Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability
No description provided by...
7.1AI Score
Mambo Component nfnaddressbook 0.4 - Remote File Inclusion
Mambo Component nfnaddressbook 0.4 - Remote File...
AI Score
7.4AI Score
EPSS
Mambo Component nfnaddressbook 0.4 Remote File Inclusion Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
FiSH是很多流行的irc客户端所使用的用于实现加密的插件。 FiSH的xchat插件实现上存在多个缓冲区溢出漏洞,远程攻击者可能利用这些漏洞控制用户机器。 FiSH的xchat插件代码在处理入站数据时会注册4个函数: xchat_hook_server(ph, "PRIVMSG", XCHAT_PRI_NORM, decrypt_incoming, 0); xchat_hook_server(ph, "NOTICE", XCHAT_PRI_NORM, notice_received, 0); xchat_hook_server(ph, "TOPIC", XCHAT_PRI_NORM,...
7.1AI Score
Unfixed XSS vulnerability at www.reasonforhope.com
Security researcher By Encore, has submitted on 03/09/2007 a cross-site-scripting (XSS) vulnerability affecting www.reasonforhope.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/09/2007. It is...
AI Score
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code, a different...
5.8AI Score
0.297EPSS
[SECURITY] Fedora Core 6 Update: gnucash-2.0.5-1.fc6
GnuCash is a personal finance manager. A check-book like register GUI allows you to enter and track bank accounts, stocks, income and even currency trades. The interface is designed to be simple and easy to use, but is backed with double-entry accounting principles to ensure balanced...
4.5AI Score
0.0004EPSS
DjVu Browser Plug-in < 6.1.1 Multiple Buffer Overflows
The DjVu Browser Plug-in is installed on the remote Windows host. This plugin provides the primary means of viewing DjVu documents, which are used for publishing scanned books, catalogs, historical documents, research papers, manuals, etc. The version of the DjVu Browser Plug-in installed on the...
7.5AI Score
0.262EPSS
Microsoft Step-by-Step Interactive Training contains a buffer overflow
Overview Microsoft Step-by-Step Interactive Training contains a buffer overflow vulnerability. If successfully exploited, this vulnerability may allow an attacker to execute arbitrary code. Description Microsoft Step-by-Step Interactive Training is a training program developed by MIcrosoft. It is.....
0.4AI Score
0.915EPSS
Wireshark是一款功能强大的协议分析程序。 Wireshark存在多个安全问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 CVE-2007-0459:TCP解析器在重组HTTP包时存在问题可导致应用程序挂起或者崩溃。 CVE-2007-0458:HTTP解析器存在安全问题可导致应用程序崩溃。 CVE-2007-0457:在部分系统上IEEE 802.11解析器存在安全问题可导致应用程序崩溃。 CVE-2007-0456:在部分系统上LLT解析器存在安全问题可导致应用程序崩溃。 Wireshark Wireshark 0.99.4 Wireshark Wireshark...
AI Score
0.03EPSS
PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_path...
7.5AI Score
0.037EPSS
PHP remote file inclusion vulnerability in includes/includes.php in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the site_path...
8AI Score
0.037EPSS
Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability iDefense Security Advisory 01.26.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 26, 2007 I. BACKGROUND CHMlib is an open source library used to read Microsoft CHM, compressed HTML, files. CHM files were...
0.3AI Score
xine-ui format string vulnerability
Format string vulnerability in errors_create_window() on media files...
4.1AI Score
0.024EPSS
Any password is accepted if password hash contains some set of...
3.5AI Score
0.001EPSS
VLC Media Player buffer overflow
Buffer overflow on oversized udp:// URI during M3U file...
5.3AI Score
0.951EPSS
[SECURITY] Fedora Core 6 Update: squirrelmail-1.4.8-3.fc6
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to...
0.2AI Score
0.024EPSS
[SECURITY] Fedora Core 5 Update: squirrelmail-1.4.8-3.fc5
SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to...
0.2AI Score
0.281EPSS
Vulnerability classification and to further explore-exploit warning-the black bar safety net
Vulnerability is a forever fairy tale. To achieve esque hero dream, to achieve to break the technological monopoly of the freedom blueprint, discover the vulnerability of the people, exploit the people, patching holes in people, like the vulnerability of people, afraid of the vulnerability of...
-0.5AI Score
Network Working Group B. Fraser Request for Comments: 2196 Editor FYI: 8 SEI/CMU Obsoletes: 1244 September 1997 Category:...
