Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

Cerberus Helpdesk 2.649 addresses_export.php queues Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16062/info Cerberus Helpdesk is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are the result of inadequate validation of user-supplied input that will be included in site output or...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

Adobe ColdFusion 6/7 User_Agent Error Page Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22401/info Adobe ColdFusion is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker could exploit this vulnerability to execute arbitrary script code in t...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•39 views

ScriptMagix Jokes <= 2.0 (index.php catid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: ScriptMagix Jokes = 2.0 index.php catid Remote Blind SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.scriptmagix.com $$ : 35$ .. : ajann,Turkey use IO::Socket; if@ARGV 1 print...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

Lyris ListManager MSDE Weak sa Password

No description provided by source. $Id: lyrislistmanagerweakpass.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

PlaySMS Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15928/info PlaySmS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Microsoft SQL Server 7.0/2000,MSDE Named Pipe Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8274/info Microsoft SQL Server and the Microsoft Data Engine have been reported prone to a denial of service attack. Any local or remote user, who can authenticate and is part of the Everyone Group, may trigger a denial o...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow

No description provided by source. !-- =========================================================================== Problem: The Data parameter is subject to a buffer overflow DEFINITELY leading to arbitrary code execution. COM Object - F359732D-D020-40ED-83FF-F381EFE36B54 MW6Aztec Class File...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

mcGallery 1.1 - admin.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•70 views

Spaceacre (index.php) SQL/HTML/XSS Injection Vulnerability

No description provided by source. ------------------------------------------------------------------------------------------- Spaceacre index.php SQL/HTML/XSS Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Scrip...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

Joomla Component Contact Us Draw Root Map com_drawroot Local File Inclusion Vulnerability

============================================================================================================== o Joomla Component Contact Us Draw Root Map Local File Inclusion Vulnerability Software : comdrawroot version 1.1 Vendor : http://joomlacomponent.inetlanka.com/ Author : AntiSecurity NoG...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

ISC INN 2.x Command-Line Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/2620/info The innfeed utility, part of ISC InterNetNews, has an exploitable buffer overflow in its command-line parser. Specifically, innfeed will overflow if an overly long -c option is passed to it. A local attacker in...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

phpBazar 2.1.1 stable - rfi Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•9 views

Ol Bookmarks Manager 0.7.4 - Remote SQL Injection Vulnerability

No description provided by source. ========================================================================== Ol Bookmarks Manager 0.7.4 root Remote SQL Injection Vulnerabilities ========================================================================== Found by: Cyber-Security...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•9885 views

WikkaWiki 1.3.2 Spam Logging PHP Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score0.04139EPSS
Exploits11
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Penny Auction 5 - SQL Injection Vulnerabilities

No description provided by source. | \ | | | | / | | | | | | | | | | // \ \ / / | | | | | | |/ | ' \ \ \ / / | | | \ \ /\ V / | | || | || | | | | | | / || \| / /||,|||/|| || |/ || Penny auction version - 5, SQLi Vulnerabilities Product Page:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

SPlayer <= 3.7 (build 2055) Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Exploit Title: SPlayer = 3.7 build 2055 Buffer Overflow Exploit Date: May 04, 2011 Author: xsploitedsec xsploitedsecurity at gmail dot com Software Link: http://www.splayer.org/index.en.html Versions: = 3.7 build 2055 Tested On: WinXP SP3 Eng /...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

chillycms 1.1.3 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Basic CMS 'q' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32531/info Basic CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

OpenBB 1.0/1.1 Board.PHP Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7404/info It has been reported that OpenBB does not properly check input passed via the 'board.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

GNU groff 1.11 a,HP-UX 10.0/11.0,SGI IRIX <= 6.5.3 Malicious Manpage Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/540/info Versions of GNU groff prior to release 1.11a and standard troff contain vulnerabilities that can possibly lead to a local root compromise if the conditions are right and circumstances are somehow met. A malicious...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•34 views

Microsoft ASN.1 Library Bitstring Heap Overflow

No description provided by source. $Id: ms04007killbill.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

Rational ClearCase 3.2/4.x DB Loader TERM Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

IncrediMail 2.0 ActiveX (Authenticate) bof PoC

No description provided by source. IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor url:http://www.incredimail.com/english/splash.aspx Tested on windows XP SP3 1-03-2010 Debugging info -------------- Exception Code: ACCESSVIOLATION Disasm: 678914AE MOV EDX,ECX...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

212cafeBoard Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22167/info 212cafeBoard is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

OpenBB 1.0.x Private Message Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10217/info It has been reported that OpenBB is affected by a private message disclosure vulnerability. This issue is due to a design error that fails to validate user credentials. This issue might allow an attacker to rea...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

eDContainer 2.22 - (lg) Local File Inclusion Vulnerability

No description provided by source. | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | eDContainer v2.22 lg Local File Inclusion Vulnerability Script :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•30 views

