Exploitdb Exploits

CVE-2011-0886 EXPLOITDB text VERIFIED

SMC Networks Smcd3g-ccr < 1.4.0.49 - CSRF

Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 allow remote attackers to (1) hijack the intranet connectivity of arbitrary users for requests that perform a login via goform/login, or hijack the authentication of administrators for requests that (2) enable external logins via an mso_remote_enable action to goform/RemoteRange or (3) change DNS settings via a manual_dns_enable action to goform/Basic.

by Trustwave's SpiderLabs

View

CVE-2011-0885 EXPLOITDB text VERIFIED

SMC Networks Smcd3g-ccr < 1.4.0.49 - Credentials Management

A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware before 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote attackers to obtain administrative access via the (1) web interface or (2) TELNET interface.

by Trustwave's SpiderLabs

View

EIP-2026-106430 EXPLOITDB text VERIFIED

Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection

by AtT4CKxT3rR0r1ST

View

CVE-2011-0887 EXPLOITDB text VERIFIED

SMC Networks Smcd3g-ccr - Cryptographic Issue

The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie.

by Trustwave's SpiderLabs

View

EIP-2026-111609 EXPLOITDB text VERIFIED

Qcodo Development Framework 0.3.3 - Full Information Disclosure

by Daniel Godoy

View

EIP-2026-106908 EXPLOITDB text VERIFIED

Escort und Begleitservice Agentur Script - SQL Injection

by NoNameMT

View

EIP-2026-105805 EXPLOITDB text

Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure

by beford

View

EIP-2026-111738 EXPLOITDB text VERIFIED

reos 2.0.5 - Multiple Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-111382 EXPLOITDB text VERIFIED

Podcast Generator 1.3 - Multiple Vulnerabilities

by High-Tech Bridge SA

View

EIP-2026-110355 EXPLOITDB text

osCommerce - Authentication Bypass

by Nicolas Krassas

View

CVE-2011-0049 EXPLOITDB text VERIFIED

Majordomo <20110131 - Path Traversal

Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.

by Michael Brooks

View

EIP-2026-110022 EXPLOITDB text

OemPro 3.6.4 - Multiple Vulnerabilities

by Ignacio Garrido

View

EIP-2026-110014 EXPLOITDB text VERIFIED

Octeth Oempro 3.6.4 - SQL Injection / Information Disclosure

by Ignacio Garrido

View

EIP-2026-107968 EXPLOITDB text

Islam Sound IV2 - 'details.php' SQL Injection

by ZxH-Labs

View

EIP-2026-107106 EXPLOITDB text VERIFIED

Firebook - 'index.html' Cross-Site Scripting

by MustLive

View

CVE-2011-0063 EXPLOITDB text VERIFIED

Majordomo <20110203 - Path Traversal

The _list_file_get function in lib/Majordomo.pm in Majordomo 2 20110203 and earlier allows remote attackers to conduct directory traversal attacks and read arbitrary files via a ./.../ sequence in the "extra" parameter to the help command, which causes the regular expression to produce .. (dot dot) sequences. NOTE: this vulnerability is due to an incomplete fix for CVE-2011-0049.

by Michael Brooks

View

CVE-2011-0522 EXPLOITDB text

Videolan Vlc Media Player - Memory Corruption

The StripTags function in (1) the USF decoder (modules/codec/subtitles/subsdec.c) and (2) the Text decoder (modules/codec/subtitles/subsusf.c) in VideoLAN VLC Media Player 1.1 before 1.1.6-rc allows remote attackers to execute arbitrary code via a subtitle with an opening "<" without a closing ">" in an MKV file, which triggers heap memory corruption, as demonstrated using refined-australia-blu720p-sample.mkv.

by Harry Sintonen

View

CVE-2011-0538 EXPLOITDB text VERIFIED

Wireshark - Memory Corruption

Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.

by Huzaifa Sidhpurwala

View

CVE-2011-0535 EXPLOITDB text VERIFIED

Zikula Application Framework < 1.2.4 - CSRF

Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php.

by Aung Khant

View

EIP-2026-112567 EXPLOITDB text VERIFIED

TCExam 11.1.16 - 'user_password' Cross-Site Scripting

by AutoSec Tools

View

CVE-2011-5313 EXPLOITDB text VERIFIED

Redaxscript - SQL Injection

Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) password parameter to the password_reset program.

by High-Tech Bridge SA

View

EIP-2026-111669 EXPLOITDB text VERIFIED

Raja Natarajan Guestbook 1.0 - Local File Inclusion

by h0rd

View

EIP-2026-105457 EXPLOITDB text VERIFIED

Betsy 4.0 - 'page' Local File Inclusion

by MizoZ

View

CVE-2011-0354 EXPLOITDB text VERIFIED

Cisco Tandberg Endpoint < tc3.1.3 - Credentials Management

The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method.

by Cisco Security

View

EIP-2026-114109 EXPLOITDB text VERIFIED

WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting

by AutoSec Tools

View