Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Cisco CBOS 2.x Multiple TCP Connection Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3236/info CBOS is the Cisco Broadband Operating System, firmware designed for use on Cisco 600 series routers. It is maintained and distributed by Cisco Systems. CBOS becomes unstable when it receives multiple TCP...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•39 views

SPBAS Business Automation Software 2012 - Multiple Vulnerabilities

No description provided by source. SPBAS Business Automation Software- XSS & CSRF Vulnerability Date: 16 June 2013 Author: Christy Philip Mathew - www.offcon.org Vendor or Software Link: http://www.spbas.com Version: 2012 1.XSS Vulnerability a Client Area - My Info - Update the first name and las...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

WordPress WP-FeedStats 2.1 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Unify eWave ServletExec 3.0 c DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

osCommerce 2.2 admin/countries.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

The Includer CGI <= 1.0 - Remote Command Execution (1)

No description provided by source. !/usr/bin/perl Target - The Includer CGI = 1.0 Based on - http://www.milw0rm.com/id.php?id=862 Info about bug - Stupid use Open function. If you want know more visit our home page at nst.void.ru use IO::Socket; if @ARGV 3 print \n Includer CGI = 1.0 Network...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit

No description provided by source. / Name: NST-Exploit Punbb 2.0.10 Denial Of Service Copyright: NeoSecurity Author: K4P0 ./NST-XplPunbb www.victim.com 2.0.0.6 /punbb/ PunBB 2.0.10 Denial of Service exploit by K4P0 Use only at your own reputation risk! ; www.NeoSecurityTeam.net 1 - Trying if...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Joomla (com_jbpublishdownfp) SQL Injection Vulnerability

No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

Exhibit Engine 1.22 fstyles.php toroot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20793/info Exhibit Engine Software is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

.NET Runtime Optimization Service Privilege Escalation Exploit 0day

No description provided by source. / Exploit Title: .NET Runtime Optimization Service Privilege Escalation Date: 03-07-2011 Author: XenoMuta [email protected] Version: v2.0.50727 Tested on: Windows XP sp3, 2003 R2, 7 CVE : n/a | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / /...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

phpAutoVideo 2.21 index.php cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27346/info phpAutoVideo is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

id software quake ii server 3.2 - Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11551/info Multiple remote vulnerabilities have been reported to affect Quake II. These issues are due to boundary condition checking failures, access validation failures and failures to handle exceptional conditions. An...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

CrystalPlayer 1.98 - (.mls) Local Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl Crystal Player 1.98 Playlist.mls File Local Buffer Overflow Exploit Source:: http://www.crystalplayer.com/CrystalPro.exe Credit To Timq For The Vulnerability POC By Arham Muhammad While Debugging EIP And EBP Successfully Gets Overwritten! Upon...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

DMXReady Job Listing <= 1.1 - Remote Contents Change Vulnerability

No description provided by source. Title : DMXReady Job Listing = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 49.97 $ Dork : inurl:incjoblistingmanager.asp DorkEx :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

AppIntellect SpotLight CRM Login.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21521/info AppIntellect SpotLight CRM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Qualcomm qpopper 2.4 POP Server Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/133/info A number of buffer-overflow issues reside in versions prior to 2.5 of Qualcomm's 'qpopper' program. Exploiting this issue allows a remote attacker to execute arbitrary commands on hosts that are running a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

Invision Power Board 1.3 Pop Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9822/info It has been reported that Invision Power Board may be prone to a cross-site scripting vulnerability. This may allow a remote attacker to cause hostile HTML or script code to be rendered in a user's browser via a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•46 views

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

No description provided by source. Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issu...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

PHP-Nuke 4nChat Module 0.91 - 'roomid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28128/info The 4nChat module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

Mp3-Nator 2.0 - Buffer Overflow Exploit (SEH)

No description provided by source. !usr/bin/python Exploit Title: Exploit Buffer Overflow MP3-Nator Date: 10\11\2010 Author: C4SS!0 G0M3S Software Link: http://www.brothersoft.com/d.php?softid=16524&url=http%3A%2F%2Ffiles.brothersoft.com%2Fmp3audio%2Fplayers%2Fmp3nator.zip Version: 2.0 Tested on:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

iMesh 7 'IMWebControl' ActiveX Control Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26916/info iMesh is prone to a code-execution vulnerability because the application fails to sanitize user-supplied data, which can lead to memory corruption. Successfully exploiting this issue allows remote attackers to...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2452/info SlimServ FTPd is a free ftp server distributed and maintained by WhitSoft Development. SlimServe FTPd is designed to offer ftp services to the Microsoft Windows platform. A problem with the SlimSoft FTP daemon...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit

No description provided by source. !/bin/sh echo echo mtink libXm local root exploit echo [email protected] echo umask 000 export DEBUGFILE=/etc/ld.so.preload cat /tmp/lib.c EOF include unistd.h void initvoid if getuid!=0 && geteuid==0 setuid0; unlink/etc/ld.so.preload; execl/bin/bash, bash, 0; EOF...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

GOM Player 2.2.56.5158 - .avi File Handling Memory Corruption Vulnerability

No description provided by source. !/usr/bin/python Exploit Title: GOM Player Version 2.2.56.5158 .avi File Handling Memory Corruption Vulnerability Date: 2013/12/19 Exploit Author: ariarat Software Link:...