Kerio Personal Firewall 2.1.x/4.x Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11859/info It is reported that the Kerio Personal Firewall KPF driver does not sufficiently sanitize API parameters that are received from API's that are hooked by KPF. When the KPF API hook handles certain parameter data...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

eEye Digital Security IRIS 1.0.1,SpyNet CaptureNet 3.0.12 Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1627/info IRIS from eEye Digital Security is a protocol analyzer geared towards network management, it is currently in BETA. This product was formerly known as SpyNet CaptureNet. Certain versions of the this software are...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

VMWare Setuid vmware-mount Unsafe popen(3)

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

Quick Classifieds 1.0 - controlpannel/alterTheme.php3 DOCUMENT_ROOT Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

iweb hyperseek 2000 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2314/info A specially crafted URL, composed of '../' and '%00', will disclose the directory listing and files of the target with read permissions. http://target/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/passwd%0...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

InterSpire ArticleLive 2005 NewComment Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12879/info Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit

No description provided by source. ?php ---dragonfly9.0.6.1inclxpl.php 20.15 07/02/2006 CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion - Sun-Tzu Drangonfly killing - coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

Woltlab Burning Board 2.3.x Register.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21370/info Woltlab Burning Board is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

NCTAudioFile2 2.x - ActiveX Control SetFormatLikeSample() Buffer Overflow

No description provided by source. $Id: nctaudiofile2setformatlikesample.rb 9668 2010-07-03 01:38:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•21 views

phpPrintAnalyzer <= 1.2 - Remote File Include Vulnerability

No description provided by source. title: phpPrintAnalyzer Inclusion Vulnerability Author: Cmaster4 batamhacker irc.dal.net script: phpPrintAnalyzer Class : Remote cont@ct: [email protected] Exploit: http://site.com/path/inc/header.inc.php?ficStyle=evilcode Thx to : batamhacker crew on dal.net...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Joomla Component com_start SQL Injection Vulnerability

No description provided by source. InformatioN Title : Joomla Component comstart SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability

No description provided by source. GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

SGI IRIX <= 6.0.1 colorview Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/336/info Colorview fails to validate that the user has access to the file supplied to the -text option. As a result, users can view arbitrary files. /usr/sbin/colorview -text /var/spool/mail/admin...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1806/info Microsoft IIS 4.0 and 5.0 are both vulnerable to double dot ../ directory traversal exploitation if extended UNICODE character representations are used in substitution for / and . Unauthenticated users may acces...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

E-Xoopport 3.1 - eCal display.php (katid) SQL Injection Exploit

No description provided by source. ? / Vis Intelligendi http.//vis-intelligendi.co.cc E-Xooport 3.1 SQL Injection Exploit 01 Mq on/off doesn't matter bug details and explanation on http://vis-intelligendi.co.cc search e-xooport E-Xoops is a xoops-based cms. Many modules are bugged, in this case...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

ttplayer=5.6Beta3 Dos PoC

No description provided by source. Exploit Title: ttplayer=5.6Beta3 Dos POC Date: 2010-01-06 Author: t-bag YDteam. Software Link: http://ttplayer.qianqian.com Version: 5.6Beta3 Tested on: win7 and win2003 Code : !/usr/bin/python f t-bag crash = ETM3U\n+'QQ\1.'+x41 81 try: file = open'1.m3u','w';...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•33 views

iBoutique (page) SQL Injection Vulnerability and XSS Vulnerability

No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:iBoutique SQL Vulnerable & XSS Vulnerability Vendor...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•36 views

X-Chat 1.x CTCP Ping Arbitrary Remote IRC Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and additional IRC...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

XChat Heap Overflow DoS

No description provided by source. !/usr/bin/python Exploit Title: XChat Heap Overflow DoS Proof of Concept Date: June 2011 Author: th3p4tri0t Software Link: http://xchat.org/ Version: = 2.8.9 This only works on XChat on KDE, I'm not sure about windows. It has been tested on Ubuntu failed, Kubunt...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30846/info HP System Management Homepage SMH is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the conte...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

PhxContacts 0.93 Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17307/info PhxContacts is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

webgrind 1.0 (file param) Local File Inclusion Vulnerability

No description provided by source. webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

Mambo Site Server 4.0.14 contact.php Unauthorized Mail Relay

No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

MPG123 0.59 Remote File Play Heap Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8680/info A problem in the handling of some types of remote files has been reported in mpg123. Because of this, it may be possible for a remote attacker to execute arbitrary code with the privileges of the mpg123 user. /...

7.1AI score
Exploits0
Total number of security vulnerabilities56796