The SMTP service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (infinite loop) via a message in which neither the originator nor recipient address is...
6.6AI Score
0.018EPSS
Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service (crash) via (1) "long command lines at port 32000" and (2) certain name service queries that are not properly handled by the SMTP...
7AI Score
0.013EPSS
MDKA-2007:009 : perl-SOAP-Lite
SOAP::Lite makes use of auto-generated methods with names that clash with methods exported by UNIVERSAL::require. As a result, using the two modules simultaneously will result in an immediate program crash. The package has been patched with an upstream fix to correct the...
-0.1AI Score
Woltlab Burning Board Lite Pms.PHP SQL注入漏洞
Woltlab Burning Board Lite是一款基于PHP的WEB应用程序。 Woltlab Burning Board Lite不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Pms.PHP'脚本对用户提交的'$_POST['pmid']'参数缺少过滤,提交恶意SQL脚本代码作为参数数据,可更改原来的SQL逻辑,导致获得敏感信息。 Woltlab Burning Board Lite 1.0.2pl3e 目前没有解决方案提供:...
7.1AI Score
SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0]...
8.5AI Score
0.009EPSS
SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0]...
7.9AI Score
0.009EPSS
SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0]...
7.9AI Score
0.009EPSS
SQL injection vulnerability in pms.php in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and earlier allows remote authenticated users to execute arbitrary SQL commands via the pmid[0]...
7.9AI Score
0.009EPSS
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.132EPSS
Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit
No description provided by...
7.1AI Score
Woltlab Burning Board Lite 1.0.2pl3e - pms.php SQL Injection
Woltlab Burning Board Lite 1.0.2pl3e - pms.php SQL...
-0.1AI Score
Woltlab Burning Board Lite <= 1.0.2pl3e (pms.php) SQL Injection Exploit
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path...
7.5AI Score
0.156EPSS
PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path...
7.5AI Score
0.156EPSS
PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path...
8AI Score
0.156EPSS
PHP remote file inclusion vulnerability in functions.php in EclipseBB 0.5.0 Lite allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path...
7.5AI Score
0.156EPSS
EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit
No description provided by...
7.1AI Score
EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
EclipseBB 0.5.0 Lite - phpbb_root_path Remote File Inclusion
EclipseBB 0.5.0 Lite - phpbb_root_path Remote File...
-0.1AI Score
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 3
No description provided by...
7.1AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.1EPSS
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit
No description provided by...
7.1AI Score
Woltlab Burning Board Search.PHP SQL注入漏洞
Woltlab Burning Board是一款基于PHP的WEB应用程序。 Woltlab Burning Board不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息。 问题是'Search.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意脚本代码作为参数数据,可导致获得敏感信息。 Woltlab Woltlab Burning Board Lite 1.0.2 WoltLab Burning Board Lite 1.0.2 WoltLab Burning Board Lite 1.0.1 e WoltLab Burning Board Lite...
7.1AI Score
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 2
No description provided by...
7.1AI Score
Burning Board search.php boardids Parameter SQL Injection
The version of Burning Board / Burning Board Lite on the remote host fails to sanitize user input to the 'boardids' parameter of the 'search.php' script before using it in database queries. Regardless of PHP's 'register_globals' and 'magic_quotes_gpc' settings, an unauthenticated remote attacker...
7.7AI Score
WoltLab Burning Board search.php Multiple Parameter SQL Injection
The version of Burning Board / Burning Board Lite on the remote host fails to sanitize user input to the 'boardids' parameter of the 'search.php' script before using it in database queries. Regardless of PHP's 'register_globals' and 'magic_quotes_gpc' settings, an unauthenticated, remote attacker.....
0.4AI Score
0.003EPSS
Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection (3)
Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection...
0.2AI Score
7.4AI Score
EPSS
Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection (2)
Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection...
0.1AI Score
Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection (1)
Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection...
0.1AI Score
Woltlab Burning Board <= 1.0.2 2.3.6 search.php SQL Injection Exploit 3
No description provided by...
7.1AI Score
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 2
Exploit for unknown platform in category web...
7.1AI Score
Woltlab Burning Board <= 1.0.2 2.3.6 search.php SQL Injection Exploit 2
No description provided by...
7.1AI Score
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
Woltlab Burning Board <= 1.0.2, 2.3.6 search.php SQL Injection Exploit 3
Exploit for unknown platform in category web...
7.1AI Score
7.4AI Score
EPSS
Woltlab Burning Board <= 1.0.2 2.3.6 search.php SQL Injection Exploit
No description provided by...
7.1AI Score
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) StrMsg or (2) Topic_ID parameter to (a) vf_info.asp, (b) vf_newtopic.asp, (c) vf_settings.asp, and (d) vf_replytopic.asp, different vectors....
5.6AI Score
0.012EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) StrMsg or (2) Topic_ID parameter to (a) vf_info.asp, (b) vf_newtopic.asp, (c) vf_settings.asp, and (d) vf_replytopic.asp, different vectors....
5.6AI Score
0.012EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) StrMsg or (2) Topic_ID parameter to (a) vf_info.asp, (b) vf_newtopic.asp, (c) vf_settings.asp, and (d) vf_replytopic.asp, different vectors....
5.6AI Score
0.012EPSS
Powergap是一款基于PHP的WEB应用程序。 Powergap不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是多个脚本对用户提交的'shopid'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Powergap Powergap Lite Powergap Powergap Busines ...
7.1AI Score
PHlyMail Lite Mod.Listmail.PHP远程文件包含漏洞
PHlyMail Lite是一款基于PHP的WEB邮件程序。 PHlyMail Lite不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'mod.listmail.php'脚本对用户提交的'PM[path][handler]'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 PHlyMail PHlyMail 3.3.4 PHlyMail PHlyMail 3.0.2 .07 PHlyMail PHlyMail 3.0.2 .01 PHlyMail PHlyMail 3.0.2 .00...
7.1AI Score
Vt-Forum Lite 1.3 and earlier store sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/forum.mdb. NOTE: The provenance of this information is unknown; the details are obtained solely from...
6.7AI Score
0.005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and 1.5 allow remote attackers to inject arbitrary web script or HTML via (1) the StrMes parameter in vf_info.asp and possibly (2) a URL in the SRC attribute of an IFRAME element that is submitted to...
5.8AI Score
0.012EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Vt-Forum Lite 1.3 and 1.5 allow remote attackers to inject arbitrary web script or HTML via (1) the StrMes parameter in vf_info.asp and possibly (2) a URL in the SRC attribute of an IFRAME element that is submitted to...
5.8AI Score
0.012EPSS
Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the user parameter to vf_memberdetail.asp, and other unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from...
8.2AI Score
0.002EPSS
Multiple SQL injection vulnerabilities in Vt-Forum Lite 1.3 and earlier allow remote attackers to execute arbitrary SQL commands via the user parameter to vf_memberdetail.asp, and other unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from...
8.6AI Score
0.002EPSS