Lucene search
+L
SeebugRecent

56796 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.41 views

thttpd <= 2.24 HTTP Request Escape Sequence Terminal Command Injection

No description provided by source. source: http://www.securityfocus.com/bid/37714/info Acme 'thttpd' and 'minihttpd' are prone to a command-injection vulnerability because they fail to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Inktomi Traffic Server 4.0/5.x Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7596/info Inktomi Traffic Server is prone to a cross-site scripting vulnerability. This is due to insufficient sanitization of input passed to the proxy, which will be echoed back in error pages under some circumstances. ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Bifrost 1.2.1 - Remote Buffer OverFlow

No description provided by source. !/usr/bin/python2.7 By : Mohamed Clay import socket from time import sleep from itertools import izip, cycle import base64 import sys def rc4cryptdata, key: x = 0 box = range256 for i in range256: x = x + boxi + ordkeyi % lenkey % 256 boxi, boxx = boxx, boxi x =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

IPsec-Tools Prior to 0.7.2 - Multiple Remote Denial of Service Vulnerabilities

No description provided by source. / racoon-isakmp-dos.c Copyright c 2009 by [email protected] ipsec-tools racoon frag-isakmp DoS POC by mu-b - Thu Apr 02 2009 - Tested on: ipsec-tools-0.7.1 - Private Source Code -DO NOT DISTRIBUTE - http://www.digit-labs.org/ -- Digit-Labs 2009!@$! / include...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

GForge < 4.6b2 (skill_delete) Remote SQL Injection Vulnerability

No description provided by source. Sql Injection Vulnerability In GForge Portcullis Security Advisory 07-014 Vulnerable System: All current versions till 4.6b2 Vulnerability Title: Sql Injection Vulnerability Discovery and Development: Portcullis Security Testing Services. Credit for Discovery:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Tux CMS 0.1 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Red Hat TUX 2.1 .0-2 HTTP Server Oversized Host Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3506/info TUX is a kernel based HTTP server released under the GNU General Public License. It is able to serve static content, cache dynamic content, and coordinate with other HTTP servers to produce dynamic content. An...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

makit news/blog poster 3.1 - DB Download Vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.6 views

Sphera HostingDirector 1.0/2.0/3.0 VDS Control Panel Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7899/info Sphera HostingDirector VDS Control Panel has been reported prone to several cross-site scripting attacks. The vulnerabilities exist due to insufficient sanitization of user-supplied input for certain URI...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Bitweaver CMS 1.3 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17406/info Bitweaver CMS is prone to multiple cross-site scripting vulnerabilities. Thess issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Cisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSuserCGI.exe' Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28222/info Cisco User-Changeable Password UCP is prone to multiple remote vulnerabilities, including cross-site scripting and buffer-overflow vulnerabilities. Exploiting the cross-site scripting issues may help the attack...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Microsoft Internet Explorer 5.0.1 Invalid Byte Cross-Frame Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/197/info On January 28, 1999, Georgi Guninski originally reported a vulnerability in Internet Explorer 4.x. Internet Explorer 4.x's implentation of Cross-frame security could be bypassed if %01 is appended to an arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Symantec Remote Management Buffer Overflow

No description provided by source. $Id: symantecrtvscan.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Data 1 Systems UltraBB 1.17 'view_post.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38097/info Data 1 Systems UltraBB is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Microsoft Windows Movie Maker <= 2.6.4038.0 DLL Hijacking Exploit (hhctrl.ocx)

No description provided by source. / Exploit Title: Microsoft Windows Movie Maker = 2.6.4038.0 DLL Hijacking Exploit hhctrl.ocx Date: 24/08/2010 Author: TheLeader Email: gsog2009 a7 hotmail d0t com Software Link:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

