Lucene search
+L

112 matches found

CVE
CVE
added 2011/12/27 2:0 a.m.67 views

CVE-2011-4166

CVE-2011-4166 corresponds to a directory traversal vulnerability in HP Managed Printing Administration (MPA) in the MPAUploader.Uploader.1.UploadFiles() function. Affected software is HP MPA before version 2.6.4. The vulnerability permits remote attackers to create arbitrary files by submitting c...

7.5CVSS6.6AI score0.61756EPSS
Exploits5References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/12/27 12:0 a.m.22 views

HP Managed Printing Administration < 2.6.4 Multiple Vulnerabilities

Binary data 6113.prm...

7.5CVSS6.8AI score0.61756EPSS
Exploits5References7
securityvulns
securityvulns
added 2011/12/26 12:0 a.m.65 views

ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-11-352 December 22, 2011 - -- CVE ID: CVE-2011-4166 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected Vendors:...

7.5CVSS0.2AI score0.61756EPSS
Exploits5
CVE
CVE
added 2011/01/18 5:0 p.m.57 views

CVE-2010-4166

CVE-2010-4166 documents multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22. The affected software is Joomla! (1.5.x series); the vulnerabilities occur in the web application logic where attacker-controlled input can influence SQL queries. Specifically, arbitrary SQL commands ca...

7.5CVSS8.6AI score0.01423EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2009/12/02 5:30 p.m.11 views

CVE-2009-4166

SQL injection vulnerability in the Trips mchtrips extension 2.0.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01001EPSS
Exploits0References2
CVE
CVE
added 2009/12/02 5:0 p.m.37 views

CVE-2009-4166

CVE-2009-4166 : The TYPO3 extension mchtrips (Trips) version 2.0.0 is affected. A SQL injection flaw allows remote attackers to execute arbitrary SQL commands via unspecified vectors. The vulnerability stems from improper handling of input in the extension, enabling unauthorized database access. ...

7.5CVSS8.4AI score0.01001EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2008/09/22 6:0 p.m.48 views

CVE-2008-4166

The CVE-2008-4166 entry describes an integer overflow in the JavaScript engine of Avant Browser, affecting version 11.7 Build 9 and earlier. The vulnerability allows a remote attacker to cause a denial of service (application crash) by URL-encoding a string containing many invalid characters. No ...

4.3CVSS6.8AI score0.02184EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2008/09/12 12:0 a.m.6 views

CVE-2008-4166

creationtimestamp| type| source ---|---|--- 2008-09-12 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32381...

4.3CVSS5.8AI score0.02184EPSS
Exploits1References1
NVD
NVD
added 2007/08/07 10:17 a.m.17 views

CVE-2007-4166

Cross-site scripting XSS vulnerability in index.php in the Unnamed theme 1.217, and Special Edition SE 1.02, before 20070804 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757, CVE-2007-4014, and CVE-2007-416...

5CVSS5.8AI score0.02075EPSS
Exploits0References5
CVE
CVE
added 2007/08/07 10:0 a.m.55 views

CVE-2007-4166

CVE-2007-4166 is described in the PRION entry as an XSS vulnerability in WordPress-related themes: index.php in the Unnamed theme 1.217 and Special Edition (SE) 1.02 (before 20070804) allows remote attackers to inject arbitrary web script via the s parameter. The root cause is unsanitized input i...

5CVSS5.8AI score0.02075EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2006/08/16 9:0 p.m.41 views

CVE-2006-4166

CVE-2006-4166 : PHP remote file inclusion in TinyWebGallery (≤1.5) allows remote attackers to execute arbitrary PHP code via a URL provided in the image parameter to (1) image.php or (2) image.php2. Root cause is unsafe handling of the image parameter enabling inclusion of remote/local code; CVSS...

7.5CVSS8AI score0.03591EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2005/12/11 9:0 p.m.35 views

CVE-2005-4166

The CVE-2005-4166 entry documents a Cross-site Scripting (XSS) vulnerability in DUWare DUportal Pro 3.4.3, exploitable via the result parameter in password.asp. The affected component is password.asp within DUportal Pro 3.4.3; the root cause is input handling allowing script/HTML injection. The p...

4.3CVSS6AI score0.01752EPSS
Exploits1References4
Rows per page
Query Builder