Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Snitz Forums 2000 3.4 .03 Search.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7922/info Snitz Forums is prone to cross-site scripting attacks. This is due to insufficient sanitization of data passed to the search facility via URI parameters. Exploitation may allow theft of cookie-based authenticati...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•54 views

Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities

No description provided by source. waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind waraxe Date: 22. May 2013 Location: Estonia, Tartu Web:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Campsite 2.6.1 Section.php g_documentRoot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Sudo 1.6.x Environment Variable Handling Security Bypass Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/16184/info Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables. A local attacker with the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•38 views

Avahi < 0.6.24 (mDNS Daemon) Remote Denial of Service Exploit

No description provided by source. / cve-2008-5081.c Avahi mDNS Daemon Remote DoS 0.6.24 Jon Oberheide [email protected] http://jon.oberheide.org Usage: gcc cve-2008-5081.c -ldnet -o cve-2008-5081 ./cve-2008-5081 1.2.3.4 Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5081...

5CVSS0.59223EPSS
Exploits7
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Huawei EchoLife HG520 3.10.18.5-1.0.5.0 - Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39646/info The Huawei EchoLife HG520 is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. The following Huawei EchoLife...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•36 views

GNU Indent 2.2.9 - Local Heap Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9297/info It has been reported that GNU Indent may be prone to a local heap overflow vulnerability that can be exploited through a malicious C source input file. It has been reported that indent copies data from the file ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

phpMDJ <= 1.0.3 (id_animateur) Blind SQL Injection Exploit

No description provided by source. --+++=========================================================+++-- --+++====== phpMDJ = 1.0.3 Blind SQL Injection Exploit ======+++-- --+++=========================================================+++-- ?php function query $usr, $chr, $pos $query = x' OR...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

Wordpress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Vulnerability

No description provided by source. Exploit Title: Wordpress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Google Dork: inurl:wp-content/plugins/custom-content-type-manager/ Date: 11/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.fireproofsocks.com/ Software Lin...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

PunBB Reputation.php Mod <= 2.0.4 - Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl 0-Day PunBB Reputation.php Mod = v2.0.4 Remote Blind SQL Injection Exploit Coded By Dante90, WaRWolFz Crew Bug Discovered By: Dante90, WaRWolFz Crew use strict; use LWP::UserAgent; use HTTP::Cookies; use HTTP::Request::Common; use Time::HiRes; use...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

PHP-Nuke <= 8.1.0.3.5b (Downloads) Remote Blind SQL Injection

No description provided by source. !/usr/bin/perl 0-Day PHP-Nuke = 8.1.0.3.5b Downloads Remote Blind SQL Injection Date: 2010.07.04 after 50 days the bug was discovered. Author/s: Dante90, WaRWolFz Crew Crew Members: 4lasthor, Andryxxx, Cod3, Gho5t, HeRtZ, N.o.3.X, RingZero, s3rg3770, Shades...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•34 views

Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection

No description provided by source. Exploit Title: Concrete5 sql injection Date: 18/02/2014 Exploit Author: [email protected] Vendor Homepage: https://www.concrete5.org/ Software Link: http://www.concrete5.org/downloadfile/-/view/58379/8497/ Version: 5.6.2.1 stable Tested on: Virtualbox debian UR...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•33 views

HP Data Protector - Remote Root Shell (Linux Version)

No description provided by source. !/bin/bash Exploit Title: HP Data Protector Remote Root Shell for Linux Date: 2011-08-10 Author: SZ Software Link:http://www8.hp.com/us/en/software/software- product.html?compURI=tcm:245-936920&pageTitle=data-protector Version: 0.9 Tested on: HP-UX, Linux CVE:...

10CVSS0.81081EPSS
Exploits30
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•32 views

PhpGedView 4.1 Login.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25458/info PhpGedView is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•62 views

Multiple Vendor ICMP Implementation Malformed Path MTU DoS

No description provided by source. source: http://www.securityfocus.com/bid/13124/info Multiple vendor implementations of TCP/IP Internet Control Message Protocol ICMP are reported prone to several denial-of-service attacks. ICMP is employed by network nodes to determine certain automatic actions...

