SIGMA Lite & Lite + Security Vulnerabilities
ST AdManager Lite v1 Homepage: http://www.site-trade.com/index.php Effected files: index.php submit.php input form XSS Vulnerabilities: submit.php input forms do not correctly sanatize user input before submitting it to be checked by an admin and then published. This in turn to allow a user to...
AI Score
The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before.....
7.6AI Score
0.104EPSS
The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before.....
8.7AI Score
0.104EPSS
The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before.....
7.6AI Score
0.104EPSS
The iax_net_read function in the iaxclient open source library, as used in multiple products including (a) LoudHush 1.3.6, (b) IDE FISK 1.35 and earlier, (c) Kiax 0.8.5 and earlier, (d) DIAX, (e) Ziaxphone, (f) IAX Phone, (g) X-lite, (h) MediaX, (i) Extreme Networks ePhone, and (j) iaxComm before.....
7.6AI Score
0.104EPSS
IAXclient truncated frames vulnerabilities
Date Published: 2006-06-09 Last Update: 2006-06-09 Advisory ID: CORE-2006-0327 Bugtraq ID: 18307 CVE Name: CVE-2006-2923 Title: IAXclient truncated frames vulnerabilities Class: Input Validation Error Remotely Exploitable: Yes Locally Exploitable: Yes Vendors contacted: 2006-06-05: Initial...
0.4AI Score
0.104EPSS
PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant...
7.3AI Score
0.168EPSS
** DISPUTED ** PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant...
7.6AI Score
0.168EPSS
PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant...
7.3AI Score
0.168EPSS
PHP remote file inclusion vulnerability in include/common.php in CyBoards PHP Lite 1.25 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter. NOTE: CVE disputes this issue, since $script_path is set to a constant...
7.3AI Score
0.168EPSS
CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion
CyBoards PHP Lite v1.25 (common.PHP) Remote File Inclusion Credit : SpC-x | The-BeKiR Site : http://wWw.SaVSaK.CoM Greetz : | Nukedx | Ejder | Str0ke | joffer | Poizonb0x | Remote File Inclusion : http://www.target.com/path/include/common.php?script_path=CmdShell Common.PHP :...
0.5AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
CyBoards PHP Lite 1.211.25 - Common.php Remote File Inclusion
CyBoards PHP Lite 1.211.25 - Common.php Remote File...
0.4AI Score
7.4AI Score
EPSS
PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2.6 and earlier, when register_globals and magic_quotes are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) index.php and (2)...
7.5AI Score
0.037EPSS
PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2.6 and earlier, when register_globals and magic_quotes are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) index.php and (2)...
7.6AI Score
0.037EPSS
PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2.6 and earlier, when register_globals and magic_quotes are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) index.php and (2)...
8.1AI Score
0.037EPSS
PHP remote file inclusion vulnerability in SocketMail Lite and Pro 2.2.6 and earlier, when register_globals and magic_quotes are enabled, allows remote attackers to execute arbitrary PHP code via a URL in the site_path parameter to (1) index.php and (2)...
7.5AI Score
0.037EPSS
[MajorSecurity #6]Socketmail <= 2.2.6 - Remote File Include Vulnerability
[MajorSecurity]Socketmail <= 2.2.6 - Remote File Include Vulnerability Software: Socketmail Version: <=2.2.6 Type: Remote File Include Vulnerability Date: May, 25th 2006 Vendor: Creative Digital Resources Page: http://socketmail.com Risc: High Credits: 'Aesthetico' http://www.majorsecurity.de...
1.5AI Score
Socketmail 2.2.6 - site_path Remote File Inclusion
Socketmail 2.2.6 - site_path Remote File...
-0.2AI Score
Socketmail <= 2.2.6 (site_path) Remote File Include Vulnerability
No description provided by...
7.1AI Score
Socketmail <= 2.2.6 (site_path) Remote File Include Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
QuickTime for Windows Detection
QuickTime is installed on the remote host. QuickTime is a popular media player / plug-in that handles various types of music and video...
-0.3AI Score
Secunia reports : Multiple vulnerabilities have been reported in Ethereal, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerabilities are caused due to various types of errors including boundary errors, an off-by-one error,.....
0.8AI Score
0.045EPSS
PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: This is a different vulnerability than...
8.3AI Score
0.102EPSS
PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: This is a different vulnerability than...
8AI Score
0.102EPSS
PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: This is a different vulnerability than...
7.8AI Score
0.102EPSS
PHP remote file inclusion vulnerability in show.php in Fast Click SQL Lite 1.1.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: This is a different vulnerability than...
7.8AI Score
0.102EPSS
-0.5AI Score
Fast Click SQL Lite <= 1.1.3 Remote File Inclusion
Fast Click SQL Lite <= 1.1.3 Remote File Inclusion Aria-security.com advisory Bug Discovered by R@1D3N (amin emami) email:[email protected] and [email protected] Date:02/05/2006 original advisory:http://www.aria-security.net/advisory/fc/fastclicksqllite.txt Affected software...
0.5AI Score
Fast Click SQL Lite 1.1.21.1.3 - show.php Remote File Inclusion
Fast Click SQL Lite 1.1.21.1.3 - show.php Remote File...
0.1AI Score
7.4AI Score
EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4)...
6AI Score
0.024EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4)...
6AI Score
0.024EPSS
Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner parameter in agent_links.pl; the offset parameter in (2) agent_links.pl, (3) agent_transactions.pl,...
9.3AI Score
0.014EPSS
Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner parameter in agent_links.pl; the offset parameter in (2) agent_links.pl, (3) agent_transactions.pl,...
8.6AI Score
0.014EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4)...
6.3AI Score
0.024EPSS
Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner parameter in agent_links.pl; the offset parameter in (2) agent_links.pl, (3) agent_transactions.pl,...
8.6AI Score
0.014EPSS
Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner parameter in agent_links.pl; the offset parameter in (2) agent_links.pl, (3) agent_transactions.pl,...
8.6AI Score
0.014EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4)...
6AI Score
0.024EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
7.7AI Score
0.013EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
8.1AI Score
0.013EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
7.8AI Score
0.013EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
7.7AI Score
0.013EPSS
ethereal -- Multiple Protocol Dissector Vulnerabilities
Secunia reports: Multiple vulnerabilities have been reported in Ethereal, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerabilities are caused due to various types of errors including boundary...
6.9AI Score
0.045EPSS
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow
IHS Iran Homeland Security Public advisory by : c0d3r "Kaveh Razavi" [email protected] Title : Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow information : Quick 'n Easy FTP Server is a simple and handy FTP server which is developed by Pablo van der Meer . there is a...
AI Score
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
7.7AI Score
0.15EPSS
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
8AI Score
0.15EPSS
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
7.7AI Score
0.15EPSS