SoftBiz Web Hosting Directory Script 1.1 browsecats.php cid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Check Point Firewall-1 4 SecureRemote Network Information Leak Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3058/info SecureRemote is the proprietary VPN infrastructure designed by Check Point Software, and included with some versions of Firewall-1. A problem with the package allows remote users to gain information about intern...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Trend Micro Virus Control System 1.8 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6617/info A denial of service vulnerability has been reported for Trend Micro TVCS. The vulnerability occurs when numerous requests for 'activesupport.exe' are made. This will cause the web server to stop responding to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

iOS SideBooks 1.0 - Directory Traversal

No description provided by source. Exploit Title: SideBooks v1.0 for iPhone / iPod touch, Directory Traversal Date: 02/22/2011 Author: R3d@l3rt, Sp@2K, Sunlight, Hackkey Software Link: http://itunes.apple.com/kr/app/sidebooks/id409777225?mt=8 Version: 1.0 Tested on: iPhone, iPod 3GS with 4.2.1...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

TFTP Server TFTPDWin 0.4.2 Unspecified Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23937/info TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

ProSysInfo TFTP server TFTPDWIN <= 0.4.2 Univ. Remote BOF Exploit

No description provided by source. !/usr/bin/perl ProSysInfo TFTP server TFTPDWIN = 0.4.2 Universal Remote Buffer Overflow Exploit Works on all Windows versions. ---------------------------------------- Exploit by SkD [email protected] Let's take a description from their page at:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

CSSearch 2.3 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to execute Pe...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.43 views

MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

9.3CVSS0.73753EPSS
Exploits14
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

AwStats <= 6.4 - Denial of Service

No description provided by source. !/usr/bin/perl Summarized the advisory www.ghc.ru GHC: /str0ke 0 Exploitable example raw log plugin: Attacker can read sensitive information http://server/cgi-bin/awstats-6.4/awstats.pl?pluginmode=rawlog&loadplugin=rawlog 1 Perl code execution. This script...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Joomla Component com_software SQL Injection Vulnerability

No description provided by source. Title : Joomla Component comsoftware SQL Injection Vulnerability Author: DevilZ TM Data : 2010-03-24 InformatioN Title : Joomla Component comsoftware SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Email :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Joomla Component com_ops SQL Injection Vulnerability

No description provided by source. Title : Joomla Component comops SQL Injection Vulnerability Author: DevilZ TM Data : 2010-04-02 InformatioN Title : Joomla Component comops SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Email : [email protected]...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Joomla Component com_sbsfile Local File Inclusion

No description provided by source. InformatioN Title : Joomla Component comsbsfile Local File Inclusion Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

TaskTracker <= 1.5 (Customize.asp) Remote Add Administrator Exploit

No description provided by source. !-- Title : TaskTracker All Version Remote Add Admin Exploit Author : ajann Contact : : S.Page : http://www.geckovich.com $$ : $39.99 - $19.99 -- FORM NAME=AddUser METHOD=POST ACTION=http://target/path/Customize.asp?a=Add style=word-spacing: 0; margin-top: 0;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

AWStats (6.0-6.2) configdir Remote Command Execution Exploit (perl code)

No description provided by source. !/usr/bin/perl ---GHC--------------------------------- Remote command execution exploit Product: Advanced Web Statistics 6.0 - 6.2 URL:http://awstats.sourceforge.net Greets & respects to our friends: 1dt.w0lf and all rst.void.ru Special greets 2 d0G4 & cr0n for...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.61 views

LANDesk Management Gateway 'gsb/drivers.php'代码注入漏洞

No description provided by source. 1. Advisory Information Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL: http://www.coresecurity.com/content/landesk-os-command-injection-vulnerability Date published: 2010-11-10 Date of last update: 2010-11-10 Vendors contacted:...

