DB: 2016-07-10
This commit is contained in:
parent
29f0764fac
commit
c9a818eb76
10 changed files with 22 additions and 15 deletions
|
@ -31247,7 +31247,7 @@ id,file,description,date,author,platform,type,port
|
|||
34694,platforms/php/webapps/34694.txt,"ClipBucket 1.7.1 - Multiple SQL Injection Vulnerabilities",2009-07-24,Qabandi,php,webapps,0
|
||||
34695,platforms/windows/remote/34695.c,"GreenBrowser - 'RSRC32.DLL' DLL Loading Arbitrary Code Execution Vulnerability",2010-09-22,anT!-Tr0J4n,windows,remote,0
|
||||
34696,platforms/windows/remote/34696.c,"Easy Office Recovery 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-09-22,anT!-Tr0J4n,windows,remote,0
|
||||
34697,platforms/windows/remote/34697.c,"Sothink SWF Decompiler 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-09-22,anT!-Tr0J4n,windows,remote,0
|
||||
34697,platforms/windows/remote/34697.c,"Sothink SWF Decompiler - 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability",2010-09-22,anT!-Tr0J4n,windows,remote,0
|
||||
34698,platforms/windows/dos/34698.txt,"Microsoft Excel 2002 - Memory Corruption Vulnerability",2010-09-23,Abysssec,windows,dos,0
|
||||
34699,platforms/php/webapps/34699.txt,"OpenText LiveLink 9.7.1 - Multiple Cross-Site Scripting Vulnerabilities",2010-09-23,"Alejandro Ramos",php,webapps,0
|
||||
34700,platforms/php/webapps/34700.txt,"WebShop Hun 1.062s 'index.php' Local File Include and Cross-Site Scripting Vulnerabilities",2009-07-24,u.f.,php,webapps,0
|
||||
|
@ -35492,8 +35492,8 @@ id,file,description,date,author,platform,type,port
|
|||
39255,platforms/php/webapps/39255.html,"WEBMIS CMS Arbitrary File Upload Vulnerability",2014-07-14,"Jagriti Sahu",php,webapps,0
|
||||
39256,platforms/php/webapps/39256.txt,"Tera Charts (tera-charts) Plugin for WordPress charts/treemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0
|
||||
39257,platforms/php/webapps/39257.txt,"Tera Charts (tera-charts) Plugin for WordPress charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure",2014-05-28,"Anant Shrivastava",php,webapps,0
|
||||
39258,platforms/multiple/remote/39258.txt,"Alfresco /proxy endpoint Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0
|
||||
39259,platforms/multiple/remote/39259.txt,"Alfresco /cmisbrowser url Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0
|
||||
39258,platforms/multiple/remote/39258.txt,"Alfresco - /proxy endpoint Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0
|
||||
39259,platforms/multiple/remote/39259.txt,"Alfresco - /cmisbrowser url Parameter Server Side Request Forgery (SSRF)",2014-07-16,"V. Paulikas",multiple,remote,0
|
||||
39260,platforms/windows/local/39260.txt,"WEG SuperDrive G2 12.0.0 - Insecure File Permissions",2016-01-18,LiquidWorm,windows,local,0
|
||||
39261,platforms/php/webapps/39261.txt,"Advanced Electron Forum 1.0.9 - CSRF Vulnerabilities",2016-01-18,hyp3rlinx,php,webapps,80
|
||||
39262,platforms/php/webapps/39262.txt,"Advanced Electron Forum 1.0.9 - Persistent XSS Vulnerabilities",2016-01-18,hyp3rlinx,php,webapps,80
|
||||
|
|
Can't render this file because it is too large.
|
|
@ -1,4 +1,4 @@
|
|||
//source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html
|
||||
// source: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080031.html
|
||||
|
||||
BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload
|
||||
-------------------------------------------------------------------------------
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
//source: http://www.vsecurity.com/resources/advisory/20101019-1/
|
||||
// source: http://www.vsecurity.com/resources/advisory/20101019-1/
|
||||
|
||||
/*
|
||||
* Linux Kernel <= 2.6.36-rc8 RDS privilege escalation exploit
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
/* source: http://www.securityfocus.com/bid/8002/info
|
||||
/*
|
||||
source: http://www.securityfocus.com/bid/8002/info
|
||||
|
||||
A potential information disclosure vulnerability has been reported for the Linux /proc filesystem, specifically when invoking setuid applications. As a result, an unprivileged user may be able to read the contents of a setuid application's environment data. This could potentially, although unlikely, result in the disclosure of sensitive information, such as restricted file path information.