-0.3AI Score
3APA3A : Hacking into HTML chats for one more time
More about HTML chat hacks one. PART ONE, or we show our own. The interface of almost any chat is based on dynamically generated HTML forms interconnected via javascript. In almost all chats, the username and password (or some identifier that is generated when the user logs in) is stored inside...
AI Score
3APA3A : Frontend applications security
May 30, 2002| Client software security. 1. Introduction. Usually, when talking about attacks via the Internet and related risks, they mean the security of the mail server, the Web Server and other corporate Internet services. To ensure corporate security Internet services are usually placed in a...
0.2AI Score
For domestic and foreign a lot of news, BBS and e-Commerce site using ASP+SQL design, and write an ASP programmer many many have just graduated, so, ASP+SQL attack success rate is relatively high. This type of attack method with the NT version and SQL version is not much relationship, there is no.....
0.3AI Score
Debian DSA-1226-1 : links - insufficient escaping
Teemu Salmela discovered that the links character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell...
0.5AI Score
0.843EPSS
Microsoft Security Bulletin MS06-076 Cumulative Security Update for Outlook Express (923694)
Microsoft Security Bulletin MS06-076 Cumulative Security Update for Outlook Express (923694) Published: December 12, 2006 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Outlook Express Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...
1.5AI Score
0.745EPSS
[SECURITY] [DSA 1228-1] New elinks packages fix arbitrary shell command execution
Debian Security Advisory DSA 1228-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 5th, 2006 http://www.debian.org/security/faq Package : elinks Vulnerability : insufficient escaping...
6.2AI Score
0.843EPSS
Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is...
5.8AI Score
0.0004EPSS
Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is...
6.1AI Score
0.0004EPSS
Palm Desktop 4.1.4 and earlier stores user data with weak permissions under the application directory, which allows local users to obtain sensitive information (address books, calendar files, and todo lists of other users) via unspecified vectors. NOTE: The provenance of this information is...
5.8AI Score
0.0004EPSS
[SECURITY] [DSA 1226-1] New links packages fix arbitrary shell command execution
Debian Security Advisory DSA 1226-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 3rd, 2006 http://www.debian.org/security/faq Package : links Vulnerability : insufficient escaping...
6.2AI Score
0.843EPSS
Teemu Salmela discovered that the links character mode web browser performs insufficient sanitising of smb:// URIs, which might lead to the execution of arbitrary shell commands. For the stable distribution (sarge) this problem has been fixed in version 0.99+1.00pre12-1sarge1. For the upcoming...
2.9AI Score
Buffer overflow in the asmrp_eval function in the RealMedia RTSP stream handler (asmrp.c) for Real Media input plugin, as used in (1) xine/xine-lib, (2) MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a...
6.7AI Score
0.091EPSS
Dovecot IMAP/POP3 server: Off-by-one buffer overflow
Version: 1.0test53 .. 1.0.rc14 (ie. all 1.0alpha, 1.0beta and 1.0rc versions in the middle). 0.99.x versions are safe (they don't even have mmap_disable setting). Problem: When mmap_disable=yes setting is used (not default), dovecot.index.cache file is read to memory using "file cache" code. It...
-0.2AI Score
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET...
7.7AI Score
0.843EPSS
-0.3AI Score
EFS Easy Address Book Web Server <= 1.2 Remote File Stream Exploit
No description provided by...
7.1AI Score
2.6AI Score
PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR...
8AI Score
0.058EPSS
PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR...
7.6AI Score
0.058EPSS
EFS Easy Address Book Web Server <= 1.2 Remote File Stream Exploit
Exploit for unknown platform in category remote...
7.1AI Score
7.4AI Score
EPSS
EFS Easy Address Book Web Server 1.2 - Remote File Stream
EFS Easy Address Book Web Server 1.2 - Remote File...
AI Score
PHP remote file inclusion vulnerability in common.php in Simple Website Software (SWS) 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SWSDIR...
7.6AI Score
0.058EPSS
-0.1AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
Simple Website Software v0.99 (common.php) Remote File Include
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Script: Simple Website Software v0.99 (common.php) Remote File Include =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Found: Cyber-Security...
0.3AI Score
Simple Website Software 0.99 (common.php) File Include Vulnerability
No description provided by...
7.1AI Score
Simple Website Software 0.99 - common.php File Inclusion
Simple Website Software 0.99 - common.php File...
AI Score
Simple Website Software 0.99 (common.php) File Include Vulnerability
Exploit for unknown platform in category web...
7.1AI Score