Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14604/info Mantis is prone to multiple input validation vulnerabilities. These issues involve cross-site scripting, HTML injection and variable poisoning, and are due to a failure in the application to properly sanitize...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Mercury/32 3.32-4.51 - SMTP Pre-Auth EIP Overwrite Exploit

No description provided by source. / Dreatica-FXP crew ---------------------------------------- Target : Mercury/32 SMTP Server Found by : [email protected], http://www.offensive-security.com ---------------------------------------- Exploit : Mercury/32 v3.32-v4.51 SMTP Pre-Auth EIP...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

BES-CMS 0.4/0.5 members/index.inc.php File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9268/info It has been reported that BES-CMS is vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. The...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

ImageMagick 6.x PNM Image Decoding Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13351/info A remotely exploitable client-side buffer-overflow vulnerability affects ImageMagick. This issue occurs because the application fails to properly validate the length of user-supplied strings before copying them...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.81 views

Java Applet Driver Manager Privileged toString() Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class...

10CVSS0.3AI score0.87227EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

KwsPHP Module jeuxflash (cat) 1.0 - Remote SQL Injection Vulnerability

No description provided by source. KwsPHP Module jeuxflash Remote SQL Injection Exploit AUTHOR : HouSSamix From H-T Team Script : KwsPHP Module jeuxflash Version : last version Bug : Remote SQL Injection Exploit Dork : inurl:index.php?mod=jeuxflash EXPLOITS :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Internet Explorer 8 & Internet Explorer 9 - Steal any Cookie

No description provided by source. Exploit Title: Internet Explorer 8 & Internet Explorer 9 steal any Cookie Date: 27.01.2013 Exploit Author: Christian Haider; Email: christian.haider.poc @ gmail dot com; linkedin: http://www.linkedin.com/in/chrishaider Category: remote Vendor Homepage:...

4CVSS0.2AI score0.20379EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Joomla Component com_bfsurvey_basic SQL Injection Vulnerability

Joomla Component combfsurveybasic SQL Injection Vulnerability + Author: FL0RiX + Greez : Wretch-x And All Friends + HomePage : http://oltan.org + Exploit; + null//and//1=0//union//select//concatusername,0x3a,passwordfl0rix,user,user//from//josusers-- F....N; Sen çok üstün zekaya sahip birisin,...

8.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

rsync <= 2.5.7 - Local stack overflow Root Exploit

No description provided by source. / rsync = 2.5.7 Local Exploit Saved EIP on stack is overwritten with address of shellcode in memory Generally rsync is not setuid or setgid so just a local shell is of no use So i used a portbinding shellcode as a PoC of a different attack vector. RET is...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Ananta Gazelle CMS - Update Statement SQL Injection

No description provided by source. Exploit Title: Ananta Gazelle CMS - Update Statement Sql injection Google Dork: - Date: 07-02-2012 Author: hackme Software Link: http://sourceforge.net/projects/ananta/files/stable/Gazelle 1.0 stable/AnantaGazelle1.0.zip/ Version: 1.0 stable Tested on: backbox 2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

WSC CMS (Bypass) SQL Injection Vulnerability

No description provided by source. ------------------------------------------------------ ------------------------------------------------------ | | | | | | | | /| ' \ / \ ' \ / /| ' \ | | | | | | / | | | | | | | | | || || |||| ||//|| || || ------------------------------------------------------...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

x10 mirco blogging 121 - SQL Injection Vulnerability

No description provided by source. =========================================== x10 mirco blogging V121 SQL Injection Vulnerability =========================================== Title: x10 mirco blogging Sql Injection Vendor: www.x10media.com/micro-blog-script Dork: mirco blogging AUTHOR: ITSecTeam...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Linux/ARM - setuid(0) & kill(-1, SIGKILL) - 28 bytes

No description provided by source. / Title: Linux/ARM - setuid0 & kill-1, SIGKILL - 28 bytes Kill all processes Date: 2010-06-29 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Dtabase of shellcodes...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.77 views

FlashChat 6.0.2-6.0.8 - Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: FlashChat File Upload Vulnerability Google Dork: intitle:FlashChat v6.0.8 Date: 02.10.2013 Exploit Author: x-hayben21 Vendor Homepage: www.punish3r.com Software Link: http://www.tufat.com/script2.htm Version: v6.0.8, v6.0.2, v6.0.4, v6.0.5, v6.0.6...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

