Lucene search
+L

635 matches found

CVE
CVE
added 2006/05/19 11:0 p.m.294 views

CVE-2006-2483

CVE-2006-2483 : A PHP remote file inclusion vulnerability exists in Squirrelcart 2.2.2 and earlier. The issue resides in cart_content.php where an attacker can supply a URL to the cart_isp_root parameter, allowing arbitrary PHP code execution on the affected server. This is a remote code executio...

6.4CVSS7.6AI score0.07538EPSS
Exploits1References7Affected Software1
Positive Technologies
Positive Technologies
added 2006/05/19 12:0 a.m.6 views

PT-2006-3431 · Squirrelcart · Squirrelcart

Name of the Vulnerable Software and Affected Versions: Squirrelcart versions 2.2.2 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the cart isp root parameter in the cart content.php file. Recommendations: For Squirrelcart version...

6.4CVSS7.5AI score0.07538EPSS
Exploits1References9
Prion
Prion
added 2006/05/12 12:2 a.m.17 views

Remote file inclusion

DISPUTED PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under t...

7.5CVSS7.8AI score0.04828EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2006/05/12 12:0 a.m.21 views

CVE-2006-2315

PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web ro...

7.6AI score0.04828EPSS
Exploits1References10
CVE
CVE
added 2005/12/18 10:0 p.m.41 views

CVE-2005-4346

phpBB Blog 2.2.2 and earlier: A function in blog.php causes an invalid SQL query when the permalink parameter to index.php is cleansed to empty (non-digit chars stripped), leading to a SQL syntax error that leaks the full application pathname. This is not a true SQL injection in practice, but the...

5CVSS7.5AI score0.01302EPSS
Exploits1References4Affected Software1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.25 views

INN buffer overflow

The remote host is running INN InterNetNews. The remote version of this server does not do proper bounds checking. An attacker may exploit this issue to crash the remote service by overflowing some of the buffers by sending a maliciously formatted news article. OpenVAS Vulnerability Test $Id:...

5CVSS0.1AI score0.02716EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.23 views

INN buffer overflow

The remote version of this INN InterNetNews server does not do proper bounds checking. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.9AI score0.02716EPSS
Exploits1References2
CVE
CVE
added 2005/08/23 4:0 a.m.58 views

CVE-2005-2673

CVE-2005-2673 concerns a SQL injection in the modcp.php script of Wol tlab Burning Board, affecting versions 2.2.2 and 2.3.3. The vulnerability arises from unsafely using user-supplied input in the queries for parameters (1) x and (2) y without proper sanitization, allowing remote authenticated a...

7.5CVSS8AI score0.0105EPSS
Exploits1References2Affected Software1
Debian
Debian
added 2005/04/26 3:14 p.m.29 views

[SECURITY] [DSA 714-1] New kdelibs packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 714-1 [email protected] http://www.debian.org/security/ Martin Schulze April 26th, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.05427EPSS
Exploits0
NVD
NVD
added 2004/10/23 4:0 a.m.29 views

CVE-2004-1628

Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code...

9CVSS6.9AI score0.04702EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2004/09/08 12:0 a.m.28 views

INN < 2.2.2 Crafted Article Handling Remote Overflow

The remote host is running INN InterNetNews. The remote version of this server does not do proper bounds checking. An attacker may exploit this issue to crash the remote service by overflowing some of the buffers by sending a maliciously formatted news article. C Tenable Network Security, Inc...

5CVSS5.5AI score0.02716EPSS
Exploits1References2
OSV
OSV
added 2003/01/22 12:0 a.m.34 views

DSA-235 kdegraphics - several vulnerabilities

Bulletin has no description...

7.5CVSS5.9AI score0.03671EPSS
Exploits0
CVE
CVE
added 2000/10/13 4:0 a.m.57 views

CVE-2000-0472

CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...

3.6CVSS7.8AI score0.03721EPSS
Exploits0References7Affected Software1
Exploit DB
Exploit DB
added 2000/06/12 12:0 a.m.35 views

ISC innd 2.x - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid Message-ID but the From/Sender fields diff...

7.4AI score
Exploits0
NVD
NVD
added 2000/02/06 5:0 a.m.21 views

CVE-2000-0472

Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID...

3.6CVSS7.8AI score0.03721EPSS
Exploits0References7
Rows per page
Query Builder