Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

835 matches found

OSV
OSVadded 2009/09/24 4:30 p.m.1 views

DEBIAN-CVE-2009-3369

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

8.5CVSS6.7AI score0.0443EPSS
Exploits0References1
NVD
NVDadded 2009/09/24 4:30 p.m.16 views

CVE-2009-3369

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

8.5CVSS5.9AI score0.0443EPSS
Exploits0References7
OSV
OSVadded 2009/09/24 4:30 p.m.5 views

CVE-2009-3369

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

5.8AI score
Exploits0References7
UbuntuCve
UbuntuCveadded 2009/09/24 4:30 p.m.15 views

CVE-2009-3369

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

8.5CVSS5.9AI score0.0443EPSS
Exploits0References2
Prion
Prionadded 2009/09/24 4:30 p.m.9 views

Design/Logic Flaw

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

8.5CVSS6.4AI score0.0443EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2009/09/24 4:0 p.m.18 views

CVE-2009-3369

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

5.8AI score0.0443EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2009/09/24 4:0 p.m.14 views

CVE-2009-3369

CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying ClientNameAlias to match another system, then...

8.5CVSS6AI score0.0443EPSS
Exploits0
CVE
CVEadded 2009/09/24 4:0 p.m.58 views

CVE-2009-3369

CVE-2009-3369 affects BackupPC 3.1.0 where CgiUserConfigEdit does not restrict ClientNameAlias in multi-user setups using SSH keys and Rsync, allowing remote authenticated users to read/write sensitive files by aliasing to another system during backup/restore. The issue is due to insufficient res...

8.5CVSS5.8AI score0.0443EPSS
Exploits0References7Affected Software1
RedHat Linux
RedHat Linuxadded 2009/09/02 8:0 a.m.67 views

Moderate: Red Hat Security Advisory: mysql security and bug fix update

Updated mysql packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of...

8.5CVSS6.5AI score0.07267EPSS
Exploits6References16
seebug.org
seebug.orgadded 2009/07/31 12:0 a.m.9 views

Microsoft Windows XP (win32k.sys) Local Privilege Escalation Exploit

No description provided by source. //////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | Microsoft Corporation - http://www.microsoft.com/ | // // | | // // | Affecte...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2009/06/16 12:0 a.m.25 views

Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service

!/usr/bin/perl Title: Carom3D 5.06 Unicode Buffer Overrun/Denial Of Service Vulnerability Summary: Carom 3D is an online multi-user billiard game created with special 3D graphic effects bringing every aspect such as 6 ball, 9 ball, 8 ball and other Billiard games to life. Product Web Page:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2009/04/23 12:0 a.m.12 views

FreeBSD : GNU libtool insecure temporary file handling (cacaffbc-5e64-11d8-80e3-0020ed76ef5a)

libtool attempts to create a temporary directory in which to write scratch files needed during processing. A malicious user may create a symlink and then manipulate the directory so as to write to files to which she normally has no permissions. This has been reported as a symlink vulnerability'',...

5.5AI score
Exploits0References3
securityvulns
securityvulnsadded 2009/03/12 12:0 a.m.43 views

[ISecAuditors Security Advisories] WordPress MU HTTP Header XSS Vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2009-004 - Original release date: December 3rd, 2008 - Last revised: March 10th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.3/10 CVSS scored ============================================= I. VULNERABILITY...

6.6AI score
Exploits0
OpenVAS
OpenVASadded 2009/02/27 12:0 a.m.34 views

CentOS Update for mysql CESA-2007:1155 centos4 x86_64

Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2007:1155 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

7.1CVSS9.2AI score0.17725EPSS
Exploits2References2
OpenVAS
OpenVASadded 2009/02/27 12:0 a.m.30 views

Fedora Update for mysql FEDORA-2007-4471

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2007-4471 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

7.1CVSS9.3AI score0.17725EPSS
Exploits4References2
OpenVAS
OpenVASadded 2009/02/27 12:0 a.m.32 views

Fedora Update for mysql FEDORA-2007-4465

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2007-4465 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

7.1CVSS9.3AI score0.17725EPSS
Exploits4References2
NVD
NVDadded 2008/05/28 3:32 p.m.13 views

CVE-2008-2480

PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the pagesdir parameter...

10CVSS7.5AI score0.04412EPSS
Exploits1References5
Cvelist
Cvelistadded 2008/05/28 3:0 p.m.22 views

CVE-2008-2480

PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the pagesdir parameter...

7.5AI score0.04412EPSS
Exploits1References5
CVE
CVEadded 2008/05/28 3:0 p.m.33 views

CVE-2008-2480

The data shows CVE-2008-2480 affects the plusPHP Short URL Multi-User Script 1.6, specifically the file plus.php. The vulnerability is a PHP remote file inclusion triggered through a URL in the _pages_dir parameter, allowing an attacker to execute arbitrary PHP code on the affected system. The co...

10CVSS7.5AI score0.04412EPSS
Exploits1References5Affected Software1
Packet Storm
Packet Stormadded 2008/05/27 12:0 a.m.22 views

plusphp-rfi.txt

Author: DR.TOXIC / [email protected] Title: plusPHP Multi-User Short URL and Statistics plus.php RFI Vulnerability Script Download: http://www.hotscripts.com/jump.php?listingid=80293&jumptype=1 Vulnerability Code: plus.php "include $pagesdir.'config.php';" Example;...

7.4AI score
Exploits0
Rows per page
Query Builder