Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Joomla Component com_start SQL Injection Vulnerability

No description provided by source. InformatioN Title : Joomla Component comstart SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

SunShop <= 4.1.4 (id) Remote SQL Injection Vulnerability

No description provided by source. GulfTech Security Research August 18, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : SunShop = 4.1.4 Risk : SQL Injection Description: SunShop shopping cart is a full featured ecommerce solution written in php that allows for...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

SGI IRIX <= 6.0.1 colorview Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/336/info Colorview fails to validate that the user has access to the file supplied to the -text option. As a result, users can view arbitrary files. /usr/sbin/colorview -text /var/spool/mail/admin...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

MS IIS 4.0/5.0 and PWS Extended Unicode Directory Traversal Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1806/info Microsoft IIS 4.0 and 5.0 are both vulnerable to double dot ../ directory traversal exploitation if extended UNICODE character representations are used in substitution for / and . Unauthenticated users may acces...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

E-Xoopport 3.1 - eCal display.php (katid) SQL Injection Exploit

No description provided by source. ? / Vis Intelligendi http.//vis-intelligendi.co.cc E-Xooport 3.1 SQL Injection Exploit 01 Mq on/off doesn't matter bug details and explanation on http://vis-intelligendi.co.cc search e-xooport E-Xoops is a xoops-based cms. Many modules are bugged, in this case...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•19 views

ttplayer=5.6Beta3 Dos PoC

No description provided by source. Exploit Title: ttplayer=5.6Beta3 Dos POC Date: 2010-01-06 Author: t-bag YDteam. Software Link: http://ttplayer.qianqian.com Version: 5.6Beta3 Tested on: win7 and win2003 Code : !/usr/bin/python f t-bag crash = ETM3U\n+'QQ\1.'+x41 81 try: file = open'1.m3u','w';...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•33 views

iBoutique (page) SQL Injection Vulnerability and XSS Vulnerability

No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:iBoutique SQL Vulnerable & XSS Vulnerability Vendor...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•36 views

X-Chat 1.x CTCP Ping Arbitrary Remote IRC Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and additional IRC...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

XChat Heap Overflow DoS

No description provided by source. !/usr/bin/python Exploit Title: XChat Heap Overflow DoS Proof of Concept Date: June 2011 Author: th3p4tri0t Software Link: http://xchat.org/ Version: = 2.8.9 This only works on XChat on KDE, I'm not sure about windows. It has been tested on Ubuntu failed, Kubunt...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

HPSystem Management Homepage (SMH) <= 2.1.12 - 'message.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30846/info HP System Management Homepage SMH is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the conte...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

PhxContacts 0.93 Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17307/info PhxContacts is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

Opera 10.61 - DLL Hijacking Exploit (dwmapi.dll)

No description provided by source. / Exploit Title: Opera DLL Hijacking Exploit dwmapi.dll Date: 24/08/2010 Author: Nicolas Krassas http://twitter.com/Dinosn Version: Opera 10.61 Tested on: Windows XP SP3 The code is based on the exploit from TheLeader Vulnerable extensions: .htm .mht .mhtml .xht...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

webgrind 1.0 (file param) Local File Inclusion Vulnerability

No description provided by source. webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Meeting Room Booking System (MRBS) 1.2.6 day.php area Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

Mambo Site Server 4.0.14 contact.php Unauthorized Mail Relay

No description provided by source. source: http://www.securityfocus.com/bid/8647/info It has been reported that Mambo Open Source Server is prone to multiple input validation vulnerabilities that may allow remote attackers to inject malicious SQL syntax into database queries and send anonymous...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

MPG123 0.59 Remote File Play Heap Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8680/info A problem in the handling of some types of remote files has been reported in mpg123. Because of this, it may be possible for a remote attacker to execute arbitrary code with the privileges of the mpg123 user. /...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Mountain Network Systems WebCart 8.4 Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by the script. WebCart...