5CVSS7.5AI score0.80675EPSS
Exploits10
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•33 views

pc_cookbook Mambo Component <= 0.3 Include Vulnerability

No description provided by source. --------------------------------------------------------------------------------- pccookbook Joomla Component = v0.3 Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•46 views

HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow

No description provided by source. $Id: hpnnmovwebsnmpsrvmain.rb 12097 2011-03-23 15:45:48Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

10CVSS0.7AI score0.6911EPSS
Exploits7
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

IDEAL Administration 2011 11.4 - Local SEH Buffer Overflow Exploit

No description provided by source. !/usr/bin/env python IDEAL Administration 2011 v11.4 Local SEH Buffer Overflow Exploit Found By: DrIDE Usage: Migrate - Open Migration Project - Bind Shell Download: www.pointdev.com Tested On: Windows XPSP3 Notes: Another version, another exploit... come on guy...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

PHPAdsNew 2.0.4 AdFrame.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12803/info phpAdsNew is reportedly affected by a remote cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue t...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•38 views

otalCalendar 0 about.php inc_dir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/17618/info TotalCalendar is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

Magneto ICMP ActiveX 4.0.0.20 - ICMPSendEchoRequest Remote Code Execute

No description provided by source. Magneto ICMP ActiveX v4.0.0.20 ICMPSendEchoRequest Remote Code Execute Date: 2011-5-27 Discovered by: boahat vendor: http://www.magnetosoft.com/ Download: http://www.magnetosoft.com/downloads/skicmpsetup.exe SKIcmp.ocx Function ICMPSendEchoRequest ByVal...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Integramod Portal <= 2.x (functions_portal.php) Remote Include Exploit

No description provided by source. !/usr/bin/perl Method found and exploit scripted by nukedx Contacts ICQ: 10072 Web: http://www.nukedx.com MAIL/MSN: [email protected] Original advisory can be found at: http://www.nukedx.com/?viewdoc=47 Integramod Portal = 2.x Remote Command Execution Exploit Th...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

Golden FTP Server <= 1.92 (APPE) Remote Overflow Exploit (meta)

No description provided by source. Written by Tim Shelton [email protected] GoldenFTPd package Msf::Exploit::goldenftpdappe; use base Msf::Exploit; use strict; use Pex::Text; my $advanced = ; my $info = 'Name' = 'GoldenFTPd APPE = 1.92 Stack Overflow', 'Version' = '$Revision: 1.0 $', 'Authors' ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

blur6ex <= 0.3.462 (ID) Admin Disclosure / Blind SQL Injection Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo blur6ex = 0.3.462 'ID' blind SQL injection / admin credentials disclosure\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo dork: \powered by blur6ex\r\n\r\n; / works...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

Joomla! and Mambo Joomlearn LMS Component - 'cat' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28586/info The Joomlearn LMS component for Joomla! and Mambo is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

pointcomma <= 3.8b2 - Remote File Inclusion Vulnerability

No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg PointComma = 3.8b2 Remote File Include Vulnerability Download Script : http://nchc.dl.sourceforge.net/project/pointcomma/pointcomma/ Dork : dieHacking attempt; :D Vuln :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

Windows Media Player 7.1 <= 10 - BMP Heap Overflow PoC (MS06-005) (2)

No description provided by source. sploit creater by [email protected] ms06-005 advisory proof of concept heap overflow in wmf.dll @ 0x0035920a denial of service, cuz we can't get this to play nice shamelessly stolen from CANVAS code def intelorderi: str= a=chri % 256 i=i 8 b=chri % 256 i...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM Exploit

No description provided by source. !/usr/bin/python tiv-sys.py IBM Tivoli Endpoint 4.1.1 Remote SYSTEM Exploit Jeremy Brown 0xjbrown41-gmail-com June 2011 Discovered by: Brian Adeloye of Tenable Network Security This exploit makes use of two vulnerabilities: 1 Base64 authentication credentials...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

logahead UNU edition 1.0 - Remote Upload File / Code Execution Vuln

No description provided by source. -=--------------------ADVISORY-------------------=- logahead UNU edition 1.0 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: logahead UNU edition -=+ Version: 1.0 -=+ Vendor's URL: http://typo.i24.cc/logahea...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

Bandwebsite <= 1.5 (Login) Remote Add Admin Exploit

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

betaparticle blog 2.0/3.0 upload.asp Unauthenticated File Upload

No description provided by source. source: http://www.securityfocus.com/bid/12861/info betaparticle blog is reported prone to multiple vulnerabilities. The following individual issues are reported: It is reported that betaparticle blog fails to sufficiently secure the authentication credential...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Lucent Access Point 300/600/1500 IP Services Router Long HTTP Request DoS

