ESpace 7910; ESpace 7950; ESpace 8950 Security Vulnerabilities
Mercury Audio Player 1.21 (.pls) SEH Overwrite Exploit
Exploit for unknown platform in category local...
6.8AI Score
FreeBSD 7.0/7.1 (ktimer) Local Kernel Root Exploit
Exploit for freebsd platform in category local...
6.8AI Score
Nessus was able to identify the remote operating system by examining the HTML returned from certain HTTP...
7.2AI Score
WoW ActiveX Multiple Remote Code Execution Vulnerabilities
This host is installed with WoW ActiveX and is prone to Multiple Remote Code Execution...
1.2AI Score
0.08EPSS
WoW ActiveX Multiple RCE Vulnerabilities
WoW ActiveX is prone to Multiple Remote Code Execution...
7.3AI Score
0.08EPSS
Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via...
7.6AI Score
0.08EPSS
Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via...
7.4AI Score
0.08EPSS
Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via...
8AI Score
0.08EPSS
Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute method, (3) read from the registry via...
7.4AI Score
0.08EPSS
7.4AI Score
EPSS
Unfixed XSS vulnerability at www.edf-bleuciel.fr
Security researcher Mystick, has submitted on 11/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.edf-bleuciel.fr, which at the time of submission ranked 48191 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/10/2008. It is...
AI Score
OpenOffice < 2.4.2 WMF and EMF File Handling Buffer Overflows
The version of OpenOffice 2.x installed on the remote host is earlier than 2.4.2. Such versions are affected by several issues : Specially crafted WMF files can lead to heap-based overflows and arbitrary code execution (CVE-2008-2237). Specially crafted EMF files can lead to...
1.2AI Score
0.124EPSS
The remote host is missing an update to the system as announced in the referenced...
-0.3AI Score
0.004EPSS
The remote host is missing an update to the system as announced in the referenced...
7.6AI Score
0.004EPSS
FreeBSD : phpmyadmin -- XSS Vulnerability (150e4548-8950-11dd-a6fe-0030843d3802)
Secunia reports : An error exists in the 'PMA_escapeJsString()' function in libraries/js_escape.lib.php, which can be exploited to bypass certain filters and execute arbitrary HTML and script code in a user's browser session in context of an affected site when e.g. Microsoft Internet Explorer is...
-0.6AI Score
phpmyadmin -- Cross-Site Scripting Vulnerability
Secunia reports: An error exists in the "PMA_escapeJsString()" function in libraries/js_escape.lib.php, which can be exploited to bypass certain filters and execute arbitrary HTML and script code in a user's browser session in context of an affected site when e.g. ...
3AI Score
MS KB953839: Cumulative Security Update of ActiveX Kill Bits
The remote host is missing a list of kill bits for ActiveX controls that are known to contain vulnerabilities. If these ActiveX controls are ever installed on the remote host, either now or in the future, they would expose it to various security...
6.5AI Score
0.085EPSS
7.1AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.012EPSS
0.1AI Score
7.1AI Score
SubEdit Player build 4066 subtitle Buffer Overflow PoC
Exploit for unknown platform in category dos /...
7AI Score
7.4AI Score
EPSS
SubEdit Player build 4066 - subtitle Buffer Overflow (PoC)
SubEdit Player build 4066 - subtitle Buffer Overflow...
0.2AI Score
Joomla Component Alberghi <= 2.1.3 (id) SQL Injection Vulnerability
No description provided by...
7.1AI Score
7.1AI Score
Sun OpenOffice.org < 2.3.1 Database HSQLDB Database Document Handling Arbitrary Java Code Execution
The remote host is running a version of Sun Microsystems OpenOffice.org that contains an arbitrary code execution vulnerability in its HSQLDB database engine. If a remote attacker can trick a user into opening a specially crafted database, this issue can be leveraged to execute arbitrary static...
7.5AI Score
0.029EPSS
"Current Assignee" on Browse Permission problem
I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: Project Lead Project Role (Administrators) Project Role (Clients) Among the 5 users, 3 fit these categories. One is a...
2.6AI Score
"Current Assignee" on Browse Permission problem
I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: Project Lead Project Role (Administrators) Project Role (Clients) Among the 5 users, 3 fit these categories. One is a...
2.6AI Score
"Current Assignee" on Browse Permission problem
I have created a permission scheme in Jira but I am experiencing an odd behaviour. I have 5 users in Jira and in the permission scheme, the Browse Projects is assigned to: Project Lead Project Role (Administrators) Project Role (Clients) Among the 5 users, 3 fit these categories. One is a...
2.6AI Score
IPSwitch IMAIL IMAP server buffer overflow
Buffer overflow in SEARCH and SUBSCRIBE commands and also during authentication...
2.9AI Score
0.053EPSS
XSS vulnerability in app/spaces/listattachmentforspace.action
Description: XSS via the "Filter By File Extension" field in app/spaces/listattachmentforspace.action. Exploit:...
2.1AI Score
XSS vulnerability in app/spaces/listattachmentforspace.action
Description: XSS via the "Filter By File Extension" field in app/spaces/listattachmentforspace.action. Exploit:...
2.1AI Score
XSS vulnerability in app/spaces/listattachmentforspace.action
Description: XSS via the "Filter By File Extension" field in app/spaces/listattachmentforspace.action. Exploit:...
2.1AI Score
Microsoft Windows Active Directory array overflow
Array index overflow on LDAP request...
4.7AI Score
0.819EPSS
-0.2AI Score
IBM Tivoli Provisioning Manager PRE AUTH Remote Exploit
Exploit for unknown platform in category remote...
7.1AI Score
The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and.....
6.5AI Score
0.01EPSS
The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and.....
6.3AI Score
0.01EPSS
The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and.....
6.2AI Score
0.01EPSS
The Prototype (prototypejs) framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation (JSON) without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and.....
6.2AI Score
0.01EPSS
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service
Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of...
0.3AI Score
7.4AI Score
EPSS
Cisco Security Advisory: Cisco Unified IP Conference Station and IP Phone Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified IP Conference Station and IP Phone Vulnerabilities Advisory ID: cisco-sa-20070221-phone http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml Revision 1.0 For Public Release 2007 February 21 1600 UTC.....
1.1AI Score
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
7.6AI Score
0.07EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
7.6AI Score
0.07EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
8AI Score
0.07EPSS
PHP remote file inclusion vulnerability in _admin/admin_menu.php in FdWeB Espace Membre 2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path...
7.6AI Score
0.07EPSS
FdWeB Espace Membre Admin_Menu.PHP远程文件包含漏洞
FdWeB Espace Membre是一款基于PHP的WEB应用程序。 FdWeB Espace Membre不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Admin_Menu.PHP'脚本对用户提交的'phpbb_root_path'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 FdWeB Espace Membre 2.01 FdWeB Espace Membre 2.0 目前没有解决方案提供:...
7.1AI Score
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks,...
1.5AI Score
0.556EPSS