Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Uiga Fan Club <= 1.0 (Auth Bypass) SQL Injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.25 views

Clever Copy <= 3.0 Admin Auth Details / Remote SQL Injection Exploit

No description provided by source. ?php ---CleverCopyV3sqlxpl.php 5.00 11/01/2006 Clever Copy = 3.0 SQL injection / Admin authentication details disclosure coded by rgod site: http://retrogod.altervista.org - this works with magicquotesgpc = Off usage: launch from Apache, fill in requested fields...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.36 views

Xataface Admin Auth Bypass Vulnerability

No description provided by source. ======================================================= Xataface Admin Auth Bypass Vulnerability ======================================================= + Discovered by : Xinapse + Site : firewire-security.com + Email : [email protected]...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Advance Biz Limited <= 1.0 (Auth Bypass) SQL injection Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

sysax <= 5.57 - Directory Traversal

No description provided by source. !/usr/bin/python Title: Sysax Multi Server = 5.57 Directory Traversal Tool Post Auth Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bit Date Discovered: March 27, 2012 Vendor Contacted: March 29, 2012 Vendor Response: April 3, 2012...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Jara 1.6 - Multiple Vulnerabilities

No description provided by source. !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Joomla Component Cinema 1.0 - Remote SQL Injection Vulnerability

No description provided by source. Joomla Component comcinema SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: comcinema EXPLOiT 1 :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

PHP Album <= 0.3.2.3 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHP Album = 0.3.2.3 remote cmmnds xctn\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo - this works with magicquotesgpc=Off & registerglobals=On\r\n; echo dork: \powered by...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

gdm 1.0 .x/2.0 .x BETA/2.2 .0 XDMCP Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1233/info A buffer overrun exists in the XDMCP handling code used in 'gdm', an xdm replacement, shipped as part of the GNOME desktop. By sending a maliciously crafted XDMCP message, it is possible for a remote attacker to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Linux Kernel <= 2.4.23, <= 2.6.0 - "do_mremap" Local Proof of Concept (2)

No description provided by source. / Proof of concept code for testing domremap Linux kernel bug. It is based on the code by Christophe Devine and Julien Tinnes posted on Bugtraq mailing list on 5 Jan 2004 but it's safer since it avoids any kernel data corruption. The following test was done...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Joomla! 'com_gambling' Component 'gamblingEvent' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38033/info The 'comgambling' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

FlatNuke 2.5.x help.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13882/info Multiple input validation vulnerabilities reportedly affect FlatNuke. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in application-critical...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure

No description provided by source. Vuln Title: Atmail WebAdmin and webmail Control Panel Remote Access SQL Root password Vulnerability Author: FaryadR a.k.a Ciph3r tested on : Atmail Email Server 6.20.8 Twitter : https://twitter.com/faryadR Mail : [email protected] Website :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

xWeblog 2.2 - (oku.asp?makale_id) SQL Injection Vulnerability

No description provided by source. =================================================== xWeblog v2.2 - Remote SQL Injection Vulnerability tr =================================================== My + Author : KnocKout Contact : [email protected] Software info Web App. : xWeblog v2.2 Software:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Symantec Norton AntiVirus 2002 Nested File Manual Scan Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit malicious executable content t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

opensurveypilot <= 1.2.1 - Remote File Inclusion Vulnerability

No description provided by source. osp = 1.2.1 cfgPathToProjectAdmin Remote File Include Vulnerablities D.Script: http://nlcac.internationalstudents.asn.au/osp1.01RC1.tar http://sourceforge.net/projects/osp/ latest Discovered by: Alkomandoz Hacker Homepage: http://www.asb-may.net & TrYaG.CoM &...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

iStArtApp FileXChange 6.2 iOS - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Snitz Forums 2000 Forum.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20004/info Snitz Forums 2000 is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. This could allow an attacker to steal cookie-based authentication credentials and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Clever Copy 3.0 - 'postview.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28437/info Clever Copy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

InterWorx Control Panel 5.0.13 build 574 (xhr.php, i param) - SQL Injection

No description provided by source. ================================================= Title: SQL injection in InterWorx Control Panel Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.13 build 574 Vulnerability Type: SQL Injection CWE-89 CVE Reference: CVE-2014-2531...

