Lucene search
K
SeebugRecent

56796 matches found

seebug.org
seebug.org
added 2016/09/18 12:0 a.m.23 views

Joomla jVoteSystem 2.56 Component parameter keyword XSS vulnerability

0x01 vulnerability profile Joomla jVoteSystem 2.56 Component parameters keyword the presence of a reflective XSS vulnerability. 0x02 vulnerability analysis http://www.9u4u.be/index.php?option=comjvotesystem&view=polls&cat=cw&keyword=1&Itemid=12jvotesystem Construct the following payload: 1"...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2016/09/18 12:0 a.m.31 views

Tenda ADSL2/2+ Modem 963281TAN - not authorized to modify the DNS

No description provided by source. if $ -gt 3 || $ -lt 2 ; then echo " Tenda ADSL2/2+ Modem 963281TAN " echo " Unauthenticated Remote DNS Change Exploit" echo " ===================================================================" echo " Usage: $0 " echo " Example: $0 133.7.133.7 8.8.8.8" echo "...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/18 12:0 a.m.16 views

PLANET VDR-300NU ADSL Router - not authorized to modify the DNS

No description provided by source. if $ -gt 3 || $ -lt 2 ; then echo " PLANET VDR-300NU ADSL ROUTER " echo " Unauthenticated Remote DNS Change Exploit" echo " ===================================================================" echo " Usage: $0 " echo " Example: $0 133.7.133.7 8.8.8.8" echo "...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/18 12:0 a.m.43 views

PHPCMS V9 version of the background design flaws lead to arbitrary code execution vulnerability

Source link: http://www.cnbraid.com/ 0x01 background Since the default after installation requires Super administrator privileges, so the vulnerability is very tasteless, but the feeling should be in other cms, there are also, so the main share under the mining idea PS: using the test environment...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.20 views

VideoIQ Camera local file inclusion vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.17 views

PHPIPAM v1.1.010 Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.17 views

PHP 'bcmath.c' Multiple Local Heap Overflow Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.23 views

Web Idea Pakistan product.php parameter pID SQL Injection

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.22 views

Strongsoft AjaxDeleteMsgInfo. ashx parameters msgid a SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.164 views

Atlassian Confluence arbitrary file include Vulnerability (CVE-2015-8399)

Affect the Assembly: Atlassian Confluence Atlassian Confluence is less than 5. 8. 17 versions of the service exist in the arbitrary file read and directory traversal vulnerabilities /spaces/viewdefaultdecorator. action? decoratorName=. Lists the current directory /spaces/viewdefaultdecorator...

4CVSS5.4AI score0.61114EPSS
Exploits5
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.29 views

LamaHub 0.0.62 remote code execution vulnerability

No description provided by source. import socket HOST = 'localhost' PORT = 4111 s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.connectHOST, PORT buf = "" buf += "\x24\x53\x75\x70\x70\x6f\x72\x74\x73\x20\x55\x73" buf += "\x6c\x6c\x6f\x20\x49\x50\x32\x20\x65\x61\x72\x63" buf +=...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/14 12:0 a.m.13 views

Strongsoft FloodDisastersQueryContent. aspx parameters DirTypeDetailId SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/13 12:0 a.m.17 views

WordPress RB Agency Plugin 2.4.7 - local file inclusion

漏洞出现在/ext/forcedownload.php http://server/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../../../../../etc/passwd...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/13 12:0 a.m.26 views

PHP 5.0.0 - 'fbird_[p]connect()' local denial of service

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/13 12:0 a.m.1009 views

MySQL <= 5.7.15 remote Root code execution vulnerability

http://legalhackers.com - dawid at legalhackers.com - Release date: 12.09.2016 I. VULNERABILITY ------------------------- MySQL = 5.7.15 Remote Root Code Execution / Privilege Escalation 0day 5.6.33 5.5.52 MySQL clones are also affected, including: MariaDB PerconaDB II. BACKGROUND...

10CVSS9.4AI score0.6773EPSS
Exploits22
seebug.org
seebug.org
added 2016/09/13 12:0 a.m.13 views

PHP 5.0.0 - 'snmpwalkoid()' local denial of service

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/13 12:0 a.m.14 views

Navicat Premium 11.2.11 (64bit) Local Password Disclosure

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/12 12:0 a.m.418 views

SugarCRM v6. 5. 23 PHP deserialize an object injection vulnerability

Author: p0wd3r know Chong Yu 404 security lab Date: 2016-09-12 0x00 vulnerability overview 1. Vulnerability description SugarCRM(http://www.sugarcrm.com/ is a set of open source Customer Relationship Management System. Recent researchers found in its=6.5.23 version exists in the deserialization...