4.3CVSS6.6AI score0.02209EPSS
Exploits3
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•42 views

Icy Phoenix 1.3.0.53a HTTP Referer stored XSS

No description provided by source. Exploit Title: Icy Phoenix 1.3.0.53a http referer stored XSS Google Dork: Powered by Icy Phoenix http://www.icyphoenix.com/ Date: 16-2-2011 Author: Saif El-Sherei Software Link: http://www.icyphoenix.com/dload.php?action=file&fileid=171 Version: Icy Phoenix...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

Restaurant Listing with Online Ordering SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•33 views

Pandora FMS 3.2.1 - Cross Site Request Forgery

No description provided by source. Exploit Title: Pandora FMS v3.2.1 Cross Site Request Forgery Google Dork: intitle:Pandora FMS - the Flexible Monitoring System intext:Your IP Date: 12-07-2011 Author: Mehdi Boukazoula Software Link: http://pandorafms.org/ Version: v 3.2.1 Tested on: v = 3.2.1...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•53 views

PhotoStore view_photog.php photogid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20172/info Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execu...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•36 views

CylantSecure 1.0 Kernel Module Syscall Rerouting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape monitoring. A user with ro...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

PHPX 3.5.15/3.5.16 gallery.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•39 views

Opera Browser 10/11/12 (SVG layout) Memory Corruption (0day)

No description provided by source. Exploit for Opera Browser 10/11/12 SVG layout Memory Corruption 0day Vulnerability: Discovered: 2010-10-13 Patched: 0day Tested on: v10.xx v10.50, v10.51, v10.52, v10.53, v10.54, v10.6, v10.61, v10.62 and v10.63 v11.xx v11.00, v11.01, v11.10, v11.11, v11.50 and...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•35 views

CodetoSell ViArt Shop Enterprise 2.1.6 basket.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13462/info ViArt Shop is affected by multiple cross-site scripting and HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

SurgeLDAP 1.0 d Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8406/info SurgeLDAP is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing an HTTP GET request for an invalid resource. This issue exists in the web server...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26095/info Asterisk 'asterisk-addons' package is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

gencms 2006 Multiple Vulnerabilities

No description provided by source. GenCMS http://gencms.berlios.de/ eLwauxc2009 LFI /show.php ---------------------------------------------------------------------------------------------------- 18: $param = $GET'p'; 19: ifempty$param $param = 'news'; 20: //get right page 21: //$page =...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

CyrixMED 1.4 - 'index.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29153/info CyrixMED is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

MyServer 0.5 HTTP GET Argument Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7770/info myServer has been reported prone to a remote buffer overflow vulnerability. The vulnerability exists when the web server attempts to process HTTP GET requests of excessive length. Although unconfirmed, this...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

JAVA Web Start Arbitrary command-line injection

No description provided by source. Bye bye my little 0day :, Tavis Ormandy did a great job uncovering a big logic flaw within Java JRE. I discovered that bug and other that affects every browser few weeks ago and I posted the common 0day++ tweet. The method in which Java Web Start support has bee...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

PhpBB XS 0.58 Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20277/info phpBB XS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

BRS WebWeaver 1.0 1 MKDir Directory Traversal Weakness

No description provided by source. source: http://www.securityfocus.com/bid/6585/info WebWeaver's FTP component has a flaw which can permit a remote user to create directories outside the FTP root. By executing the mkdir command on an ftp server with dot-dot-slash ..\ directory traversal notation...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

PVote 1.0/1.5 Unauthorized Administrative Password Change Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4541/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible to change the administrative password by submitting a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

Punbb 1.3.4 - Multiple Full Path Disclosure Vulnerability

No description provided by source. Exploit Title: Punbb 1.3.4 Full Path Disclosure Date: 07/11/2010 Author: SYSTEMOVERIDE, OverSecurityCrew Software Link: http://punbb.informer.com/ Vulnerability Type: Full Path Disclosure Version: 1.3.4 Vulnerability Details: The vulnerabilities are in the file...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Novell Access Manager 3 Identity Server IssueInstant Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21921/info Access Manager Identity Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary scri...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

Tolis Group BRU 17.0 - Local Root Exploit (2)

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

MyPHP CMS <= 0.3 (domain) Remote File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- MyPHP CMS = 0.3 domain Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

ProMan <= 0.1.1 - Multiple File Include Vulnerability

No description provided by source. ProMan = 0.1.1 Multiple File Include Vulnerability Author: cr4wl3r cr4wl3r\x40linuxmail\x2Eorg Download: http://sourceforge.net/projects/pman/files/ RFI Code ?php if !$GET'page' include'info.php'; else include $GET'page'.'.php'; ? LFI Code...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•36 views

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Services.exe Denial of Service (1)

No description provided by source. source: http://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the services executable, which in turn,...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

CutePHP CuteNews 1.3 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8060/info CutePHP is prone to HTML injection attacks. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, user-supplied input to news posts are not sufficiently sanitized of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

AT Computing atsar_linux 1.4 File Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1048/info atsar is a linux load monitoring software package released under the GPL by AT Computing. atsadc is a setuid root binary that is included in the atsar package. atsadc is setuid because it obtains informatin via...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

ProductCart 1.5/1.6/2.0 Custva.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8103/info ProductCart has been reported prone to an SQL injection vulnerability that may be exploited to reveal information relating to the underlying database; other attacks may also be possible...

7.1AI score
Exploits0
Total number of security vulnerabilities56796