Lucene search
+L

100 matches found

securityvulns
securityvulns
added 2012/10/22 12:0 a.m.55 views

Multiple vulnerabilities in Template CMS

Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...

6.8CVSS0.2AI score0.02046EPSS
Exploits6
exploitpack
exploitpack
added 2012/10/04 12:0 a.m.64 views

Template CMS 2.1.1 - Multiple Vulnerabilities

Template CMS 2.1.1 - Multiple Vulnerabilities Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting...

6.8CVSS0.3AI score0.02046EPSS
Exploits6
0day.today
0day.today
added 2012/10/04 12:0 a.m.53 views

Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

Exploit for php platform in category web applications Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79,...

7.1AI score0.02046EPSS
Exploits6
Exploit DB
Exploit DB
added 2012/10/04 12:0 a.m.67 views

Template CMS 2.1.1 - Multiple Vulnerabilities

Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...

6.8CVSS6.7AI score0.02046EPSS
Exploits6
Packet Storm
Packet Storm
added 2012/10/03 12:0 a.m.49 views

Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...

6.8CVSS0.1AI score0.02046EPSS
Exploits6
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.29 views

Fedora Update for libpng10 FEDORA-2012-4902

Check for the Version of libpng10 OpenVAS Vulnerability Test Fedora Update for libpng10 FEDORA-2012-4902 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.8CVSS0.06593EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/11/03 12:0 a.m.43 views

Joomla Multiple Components SQL Injection Vulnerabilities

This host is running Joomla with multiple components and is prone to SQL injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbjoomlamultcomponentssqlinjvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ Joomla Multiple Components SQL Injection Vulnerabilities Authors: Madhuri D Copyright:...

7.5CVSS0.7AI score0.01625EPSS
Exploits8References10
CVE
CVE
added 2011/10/08 10:0 a.m.50 views

CVE-2010-4902

Joomla! extension com_clantools 1.2.3 is affected by SQL injection vulnerabilities in Joomla!, exploitable via index.php using parameters squad or showgame. Root cause: improper handling of user input in the Clantools component. Consequences: remote attackers can potentially execute arbitrary SQL...

7.5CVSS8.8AI score0.01189EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/08/13 12:0 a.m.22 views

openSUSE Security Update : libpcsclite1 (openSUSE-SU-2010:0500-1)

This update of pcsc-liste fixes two vulnerabilities : - CVE-2009-4901: local denial of service daemon crash via crafted SCARDSETATTRIB message data, a related issue to CVE-2010-0407. - CVE-2009-4902: a buffer overflow might allow local users to gain privileges via crafted SCARDCONTROL message dat...

6.8CVSS5.8AI score0.00394EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/07/14 12:0 a.m.32 views

Fedora 12 : pcsc-lite-1.5.2-5.fc12 (2010-10764)

This update fixes up incorrect checks which were introduced with CVE-2010-0407 patch, introducing a regression for certain token types. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...

6.8CVSS5.3AI score0.00394EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.30 views

Fedora 12 : pcsc-lite-1.5.2-4.fc12 (2010-10014)

An update to address a buffer overflow which could allow a local attacker to elevate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

6.8CVSS5.8AI score0.00394EPSS
Exploits0References5
CVE
CVE
added 2010/06/18 4:0 p.m.62 views

CVE-2009-4902

CVE-2009-4902 relates to a buffer overflow in the MSGFunctionDemarshall function of winscard_svc.c in the MUSCLE PCSC-Lite daemon (pcscd) up to version 1.5.4. Crafted SCARD_CONTROL message data could be improperly demarshalled, enabling a local attacker to gain privileges. The issue is linked to ...

6.8CVSS6.6AI score0.00379EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/06/11 12:0 a.m.30 views

Debian DSA-2059-1 : pcsc-lite - buffer overflow

It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

6.8CVSS5.7AI score0.00394EPSS
Exploits0References4
CVE
CVE
added 2008/11/04 12:0 a.m.40 views

CVE-2008-4902

CVE-2008-4902 is an SQL injection vulnerability in Article Publisher Pro 1.5 ’s file contact_author.php , exploitable via the userid parameter to execute arbitrary SQL commands remotely. The NVD entry lists a NETWORK attack vector with LOW complexity and no authentication, yielding Partial impact...

7.5CVSS8.4AI score0.00999EPSS
Exploits0References3Affected Software1
Circl
Circl
added 2008/10/31 12:0 a.m.6 views

CVE-2008-4902

creationtimestamp| type| source ---|---|--- 2008-10-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6917...

7.5CVSS5.8AI score0.00999EPSS
Exploits0References1
CVE
CVE
added 2007/09/17 4:0 p.m.59 views

CVE-2007-4902

CVE-2007-4902 describes an absolute path traversal in an ActiveX control within CryptoX.dll (versions ≤ 2.0) and the Ultra Crypto Component. The flaw allows remote attackers to write to arbitrary files by supplying a full pathname to the SaveToFile method, enabling overwriting of files on the aff...

6.4CVSS6.8AI score0.05615EPSS
Exploits1References5Affected Software1
Check Point Advisories
Check Point Advisories
added 2007/03/30 12:0 a.m.11 views

Symantec Veritas NetBackup bpcd.exe Command Chaining (CVE-2006-4902)

Symantec Veritas NetBackup Server is a client/server backup application solution used for performing scheduled automatic backups and on-demand backups requested by users. A remote code execution vulnerability has been reported in Symantec Veritas NetBackup.A remote attacker could exploit the...

10CVSS7.8AI score0.04235EPSS
Exploits4
Saint
Saint
added 2007/02/16 12:0 a.m.61 views

VERITAS NetBackup bpcd daemon command chaining vulnerability

Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...

10CVSS7.3AI score0.04235EPSS
Exploits4
CVE
CVE
added 2006/12/14 8:0 p.m.63 views

CVE-2006-4902

CVE-2006-4902 affects the NetBackup bpcd daemon (bpcd.exe) on Windows, where the daemon fails to properly validate chained commands, enabling a remote attacker to append malicious commands to valid ones and execute arbitrary code. Affected versions include NetBackup 5.0 up to 5.0_MP7, 5.1 up to 5...

10CVSS7.5AI score0.04235EPSS
Exploits4References8Affected Software3
Microsoft Security Update
Microsoft Security Update
added 1976/01/01 12:0 a.m.2 views

MS:58454B4A-DD6B-4902-865B-C57CE21D3B91

...

7AI score
Exploits0
Rows per page
Query Builder