morning vulnerabilities and exploits

(subscribe to this query)

Cross-site scripting (XSS) vulnerability in the Morning Coffee theme prior to 3.6 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to index.php.

Adazing Morning Coffee Adazing Morning Coffee 2.7 Adazing Morning Coffee 2.8 Adazing Morning Coffee 2.9 Adazing Morning Coffee 3.0 Adazing Morning Coffee 3.1 Adazing Morning Coffee 3.2 Adazing Morning Coffee 3.4

1 EDB exploit

A vulnerability classified as problematic was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit ha...

猫宁i Morning

Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog prior to 0.5.1 allows remote malicious users to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733....

Alexander Palmo Simple Php Blog

Buffer overflow in AOL Instant Messenger (AIM) 4.7.2480, 4.8.2616, and other versions allows remote malicious users to execute arbitrary code via a long argument in a game request (AddGame).

Aol Instant Messenger 4.3 Aol Instant Messenger 4.3.2229 Aol Instant Messenger 4.4 Aol Instant Messenger 4.5 Aol Instant Messenger 4.6 Aol Instant Messenger 4.7 Aol Instant Messenger 4.7.2480 Aol Instant Messenger 4.8.2616

1 EDB exploit

H-Sphere Winbox 2.4.2 and 2.4.3 RC1 stores sensitive information such as username and password in plaintext in world-readable log files, which allows local users to gain privileges.

Positive Software H-sphere Winbox 2.4.2 Patch 4 Positive Software H-sphere Winbox 2.4.3 Rc1

1 EDB exploit

SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote malicious users to execute arbitrary SQL commands via the password.

Cool Cafe Chat Cool Cafe Chat 1.2.1

1 EDB exploit

Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.4.x allow remote malicious users to inject arbitrary web script or HTML via (1) cds.php, (2) Guestbook-EN.pl, or (3) phonebook.php.

Xampp Apache Distribution 0.1 Xampp Apache Distribution 0.2 Xampp Apache Distribution 0.3 Xampp Apache Distribution 1.4.1 Xampp Apache Distribution 1.4.2 Xampp Apache Distribution 1.4.3 Xampp Apache Distribution 1.4.4 Xampp Apache Distribution 1.4.5 Xampp Apache Distribution 1.4.6 Xampp Apache Distribution 1.4.7 Xampp Apache Distribution 1.4.8 Xampp Apache Distribution 1.4.9

1 EDB exploit

XAMPP 1.4.x has multiple default or null passwords, which allows malicious users to gain privileges.

Xampp Apache Distribution 0.1 Xampp Apache Distribution 0.2 Xampp Apache Distribution 0.3 Xampp Apache Distribution 1.4.1 Xampp Apache Distribution 1.4.2 Xampp Apache Distribution 1.4.3 Xampp Apache Distribution 1.4.4 Xampp Apache Distribution 1.4.5 Xampp Apache Distribution 1.4.6 Xampp Apache Distribution 1.4.7 Xampp Apache Distribution 1.4.8 Xampp Apache Distribution 1.4.9

1 EDB exploit

Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote malicious users to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.

Microsoft Exchange Server 2003

1 EDB exploit

Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote malicious users to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

Microsoft Windows 2000 Microsoft Windows 2000 Terminal Services

9 EDB exploits

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook