2.2AI Score
Multiple vulnerabilities in SNMPv1 request handling
Overview Multiple vendor SNMPv1 GetRequest, GetNextRequest__, and SetRequest message handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior. If your site uses SNMP in any capacity, the CERT/CC encourages...
AI Score
0.949EPSS
Multiple vulnerabilities in SNMPv1 trap handling
Overview Multiple vendor SNMPv1 _Trap _handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below....
0.1AI Score
0.949EPSS
Laberatoire Contempt Date : 12/06/2001 Author : Joost Pol alias 'Nohican' ([email protected]) Impact : Minor in most cases. Subject : PHP safe_mode troubles. PHP Version 4.0.5 breaks safe-mode. 1.0 - Description of the problem An extra 5th parameter was added to the mail() command...
-0.3AI Score
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET...
6.7AI Score
0.05EPSS
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET...
7.1AI Score
0.05EPSS
vBulletin allows arbitrary code execution
OVERVIEW vBulletin (http://www.vbulletin.com) is a commonly used web forum system written in PHP. One of its key features is use of templates, which allow the board administrator to dynamically modify the look of the board. vBulletin templates are parsed with the eval() function. This could be...
0.5AI Score
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET...
6.7AI Score
0.05EPSS
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a...
7.4AI Score
0.005EPSS
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a...
7AI Score
0.005EPSS
Vulnerability in Soft Lite ServerWorx
----- Begin Hush Signed Message from [email protected] ----- Vulnerability in Soft Lite ServerWorx Overview Soft Lite ServerWorx v3.00 is a web server available from http://www.zdnet.com and http://www.softlite.net. A vulnerability exists which allows a remote user to break out of the web...
0.4AI Score
0.4AI Score
7.4AI Score
EPSS
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a...
7AI Score
0.005EPSS
0.3AI Score
Security Advisory: Subscribe Me Lite 1.0 - 2.0 Unix or 1.0 - 2.0 NT and below.
note : This is not apparent in the commercial versions, (tested on three different versions ) the author was notified and appropriate changes have since been made. product page - http://www.cgiscriptcenter.com/subscribe/index2.html vendor notice - Security Advisory: Users of Subscribe Me Lite 1.0.....
AI Score
Дырки в почтовых программах под Windows
Дырки во многих программаз работающих через коммандную строку используемых на...
1.2AI Score
XATO Advisory: Win32 Command-Line Mailers
Xato Network Security, Inc. www.xato.net Security Advisory XATO-122000-01 December 12, 2000 - MULTIPLE VENDOR COMMAND-LINE MAILER HOLES - SMTP Command-Line Mailers on Win32 Web Servers Systems...
-0.7AI Score
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd...
6.9AI Score
0.024EPSS
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd...
7.3AI Score
0.036EPSS
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd...
6.9AI Score
0.036EPSS
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd...
7.3AI Score
0.024EPSS
-0.1AI Score
0.037EPSS
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd...
6.9AI Score
0.036EPSS
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd...
6.9AI Score
0.024EPSS
7.4AI Score
EPSS
CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution
CGI Script Center Auction Weaver 1.0.2 - Remote Command...
1.2AI Score
Hi, I don't know if this has been reported before. Auction Weaver allow you to read files from server. Remote users can view source of files on server. http://www.cgiscriptcenter.com/cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=c at17&fromfile=967251278%2Edat...
2.4AI Score
Product: Subscribe Me Versions: ALL version numbers LITE only OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: Yet again the script allows a remote user to overwrite the Admin Passwd file with any password they see fit. Therefore giving them Admin access to the...
0.4AI Score
Account Manager CGI Vulnerability
Product: Account Manager Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: The Script allows any remote user access to the Administration Control Panel through overwriting the Admin Password...
1.1AI Score
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (1)
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration...
0.5AI Score
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration (2)
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration...
0.8AI Score
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration (1)
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration...
0.9AI Score
CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (2)
...
7.4AI Score
EPSS
CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (1)
...
7.4AI Score
EPSS
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (2)
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration...
0.5AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
QuickCommerce 2.53.0 Cart32 2.5 a3.0 Shop Express 1.0 StoreCreator 3.0 Web Shopping Cart - Hidden Form...
0.1AI Score
7.4AI Score
EPSS
AI Score
7.4AI Score
EPSS
FreeBSD 3.03.13.2 - vfs_cache Denial of Service
FreeBSD 3.03.13.2 - vfs_cache Denial of...
-0.2AI Score
Webcart Default Install Configuration Disclosure
At least one of these file or directories is world readable : /webcart/orders/ /webcart/orders/import.txt /webcart/carts/ /webcart/config/ /webcart/config/clients.txt /webcart-lite/orders/import.txt /webcart-lite/config/clients.txt This misconfiguration may allow an attacker to gather the...
-0.3AI Score
0.002EPSS
Hughes Technologies Mini SQL (mSQL) 2.02.0.10 - Information Disclosure
Hughes Technologies Mini SQL (mSQL) 2.02.0.10 - Information...
-0.1AI Score
7.4AI Score
EPSS
-0.1AI Score
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-96:16 Security Advisory Revised: Fri Jul 12 09:32:53 PDT 1996 FreeBSD, Inc. Topic: security vulnerability in rdist Category: core Module: rdist Announced: 1996-07-12 Affects:....
-0.4AI Score
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-96:10 Security Advisory Revised: Wed May 22 00:20:23 PDT 1996 FreeBSD, Inc. Topic: system stability compromise via mount_union program Category: core Module: unionfs...
-0.2AI Score
In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka...
6.8AI Score
EPSS