Lucene search
+L

52 matches found

CVE
CVE
added 2012/07/12 7:0 p.m.55 views

CVE-2012-3399

CVE-2012-3399 describes a remote command execution in Basilic 1.5.14 triggered by unsanitized input in diff.php via the file parameter, allowing an attacker to execute shell commands with the web server user (www-data). The root cause is input verification weaknesses in the affected function. Pub...

7.5CVSS7.8AI score0.65321EPSS
Exploits3References7Affected Software1
Circl
Circl
added 2012/07/09 12:0 a.m.21 views

CVE-2012-3399

creationtimestamp| type| source ---|---|--- 2012-07-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/19631 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/basilicdiffexec.rb 2025-02-06 03:13:40+00:00| seen|...

7.5CVSS5.7AI score0.65321EPSS
Exploits3References2
seebug.org
seebug.org
added 2010/09/25 12:0 a.m.40 views

Mozilla Firefox js_InitRandom函数不充分随机数漏洞

CVECAN ID: CVE-2010-3399,CVE-2010-3400 Firefox是一款非常流行的开源WEB浏览器。 Firefox的JavaScript实现中的jsInitRandom函数使用了当前时间或环境相关的指针作为随机数生成器的种子,攻击者可以通过暴力猜测攻击相对容易的猜测到种子值,从而执行劫持会话等各种攻击。 Mozilla Firefox 4.0 Beta1 Mozilla Firefox 3.6.x Mozilla Firefox 3.5.x 厂商补丁: Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

5.8CVSS9AI score0.01914EPSS
Exploits2
UbuntuCve
UbuntuCve
added 2010/09/15 8:0 p.m.33 views

CVE-2010-3399

The jsInitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a context pointer in conjunction with its successor pointer for seeding of a random number generator, which makes it easier for remote attackers to guess th...

5.8CVSS5.8AI score0.01914EPSS
Exploits2References1
CVE
CVE
added 2009/10/22 6:0 p.m.57 views

CVE-2009-3399

The CVE-2009-3399 entry affects BEA WebLogic Server (WebLogic Server component) in BEA Product Suite versions 7.0.6 and 8.1.5. The vulnerability is associated with the WLS Console and is exploitable over HTTP/Network with no authentication required, enabling remote attackers to impact integrity. ...

4.3CVSS6.6AI score0.02079EPSS
Exploits0References4Affected Software1
Circl
Circl
added 2008/07/25 12:0 a.m.7 views

CVE-2008-3399

creationtimestamp| type| source ---|---|--- 2008-07-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6131...

6.8CVSS5.8AI score0.01911EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2007/07/06 6:30 p.m.3 views

CVE-2007-3595

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3399. Reason: This candidate is a duplicate of CVE-2007-3399. Notes: All CVE users should reference CVE-2007-3399 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

7.5CVSS5.8AI score0.01423EPSS
Exploits1References1
Prion
Prion
added 2007/07/06 6:30 p.m.15 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3399. Reason: This candidate is a duplicate of CVE-2007-3399. Notes: All CVE users should reference CVE-2007-3399 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

6.8AI score0.01423EPSS
Exploits1
CVE
CVE
added 2007/07/06 6:0 p.m.36 views

CVE-2007-3595

CVE-2007-3595 is a duplicate of CVE-2007-3399 and has been withdrawn; the active entry to reference is CVE-2007-3399, which describes an SQL injection vulnerability in Power Phlogger (PPhlogger) 2.2.5 and earlier allowing remote execution of arbitrary SQL commands via the username parameter in lo...

6.4AI score
Exploits0
CVE
CVE
added 2006/07/06 8:0 p.m.44 views

CVE-2006-3399

Summary (CVE-2006-3399) : A cross‑site scripting (XSS) flaw in MoniWiki’s wiki.php affects releases prior to 1.1.2-20060702. An attacker can craft a URL to inject arbitrary JavaScript which is reflected back in an error message. This vulnerability is described as a variant of CVE-2004-1632. Affec...

2.6CVSS5.9AI score0.01377EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/02/01 12:0 a.m.9 views

Nmap Scanner Detection

Binary data 3399.prm...

7.3AI score
Exploits0
CVE
CVE
added 2005/11/01 11:0 a.m.59 views

CVE-2005-3399

CVE-2005-3399 relates to an interpretation error in CAT-QuickHeal 8.0 where a file type misclassification occurs due to an “MZ” magic-byte sequence (typically EXE) present in BAT/HTML/EML content. This causes the file to be treated as a safe type that could still be executed as a dangerous file o...

5CVSS6.9AI score0.0781EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder