Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner parameter in agent_links.pl; the offset parameter in (2) agent_links.pl, (3) agent_transactions.pl,...
8.6AI Score
0.014EPSS
Multiple SQL injection vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to execute arbitrary SQL commands via the (1) banner parameter in agent_links.pl; the offset parameter in (2) agent_links.pl, (3) agent_transactions.pl,...
8.6AI Score
0.014EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4)...
6AI Score
0.024EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
7.7AI Score
0.013EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
8.1AI Score
0.013EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
7.8AI Score
0.013EPSS
Buffer overflow in Unicode processing in the logging functionality in Pablo Software Solutions Quick 'n Easy FTP Server Professional and Lite, probably 3.0, allows remote authenticated users to execute arbitrary code by sending a command with a long argument, which triggers a buffer overflow when.....
7.7AI Score
0.013EPSS
ethereal -- Multiple Protocol Dissector Vulnerabilities
Secunia reports: Multiple vulnerabilities have been reported in Ethereal, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. The vulnerabilities are caused due to various types of errors including boundary...
6.9AI Score
0.045EPSS
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow
IHS Iran Homeland Security Public advisory by : c0d3r "Kaveh Razavi" [email protected] Title : Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow information : Quick 'n Easy FTP Server is a simple and handy FTP server which is developed by Pablo van der Meer . there is a...
AI Score
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
7.7AI Score
0.15EPSS
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
8AI Score
0.15EPSS
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
7.7AI Score
0.15EPSS
PHP remote file inclusion vulnerability in direct.php in ActualScripts ActualAnalyzer Lite 2.72 and earlier, Gold 7.63 and earlier, and Server 8.23 and earlier allows remote attackers to execute arbitrary code via a URL in the rf...
7.7AI Score
0.15EPSS
[MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability
[MajorSecurity]ActualAnalyzer - Remote File Include Vulnerability Software: ActualAnalyzer Type: Remote File Include Vulnerability Date: April, 19th 2006 Vendor: ActualScripts Page: http://actualscripts.com Risc: High Credits: Discovered by: 'Aesthetico' http://www.majorsecurity.de Affected...
0.6AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.003EPSS
Leadhound multiple vuln. Vuln. discovered by : r0t Date: 18 april 2006 vendor:http://www.leadhoundnetwork.com/ affected versions: Leadhound "Full Remote version" & Leadhound LITE 2.1 orginal advisory: http://pridels.blogspot.com/2006/04/leadhound-multiple-vuln.html Product info: Secure private...
0.1AI Score
Cross-site scripting (XSS) vulnerability in searchresult.php in Meeting Reserve 1.0 beta allows remote attackers to inject arbitrary web script or HTML via the search_term parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...
5.6AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Calendar Express 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) allwords or (2) oneword parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...
5.7AI Score
0.007EPSS
Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is...
6.7AI Score
0.016EPSS
[eVuln] CyBoards PHP Lite SQL Injection Vulnerability
New eVuln Advisory: CyBoards PHP Lite SQL Injection Vulnerability http://evuln.com/vulns/91/summary.html --------------------Summary---------------- eVuln ID: EV0091 CVE: CVE-2006-1134 Software: CyBoards PHP Lite Sowtware's Web Site:...
0.7AI Score
0.011EPSS
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
CyBoards PHP Lite 1.211.25 - post.php SQL Injection
CyBoards PHP Lite 1.211.25 - post.php SQL...
AI Score
7.4AI Score
Often see newbies asking the ocean to the top of the ASP Trojan related issues Here I collect some common questions and give the answer! =File description===================================================== 2 0 0 6. asp Haiyang top nets ASP Trojan 2 0 0 6 Edition files unpack. vbs package...
-0.1AI Score
SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2)...
8.5AI Score
0.011EPSS
SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2)...
8.5AI Score
0.011EPSS
SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2)...
9.2AI Score
0.011EPSS
SQL injection vulnerability in CyBoards PHP Lite 1.25, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the parent parameter to (1) post.php and possibly (2)...
8.5AI Score
0.011EPSS
LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script
Overview Several buffer overflow vulnerabilities have been discovered in LISTSERV. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description L-Soft's LISTSERV is an email list management software package. It includes a Web Archive and...
0.3AI Score
0.254EPSS
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has...
7.8AI Score
0.254EPSS
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has...
7.8AI Score
0.254EPSS
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has...
8.4AI Score
0.254EPSS
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has...
7.7AI Score
0.254EPSS
Critical Risk Vulnerability in L-Soft Listserv
Peter Winter-Smith of NGSSoftware has discovered a number of vulnerabilities in L-Soft's LISTSERV list management system. The worst of these carries a critical risk rating. Affected versions include: LISTSERV version 14.4, including LISTSERV Lite and HPO LISTSERV version 14.3, including LISTSERV...
1.2AI Score
JVN#65542239 Hyper NIKKI System allows unauthorized email submission
Impact An attacker could use the server to send unauthorized emails. In addition, when the server provides email service, the attacker could possibly conduct a DoS attack by generating many bounced emails. ## Solution ## Products Affected hns-2.19.6 (hns-lite-2.19.6) and earlier On March 8...
6.8AI Score
[eVuln] Magic News Lite PHP Code Execution & Unauthorized Data Modification
New eVuln Advisory: Magic News Lite PHP Code Execution & Unauthorized Data Modification http://evuln.com/vulns/72/summary.html --------------------Summary---------------- eVuln ID: EV0072 CVE: CVE-2006-0723 CVE-2006-0724 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com...
1.2AI Score
0.026EPSS
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
-0.2AI Score
0.026EPSS
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
[eVuln] Magic Calendar Lite Authentication Bypass
New eVuln Advisory: Magic Calendar Lite Authentication Bypass http://evuln.com/vulns/71/summary.html --------------------Summary---------------- eVuln ID: EV0071 CVE: CVE-2006-0673 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com Software: Magic Calendar Lite Sowtware's Web...
0.7AI Score
0.008EPSS
Magic Calendar Lite 1.02 - index.php SQL Injection
Magic Calendar Lite 1.02 - index.php SQL...
0.1AI Score
7.4AI Score
EPSS
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly...
6.9AI Score
0.003EPSS
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...
7.3AI Score
0.003EPSS
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...
6.8AI Score
0.003EPSS
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...
6.8AI Score
0.003EPSS
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly...
7.4AI Score
0.003EPSS
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly...
6.9AI Score
0.003EPSS
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a...
6.8AI Score
0.003EPSS
ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly...
6.9AI Score
0.003EPSS