SIGMA Lite & Lite + Security Vulnerabilities
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path...
7.5AI Score
0.285EPSS
FreeBSD : vim -- Vim Shell Command Injection Vulnerabilities (30866e6c-3c6d-11dd-98c9-00163e000016)
Rdancer.org reports : Improper quoting in some parts of Vim written in the Vim Script can lead to arbitrary code execution upon opening a crafted...
0.4AI Score
0.011EPSS
vim -- Vim Shell Command Injection Vulnerabilities
Rdancer.org reports: Improper quoting in some parts of Vim written in the Vim Script can lead to arbitrary code execution upon opening a crafted ...
6AI Score
0.011EPSS
Mambo <= 4.6.4 (Output.php) Remote File Inclusion Vulnerability
No description provided by...
7.1AI Score
7.1AI Score
7.4AI Score
EPSS
Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit)
Mambo 4.6.4 - Cache Lite Output Remote File Inclusion...
AI Score
BackWeb LiteInstActivator.dll ActiveX控件栈溢出漏洞
BUGTRAQ ID: 29558 CVE(CAN) ID: CVE-2008-0956 BackWeb Lite Install Runner(LiteInstActivator.dll)是用于在Windows系统上安装软件的ActiveX控件。 LiteInstActivator.dll控件捆绑于Logitech鼠标软件中的Logitech Desktop Messenger,该控件没有正确地验证某处参数的输入,如果用户受骗访问了恶意网页并传送了超长参数的话,就可能触发栈溢出,导致执行任意指令。 BackWeb BackWeb 8.1.1.86 Logitech Desktop...
6.4AI Score
0.325EPSS
Mambo <= 4.6.4 (Output.php) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
-0.2AI Score
7.4AI Score
EPSS
0.1AI Score
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via...
7.8AI Score
0.325EPSS
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via...
7.7AI Score
0.325EPSS
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via...
8.4AI Score
0.325EPSS
Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via...
7.7AI Score
0.325EPSS
BackWeb Lite Install Runner ActiveX stack buffer overflows
Overview The BackWeb Lite Install Runner ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BackWeb Lite Install Runner is an ActiveX control that is used to install software on.....
0.5AI Score
0.325EPSS
7.1AI Score
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...
5.7AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...
5.7AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...
6.2AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...
5.7AI Score
0.003EPSS
SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId...
9.1AI Score
0.001EPSS
SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId...
8.4AI Score
0.001EPSS
SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId...
8.4AI Score
0.001EPSS
SQL injection vulnerability in index.php in gameCMS Lite 1.0 allows remote attackers to execute arbitrary SQL commands via the systemId...
8.4AI Score
0.001EPSS
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
-0.3AI Score
[MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues
[MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues Details Product: Actual Analyzer Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.actualscripts.com Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Vieira-Kurz...
-0.2AI Score
-0.1AI Score
gameCMS Lite 1.0 (index.php systemId) SQL Injection Vulnerability
No description provided by...
7.1AI Score
7.4AI Score
EPSS
gameCMS Lite 1.0 (index.php systemId) SQL Injection Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
0.3AI Score
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style...
7.1AI Score
0.025EPSS
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style...
7.6AI Score
0.025EPSS
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style...
7.1AI Score
0.025EPSS
Directory traversal vulnerability in admin.php in ActualScripts ActualAnalyzer Lite 2.78 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the style...
7.1AI Score
0.025EPSS
ActualAnalyzer Lite style Parameter Traversal Local File Inclusion
The remote host is running ActualAnalyzer, a PHP-based tool for monitoring website traffic. The version of ActualAnalyzer installed on the remote host fails to sanitize user-supplied input to the 'style' parameter of the 'admin.php' script before using it to include PHP code. Regardless of PHP's...
-0.2AI Score
0.025EPSS
ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability
No description provided by...
7.1AI Score
ActualAnalyzer Lite (free) 2.78 - Local File Inclusion
ActualAnalyzer Lite (free) 2.78 - Local File...
AI Score
7.4AI Score
EPSS
-0.4AI Score
ActualAnalyzer Lite (free) 2.78 Local File Inclusion Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path...
6.6AI Score
0.016EPSS
Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path...
6.6AI Score
0.016EPSS
Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path...
7.2AI Score
0.016EPSS
Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path...
6.6AI Score
0.016EPSS
-0.3AI Score
-0.4AI Score