Books & Papers Security Vulnerabilities
-0.3AI Score
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang...
7.6AI Score
0.028EPSS
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang...
7.6AI Score
0.028EPSS
PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang...
8AI Score
0.028EPSS
MyGuestbook Remote File Inclusion.
=========================================================== ============================================================ Title: MyGuestbook Remote File Inclusion. Vulnerability Discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 05/07/2005 Severity: High. Remote Users Can...
0.6AI Score
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2005-001 ================================= Topic: Crypto leaks across HyperThreaded CPUs (i386, P4, HTT+SMP only) Version: NetBSD-current: affected, i386 on P4 with HTT and SMP...
0.1AI Score
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the...
7.8AI Score
0.015EPSS
Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryption (XOR), which allows remote attackers to sniff and decrypt the...
7.5CVSS
7.9AI Score
0.015EPSS
[EXPL] FRB Remote Command Execution (Exploit)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source....
0.4AI Score
[EXPL] MercuryBoard SQL Injection (User-Agent)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source....
AI Score
PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code via the incdir parameter to...
7.6AI Score
0.068EPSS
PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code via the incdir parameter to...
7.6AI Score
0.068EPSS
PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code via the incdir parameter to...
8AI Score
0.068EPSS
PowerDownload Remote File Inclusion
=========================================================== ============================================================ Title: PowerDownload Remote File Inclusion. Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 31/05/2005 Severity: High. Remote Users Can...
1.7AI Score
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check...
7.1AI Score
0.01EPSS
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check...
7.6AI Score
0.01EPSS
[Full-disclosure] Nortel VPN Router Malformed Packet DoS Vulnerability
Nortel VPN Router Malformed Packet DoS Vulnerability Summary: NTA Monitor have discovered a denial of service (DoS) vulnerability in the Nortel VPN Router products (which were previously known as Nortel Contivity) while performing a VPN security test for a customer. We believe that this is a...
-0.7AI Score
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
Exploit for unknown platform in category web...
7.1AI Score
phpStat 1.5 - setup.php Authentication Bypass (PHP) (2)
phpStat 1.5 - setup.php Authentication Bypass (PHP)...
0.2AI Score
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
No description provided by...
7.1AI Score
7.4AI Score
EPSS
SMTP Server Non-standard Port Detection
This SMTP server is running on a non-standard port. This might be a backdoor set up by attackers to send spam or even control of a targeted...
0.1AI Score
PHP Stat Administrative User Authentication Bypass
=========================================================== ============================================================ Title: PHP Stat Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 25/05/2005 Severity: Medium. PHP Stat Administrative User Authentication...
-0.3AI Score
setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check...
7.1AI Score
0.01EPSS
ACROS Security: HTML Injection in BEA WebLogic Server Console (1)
=====[BEGIN-ACROS-REPORT]===== PUBLIC ========================================================================= ACROS Security Problem Report #2005-05-24-1 ASPR #2005-05-24-1: HTML Injection in BEA WebLogic Server Console (1) Document ID: ASPR #2005-05-24-1-PUB Vendor: BEA Systems...
AI Score
ACROS Security: HTML Injection in BEA WebLogic Server Console (2)
=====[BEGIN-ACROS-REPORT]===== PUBLIC ========================================================================= ACROS Security Problem Report #2005-05-24-2 ASPR #2005-05-24-2: HTML Injection in BEA WebLogic Server Console (2) Document ID: ASPR #2005-05-24-2-PUB Vendor: BEA Systems...
AI Score
Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to...
6.6AI Score
0.008EPSS
Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to...
6.8AI Score
0.005EPSS
Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to...
6.8AI Score
0.005EPSS
Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to...
6.6AI Score
0.008EPSS
Cookie Cart stores the password file under the web document root with insufficient access control, which allows remote attackers to obtain usernames and encrypted passwords via a direct request to...
7.2AI Score
0.005EPSS
Cookie Cart allows remote attackers to read the Order Notification list via the testmycgi and path parameters to...
7AI Score
0.008EPSS
Overview Operating systems on hardware platforms supporting simultaneous multi-threading (Hyper-Threading technology in particular) are potentially vulnerable to information leakage to local users. Proof of concept papers and code demonstrating successful attacks against cryptographic keys are in.....
5.6CVSS
AI Score
0.001EPSS
[SA15448] Cookie Cart Exposure of Order Notifications and Passwords
Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ TITLE: Cookie Cart Exposure of Order Notifications and Passwords SECUNIA ADVISORY ID: SA15448 VERIFY ADVISORY:...
0.3AI Score
Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print...
6.6AI Score
0.003EPSS
easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print...
7.7AI Score
0.043EPSS
easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print...
7.7AI Score
0.043EPSS
Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestbook PRO 3.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a...
5.8AI Score
0.016EPSS
Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print...
6.6AI Score
0.003EPSS
Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print...
6.6AI Score
0.003EPSS
easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print...
7.7AI Score
0.043EPSS
Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestbook PRO 3.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a...
6AI Score
0.016EPSS
Multiple cross-site scripting (XSS) vulnerabilities in WebApp Guestbook PRO 3.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) title or (2) content of a...
5.8AI Score
0.016EPSS
Gamespy cd-key validation system: "Cd-key in use" DoS versus many games
Luigi Auriemma Application: Gamespy cd-key validation system http://www.gamespy.net Games: The amount of games that use this system is really huge, a small list (maintained by me) is available here: ...
AI Score
[Full-disclosure] Guesbook Pro XSS & HTML Injection
============================================================ ============================================================ Title: Guestbook PRO Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 10/05/2005 Severity: Medium. defacement website Affected version: ...
-0.3AI Score
[Full-disclosure] Easy Message Board Directory Traversal and Remote Command
============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...
1.8AI Score
Easy Message Board Directory Traversal and Remote Command
============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...
1.9AI Score
Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD...
7.7AI Score
0.047EPSS
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a...
7.2AI Score
0.002EPSS
Format string vulnerability in the log_do function in log.c for YepYep mtftpd 0.0.3, when the statistics option is enabled, allows remote attackers to execute arbitrary code via the CWD...
8.1AI Score
0.047EPSS