Multiple SQL injection vulnerabilities in PHP Lite Calendar Express 2.2 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) login.php, (2) auth.php, and (3) subscribe.php. NOTE: the month.php, year.php, week.php, and day.php vectors are already covered by...
8AI Score
0.002EPSS
The Forward module is a module that allows site administrators to add links to postings that let users email the current page to a third party. By manipulating URL arguments, authenticated and anonymous users are able to access posts that should have been restricted by a node access module such as....
6.7AI Score
Print is a module that allows site administrators to produce a "print friendly" version of a posting. By manipulating URL arguments, authenticated and anonymous users are able to access posts that should have been restricted by a node access module such as Organic Groups, Taxonomy Access Control,.....
6.8AI Score
wireshark -- Multiple problems
wireshark Team reports: It may be possible to make Wireshark or Ethereal crash or use up available memory by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace ...
6.3AI Score
0.028EPSS
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload...
7.2AI Score
0.017EPSS
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload...
6.7AI Score
0.017EPSS
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload...
6.7AI Score
0.017EPSS
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the name parameter in a modload...
6.7AI Score
0.017EPSS
mutt -- buffer overflow vulnerability
Securityfocus reports: Mutt is prone to a local buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before using it in a memory copy operation. An attacker can exploit this issue to execute arbitrary code with the with the...
6.6AI Score
0.0004EPSS
JVN#81294906 Homepage Builder sample CGI programs vulnerable to OS command injection
Among sample CGI programs included in Homepage Builder, anketo.cgi, kansou.cgi, and order.cgi contain an OS command injection vulnerability as they do not properly validate input data. ## Impact An arbitrary command could be executed on the web server with the privilege of the web server...
7.4AI Score
-0.3AI Score
EclipseBB Remote File Inclusion
Hello,, EclipseBB Remote File Inclusion .. With exploit :) Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested Successfully on 0.5.0 "Lite" and other version should be infected :) /* Script Informations MOD Title:...
0.9AI Score
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite 1.0.6 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) support.html.php or (2) info.html.php. NOTE: the...
7.5AI Score
0.011EPSS
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite 1.0.6 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) support.html.php or (2) info.html.php. NOTE: the...
8AI Score
0.011EPSS
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite 1.0.6 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) support.html.php or (2) info.html.php. NOTE: the...
7.5AI Score
0.011EPSS
Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite 1.0.6 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) support.html.php or (2) info.html.php. NOTE: the...
7.5AI Score
0.011EPSS
CyBoards PHP Lite Default_Header.PHP远程文件包含漏洞
CyBoards PHP Lite是一款基于PHP的WEB应用程序。 CyBoards PHP Lite不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Default_Header.PHP'脚本对用户提交的WEB参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Cyboards PHP Lite 1.21 目前没有解决方案提供:...
7.1AI Score
PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site...
7.5AI Score
0.112EPSS
PHP remote file inclusion vulnerability in index.php in SimpCMS Light 04.10.2007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the site...
7.9AI Score
0.112EPSS
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote attackers to execute arbitrary PHP code via a URL in the inc...
8AI Score
0.006EPSS
PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than...
7.3AI Score
0.168EPSS
PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than...
7.3AI Score
0.168EPSS
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote attackers to execute arbitrary PHP code via a URL in the inc...
7.5AI Score
0.006EPSS
PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than...
7.7AI Score
0.168EPSS
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote attackers to execute arbitrary PHP code via a URL in the inc...
7.5AI Score
0.006EPSS
PHP remote file inclusion vulnerability in include/default_header.php in Cyboards PHP Lite 1.21 allows remote attackers to execute arbitrary PHP code via a URL in the script_path parameter, a different vector than...
7.3AI Score
0.168EPSS
PHP remote file inclusion vulnerability in index.php in lite-cms 0.2.1 allows remote attackers to execute arbitrary PHP code via a URL in the inc...
7.5AI Score
0.006EPSS
[MajorSecurity Advisory #38]eXV2 CMS - Session fixation and Cross-Site-Scripting Issues
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """...
1AI Score
-0.3AI Score
lite-cms-0.2.1 Remote File Include Vulnerabilities
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """...
0.5AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.197EPSS
-0.3AI Score
7.4AI Score
EPSS
CyBoards PHP Lite 1.21 - script_path Remote File Inclusion
CyBoards PHP Lite 1.21 - script_path Remote File...
AI Score
CyBoards PHP Lite 1.21 (script_path) Remote File Include Exploit
Exploit for unknown platform in category web...
7.1AI Score
7.1AI Score
Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion
+-------------------------------------------------------------------- + + Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: NUke Satel lite + Class .............: LoCal File Inclusion +....
0.1AI Score
-0.3AI Score
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE...
6.9AI Score
0.553EPSS
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE...
7.6AI Score
0.553EPSS
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.186EPSS
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6)...
6.1AI Score
0.005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6)...
5.8AI Score
0.005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6)...
5.8AI Score
0.005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e allow remote attackers to inject arbitrary web script or HTML via the (1) r_username, (2) r_email, (3) r_password, (4) r_confirmpassword, (5) r_homepage, (6)...
5.8AI Score
0.005EPSS
0.1AI Score
0.0005EPSS
Buffer Overflow in Linux Drivers for Omnikey CardMan 4040 (CVE-2007-0005)
COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: Linux Driver for Omnikey CardMan 4040 Vendor: Omnikey GmbH / Harald Welte Subject: Buffer Overflow Risk: Medium Effect: Locally exploitable Author: Daniel Roethlisberger...
0.8AI Score
0.0005EPSS
Music website of hotlinking combat it! - Vulnerability warning-the black bar safety net
Today quite tired. Since the website is not going to sleep. Pack night! Do what? Didn't the spirit. Listen to the song. Interesting, ha ha--DJ! The last Cola to recommend a site, feel good. Here, for materials of narrative convenience I'll assume that one site: http://www.china**. com OK! Let's...
-0.4AI Score
Unspecified vulnerability in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a TOP command to the POP3...
6.7AI Score
0.018EPSS
The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject...
6.6AI Score
0.018EPSS