PHPX 3.x admin/forums.php CSRF Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

ZAPms 1.41- SQL Injection Vulnerability

No description provided by source. ============================================================================================================= o ZAPms = SQL Injection Vulnerability Software : ZAPms Version : 1.41 Vendor : http://www.zapms.de Author : NoGe Contact : nogedotcodeatgmaildotcom Desc...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

SX Design sipd 0.1.2 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9198/info It has been reported that sipd may be prone to a vulnerability that may allow a remote attacker to cause a denial of service condition in the software. The problem is reported to exist in the gethostbynamer...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

VLC 0.8.6d - httpd_FileCallBack Remote Format String Exploit

No description provided by source. / Epibite // bite since 1442 pown meme ta mamie / / Advisory from Luigi Auriemma CVE-2007-6682 / format string in VideoLAN VLC 0.8.6d Description : Format string vulnerability in the httpdFileCallBack function network/httpd.c in VideoLAN VLC 0.8.6d allows remote...

7.5CVSS6.4AI score0.15138EPSS
Exploits7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

X-Cart Pro 4.0.13 - SQL Injection Proof of Concept

No description provided by source. X-Cart Pro v4.0.13 SQL Injection Proof of Concept Discovered By: s4squatch of SecureState R&D Team www.securestate.com Discovered: Mon, 08 Sep 2008 20:29:07 GMT Version: 4.0.13 obtained from www.website.com/README Can't find reference to this old vuln elsewhere...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.40 views

Cisco Collaboration Server 5 XSS, Source Code Disclosure

No description provided by source. Cisco Collaboration Server 5 XSS, Source Code Disclosure Discovered by: s4squatch of SecureState R&D Team www.securestate.com Discovered: 08/26/2008 Note: End of Engineering --...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

DevelopItEasy Events Calendar 1.2 - Multiple SQL Injection Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

PHP <= 5.2.3 snmpget() object id Local Buffer Overflow Exploit (EDI)

No description provided by source. ?php / Inphex reference -http://milw0rm.com/exploits/4204 317 Bytes , Windows Command Shell Bind TCP Inline , Architecture x86 , Windows TinyXP - vm. GET /script.php HTTP/1.1\n telnet 192.168.2.32 4444 Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

AllMyVisitors 0.x info.inc.php Arbitrary Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/9664/info Reportedly the AllMyPHP applications AllMyGuests, AllMyLinks and AllMyVisitors are prone to a remote file include vulnerability. The issue is due to insufficient filtering of URI passed variables that are used i...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

CompactCMS 1.4.0 (tiny_mce) Remote File Upload

No description provided by source. Title: CompactCMS 1.4.0 tinymce Remote File Upload Vendor: http://www.compactcms.nl/ AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Firebird Relational Database isc_create_database() Buffer Overflow

No description provided by source. $Id: fbisccreatedatabase.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Xerver HTTP Server 4.32 - XSS / Directory Traversal Vulnerability

No description provided by source. Xerver HTTP Server v4.32 XSS / Directory Traversal Vulnerability By Stack Directory Traversal Exploit : http://127.0.0.1:32123/action=chooseDirectory&currentPath=d:%5C http://127.0.0.1:32123/action=chooseDirectory&currentPath=c:\ XSS Exploit :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

DreamLevels Dream Poll 3.0 View_Results.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15849/info Dream Poll is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

YaBB SE <= 1.5.5 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl YaBB SE version = 1.5.5 commands execution exploit by RST/GHC GUI version = THIS IS UNPUBLISHED RST/GHC EXPLOIT CODE KEEP IT PRIVATE coded by 1dt.w0lf http://rst.void.ru http://ghc.ru use Tk; use Tk::Menu; use LWP::UserAgent; $top = MainWindow-new...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MambWeather Mambo Module <= 1.8.1 - Remote Include Vulnerability

No description provided by source. Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo module remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/1498/MambWeather181.zip bug found in file : MambWeather/Savant2/Savant2Pluginoptions.php ?php / Base plug...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

phpArcadeScript 2.0 displaygame.php gamefile Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

NinkoBB 1.3RC5 XSS Vulnerability

No description provided by source. Vulnerability ID: HTB22652 Reference: http://www.htbridge.ch/advisory/xssinninkobb.html Product: NinkoBB Vendor: NinkoBB http://ninkobb.com Vulnerable Version: 1.3RC5 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability Type: XSS Cross...

