Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and...
7.1AI Score
0.011EPSS
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and...
6.7AI Score
0.011EPSS
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc...
7.6AI Score
0.014EPSS
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to...
6.8AI Score
0.012EPSS
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to...
7.2AI Score
0.012EPSS
High Risk Vulnerability in L-Soft's LISTSERV Server
Peter Winter-Smith of NGSSoftware has discovered a number of vulnerabilities in L-Soft's LISTSERV list management system. The worst of these carries a high risk rating. Affected versions include: LISTSERV version 14.3, including LISTSERV Lite and HPO LISTSERV version 1.8e, including LISTSERV Lite.....
0.8AI Score
PostNuke AutoTheme Module Multiple Unspecified Vulnerabilities
According to its banner, the version of AutoTheme for PostNuke on the remote host suffers from multiple, unspecified vulnerabilities affecting the 'Blocks' module. Reportedly, some of these issues may allow a remote attacker to gain unauthorized access to the remote host. Note that the...
0.3AI Score
0.004EPSS
Woltlab Burning Board verify_email Function SQL Injection
The version of Burning Board or Burning Board Lite installed on the remote host suffers from a SQL injection vulnerability in the way it verifies email addresses when, for example, a user registers. An attacker can exploit this flaw to affect database...
AI Score
0.021EPSS
Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown...
6.8AI Score
0.004EPSS
Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive...
6.6AI Score
0.0004EPSS
Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown...
6.9AI Score
0.004EPSS
Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive...
6.6AI Score
0.0004EPSS
Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown...
6.8AI Score
0.004EPSS
Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive...
7AI Score
0.0004EPSS
Woltlab Burning Board pms.php folderid Parameter XSS
The version of Burning Board or Burning Board Lite installed on the remote host may be prone to cross-site scripting attacks due to its failure to properly sanitize input passed to the 'folderid' parameter of the 'pms.php' script. An attacker may be able to exploit this flaw to cause arbitrary...
-0.8AI Score
0.001EPSS
Woltlab Burning Board Detection
The remote host is running Burning Board or Burning Board Lite, message forum software packages that use PHP and...
7.2AI Score
Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to...
8.8AI Score
0.007EPSS
News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN...
7.5AI Score
0.021EPSS
Cross-site scripting (XSS) vulnerability in AzDGDatingLite 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) l parameter (aka language variable) to index.php or (2) id parameter to...
6AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to...
5.8AI Score
0.006EPSS
Multiple SQL injection vulnerabilities in News Manager Lite 2.5 allow remote attackers to execute arbitrary SQL code via the (1) ID parameter to more.asp, (2) ID parameter to category_news.asp, or (3) filter parameter to...
8.4AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to...
6AI Score
0.006EPSS
News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN...
7.1AI Score
0.021EPSS
ethereal -- multiple protocol dissectors vulnerabilities
An Ethreal Security Advisories reports: An aggressive testing program as well as independent discovery has turned up a multitude of security issues Please reference CVE/URL list for...
6.4AI Score
0.066EPSS
Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid...
5.9AI Score
0.004EPSS
comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the...
7.1AI Score
0.007EPSS
SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP...
8.8AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus_backofficelite_supportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error...
5.8AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus_backofficelite_supportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error...
6AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid...
6.1AI Score
0.004EPSS
comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the...
7.1AI Score
0.007EPSS
SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP...
8.4AI Score
0.002EPSS
7.4AI Score
MS Windows WINS Vulnerability and OS/SP Scanner
Exploit for unknown platform in category remote...
7.1AI Score
Microsoft Windows - WINS Vulnerability + OSSP Scanner
Microsoft Windows - WINS Vulnerability + OSSP...
-0.8AI Score
7.1AI Score
7.4AI Score
EPSS
Download Center Lite (DCL) <= 1.5 Remote File Inclusion
Exploit for unknown platform in category web...
7.1AI Score
Download Center Lite (DCL) 1.5 - Remote File Inclusion
Download Center Lite (DCL) 1.5 - Remote File...
0.7AI Score
ethereal -- multiple protocol dissectors vulnerabilities
An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: Matevz Pustisek discovered a buffer overflow in the Etheric dissector. CVE: CAN-2005-0704 The GPRS-LLC dissector could crash if the "ignore cipher bit" option was...
6.9AI Score
0.025EPSS
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the...
7.6AI Score
0.027EPSS
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the...
7.6AI Score
0.027EPSS
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the...
8AI Score
0.027EPSS
-0.5AI Score
Download Center Lite (DCL) - Arbitrary File Inclusion (VXSfx)
-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: Download Center Lite (DCL) Version: <= 1.5 (free/commercial) Homepage: http://www.stadtaus.com/ Author: Filip Groszynski (VXSfx) Date: 4 March 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == --...
1.5AI Score
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File...
-0.3AI Score
7.4AI Score
[SA14450] Woltlab Burning Board SQL Injection Vulnerability
Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l TITLE: Woltlab Burning Board SQL Injection Vulnerability SECUNIA ADVISORY ID:...
0.4AI Score
PHP, ASP, CGI web applications security vulnerabilities
PHP inclusions, SQL injections, directory traversals, crossite scripting,...
2.2AI Score
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified...
9.2AI Score
0.001EPSS