6.7AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

IBM AIX <= 4.3.1 adb Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/520/info adb is the debugger that ships with IBM's AIX operating system. It is possible for a local user to cause a local denial of service through exploiting the version of adb shipped with AIX 4.2 through 4.3.1. The...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

PHPOpenChat 3.0.1 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12841/info PHPOpenChat is reportedly affected by multiple remote HTML injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in dynamically...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Maxthon3 about:history XCS Trusted Zone Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Magic Photo Storage Website user/logout.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

MyClientBase 0.12 - Multiple Vulnerabilities

No description provided by source. Title: ====== MyClientBase v0.12 - Multiple Web Vulnerabilities Date: ===== 2012-04-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=511 VL-ID: ===== 511 Introduction: ============= MyClientBase is a simple, intuitive, free and open...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

Symantec End Point Protection 11.x & Symantec Network Access Control 11.x LCE PoC

No description provided by source. Symantec End Point Protection 11.x & Symantec Network Access Control 11.x Local Code Execution POC Date: 22/05/2012 Author: 41.w4r10r Software Link: Symantec.com Version: 11.x Tested on: Windows XP SP2 English Windows XP SP3 English Windows Vista 32Bit Windows 7...

7.2CVSS6.5AI score0.0146EPSS
Exploits7
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Cisco CBOS 2.x Multiple TCP Connection Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3236/info CBOS is the Cisco Broadband Operating System, firmware designed for use on Cisco 600 series routers. It is maintained and distributed by Cisco Systems. CBOS becomes unstable when it receives multiple TCP...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•39 views

SPBAS Business Automation Software 2012 - Multiple Vulnerabilities

No description provided by source. SPBAS Business Automation Software- XSS & CSRF Vulnerability Date: 16 June 2013 Author: Christy Philip Mathew - www.offcon.org Vendor or Software Link: http://www.spbas.com Version: 2012 1.XSS Vulnerability a Client Area - My Info - Update the first name and las...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

WordPress WP-FeedStats 2.1 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25085/info The WP-FeedStats plugin for WordPress is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to execute HTML...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

Unify eWave ServletExec 3.0 c DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1868/info Unify eWave ServletExec is a Java/Java Servlet engine plug-in for major web servers such as Microsoft IIS, Apache, Netscape Enterprise Server, etc. eWave ServletExec is susceptible to a denial of service attack ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

osCommerce 2.2 admin/countries.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

The Includer CGI <= 1.0 - Remote Command Execution (1)

No description provided by source. !/usr/bin/perl Target - The Includer CGI = 1.0 Based on - http://www.milw0rm.com/id.php?id=862 Info about bug - Stupid use Open function. If you want know more visit our home page at nst.void.ru use IO::Socket; if @ARGV 3 print \n Includer CGI = 1.0 Network...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

PunBB <= 2.0.10 (Register Multiple Users) Denial of Service Exploit

No description provided by source. / Name: NST-Exploit Punbb 2.0.10 Denial Of Service Copyright: NeoSecurity Author: K4P0 ./NST-XplPunbb www.victim.com 2.0.0.6 /punbb/ PunBB 2.0.10 Denial of Service exploit by K4P0 Use only at your own reputation risk! ; www.NeoSecurityTeam.net 1 - Trying if...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

Joomla (com_jbpublishdownfp) SQL Injection Vulnerability

No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

Exhibit Engine 1.22 fstyles.php toroot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20793/info Exhibit Engine Software is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

.NET Runtime Optimization Service Privilege Escalation Exploit 0day

No description provided by source. / Exploit Title: .NET Runtime Optimization Service Privilege Escalation Date: 03-07-2011 Author: XenoMuta [email protected] Version: v2.0.50727 Tested on: Windows XP sp3, 2003 R2, 7 CVE : n/a | |/ / / |/ / / / | / / / / /|/ / / / / / / / / / / / / // / / /...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

phpAutoVideo 2.21 index.php cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27346/info phpAutoVideo is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to execute...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

id software quake ii server 3.2 - Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11551/info Multiple remote vulnerabilities have been reported to affect Quake II. These issues are due to boundary condition checking failures, access validation failures and failures to handle exceptional conditions. An...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•31 views

