/info Null HTTPd has been reported prone to a remotely triggered denial of service vulnerability. The issue has been reported to present itself in the HTTP POST handling routines within the Null HTTPd server. It has...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•63 views

Parallels H-Sphere 3.0/3.1 'login.php' Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31256/info H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•36 views

IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation

No description provided by source. Exploit-DB Note: Screenshot provided by exploit author !/bin/sh Exploit Title: IBM AIX 6.1 / 7.1 local root privilege escalation Date: 2013-09-24 Exploit Author: Kristian Erik Hermansen [email protected] Vendor Homepage: http://www.ibm.com Software...

7.2CVSS6.5AI score0.02846EPSS
Exploits8
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

PGN2WEB 0.3 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12023/info It is reported that pgn2web is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it into a fixed-size...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

Joomla Component com_linkr - Local File Inclusion

No description provided by source. .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : Joomla Component comlinkr .:. Bug Type : Local File Inclusion LFI .:. Dork : inurl:comlinkr === Exploit ===...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Invision Power Services Invision Board 2.0.4 Search Action Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Internet Security Systems BlackICE PC Protection 3.6 Firewall.INI Local Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10915/info It is reported that BlackICE PC Protection is prone to a local buffer overrun when handling excessive input in certain configuration directives parsed from the firewall.ini file included with the software. It i...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Mini-stream ripper 3.0.1.1 - (.pls) Local Universal Buffer Overflow Exploit

No description provided by source. / riptheministreamripper.c Mini-stream ripper = 3.0.1.1 .pls Local Universal Buffer Overflow Exploit exploited by: mrme Greetz to the Corelan Security Team: corelanc0d3r, rick, edi, dellnull, marko T, phifli, corelanc0d3r Visit: corelanc0d3r's blog...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•46 views

Wordpress drag and drop file upload 0.1 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: Wordpress drag and drop file upload 0.1 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/drag-drop-file-uploader/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.ali.dj/ Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Free SMTP Server <= 2.2 Spam Filter Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•42 views

NoseRub <= 0.5.2 Login SQL Injection Vulnerability

No description provided by source. -- ---------- ---- - ---------------------------- ---------- ---- -- ----------------------------- ------------- ---seclog- ------------------ ------------ -- --- ------------------- --------- ---- ------------------- ------- -------------------------- ---...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

DotClear <= 1.2.4 (prepend.php) Arbitrary Remote Inclusion Exploit

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•70 views

WEBBDOMAIN Post Card <= 1.02 (catid) SQL Injection Vulnerability

No description provided by source. post Card catid Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc MaiL : [email protected] script : http://webbdomain.com/php/postcarden/index2.php script : http://webbdomain.com/php/postcardir/index2.php DorK :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

webSPELL <= 4.01.02 Remote PHP Code Execution Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; Admin id: 1 Admin hash: 7b24afc8bc80e548d66c4e7ff72171c5 Logged in wsauth=1%3A7b24afc8bc80e548d66c4e7ff72171c5 Trying to upload the malicious file Done http://localhost/webspell4.01.02/downloads/c99shell.php if$ar...

7.1AI score
Exploits0
Total number of security vulnerabilities56796