|
||||
*/
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
//source: http://www.securityfocus.com/bid/6580/info
|
||||
// source: http://www.securityfocus.com/bid/6580/info
|
||||
|
||||
//A format string vulnerability has been discovered in the Half-Life AdminMod plugin. The problem occurs in commands which call the selfmessage() function, which is used by other functions to write a message to the users console. The format string occurs when the System_Response() function is called by selfmessage() to log the administrative command. An 'rcon' authenticated user may be able to exploit this issue to overwrite sensitive locations in memory.
|
||||
// A format string vulnerability has been discovered in the Half-Life AdminMod plugin. The problem occurs in commands which call the selfmessage() function, which is used by other functions to write a message to the users console. The format string occurs when the System_Response() function is called by selfmessage() to log the administrative command. An 'rcon' authenticated user may be able to exploit this issue to overwrite sensitive locations in memory.
|
||||
|
||||
// Successful exploitation of this issue would allow an attacker to execute arbitrary commands with the privileges of the Half-Life server.
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
//source: http://www.securityfocus.com/bid/8300/info
|
||||
// source: http://www.securityfocus.com/bid/8300/info
|
||||
|
||||
//Half-Life servers are prone to a buffer overflow that may be exploited by a malicious remote client. The vulnerability occurs because the software fails to sufficiently bounds-//check client-supplied data during requests to join multiplayer games. This could allow attackers to execute code in the context of the vulnerable server.
|
||||
// Half-Life servers are prone to a buffer overflow that may be exploited by a malicious remote client. The vulnerability occurs because the software fails to sufficiently bounds-//check client-supplied data during requests to join multiplayer games. This could allow attackers to execute code in the context of the vulnerable server.
|
||||
|
||||
//This vulnerability affects the server bundled with Half-Life and the free Dedicated Server for both Windows and Linux operating systems.
|
||||
// This vulnerability affects the server bundled with Half-Life and the free Dedicated Server for both Windows and Linux operating systems.
|
||||
|
||||
//
|
||||
// PRIV8 SECURITY & UHAGr CONFIDENTIAL SOURCE - DO NOT DISTRIBUTE !!!
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
//source: http://www.securityfocus.com/bid/6577/info
|
||||
// source: http://www.securityfocus.com/bid/6577/info
|
||||
|
||||
// A format string vulnerability has been discovered in the Half-Life ClanMod plugin. The problem occurs in the 'cm_log' command which is designed to write a message to the server log file. An 'rcon' authenticated user may be able to exploit this issue to overwrite sensitive locations in memory.
|
||||
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
source: http://www.securityfocus.com/bid/68http://www.example.com/alfresco/proxy?endpoint=http://internal_system:port 663/info
|
||||
source: http://www.securityfocus.com/bid/68
|
||||
|
||||
http://www.example.com/alfresco/proxy?endpoint=http://internal_system:port 663/info
|
||||
|
||||
Alfresco Community Edition is prone to multiple security vulnerabilities.
|
||||
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
source: http://www.securityfocus.com/bid/68http://www.example.com/alfresco/proxy?endpoint=http://internal_system:port 663/info
|
||||
source: http://www.securityfocus.com/bid/68
|
||||
|
||||
http://www.example.com/alfresco/proxy?endpoint=http://internal_system:port 663/info
|
||||
|
||||
Alfresco Community Edition is prone to multiple security vulnerabilities.
|
||||
|
||||
|
|
|
@ -1,8 +1,10 @@
|
|||
source: http://www.securityfocus.com/bid/43417/info
|
||||
/*
|
||||
source: http://www.securityfocus.com/bid/43417/info
|
||||
|
||||
Sothink SWF Decompiler is prone to a vulnerability that lets attackers execute arbitrary code.
|
||||
|
||||
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
|
||||
*/
|
||||
|
||||
/*
|
||||
#Sothink SWF Decompiler DLL Hijacking Exploit (dwmapi.dll)
|
||||
|
|
Loading…
Add table
Reference in a new issue