6.5CVSS0.3AI score0.01123EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Qualcomm qpopper 3.0/3.0 b20 Remote Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/830/info There is a buffer overflow vulnerability present in current 3.x versions of Qualcomm popper daemon. These vulnerabilities are remotely exploitable and since the daemon runs as root, the host running qpopper can b...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Telekorn Signkorn Guestbook 1.x admin/index.php dir_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

GeneShop 5.1.1 - SQL Injection Vunerability

No description provided by source. Vendor Link : http://softbizscripts.com/ Version: Web Application Tested on: Apcahe/Unix Dork : inurl:browse.php?folder= Powered by GeneShop 5 Code : --------------------------------------------------------------------------------------- Greetz to all Andhra...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

PHP-Fusion <= 6.1.5 Calendar_Panel Module Show_Event.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23225/info PHP-Fusion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

EEB-CMS 0.95 'index.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31732/info EEB-CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser o...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

eForum 0.4 - 'busca.php' Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28293/info eForum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities may allow an attacker to perform...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

Mac OSX Server DirectoryService Buffer Overflow

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1. Advisory Information Title: Mac OSX Server DirectoryService buffer overflow Advisory ID: CORE-2013-0103 Advisory URL:...

9.3CVSS6.5AI score0.14409EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Ledscripts LedForums Multiple Fileds HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8934/info It has been reported that LedForums is prone to a HTML injection vulnerability that may allow an attacker to execute HTML code in a user's browser. The issue is reported to be present in the 'topmessage' and...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

MS Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Spoolss.exe DLL Insertion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/769/info The spooler service spoolss.exe allows local users to add their own dll files and have the spooler run them at SYSTEM level. This could lead to privilege escalation all the way up to Administrator level. The...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

IrcDelphi Daemon Server Denial of Service

No description provided by source. DCA-0010 Software - IrcDelphi Daemon Server Vendor Product Description - IRC Daemon IRCd, IRC Server coded in Delphi/Kylix using Indy components. Easy to use and light irc daemon. Bug Description - The IRC Daemon does not sanitize the variable NICK correctly...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.70 views

RunCMS <= 1.2 (class.forumposts.php) Arbitrary Remote Inclusion Exploit

No description provided by source. ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: But when the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.47 views

UPC Ireland Cisco EPC 2425 Router / Horizon Box

No description provided by source. Exploit Title: UPC Ireland Cisco EPC 2425 Router / Horizon Box Google Dork: Date: 11/12/2013 Author: Matt O'Connor / Planit Computing Advisory Link: http://www.planitcomputing.ie/upc-wifi-attack.pdf Version: Category: Remote Tested on: Cisco EPC 2425 / Horizon B...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Linksys WRT110 Remote Command Execution

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

phpMoneyBooks 1.0.2 - Local File Inclusion

涉及文件: /index.php 85-94L php else include'header.php'; if$GETfile=="" $GETfile="index.php"; iffileexists"modules/".$GETmodule."/".$GETfile include"modules/".$GETmodule."/".$GETfile; else echo "error"; 程序会根据传递的 $GETmodule 参数来动态加载程序的处理模块: include"modules/".$GETmodule."/".$GETfile;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

VBTube 1.1 Search Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26566/info VBTube is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrary HTML or script code in a user's...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

ACS Blog 0.8/0.9/1.0/1.1 Name Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12921/info ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit

No description provided by source. !/usr/bin/perl SQL Injection Exploit for ASPThai.Net Guestbook = 5.5 And possible higher could not find a site to test it on This exploit shows the username of the administrator and the password In plain text Bug Found by muderskillz Coded by Zodiac Shouts to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

FileMaster SY-IT v3.1 iOS - Multiple Web Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

eXtplorer 2.1 - Arbitrary File Upload Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)

No description provided by source. $Id: ftpgetterpwdreply.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

e107 <= 0.6172 - (resetcore.php) Remote SQL Injection Exploit

No description provided by source. ?php 0.27 18/10/2005 ---e017xpl.php e107 0.617 resetcore.php SQL Injection & remote code execution all-in-one by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

W-Agora 4.1.6 EditForm.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6464/info W-Agora is a freely available, open source PHP forum software package. It is available for Unix and Linux systems. A problem with W-Agora may make cross-site scripting attacks possible. It has been reported that...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.8 views

FTP Desktop 3.5 FTP 331 Server Response Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8560/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

Suidperl 5.00503 Mail Shell Escape Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1547/info The interaction between some security checks performed by suidperl, the setuid version of perl, and the /bin/mail program creates a scenario that allows local malicious users to execute commands with root...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.47 views

VMware Server <= 2.0.1,ESXi Server <= 3.5 Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36842/info VMware products are prone to a directory-traversal vulnerability because they fail to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information...

5CVSS7.1AI score0.83378EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

wu-ftpd 2.6.2 realpath() Off-By-One Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Open Business Management 1.0.3 pl1 group_index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18348/info Open Business Management is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize HTML and script code from user-supplied input to several parameters before returning to t...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

MollenSoft Lightweight FTP Server 3.6 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10429/info Lightweight FTP Server is prone to a remote buffer overflow vulnerability. This vulnerability can potentially allow a remote attacker to execute arbitrary code in the context of the server process. This issue...

7.1AI score
Exploits0
Total number of security vulnerabilities56796