FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit
No description provided by...
7.1AI Score
FdWeB Espace Membre <= 2.01 (path) Remote File Include Exploit
Exploit for unknown platform in category web...
7.1AI Score
FdWeB Espace Membre 2.01 - path Remote File Inclusion
FdWeB Espace Membre 2.01 - path Remote File...
0.1AI Score
7.4AI Score
EPSS
Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3)...
6AI Score
0.035EPSS
Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3)...
5.8AI Score
0.035EPSS
Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4)...
6.9AI Score
0.03EPSS
Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3)...
5.8AI Score
0.035EPSS
Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4)...
7.4AI Score
0.03EPSS
Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4)...
6.9AI Score
0.03EPSS
Multiple absolute path traversal vulnerabilities in EditTag 1.2 allow remote attackers to read arbitrary files via an absolute pathname in the file parameter to (1) edittag.cgi, (2) edittag.pl, (3) edittag_mp.cgi, or (4)...
6.9AI Score
0.03EPSS
Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3)...
5.8AI Score
0.035EPSS
MS06-059: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)
The remote host is running a version of Microsoft Excel that may allow arbitrary code to be run. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it with Microsoft...
0.9AI Score
0.703EPSS
MS06-062: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581)
The remote host is running a version of Microsoft Office that could allow arbitrary code to be run. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it with Microsoft...
0.5AI Score
0.841EPSS
-0.2AI Score
Membrepass v1.5 Php code execution, Xss, Sql Injection
================================================================= Affected.scr..: Membrepass v1.5 Advisory.ID...: 09290806 Type..........: Cross Site Scripting, SQL Injection Php code execution Risk.level....: Medium Vendor.Status.: Unpatched Src.download..:...
AI Score
[SA19295] LibVC "count_vcards()" Buffer Overflow Vulnerability
TITLE: LibVC "count_vcards()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA19295 VERIFY ADVISORY: http://secunia.com/advisories/19295/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: LibVC http://secunia.com/product/8950/ DESCRIPTION: trew has discovered...
1.3AI Score
7.3AI Score
Multiple Veritas Backup Exec backup solutions vulnerabilities
Multiple vulnerabilities, including remote buffer overflows and...
3.4AI Score
Veritas Backup Exec Agent Error Status Remote DoS Vulnerability iDEFENSE Security Advisory 06.23.05 www.idefense.com/application/poi/display?id=271&type=vulnerabilities June 23, 2005 I. BACKGROUND VERITAS Backup Exec is an advanced backup and restore solution for Microsoft Windows server...
AI Score
0.13EPSS
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables...
6.4AI Score
0.0004EPSS
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables...
6.8AI Score
0.0004EPSS
[Full-disclosure] Cisco Security Advisory: Crafted ICMP Messages Can Cause Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Crafted ICMP Messages Can Cause Denial of Service Revision 1.0 For Public Release 2005 April 12 1200 UTC (GMT) +---------------------------------------------------------------------- Contents Summary Affected Products Details...
AI Score
Foxmail server "USER" command Multiple remote buffer overflow
AUTHOR: (Fortinet, inc) xouyang<xouyang_at_fortinet.com> <[email protected]> PRODUCTS: Foxmail Server. A Mail server for both Windows and linux. AFFECTED VERSION: Foxmail server for windows version 2.0 (latest). I've just tested windows server, the linux version may be vulnerable too......
0.6AI Score
AI Score
vbscript.dll regular expression object (RegExp) memory leak
Hello, The following vbscript, which uses the RegExp object, causes memory leak (tested under Windows XP SP2 with Script Engine V5.6); when you run it, locate the associated wscript.exe or cscript.exe process in the Windows task manager, then click "OK" in the "Start" message box, and see how the.....
-0.2AI Score
2.1AI Score
PHP, ASP, CGI web applications security vulnerabilities
PHP inclusions, SQL injections, directory traversals, crossite scripting,...
2.2AI Score
[SA14373] ginp Directory Traversal Vulnerability
TITLE: ginp Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA14373 VERIFY ADVISORY: http://secunia.com/advisories/14373/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: >From remote SOFTWARE: ginp 0.x http://secunia.com/product/4566/ DESCRIPTION: A...
1AI Score
-0.3AI Score
AWStats <= 6.4 Multiple vulnerabilities
/==========================================/ // GHC -> AWStats <- ADVISORY \ PRODUCT: AWStats // VERSION: <= 6.3 \ URL: http://awstats.sourceforge.net/ // VULNERABILITY CLASS: Multiple vulnerabilities \ RISK: high /==========================================/ [Product Description] "AWStats....
0.3AI Score
Cisco Security Advisory: Vulnerability in Cisco IOS Embedded Call Processing Solutions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS Embedded Call Processing Solutions Revision 1.0 For Public Release 2005 January 19 1500 UTC +---------------------------------------------------------------------- Contents Summary Affected Products...
AI Score
Multiple Vendor TCP Sequence Number Approximation Vulnerability
Description A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. The problem is that affected...
1.3AI Score
0.003EPSS
Cisco Security Advisory: Vulnerabilities in H.323 Message Processing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerabilities in H.323 Message Processing Document ID: 47843 Revision 1.0 - INTERIM For Public Release 2004 January 13 UTC 1200 Contents Summary Affected Products Unaffected Products Details Impact Software Versions and...
0.1AI Score
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables...
6.4AI Score
0.0004EPSS
DATEV Nutzungskontrolle 2.12.2 - Unauthorized Access
DATEV Nutzungskontrolle 2.12.2 - Unauthorized...
1.1AI Score
7.4AI Score
EPSS
CesarFTP Multiple Vulnerabilities (OF, File Access, more)
The remote host is running CesarFTP, an FTP server for Windows systems. There are multiple flaws in this version of CesarFTP that could allow an attacker to execute arbitrary code on this host, or simply to disable this server...
1.2AI Score
0.825EPSS
Infinity CGI Exploit Scanner Multiple Vulnerabilities
The remote is running Infinity Exploit Scanner, a web-based CGI vulnerability scanner implemented in perl and stored under the name 'nph-exploitscanget.cgi'. There is a flaw in this CGI that lets an attacker execute arbitrary commands on this host. In addition to this, there is a flaw in this CGI.....
0.1AI Score
Infinity CGI Exploit Scanner 3.11 - Cross-Site Scripting
Infinity CGI Exploit Scanner 3.11 - Cross-Site...
-0.2AI Score
7.4AI Score
7.4AI Score
0.3AI Score
The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation...
6.9AI Score
0.015EPSS
The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation...
6.9AI Score
0.015EPSS
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9)...
7.1AI Score
0.002EPSS
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration...
6.7AI Score
0.001EPSS
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration...
6.3AI Score
0.001EPSS
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9)...
6.7AI Score
0.002EPSS
Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration...
6.3AI Score
0.001EPSS