CrystalPlayer 1.98 - (.mls) Local Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl Crystal Player 1.98 Playlist.mls File Local Buffer Overflow Exploit Source:: http://www.crystalplayer.com/CrystalPro.exe Credit To Timq For The Vulnerability POC By Arham Muhammad While Debugging EIP And EBP Successfully Gets Overwritten! Upon...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

DMXReady Job Listing <= 1.1 - Remote Contents Change Vulnerability

No description provided by source. Title : DMXReady Job Listing = 1.1 Remote Contents Change Vulnerability Author : ajann from Turkey Contact : : S.Page : http://www.dmxready.com $$ : 49.97 $ Dork : inurl:incjoblistingmanager.asp DorkEx :...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

myBloggie 2.1.5 login.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

AppIntellect SpotLight CRM Login.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21521/info AppIntellect SpotLight CRM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Qualcomm qpopper 2.4 POP Server Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/133/info A number of buffer-overflow issues reside in versions prior to 2.5 of Qualcomm's 'qpopper' program. Exploiting this issue allows a remote attacker to execute arbitrary commands on hosts that are running a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

XOOPS MyTutorials Module 2.1 - 'printpage.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28230/info MyTutorials is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•22 views

Invision Power Board 1.3 Pop Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9822/info It has been reported that Invision Power Board may be prone to a cross-site scripting vulnerability. This may allow a remote attacker to cause hostile HTML or script code to be rendered in a user's browser via a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•46 views

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

No description provided by source. Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issu...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

PHP-Nuke 4nChat Module 0.91 - 'roomid' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28128/info The 4nChat module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

Mp3-Nator 2.0 - Buffer Overflow Exploit (SEH)

No description provided by source. !usr/bin/python Exploit Title: Exploit Buffer Overflow MP3-Nator Date: 10\11\2010 Author: C4SS!0 G0M3S Software Link: http://www.brothersoft.com/d.php?softid=16524&url=http%3A%2F%2Ffiles.brothersoft.com%2Fmp3audio%2Fplayers%2Fmp3nator.zip Version: 2.0 Tested on:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

iMesh 7 'IMWebControl' ActiveX Control Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26916/info iMesh is prone to a code-execution vulnerability because the application fails to sanitize user-supplied data, which can lead to memory corruption. Successfully exploiting this issue allows remote attackers to...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

whitsoft slimserve ftpd 1.0/2.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2452/info SlimServ FTPd is a free ftp server distributed and maintained by WhitSoft Development. SlimServe FTPd is designed to offer ftp services to the Microsoft Windows platform. A problem with the SlimSoft FTP daemon...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit

No description provided by source. !/bin/sh echo echo mtink libXm local root exploit echo [email protected] echo umask 000 export DEBUGFILE=/etc/ld.so.preload cat /tmp/lib.c EOF include unistd.h void initvoid if getuid!=0 && geteuid==0 setuid0; unlink/etc/ld.so.preload; execl/bin/bash, bash, 0; EOF...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

GOM Player 2.2.56.5158 - .avi File Handling Memory Corruption Vulnerability

No description provided by source. !/usr/bin/python Exploit Title: GOM Player Version 2.2.56.5158 .avi File Handling Memory Corruption Vulnerability Date: 2013/12/19 Exploit Author: ariarat Software Link:...

4.3CVSS6.6AI score0.02209EPSS
Exploits3
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•42 views

Icy Phoenix 1.3.0.53a HTTP Referer stored XSS

No description provided by source. Exploit Title: Icy Phoenix 1.3.0.53a http referer stored XSS Google Dork: Powered by Icy Phoenix http://www.icyphoenix.com/ Date: 16-2-2011 Author: Saif El-Sherei Software Link: http://www.icyphoenix.com/dload.php?action=file&fileid=171 Version: Icy Phoenix...

7.1AI score
Exploits0
Total number of security vulnerabilities56796