7.5CVSS8.9AI score0.16482EPSS
Exploits2
seebug.org
seebug.org
added 2016/09/12 12:0 a.m.11 views

UF FE /sysform/003/editflow_manager. jsp parameters of the UID injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.12 views

MySQL 5.5.45 (64bit) - local credential information disclosure

No description provided by source. mport time from winappdbg import Debug, Process def b2hstr: return ''.join"%02X " % ordx for x in str.strip def h2bstr: bytes = str = ''.joinstr.split" " for i in range0, lenstr, 2: bytes.appendchrintstri:i+2, 16 return ''.joinbytes usr = '' pwd = '' count = 0...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.172 views

泛微 OA /js/swfupload/swfupload.swf xss漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.28 views

UF A6 /yyoa/assess/js/initDataAssess. jsp information disclosure

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.109 views

Adobe ColdFusion < 11 Update 10 - XML external entity injection

Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - APSB16-30 - Release date: 31.08.2016 I. VULNERABILITY Adobe ColdFusion = 11 XML External Entity XXE Injection II. BACKGROUND "Adobe ColdFusion 11 Enterprise Edition offers a single platform to rapidly build and...

6.4CVSS9.3AI score0.69044EPSS
Exploits7
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.12 views

UF FE /flex/newsmessage. jsp parameter uname injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/09 12:0 a.m.42 views

ZKTeco ZKAccess Security System 5.3.1 - stored XSS

Application description ZKAccess systems are built on flexible, open technology to provide management, real-time monitoring and control of your access control changes, access via a browser,without the need to install additional software. Security infrastructure devices centralized management,...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2016/09/07 12:0 a.m.21 views

Joomla Extra Search v2.2.8 SQL Injection

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/07 12:0 a.m.12 views

UF FE /feform/createprinttemplete. jsp parameters formid injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/07 12:0 a.m.26 views

Belkin F9K1122v1 1.00.30 - Buffer Overflow (via Cross-Site Request Forgery)

No description provided by source. import socket, sys , base64, struct, string, urllib from getopt import getopt as GetOpt, GetoptError from uuid import getnode as getmac import SimpleHTTPServer, SocketServer TIMELINE ''' 3/16/2016 - First Submission to Belkin no response 5/3/2016 - Second...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/07 12:0 a.m.34 views

Forticlient ™ end-SSLVPN 5.4 - credentials information disclosure

No description provided by source. from winappdbg import Debug, Process, HexDump import sys filename = "FortiTray.exe" 程序名 searchstring = "fortissl" 当用户凭证存储在进程内存中,模仿偏移 查询用户凭证函数 def memorysearch pid, strings : process = Process pid memdump =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/07 12:0 a.m.23 views

ZKTeco ZKBioSecurity 3.0 hard-coded login credentials and remote system command execution

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/07 12:0 a.m.24 views

UF FE /admin/systemXml/system-bean. xml information disclosure vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.29 views

WordPress CYSTEME Finder plugin arbitrary file disclosure+upload vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.25 views

Wordpress timthumb-config. php arbitrary File Download

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.20 views

UF FE office platform /security/role_add_user. jsp parameters searchValue SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.25 views

Joomla com_offices parameter file SQL blind injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.20 views

Joomla com_jsjobs parameters oi SQL injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.16 views

UF FE /feReport/chartList. jsp parameter reportId injection vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.23 views

NScan 0.91 local code execution vulnerability

No description provided by source. import struct rp=struct.pack"L", 0x75658BD5 JMP ESP kernel32 Modified 'calc.exe' shellcode Windows 7 SP1 for this exploit sc="\x31\xF6\x56\x64\x8B\x76\x30\x8B\x76\x0C\x8B\x76\x1C\x8B" "\x6E\x08\x8B\x36\x8B\x5D\x3C\x8B\x5C\x1D\x78\x01\xEB\x8B"...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/05 12:0 a.m.10 views

ZKTeco ZKBioSecurity 3.0 - (visLogin. jsp) Local Authentication bypass

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/03 12:0 a.m.23 views

ENOMSOFT product.php parameter id SQL Injection

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/03 12:0 a.m.25 views

PHP 5.0.0 - imap_mail() local denial of service

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/03 12:0 a.m.21 views

qBit /pages/getPage parameter p SQL Injection

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.api.request import req from pocsuite.api.poc import register from pocsuite.api.poc import Output, POCBase import re import random import hashlib class TestPOCPOCBase: vulID = '1' ssvid version = '1.0' author =...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/02 12:0 a.m.12 views

ESPCMS File Download information disclosure vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/02 12:0 a.m.23 views

Simpla Admin v1.02 single-ads.php parameter ID SQL Injection

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/02 12:0 a.m.14 views

erduo music \source\user\blog\ajax.php the variable content stored XSS

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/02 12:0 a.m.266 views

HelpDeskZ 1.0.2 unauthorized Shell upload

No description provided by source. ''' Exploit Title: HelpDeskZ /submitticketcontroller.php - Line 141 $filename = md5$FILES'attachment''name'.time.".".$ext; So by guessing the time the file was uploaded, we can get RCE. Steps to reproduce:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/01 12:0 a.m.29 views

WordPress Catpro Gallery plugin arbitrary file upload vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/01 12:0 a.m.20 views

WordPress Vertical Gallery plugin arbitrary file upload vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/01 12:0 a.m.23 views

cmseasy /imageUp.php xss vulnerability

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2016/09/01 12:0 a.m.14 views

Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR readfile. cgi information disclosure vulnerability

No description provided by source...

7.1AI score
Exploits0
Total number of security vulnerabilities56796