Lucene search
K

95 matches found

CVE
CVE
added 2009/03/04 5:0 p.m.45 views

CVE-2009-0810

The vulnerability CVE-2009-0810 affects xGuestbook 2.0, specifically the login.php component where the user parameter is used in a way that permits SQL injection. The advisory states that remote attackers can cause arbitrary SQL commands to execute, indicating a classic injection in authenticatio...

7.5CVSS8.7AI score0.00973EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2009/02/24 12:0 a.m.3 views

CVE-2009-0810

creationtimestamp| type| source ---|---|--- 2009-02-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8101...

7.5CVSS5.8AI score0.00973EPSS
Exploits1References1
CVE
CVE
added 2008/02/19 1:0 a.m.56 views

CVE-2008-0810

CVE-2008-0810 describes an SQL injection in Joomla!/Mambo's com_scheduling module, exploitable via the id parameter to allow remote execution of SQL commands. The vulnerability targets the web application layer and can impact confidentiality, integrity, and availability by enabling attacker-contr...

7.5CVSS8.4AI score0.00961EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2007/02/07 11:0 a.m.21 views

CVE-2007-0810

PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibraries parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog...

7.5AI score0.02441EPSS
Exploits0References4
CVE
CVE
added 2007/02/07 11:0 a.m.57 views

CVE-2007-0810

CVE-2007-0810 describes a PHP remote file inclusion in GeekLog 2 and earlier via glConf[path_libraries] in MVCnPHP/BaseView.php, allowing remote execution of PHP code by supplying a URL. The vulnerability’s root cause is a file inclusion flaw that can process an attacker-supplied URL, with impact...

7.5CVSS7.5AI score0.02441EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2006/02/21 2:0 a.m.52 views

CVE-2006-0810

Skate Board 0.9 is affected by CVE-2006-0810 via a PHP code injection vulnerability in config.php. Remote authenticated administrators can modify variables in config.php, potentially enabling arbitrary PHP code execution. This is described as a vulnerability in Skate Board 0.9 related to config.p...

3.5CVSS6.7AI score0.01083EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2005/03/20 5:0 a.m.49 views

CVE-2005-0810

CVE-2005-0810: NotifyLink contains SQL injection vulnerabilities affecting NotifyLink Server (pre-3.0). Unauthenticated remote attackers can append SQL via various URLs to view/modify the NotifyLink SQL database; impact includes unauthorized user creation, password changes, and data exposure. The...

7.5CVSS8.4AI score0.01512EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2004/11/24 5:0 a.m.42 views

CVE-2004-0810

The CVE-2004-0810 entry concerns Timbuktu by Netopia (server component) version 7.0.3. A remote buffer overflow can be triggered by sending a crafted data string to multiple concurrent connections on TCP port 407, causing the Timbuktu server process to crash (DoS). The issue arises because the se...

5CVSS6.9AI score0.01967EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2003/04/02 5:0 a.m.52 views

CVE-2002-0810

Bugzilla 2.14 before 2.14.2 and 2.16 before 2.16rc2 contains an information leakage vulnerability in the syncshadowdb command. Error messages are written to HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails. Affected versions should be updat...

5CVSS6.5AI score0.01196EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2002/08/12 4:0 a.m.17 views

CVE-2002-0810

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails...

5CVSS6.4AI score0.01196EPSS
Exploits0References7
CVE
CVE
added 2001/01/22 5:0 a.m.50 views

CVE-2000-0810

Auction Weaver (LITE) versions 1.0–1.04 suffer a form-field name validation flaw that allows remote attackers to delete arbitrary files and directories via a dot-dot path traversal. The underlying issue is improper validation of input names, enabling remote exploitation without authentication. Im...

7.5CVSS6.8AI score0.01612EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.22 views

CVE-2000-0810

Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. dot dot attack...

6.8AI score0.01612EPSS
Exploits1References3
NVD
NVD
added 2000/12/19 5:0 a.m.16 views

CVE-2000-0810

Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. dot dot attack...

7.5CVSS6.8AI score0.01612EPSS
Exploits1References3
CVE
CVE
added 2000/01/04 5:0 a.m.57 views

CVE-1999-0810

Concrete details exist: CVE-1999-0810 affects Samba with DoS in the NETBIOS name service daemon (nmbd). OpenVAS data references Samba

10CVSS6.6AI score0.0213EPSS
Exploits0References1Affected Software1
NVD
NVD
added 1999/07/21 4:0 a.m.25 views

CVE-1999-0810

Denial of service in Samba NETBIOS name service daemon nmbd...

10CVSS6.6AI score0.0213EPSS
Exploits0References1
Rows per page
Query Builder