Lucene search
K

96 matches found

CVE
CVE
added 2007/10/12 11:0 p.m.40 views

CVE-2007-5429

The CVE-2007-5429 entry concerns Nucleus CMS version 3.01, where the vulnerability exists in index.php via the archive parameter. The issue is a cross-site scripting (XSS) flaw that could allow remote attackers to inject arbitrary web script or HTML. The available connected documents confirm the ...

4.3CVSS5.7AI score0.0173EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2007/04/18 10:19 a.m.28 views

CVE-2007-2101

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

10CVSS6.3AI score0.02146EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/04/18 10:0 a.m.28 views

CVE-2007-2101

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

6.3AI score0.02146EPSS
Exploits0References3
CVE
CVE
added 2007/04/02 11:0 p.m.46 views

CVE-2007-1802

CVE-2007-1802 describes a cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (per the NVD entry), potentially affecting users of the MailDwarf CGI form. The CVSS v2 base score is 6...

6.8CVSS5.7AI score0.01182EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/01/09 6:28 p.m.24 views

Remote file inclusion

PHP remote file inclusion vulnerability in bnsmrep1.php in BinGoPHP News BP News 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649...

7.5CVSS7.8AI score0.03351EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2007/01/09 6:0 p.m.116 views

CVE-2007-0145

CVE-2007-0145 concerns a PHP remote file inclusion in BinGo News (BP News) 3.01 and earlier. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a URL in the bnrep parameter, with the vulnerable entry point documented as bn_smrep1.php in the Initial description, and re...

7.5CVSS7.4AI score0.01348EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2007/01/01 12:0 a.m.17 views

QK SMTP 3.01 - RCPT TO Remote Buffer Overflow (2)

QK SMTP 3.01 - RCPT TO Remote Buffer Overflow 2 !/bin/perl https://www.securityfocus.com/bid/20681 tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal bind a remote cmd.exe on target host on 4444 port; based on expanders original exploit...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/01 12:0 a.m.34 views

QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (2)

!/bin/perl https://www.securityfocus.com/bid/20681 tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal bind a remote cmd.exe on target host on 4444 port; based on expanders original exploit credit to Greg Linares for discovered the...

7.4AI score
Exploits0
NVD
NVD
added 2006/11/28 2:7 a.m.22 views

CVE-2006-6141

Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window...

5CVSS6.9AI score0.03733EPSS
Exploits0References8
Cvelist
Cvelist
added 2006/11/28 2:0 a.m.20 views

CVE-2006-6141

Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window...

6.9AI score0.03733EPSS
Exploits0References8
seebug.org
seebug.org
added 2006/10/23 12:0 a.m.16 views

QK SMTP <= 3.01 (RCPT TO) Remote Denial of Service Exploit

No description provided by source. / ============================================================= 0-day RCPT TO DoS Exploit for QK SMTP version 3.01 and lower. ============================================================= Exploit affects a format string error in the RCPT TO command in which the...

7.1AI score
Exploits0
NVD
NVD
added 2006/09/08 9:4 p.m.38 views

CVE-2006-4648

PHP remote file inclusion vulnerability in bpncom.php in BinGo News BP News 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter...

7.5CVSS7.4AI score0.03351EPSS
Exploits1References7
CVE
CVE
added 2006/07/21 9:0 p.m.50 views

CVE-2006-3793

CVE-2006-3793 affects SiteDepth CMS 3.01 and earlier. The vulnerability is a PHP remote file inclusion in constants.php triggered by a URL in the SD_DIR parameter, enabling an attacker to execute arbitrary PHP code. The NVD listing notes a CVSS v2 base score of 5.1 (Medium) with network attack ve...

5.1CVSS7.9AI score0.04109EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.44 views

Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:012)

Multiple heap-based buffer overflows in the DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions in the DCT stream parsing code Stream.cc in xpdf 3.01 and earlier, allow user-complicit attackers to cause a denial of service heap corruption and possibly execute arbitrary code via...

10CVSS7.5AI score0.0614EPSS
Exploits5References8
ALT Linux
ALT Linux
added 2006/01/13 12:0 a.m.81 views

Security fix for the ALT Linux 5 package xpdf version 3.01-alt3

Jan. 13, 2006 Victor Forsyuk 3.01-alt3 - Security fix CVE-2005-3191. Apply both recent security patches from Fedora package...

5.1CVSS6.2AI score0.04082EPSS
Exploits0
OSV
OSV
added 2006/01/09 12:0 a.m.45 views

DSA-931-1 xpdf - buffer overflows

Bulletin has no description...

10CVSS8.8AI score0.0614EPSS
Exploits5
Cvelist
Cvelist
added 2006/01/06 11:0 a.m.19 views

CVE-2005-4623

upload.exe in eFileGo 3.01 allows remote attackers to cause a denial of service CPU consumption via an argument with an invalid directory name...

6.6AI score0.01697EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/01/06 11:0 a.m.20 views

CVE-2005-4622

Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... triple dot in 1 the URL on port 608 and 2 the argument to upload.exe...

7.4AI score0.04434EPSS
Exploits1References5
CVE
CVE
added 2006/01/06 11:0 a.m.49 views

CVE-2005-4622

The CVE-2005-4622 entry describes a directory traversal vulnerability in eFileGo 3.01. The risk stems from an input handling flaw that allows an attacker to traverse directories and execute arbitrary code, read arbitrary files, and upload arbitrary files via a crafted request (notably in the URL ...

7.5CVSS7.8AI score0.04434EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2006/01/06 11:0 a.m.44 views

CVE-2005-4623

CVE-2005-4623 affects eFileGo 3.01 where upload.exe can be driven to a denial of service (CPU consumption) by supplying an invalid directory name. The vulnerability is described across multiple sources as enabling remote DoS via a crafted argument. No explicit exploitation details, affected versi...

5CVSS7AI score0.01697EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder