Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

SiteBar <= 3.3.8 (translator.php) upd cmd Action edit Variable Arbitrary PHP Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

Bitrix Site Manager 6/7 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33689/info Bitrix Site Manager is prone to multiple input-validation vulnerabilities: - An authentication-bypass vulnerability - A cross-site scripting vulnerability An attacker may leverage these issues to gain...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

vBulletin 3.0.10 Portal.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18197/info vBulletin is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•17 views

InstantASP 4.1 Members1.aspx Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22052/info InstantForum.NET is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

artmedic webdesign weblog Multiple Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/27797/info artmedic webdesign weblog is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these issues may allow an attacker to access potentially...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

ultrascripts ultraboard 1.6 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1164/info UltraBoard 1.6 and possibly all 1.x versions is vulnerable to a directory traversal attack that will allow any remote browser to download any file that the webserver has read access to. On Windows instalations,...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•46 views

VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow

No description provided by source. $Id: vlcmodplugs3m.rb 12282 2011-04-08 15:48:53Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 beta Mail Logging Buffer Overflow (2)

No description provided by source. source: http://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely exploitable buffer overflow vulnerability. If Sniff...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Softbiz Classifieds Script gallery.php radio Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/32569/info Softbiz Classifieds Script is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary scri...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

Skype Technologies Skype 1.5 NSRunAlertPanel Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20218/info Skype is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before using it in the format-specification argument of a formatted-printing functio...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

YenerTurk Haber Script 1.0 - Remote SQL Injection Vulnerability

No description provided by source. YenerTurk Haber Script v1.0 SQL Injection Vulnebrality Credit:ASIANEAGLE Contact:[email protected] Exploit: Admin Nick: http://SITE/Path to...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•30 views

Yealink VoIP Phone SIP-T38G - Local File Inclusion

No description provided by source. Title: Yealink VoIP Phone SIP-T38G Local File Inclusion Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team Vendor Homepage: http://www.yealink.com/Companyprofile.aspx Version: VoIP Phone SIP-T38G CVE: CVE-2013-5756, CVE-2013-5757 Description: Web interface...

4CVSS0.1AI score0.03059EPSS
Exploits11
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•32 views

Gopher <= 3.0.9 (+VIEWS) Remote (Client Side) Buffer Overflow Exploit

No description provided by source. / gopherv3.0.9+: remote client buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xgopher-client.c -o xgopher-client syntax: ./xgopher-client port bindshell port The Internet Gopher Client is based on the UMN Gopher/Gopherd 2.3....

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

Foxit WAC Remote Access Server 2.0 Build 3503 - Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27873/info Foxit WAC Remote Access Server is prone to a heap-based buffer-overflow vulnerability. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

RedHat 6.2/7.0/7.1 Lpd Remote Command Execution via DVI Printfilter Configuration Error

No description provided by source. source: http://www.securityfocus.com/bid/3241/info 'dvips' is a utility that converts DVI documents to PostScript. It is an optional component of the TeTeX text formatting package. When installed on a system where LPRnG and TeTeX are in use, 'dvips' will be...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

phpcksec 0.2 'phpcksec.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32890/info The 'phpcksec' script is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•11 views

Jamroom <= 3.3.8 Cookie Authentication Bypass Vulnerability and Multiple Unspecified Security Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30406/info Jamroom is prone to fourteen security vulnerabilities, including an authentication-bypass vulnerability that occurs because the application fails to verify user-supplied data. Very few technical details are...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•14 views

Compaq Web-Based Management Agent Access Violation Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8015/info Compaq Web-Based Management Agent has been reported prone to a remote denial of service vulnerability when handling malformed GET requests. The resulting error reports an access violation, effectively causing th...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•37 views

HP-UX FTPD <= 1.1.214.4 "REST" Remote Brute Force Exploit

No description provided by source. / Author: phased /str0ke / include sys/types.h include sys/socket.h include netinet/in.h include arpa/inet.h include netdb.h include stdio.h include unistd.h int main int argc, char argv int sock, rc; long int i; struct sockaddrin saddr; struct hostent h; char...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•10 views

Okyanusmedya Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24285/info Okyanusmedya is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•32 views

FTPx FTP Explorer 1.0 .00.10 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1003/info FTP Explorer includes the option to store profiles of visited FTP sites. The user's name and password can also be stored. These stored values are kept in the registry, under the key HKCU\Software\FTP...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

VerliAdmin 0.3 'index.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34845/info VerliAdmin is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script cod...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•23 views

MySource 2.14 mimeDecode.php PEAR_PATH Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Kerio Mailserver 5.6.3 do_map Module Overflow

No description provided by source. source: http://www.securityfocus.com/bid/7967/info Multiple buffer overrun vulnerabilities have been discovered in Kerio MailServer, which affect the webmail component. The problem occurs when handling usernames of excessive length and likely occurs due to...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

Joomla Tags (index.php, tag parameter) SQL Injection

No description provided by source. Exploit Title: Joomla tag Remote Sql Exploit dork: inurl:index.php?option=comtag Date: 18-10-2012 Author: Daniel Barragan D4NB4R Twitter: @D4NB4R Vendor: http://www.joomlatags.org Version: all License: Non-Commercial Download:...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

WinWebMail 3.7.3 - IMAP Login Data Handling Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28721/info WinWebMail is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input. Remote attackers can exploit this issue to crash the server and deny service...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

Netcut 2.0 - Denial of Service Vulnerability

No description provided by source. !/usr/bin/env python Exploit Title: Netcut Denial of Service Vulnerability Author: MaYaSeVeN Blog: http://mayaseven.blogspot.com PoC: Video http://www.youtube.com/user/mayaseven Picture...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

EQDKP <= 1.3.1 Show Variable Cross-Site Scripting Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•34 views

SQL Injection Entry Level Content Management System (EL CMS)

No description provided by source. + Contact : vir0e5athackermaildotcom + Group : TECON The Eye COnference Indonesia + Site : http://tecon-crew.org Software Information +SOftware : Entry Level Content Management System EL CMS +vendor : http://www.entrylevelcms.com/ +Vulnerability : SQL Injection...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•27 views

WD-CMS 3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3 --------------------------------------------------------------...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

MySmartBB 1.7 Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/38385/info MySmartBB is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•13 views

Linux Kernel 2.4.22 "do_brk()" local Root Exploit (PoC)

No description provided by source. ; Christophe Devine devine at cr0.net and Julien Tinnes julien at cr0.org ; ; This exploit uses sysbrk directly to expand his break and doesn't rely ; on the ELF loader to do it. ; ; To bypass a check in sysbrk against available memory, we use a high ; virtual...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

PostNuke 0.76 RC2 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18319/info PostNuke is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection vulnerabilities, because the application fails to properly sanitize user-supplied input. A...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•26 views

PHP 5.2.11/5.3.0 - Multiple Vulnerabilities

No description provided by source. ?php / PHP 5.2.11/5.3.0 symlink openbasedir bypass by Maksymilian Arciemowicz http://securityreason.com/ cxib a.T securityreason d0t com CHUJWAMWMUZG / $fakedir=cx; $fakedep=16; $num=0; // offset of symlink.$num if!empty$GET'file' $file=$GET'file'; else...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•15 views

eFront 3.5.5 'langname' Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38787/info eFront is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execut...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Aestiva HTML/OS 2.4 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5618/info Aestiva HTML/OS is a database engine and development suite for building websites and web-based software products. HTML/OS does not sufficiently sanitize metacharacters from error message output. In particular,...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

Mandrake 6.x,RedHat 6.x,Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM Path Vulnerability (1)

No description provided by source. Mandrake 6.0/6.1,RedHat 6.0/6.1,Turbolinux 3.5 b2/4.2/4.4/6.0.2 userhelper/PAM Path Vulnerability 1 source: http://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, it is possible to get root locally on...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•16 views

Cisco PIX 4.x/5.x TACACS+ Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2551/info PIX is an enterprise firewall engineered and maintained by Cisco Systems. It is designed to provide robust features and multiple methods of access control and filtering. A problem with the PIX could allow a deni...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•75 views

Apache Tomcat <= 6.0.15 Cookie Quote Handling Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27706/info Apache Tomcat is prone to an information-disclosure vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to access potentially sensitive data that may aid i...

4.3CVSS5.3AI score0.16944EPSS
Exploits4
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Microsoft Word 97/98/2002 Malformed Document Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8761/info It has been reported that Microsoft Word is prone to a vulnerability that may allow an attacker to crash the software. The problem occurs when an attacker modifies the memory structure of a Word document. If a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

Mesh Viewer 0.2.2 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12025/info It is reported that Mesh Viewer is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it into a...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•203 views

Mambo phpShop Component <= 1.2 RC2b File Include Vulnerability

No description provided by source. Affected Application: Mambo phpShop v1.2 RC2b Mambo CMS Component . . : contact : . . . . . . . . . . . . . . . . . . . . . . . . . . . Discoverd/Found by: Charles Nelwan a.k.a Cmaster4 Team: BatamHacker irc.dal.net crew URL: http://www.batamhacker.info/forum...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•18 views

BigAnt Server 2.50 SP1 - Buffer Overflow

No description provided by source. $Id: bigantserver250.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•24 views

Sun Java System Application Server 7.0/8.0 - Remote Installation Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10424/info It is reported that Java System Application Server is prone to a remote installation path disclosure vulnerability. This issue is due to a failure of the application to properly filter user requests. Successful...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•29 views

MySimpleNews 1.0 PHP Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5865/info MySimpleNews allows users to enter news articles through a web interface. It will allow PHP code to be injected into URI parameters of the 'users.php' script, which will be stored into a MySimpleNews file...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•20 views

LifeSize Room Command Injection

No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'LifeSize Room Command Injection', 'Description' = %q This module exploits a vulnerable...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•28 views

IceWarp Merak Mail Server 9.4.1 'Forgot Password' Input Validation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34827/info IceWarp Merak Mail Server is prone to an input-validation vulnerability because it uses client-supplied data when performing a 'Forgot Password' function. Attackers can exploit this issue via social-engineering...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•119 views

Audiotran 1.4.1 - Direct RET BoF

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•12 views

FuseTalk Forum 4.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11407/info FuseTalk Forum is reported prone to multiple input validation vulnerabilities. These issues may allow a remote attacker to carry out cross-site scripting attacks. The cause of these issues is insufficient...

7.1AI score
Exploits0
seebug.org
seebug.org
•added 2014/07/01 12:0 a.m.•25 views

AppServ Open Project 2.4.5 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16166/info AppServ Open Project is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

7.1AI score
Exploits0
Total number of security vulnerabilities56796