SIGMA Lite & Lite + Security Vulnerabilities
Download Center Lite (DCL) 1.5 - Remote File Inclusion
Download Center Lite (DCL) 1.5 - Remote File...
0.7AI Score
ethereal -- multiple protocol dissectors vulnerabilities
An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: Matevz Pustisek discovered a buffer overflow in the Etheric dissector. CVE: CAN-2005-0704 The GPRS-LLC dissector could crash if the "ignore cipher bit" option was...
6.9AI Score
0.025EPSS
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the...
7.6AI Score
0.027EPSS
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the...
7.6AI Score
0.027EPSS
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server that contains the...
8AI Score
0.027EPSS
-0.5AI Score
Download Center Lite (DCL) - Arbitrary File Inclusion (VXSfx)
-- == -- == -- == -- == -- == -- == -- == -- == -- == -- Name: Download Center Lite (DCL) Version: <= 1.5 (free/commercial) Homepage: http://www.stadtaus.com/ Author: Filip Groszynski (VXSfx) Date: 4 March 2005 -- == -- == -- == -- == -- == -- == -- == -- == -- == --...
1.5AI Score
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File Inclusion
Stadtaus.Com Download Center Lite 1.5 - PHP Remote File...
-0.3AI Score
7.4AI Score
[SA14450] Woltlab Burning Board SQL Injection Vulnerability
Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l TITLE: Woltlab Burning Board SQL Injection Vulnerability SECUNIA ADVISORY ID:...
0.4AI Score
PHP, ASP, CGI web applications security vulnerabilities
PHP inclusions, SQL injections, directory traversals, crossite scripting,...
2.2AI Score
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified...
9.2AI Score
0.001EPSS
SQL injection vulnerability in default.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to execute arbitrary SQL commands via the referer field in the HTTP...
8.4AI Score
0.002EPSS
Multiple cross-site scripting (XSS) vulnerabilities in (1) comersus_supportError.asp or (2) comersus_backofficelite_supportError.asp in BackOffice Lite 6.0 and 6.01 allow remote attackers to inject arbitrary web script or HTML via the error...
5.8AI Score
0.003EPSS
comersus_backoffice_install10.asp in BackOffice Lite 6.0 and 6.01 allows remote attackers to bypass authentication and gain privileges via a direct request to the...
7.1AI Score
0.007EPSS
Cross-site scripting (XSS) vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid...
5.9AI Score
0.004EPSS
[SA13964] Comersus Cart Multiple Vulnerabilities
TITLE: Comersus Cart Multiple Vulnerabilities SECUNIA ADVISORY ID: SA13964 VERIFY ADVISORY: http://secunia.com/advisories/13964/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data WHERE: >From remote SOFTWARE: Comersus Cart 6.x...
1.4AI Score
bug report comersus Back Office Lite 6.0 and 6.0.1
Software: Comersus ASP Shopping Cart Version: 6.0 Free version containing BackOffice Lite 6.0 and 6.01 Vendor: Comersus Software Description Comersus ASP shopping cart is a set of ASP scripts creating an online shoppingcart. It works on a database of your own choosing, default is msaccess,...
0.2AI Score
AI Score
ethereal -- multiple protocol dissectors vulnerabilities
An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: The COPS dissector could go into an infinite loop. CVE: CAN-2005-0006 The DLSw dissector could cause an assertion. CVE: CAN-2005-0007 The DNP dissector could cause...
6.9AI Score
0.036EPSS
Application: Kazaa Vendors: http://www.kazaa.com Versions: kazaa lite k++(probably all others too...) Platforms: Windows Bug: Sig2Dat Protocol Remote Integer Overflow and Denial Of Service by creating files in arbitrary locations Exploitation: Remote With Browser Date: 17 Jan 2005 Author: ...
2.6AI Score
1.4AI Score
Security Advisory: BiTBOARD xss
Advisory Information Advisory name : BiTBOARD XSS Discovered by : drhankey / it-security23.net Vendor Name : the bitshifters sdc Vendor Homepage : http://www.bitshifters.net Software : Bitboard Vulnerability Type : ...