8.5CVSS6.5AI score0.03508EPSS
Exploits6
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

WSMP3 0.0.x Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7642/info A vulnerability has been reported in WsMp3. The problem occurs due to insufficient sanitization of HTTP GET requests. As a result, an attacker may be capable of accessing the contents of sensitive system...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Microsoft Paint Integer Overflow Vulnerability (DoS) MS10-005

No description provided by source. Date: 2010-05-04 Version: 5.1.2600.2180 Tested on: Windows XP SP2 Exploit-DB Notes: Tested under 32-bit Windows XP SP3 ENG, MS Paint crashes. However, please note this exploit might not actually be related to MS10-005. Thanks to Yaniv Miron. !/usr/bin/perl $PoC ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

phpMyAdmin <= 3.0.1 'pmd_pdf.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31928/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Google Chrome 0.2.149 - ftp:// URL Multiple File Format Handling XSS

No description provided by source. source: http://www.securityfocus.com/bid/31855/info Google Chrome 0.2.149 is prone to a cross-site scripting weakness that arises because the software fails to handle specially crafted files served using the FTP protocol. Successfully exploiting this issue may...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

PhpMyAdmin 2.x sql.php pos Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

WordPress Trashbin Plugin 0.1 'mtb_undelete' Parameter Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37097/info The Trashbin plugin for WordPress is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrar...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

CuteNews 1.4.6 editnews Module doeditnews Action Admin Moderation Bypass

No description provided by source. source: http://www.securityfocus.com/bid/36971/info CuteNews and UTF-8 CuteNews are prone to multiple vulnerabilities, including cross-site scripting, HTML-injection, information-disclosure, arbitrary-script-injection, and security-bypass issues. Note that...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Kaspersky Internet Security 2013 - Denial of Service Vulnerability

No description provided by source. I usually do not write security advisories unless absolutely necessary. This time I should, however I have neither the time, nor the desire to do so. But Kaspersky did not react, so ... quick and dirty: Kaspersky Internet Security 2013 and any other Kaspersky...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Foojan PHPWeblog Html Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14658/info Foojan PHPWeblog is prone to an HTML injection vulnerability. This is due to a lack of proper sanitization of user-supplied input. Attacker-supplied HTML and script code would be executed in the context of the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.28 views

Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability

No description provided by source. Exploit Title: ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability Date: 2010-04-08 Author: ZSploit.com Software Link: N/A Version: N/A Tested on: IBM Informix Dynamic Server 10.0 CVE : CVE-2009-2754 ! /usr/bin/env python...

10CVSS0.3AI score0.40321EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Gnat-TGP <= 1.2.20 Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class GnatTGPRemoteFileIncludePOCBase: vulID = '67834' version = '1' vulDate = '2010-03-03' author = ' '...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MoinMoin 1.5.x Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23676/info MoinMoin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Rapid Classified 3.1 search.asp SH1 Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21197/info Rapid Classified is prone to multiple input-validation issues, including multiple cross-site scripting issues and an SQL-injection issue, because the application fails to properly sanitize user-supplied input. ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Asterisk Recording Interface 0.7.15 Audio.PHP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17641/info Asterisk Recording Interface is prone to an information-disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Shoutbox 1.0 Shoutbox.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25254/info Shoutbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlyin...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

PHProjekt 2.x/3.x Login Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4596/info PHProjekt is a freely available, open source PHP Groupware package. It is actively maintained by the PHPProjekt Development Team. It will run on most Linux and Unix variants, in addition to Microsoft Windows...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Joomla Component com_ranking SQL Injection Vulnerability

No description provided by source. Title : Joomla Component comranking SQL Injection Vulnerability Author: DevilZ TM Data : 2010-04-05 InformatioN Title : Joomla Component comranking SQL Injection Vulnerability Author : DevilZ TM By D3v1l.blackhat Homepage : http://www.DEVILZTM.com Email :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

PHP Live! 3.2.2 index.php l Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21737/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Aj Classifieds - For Sale 3.0 - Remote Shell Upload Vulnerability

No description provided by source. AJClassifieds Merchandise RFu script down: http://www.ajclassifieds.net/demo/ajclassifiedsme/ClassifiedsMerchandise/ ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 16.01.09 Home: z0rlu.blogspot.com...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Spyce 2.1.3 spyce/examples/formtag.spy Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27898/info Spyce is prone to multiple input-validation vulnerabilities that can lead to information disclosure or client-side script execution. An attacker may leverage these issues to execute arbitrary script code in the...

7.1AI score
Exploits0
Total number of security vulnerabilities56796