Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p...
6.7AI Score
0.028EPSS
Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p...
6.6AI Score
0.028EPSS
-0.3AI Score
phpBB datenbank mod has XSS/SQL Injection in the id variable
vulnerable mod: datenbank explaination: you can pass SQL Injection / Cross Site Scripting (Commands) in the id variable inside the mod.php (mod-datenbank) exploit: http://[target]/phpBB/moddb/mod.php?id='[SQL Injection] http://[target]/phpBB/moddb/mod.php?id='><script>alert(document.cookie...
0.6AI Score
Vulnerable System : paFileDB 3.1 and less exploit : http://[target]/pafiledb.php?action="><script>alert(document.cookie)</script> discovered by : neO SecurityGurus Team...
0.4AI Score
phpbb -- Insuffient check against HTML code in usercp_register.php
Neo Security Team reports: If we specify a variable in the html code (any type: hidden, text, radio, check, etc) with the name allowhtml, allowbbcode or allowsmilies, is going to be on the html, bbcode and smilies in our signature. This is a low risk vulnerability that...
2.9AI Score
-0.4AI Score
Vulnerable System : forumKIT 1.0 Description : an XSS is founded in the variable members that have the value 'true' you can exchange it with XSS Code . exploit : http://forum.target.com/f.aspx?members="><script>alert(document.cookie);</script> this exploit is discovered by : neO e-ma...
1.2AI Score
-0.3AI Score
Macromedia ColdFusion MX 6.1 - Template Handling Privilege Escalation
Macromedia ColdFusion MX 6.1 - Template Handling Privilege...
0.6AI Score
7.4AI Score
Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...
0.8AI Score
Sad Raven's Guestbook версии 1.2 vuln
Приветствую! Если вам интересно, то я обнаружил уязвимость в Sad Raven's Guestbook версии 1.2. Она заключается в следующем: если установить на свою машину правильно составленный cookie, то можно войти в админский интерфейс, с частичным обходом авторизации! Кукис должен быть следующего формата:...
-0.3AI Score
PJ CGI Neo PJreview_Neo.cgi p Parameter Traversal Arbitrary File Access
The remote host is running PJreview_neo.cgi - a web-based software. There is a bug in this software which may allow an attacker to read arbitrary files on the remote web server with the privileges of the web...
AI Score
0.028EPSS
ZH2004-02SA (security advisory): PJ CGI Neo review (NeoBoard review) Remote arbitrary file retrieving Published: 29 january 2004 Released: 29 january 2004 Name: PJ CGI Neo review (NeoBoard review) Affected Systems: Current version Issue: Remote file retrieving Author: Zone-h Security Labs Vendor:.....
1.1AI Score
Directory traversal vulnerability in PJreview_Neo.cgi in PJ CGI Neo review allows remote attackers to read arbitrary files via a .. (dot dot) in the p...
6.6AI Score
0.028EPSS
0.6AI Score
7.4AI Score
EPSS
-0.3AI Score
HMAP Web Server Fingerprinting
Nessus was able to identify the remote web server type by sending several valid and invalid HTTP requests. In some cases, its version can also be approximated, as well as some...
0.1AI Score
NBActiveX Sure ActiveX Big Vulnerability
Lorenzo Hernandez garcia-hierro Webmaster of LORENZOHGH.COM LHGHPRODS PROGRAMACIÓN TIENDA ONLINE. NBActiveX Sure ActiveX New Vulnerability Dear firends, INTODUCTION This vulnerability is an important failure because the malicious code writed in NeoBook 4 can be executed out of permission...
0.3AI Score
Dear, Advisory was originally posted in [1-3] 2 weeks ago, so I think it's enough time passed to publish some details, because [4,5] have enough information to re-discover vulnerability. ERRor <error(at)pochtamt.ru> discovered IE 5.5 and 6.0 in some cases crash on <embed...
-0.2AI Score
0.096EPSS
Multiple Remote Windows XP/ME/98 Vulnerabilities
Multiple Remote Windows XP/ME/98 Vulnerabilities Release Date: 12/20/01 Severity: High Systems Affected: Microsoft Windows XP (All default systems) Microsoft Windows 98 (Certain configurations) Microsoft Windows 98SE (Certain configurations) Microsoft Windows ME (Certain configurations)...
AI Score
0.972EPSS
7.4AI Score
0.3AI Score
-0.4AI Score
0.7AI Score
7.4AI Score
EPSS
TelSrv Reveals Usernames & Passwords After DoS Attack
Details Application: GAMSoft's TelSrv 1.5 (could be more... I don't have time to check, nor do I have the other programs) Problem Type: Denial of Service Attack - Reveals User Names & Passwords Author: Patrick Webster (mailto:[email protected]) Platform: Win95 (could be more again... unable to...
-0.4AI Score
Atipa начнет выпуск Linux-компьютеров на базе процессоров Alpha В настоящее время львиная доля Linux-компьютеров работает на базе процессоров Intel. Желая несколько изменить сложившуюся ситуацию, компания Atipa объявила о своем намерении продвигать на рынок Linux-компьютеры на базе процессоров...
-0.2AI Score