-0.2AI Score
Woltlab Burning Book addentry.php SQL Injection
Advisory Information Advisory name : Woltlab Burning Book addentry.php SQL Injection Discovered by : drhankey / it-security23.net Vendor Name : Woltlab Vendor Homepage : http://www.woltlab.de Software : Woltlab Burning Book Lite...
-0.3AI Score
Security Advisory: Woltlab Burning Board Lite formmail.php XSS
Advisory Information Advisory name : Woltlab Burning Board Lite formmail.php XSS Discovered by : drhankey / it-security23.net Vendor Name : Woltlab Vendor Homepage : http://www.woltlab.de Software : Woltlab Burning Board Lite...
0.2AI Score
-0.5AI Score
PHP remote file inclusion vulnerability in index.php in Zanfi CMS lite 1.1 allows remote attackers to execute arbitrary PHP code via the inc...
7.6AI Score
0.014EPSS
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and...
6.7AI Score
0.011EPSS
Multiple cross-site scripting (XSS) vulnerabilities in News Manager Lite 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to comment_add.asp, (2) search parameter to search.asp, or (3) n parameter to...
5.8AI Score
0.006EPSS
Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain...
6.3AI Score
0.003EPSS
ethereal -- multiple vulnerabilities
An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash. An invalid RTP timestamp could make Ethereal hang and create a large temporary...
0.4AI Score
0.025EPSS
vim -- vulnerabilities in modeline handling
Ciaran McCreesh discovered news ways in which a VIM modeline can be used to trojan a text file. The patch by Bram Moolenaar reads: Problem: Unusual characters in an option value may cause unexpected behavior, especially for a modeline. (Ciaran McCreesh) Solution: Don't...
2.8AI Score
0.001EPSS
The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains a backdoor that allows remote attackers to delete arbitrary files via an email address that starts with...
6.7AI Score
0.006EPSS
Cross-site scripting (XSS) vulnerability in more.php for Online Store Kit 3.0 allows remote attackers to inject arbitrary HTML via the id...
5.8AI Score
0.025EPSS
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null...
7.5CVSS
7.1AI Score
0.006EPSS
The AddToMailingList function in CactuSoft CactuShop 5.0 Lite contains a backdoor that allows remote attackers to delete arbitrary files via an email address that starts with...
7.1AI Score
0.006EPSS
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test...
7.2AI Score
0.003EPSS
Zanfi CMS Lite index.php inc Parameter Remote File Inclusion
The remote host is running Zanfi CMS Lite, a content management system written in PHP. There is a bug in the remote version of this software that may allow an attacker to execute arbitrary commands on the remote host by using a file inclusion bug in the file 'index.php'. An attacker may execute...
0.3AI Score
0.014EPSS
Two Vulnerabilities in Mambo Author: Jose Antonio Coret (Joxean Koret) Date: 2004 Location: Basque Country Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Mambo 4.5 (1.0.9) Mambo is one of the most powerful Open Source Content Management Systems on the planet. It is used all...
0.2AI Score
-0.1AI Score
Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command Execution
Mambo Open Source 4.5.1 (1.0.9) - Function.php Arbitrary Command...
0.5AI Score
7.4AI Score
EPSS
Winamp before 5.0.4 allows remote attackers to execute arbitrary script in the Local computer zone via script in HTML files that are referenced from XML files contained in a .wsz skin...
7.2AI Score
0.233EPSS
FreeBSD : multiple vulnerabilities in ethereal (42)
The following package needs to be updated:...
6.4AI Score
0.026EPSS
FreeBSD : multiple vulnerabilities in ethereal (41)
The following package needs to be updated:...
6.4AI Score
0.039EPSS
6.7AI Score
0.026EPSS
6.7AI Score
0.039EPSS
1.4AI Score
Vulnerabilities in News Manager Lite 2.5 & News Manager Lite administration
Title: Vulnerabilities in News Manager Lite 2.5 & News Manager Lite administration. Software: News Manager Lite 2.5 & News Manager Lite administration. Vendor: http://www.expinion.net/software/app_newsmanager.asp Impact: Disclosure of authentication information, Disclosure of user...
0.8AI Score
-0.3AI Score