Lucene search
K

91 matches found

CVE
CVE
added 2008/05/14 5:0 p.m.35 views

CVE-2008-2197

CVE-2008-2197 is a SQL injection in the Miniweb blogwriter module 2.0. The vulnerability exposes index.php via the historymonth parameter, enabling remote attackers to execute arbitrary SQL. The NVD record lists a CVSS v2 base score of 7.5 (HIGH) with network access, no authentication, and partia...

7.5CVSS8.4AI score0.00981EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/05/14 5:0 p.m.21 views

CVE-2008-2197

SQL injection vulnerability in the blogwriter module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter to index.php...

8.4AI score0.00981EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.20 views

openSUSE 10 Security Update : wv2 (wv2-1687)

The wv2 library was updated to fix some boundary checks which could be exploited by maliciously crafted files to access memory outside bounds and possibly execute arbitrary code. CVE-2006-2197 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

6.5CVSS5.8AI score0.02571EPSS
Exploits0References1
CVE
CVE
added 2007/04/24 5:0 p.m.60 views

CVE-2007-2197

The CVE-2007-2197 entry describes a race condition in the NeatUpload ASP.NET component (versions 1.2.11–1.2.16, 1.1.18–1.1.23, trunk.379–trunk.445). The vulnerability allows remote attackers to obtain other clients’ HTTP responses by issuing multiple simultaneous requests, triggering multiple Flu...

5CVSS6.8AI score0.01218EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2006/06/15 10:0 a.m.67 views

CVE-2006-2197

CVE-2006-2197 concerns the wv2 library (used for accessing Microsoft Word documents). A boundary/size check issue leads to an integer overflow when processing Word files, enabling context-dependent attackers to execute arbitrary code. Multiple advisories (Ubuntu USN-300-1, Debian DSA-1100, Gentoo...

6.5CVSS7.2AI score0.02571EPSS
Exploits0References16Affected Software1
Debian
Debian
added 2006/06/15 5:46 a.m.27 views

[SECURITY] [DSA 1100-1] New wv2 packages fix integer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 1100-1 [email protected] http://www.debian.org/security/ Martin Schulze June 15th, 2006 http://www.debian.org/security/faq -...

6.5CVSS5.7AI score0.02571EPSS
Exploits0
CVE
CVE
added 2005/11/16 9:17 p.m.53 views

CVE-2002-2197

CVE-2002-2197 affects Sun Solaris 8.0. A local user can trigger a kernel panic by running a program that uses /dev/poll, causing a NULL pointer dereference in the kernel. The provided connected documents confirm the vulnerable component and the root cause (NULL pointer dereference via /dev/poll),...

7.2CVSS6.5AI score0.00383EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2005/07/11 4:0 a.m.41 views

CVE-2005-2197

The CVE-2005-2197 entry refers to a SQL injection vulnerability in sql.cls.php of Id Board 1.1.3, exploitable remotely by manipulating the f parameter to index.php. The underlying issue is improper handling of SQL queries, allowing attackers to modify query logic. According to the NVD entry, the ...

7.5CVSS8AI score0.0133EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2005/07/11 4:0 a.m.16 views

CVE-2005-2197

SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows remote attackers to modify SQL queries, as demonstrated using the f parameter to index.php...

7.6AI score0.0133EPSS
Exploits1References4
CVE
CVE
added 2005/07/10 4:0 a.m.44 views

CVE-2004-2197

CVE-2004-2197 affects kdocker up to version 0.8. The binary kdocker.cpp fails to properly check file ownership, enabling local users to run arbitrary programs via ownership trust bypass. Affected component: kdocker.cpp in kdocker 0.1–0.8. Root cause: insufficient ownership verification. Impact: l...

7.2CVSS7.4AI score0.00346EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2002/12/31 5:0 a.m.21 views

CVE-2002-2197

Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service kernel panic via a program that uses /dev/poll, triggering a NULL pointer dereference...

7.2CVSS6.2AI score0.00383EPSS
Exploits0References3
Rows per page
Query Builder