No description provided by source. source: http://www.securityfocus.com/bid/5333/info The Lucent Access Point series of routers support a web based administrative interface. An error has been reported in the embedded HTTP server. It has been reported that sending a HTTP request consisting of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

alstrasoft E-Friends <= 4.98 (seid) Multiple SQL Injection Vulnerabilities

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV85$2007 ----------------------------------------------------------------------------------------- ECHOADV85$2007 alstrasoft E-Friends = 4.98 seid Multiple Remote SQL...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

AlstraSoft E-Friends <= 4.85 Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl AlstraSoft Efriends 4.85 Remote Command Execution Exploit Site : http://www.alstrasoft.com/efriends.htm Coded by Kw3RLn from Romanian Security Team a.K.A http://RST-CREW.NET Contact: [email protected] or [email protected] PS: fuck CarcaBot...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

alstrasoft e-friends 4.96 Multiple Vulnerabilities

No description provided by source. AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions Affected 4.96 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Dat...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Junsoft JSparm 4.0 Logging Output File Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2515/info JSparm is the Junsoft Performance Analysis Report Maker package. This software package provides an enhanced perfmon performance monitoring package and interface, as well as a performance report generation...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Interbase 6.0 GDS_Drop Interbase Environment Variable Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop program packaged with Interbase. This...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

gnu wget 1.x Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11871/info Multiple remote vulnerabilities reportedly affect GNU wget. These issues are due to the application's failure to properly sanitize user-supplied input and to properly validate the presence of files before writi...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

JAWS Glossary 0.4/0.5 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13796/info JAWS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'Glossary' module. This may facilitate the theft of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

Microsoft Windows XP/2000 PostThreadMessage() Arbitrary Process Killing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8747/info A vulnerability has been discovered in the Microsoft Windows operating system. The flaw lies in the way that processes handle messages sent from another process via the PostThreadMessage API call. Reports indica...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Red Hat Directory Server 7.1 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23709/info Red Hat Directory Server is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

Clip Bucket <= 1.7.1 Insecure Cookie Handling Vulnerability

No description provided by source. || || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ\ /QQQQ/ \QQQQ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

Scripts Genie Hot Scripts Clone (showcategory.php, cid param) - SQL Injection Vulnerability

No description provided by source. -+=--+=--+=--+=--+=--+=--+=--+=--+=--+=- + Security Flaw + -+=--+=--+=--+=--+=--+=--+=--+=--+=--+=- + + + /\ \ | | + +/ |/ / | | | |/ / / \ | + +\ \ / | || / /\ / / | + +|/||,\ / || + -+=--+=--+=--+=--+=--+=--+=--+=--+=--+-+ +Scripts Genie Hot Scripts...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•39 views

SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities

No description provided by source. =-=-local file include-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script:SiteX074build418.zip ------------------------------------------------- Author: ahmadbady my site :Coming Soon =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= download...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo--------------------; print \n | webSPELL = v4.01.02 Multiple Remote SQL Injection |; print \n | coded by DNX |; print \n...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

UseModWiki 1.0 Wiki.PL Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11924/info It is reported that UseModWiki is affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input before outputting it in Web...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

ULoki Community Forum 2.1 - (usercp.php) XSS Vulnerability

No description provided by source. Exploit Title: ULoki Community Forum v2.1 usercp.php Cross Site Scripting Date: 10/02/2010 Author: Sioma Labs Software Link: http://www.uloki.com/download/ulokiforum06may2009.zip Version: v2.1 Tested on: Windows SP 2 / WAMP CVE : Code : / | | | | | \ | |/ | ' ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•8 views

RealPlayer 15.0.6.14 .3gp Crash PoC

No description provided by source. !/usr/bin/perl Title : RealPlayer 3GP file handling memory corruption Version : 15.0.6.14 Date : 2012-10-18 Vendor : http://www.real.com/ Impact : High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkaveh Bug : ----...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

tbdev 01-01-2008 Multiple Vulnerabilities

No description provided by source. TBDev - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 01-01-2008 16th January 2008 newest Info: TBDEV.NET is a project to further enhance, update and develop a software php peer-to-peer from the original torrentbits/bytemonsoon source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Midicart PHP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5851/info A problem with the default installation of Midicart PHP may make it possible for remote users to gain access to sensitive information. The default installation of Midicart PHP does not place sufficient access...

7.1AI score
Exploits0
Total number of security vulnerabilities56796