6.7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.42 views

VWar 1.5 war.php vwar_root Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Uebimiau Web-Mail 2.7.10/2.7.2 - Remote File Disclosure Vulnerability

No description provided by source. ---- Uebimiau Web-Mail Remote File Reader ... ITDefence.ru Antichat.ru Uebimiau Web-Mail Remote File Reader Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / / /\ / / / / / / / / / / / //\ \ / / / / // / //...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Yamamah 1.00 - Mullti Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.54 views

IBM AIX 5.6/6.1 - _LIB_INIT_DBG Arbitrary File Overwrite via Libc Debug

No description provided by source. !/bin/sh $Id: raptorlibC,v 1.1 2009/09/10 15:08:04 raptor Exp $ raptorlibC - AIX arbitrary file overwrite via libC debug Copyright c 2009 Marco Ivaldi [email protected] Property of @ Mediaservice.net Srl Data Security Division http://www.mediaservice.net/...

7.2CVSS0.1AI score0.00715EPSS
Exploits10
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

YourFreeWorld Short Url & Url Tracker (id) SQL Injection Vuln

No description provided by source. Short Url & Url Tracker id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/shorturl.php DorK : inurl:tr.php?id= Short Url & Url Tracker Exploit :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

eTicket 1.5.5 'newticket.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27130/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverag...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

ProfitCode Shopping Cart Multiple LFI/RFI Vulnerabilities

No description provided by source. Author: Zer0 Thunder Site : http://www.profitcode.net/ - http://profbiz-cart.sourceforge.net/ Tested on: Windows XP sp2 WampServer 2.0i - There are Cople of pages that has the LFI vuln Vuln c0de : dl-authcontent.php $returlvar = dloads; include $docroot...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.37 views

68kb multi remote file include

No description provided by source. =========================================================================== Topic : 68kb Bug type : multi remote file include Download : http://68kb.googlecode.com/files/68kb-v1.0.0rc2.zip Advisory :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Qualiteam X-Cart 4.0.8 giftcert.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remot...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

2DayBiz Real Estate Portal "viewpropertydetails.php" SQL injection

No description provided by source. $------------------------------------------------------------------------------------------------------------------- $ 2daybiz Real Estate Portal viewpropertydetails.php SQL injection $ Author : Sangteamtham $ Home : Hcegroup.net $ Download...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

EMC Networker Format String

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

RuubikCMS 1.1.1 (tinybrowser.php, folder param) - Path Traversal Vulnerability

No description provided by source. Exploit Title: ruubikcms v1.1.1 Path Traversal vulnerability Google Dork: powered by ruubikcms Date: 2013-6-5 Exploit Author: expl0i13r Vendor Homepage: http://www.ruubikcms.com/ Software Link: http://www.ruubikcms.com/ruubikcms/download.php?f=ruubikcms111.zip...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

BosDev BosDates 3.x SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9639/info An SQL injection vulnerability has been reported to affect BosDates calendar system. The issue arises due to insufficient sanitization of user supplied data. As a result of this issue an attacker could modify th...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Race River Integard Home/Pro LoginAdmin Password Stack Buffer Overflow

No description provided by source. $Id: integardpasswordbof.rb 11344 2010-12-15 19:49:40Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

IPBProArcade 2.5 - Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacke...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Aigaion <= 1.3.3 (topic topic_id) Remote SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ Aigaion = 1.3.3 SQL Injection Exploit +==-- --==+================================================================================+==-- DISCOVERED BY: Cody CypherXero...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Brooky CubeCart 2.0.1/2.0.4 index.php language Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/12549/info Brooky CubeCart is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow remote attackers to disclose arbitrary files and carry out...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

Joomla Component com_hotbrackets Blind SQL Injection Vulnerability

Joomla Component comhotbrackets Blind SQL injection Vulnerability author : Fl0riX Name : comhotbrackets Bug Type : Blind SQL Injection Infection : Admin login bilgileri alnabilir. Demo Vuln. : TRUE+ » http://server/index.php?option=comhotbrackets&id=1 and 1=1 FALSE- »...

8.3AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

ezbounce 1.0/1.5 Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8071/info It has been reported that ezbounce is affected by a format string vulnerability. The condition is present in the file ezbounce/commands.cpp and can be triggered when session support is enabled. To exploit this...

7.1AI score
Exploits0
Total number of security vulnerabilities56796