SIGMA Lite & Lite + Security Vulnerabilities
Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ADC2000 NG Pro 1.2 and NG Pro Lite allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) lang...
8.5AI Score
0.004EPSS
ADC2000 NG Pro SQL inj. vuln. Vuln. dicovered by : r0t Date: 27 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/adc2000-ng-pro-sql-inj-vuln.html vendor:http://www.td-systems.com/products/ affected version: 1.2 and ADC2000 NG Pro Lite Product Description: AD Center 2000 NG Pro is a...
0.2AI Score
Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q...
5.7AI Score
0.005EPSS
Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword...
6.1AI Score
0.005EPSS
SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword...
8.8AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q...
6AI Score
0.005EPSS
Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword...
5.8AI Score
0.005EPSS
SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword...
8.4AI Score
0.003EPSS
SQL injection vulnerability in search.asp in Online Work Order Suite (OWOS) Lite Edition for ASP 3.0 allows remote attackers to execute arbitrary SQL commands via the keyword...
8.4AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in search.asp in Online Knowledge Base System (OKBSYS) Lite Edition 1.0 allows remote attackers to inject arbitrary web script or HTML via hex-encoded values in the q...
5.7AI Score
0.005EPSS
Cross-site scripting (XSS) vulnerability in search.asp in Online Attendance System (OASYS) Lite 1.0 allows remote attackers to inject arbitrary web script or HTML via certain search parameters, possibly the keyword...
5.8AI Score
0.005EPSS
Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.7AI Score
OASYS Lite 1.0 "search.asp" XSS vuln.
OASYS Lite 1.0 "search.asp" XSS vuln. Vuln. dicovered by : r0t Date: 25 nov. 2005 Original advisory:http://pridels.blogspot.com/2005/11/oasys-lite-10-searchasp-xss-vuln.html Vendor:www.onlinetechtools.com Product link:http://www.onlinetechtools.com/products/oasyslite/ affected vesion: 1.0 and...
0.5AI Score
OKBSYS Lite 1.0 "search.asp" XSS vuln.
Online Knowledge Base System: Lite Edition 1.0 XSS vuln. Vuln. dicovered by : r0t Date: 25 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/okbsys-lite-10-searchasp-xss-vuln.html Vendor:www.onlinetechtools.com Product link:http://www.onlinetechtools.com/products/okbsys/ affected...
0.3AI Score
Online Work Order Suite: Lite Edition for ASP 3.0 SQL inj. Vuln. dicovered by : r0t Date: 25 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/owos-lite-30-sql-inj.html Vendor:www.onlinetechtools.com Product link:http://www.onlinetechtools.com/products/owoslite/ affected vesion:3.0...
0.8AI Score
Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in...
6.9AI Score
0.004EPSS
An unknown service runs on this port. It is sometimes opened by Trojan horses. Unless you know for sure what is behind it,...
7.4AI Score
This plugin attempts to determine the presence of various common dirs on the remote web...
9.9CVSS
8.1AI Score
0.975EPSS
Comersus BackOffice Lite Administrative Bypass
Comersus ASP shopping cart is a set of ASP scripts creating an online shoppingcart. It works on a database of your own choosing, default is msaccess, and includes online administration...
6.8AI Score
0.007EPSS
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to css.php, (2) redirect parameter to index.php, (3) email parameter to user.php, (4) goto parameter to language.php, (5) orderby.....
5.8AI Score
0.011EPSS
Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, (2) userid parameter to user.php, (3) calendar parameter to admincalendar.php, (4) cronid parameter to cronlog.php,....
8.5AI Score
0.002EPSS
Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow remote attackers to execute arbitrary SQL commands via the (1) request parameter to joinrequests.php, (2) limitnumber or (3) limitstart to user.php, (4) usertitle.php, or (5)...
8.5AI Score
0.006EPSS
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8)...
6AI Score
0.002EPSS
image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload...
7.2AI Score
0.002EPSS
Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, the (2) thread[forumid] or (3) criteria parameters to thread.php, (4) userid parameter to user.php, the (5)...
8.5AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the loc parameter to (1) modcp/index.php or (2) admincp/index.php, or the ip parameter to (3) modcp/user.php or (4)...
5.8AI Score
0.002EPSS
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/language.php?goto' Cross-Site Scripting
...
7.4AI Score
EPSS
7.4AI Score
EPSS
...
7.4AI Score
EPSS
7.4AI Score
EPSS
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/usertitle.php?usertitleid' SQL Injection
...
7.4AI Score
EPSS
7.4AI Score
EPSS
7.4AI Score
EPSS
7.4AI Score
EPSS
vBulletin 1.0.1 lite/2.x/3.0 - '/admincp/modlog.php?orderby' Cross-Site Scripting
...
7.4AI Score
EPSS
7.4AI Score
EPSS
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which is used in an include_once...
8.2AI Score
0.056EPSS
JVN#97422426 Hyper NIKKI System cross-site request forgery vulnerability
Impact If a weblog administrator accesses a malicious web page, an attacker could add, alter, or delete the weblog text. If the weblog text is successfully altered, the attacker could perform a cross-site scripting attack to steal cookie information of weblog readers (including weblog...
6AI Score
Woltlab Burning Board modcp.php Multiple Parameter SQL Injection
The remote version of Burning Board / Burning Board Lite is prone to SQL injection attacks due to its failure to sanitize user-supplied input to the 'x' and 'y' parameters of the 'modcp.php' script before using it in database queries. Provided an attacker has moderator privileges, these flaws may.....
0.5AI Score
0.002EPSS
[SA16388] PHlyMail Unspecified Login Bypass Vulnerability
Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ TITLE: PHlyMail Unspecified Login Bypass Vulnerability SECUNIA ADVISORY ID: SA16388 VERIFY ADVISORY:...
0.6AI Score
7.4AI Score
EPSS
PHP Lite Calendar Express 2.2 - login.php?cid SQL Injection
PHP Lite Calendar Express 2.2 - login.php?cid SQL...
0.3AI Score
7.4AI Score
EPSS
PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection
PHP Lite Calendar Express 2.2 - auth.php?cid SQL...
0.3AI Score
7.4AI Score
EPSS
PHP Lite Calendar Express 2.2 - Subscribe.php?cid SQL Injection
PHP Lite Calendar Express 2.2 - Subscribe.php?cid SQL...
0.3AI Score
-0.4AI Score
Quick 'n Easy FTP Server 3.0 pro / lite (buffer overflow vulnerabilities)
Details: Input to the user commands is not properly checked and/or filtered. Issuing a long argument to the user (about 1024 caracteres) commands will cause the corresponding process to die without any error message. this vulnerabilities exist in both the professionnal version 3.0 and lite version....
0.3AI Score
7.4AI Score
EPSS
Quick n EasY 3.0 FTP Server - Remote Denial of Service
Quick n EasY 3.0 FTP Server - Remote Denial of...
0.3AI Score