Lucene search
+L

46 matches found

CVE
CVE
added 2017/10/02 5:0 p.m.59 views

CVE-2017-6089

PhpCollab 2.5.1 and earlier versions are affected by a SQL injection vulnerability. The issue allows remote attackers to execute arbitrary SQL commands through parameters in topics/deletetopics.php (project or id), bookmarks/deletebookmarks.php (id), and calendar/deletecalendar.php, leading to po...

9.8CVSS9.9AI score0.02953EPSS
Exploits5References2Affected Software1
exploitpack
exploitpack
added 2017/10/02 12:0 a.m.32 views

phpCollab 2.5.1 - SQL Injection

phpCollab 2.5.1 - SQL Injection CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments,...

7.5CVSS0.3AI score0.02953EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/10/02 12:0 a.m.44 views

phpCollab 2.5.1 - SQL Injection

CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments, allowing arbitrary SQL code...

9.8CVSS7AI score0.02953EPSS
Exploits5
0day.today
0day.today
added 2017/09/30 12:0 a.m.35 views

PhpCollab 2.5.1 SQL Injection Vulnerability

Exploit for php platform in category web applications CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not...

7.5CVSS9.2AI score0.02953EPSS
Exploits5
Packet Storm
Packet Storm
added 2017/09/29 12:0 a.m.38 views

PhpCollab 2.5.1 SQL Injection

CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments, allowing arbitrary SQL code...

0.3AI score0.02953EPSS
Exploits5
OSV
OSV
added 2017/06/07 5:29 p.m.6 views

CVE-2016-6089

IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926...

5.5CVSS5.8AI score0.00315EPSS
Exploits0References3
CVE
CVE
added 2017/06/07 5:0 p.m.102 views

CVE-2016-6089

CVE-2016-6089 affects IBM WebSphere MQ versions 9.0.0.1 and 9.0.2. The vulnerability arises from improper access controls, enabling a local user to write to or delete files in a directory they should not access. This is a local-privilege-impact issue; no exploit details are provided in the source...

5.5CVSS5.3AI score0.00315EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/05/11 2:1 p.m.24 views

CVE-2013-6089

CVE-2013-6089 is rejected/not used.

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.7 views

CVE-2013-6089

...

Exploits0
CVE
CVE
added 2015/11/11 11:0 a.m.64 views

CVE-2015-6089

CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...

9.3CVSS7.7AI score0.13269EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2015/11/10 12:0 a.m.120 views

MS15-112: Cumulative Security Update for Internet Explorer (3104517)

The version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3104517. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by...

9.3CVSS8.8AI score0.31029EPSS
Exploits7References26
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.16 views

Gentoo Security Advisory GLSA 201312-05

Gentoo Linux Local Security Checks GLSA 201312-05 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS5AI score0.04019EPSS
Exploits0References1
CVE
CVE
added 2014/12/18 4:0 p.m.45 views

CVE-2014-6089

CVE-2014-6089 affects IBM Security Access Manager for Mobile 8.0.x (before 8.0.1) and IBM Security Access Manager for Web 7.x (before 7.0.0 FP10) and 8.x (before 8.0.1). A remote authenticated user can upload a file to a protected area, causing a denial of service. IBM provides patches: Web 7.0.x...

4CVSS6.3AI score0.01254EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/12/06 12:0 a.m.17 views

GLSA-201312-05 : SWI-Prolog : Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201312-05 SWI-Prolog : Multiple vulnerabilities Multiple vulnerabilities have been discovered in SWI-Prolog: An error in the canoniseFileName function could cause a stack-based buffer overflow CVE-2012-6089. An error in the expand...

7.5CVSS6.7AI score0.04019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/01/15 12:0 a.m.18 views

Fedora 17 : pl-6.0.2-4.fc17 (2013-0211)

Fix two buffer overflows when expanding file name glob CVE-2012-6090 and when canonizing path CVE-2012-6089. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

7.5CVSS5.6AI score0.04019EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/01/15 12:0 a.m.10 views

Fedora Update for pl FEDORA-2013-0211

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2013/01/15 12:0 a.m.21 views

Fedora Update for pl FEDORA-2013-0225

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5AI score
Exploits0References2
CVE
CVE
added 2013/01/04 11:0 a.m.56 views

CVE-2012-6089

CVE-2012-6089 affects SWI-Prolog: multiple stack-based buffer overflows in canoniseFileName() of os/pl-os.c allow remote denial of service or possibly arbitrary code execution. Vulnerable in SWI-Prolog before 6.2.5 and in 6.3.x before 6.3.7; remediation is upgrading to the patched versions (e.g.,...

7.5CVSS7.9AI score0.04019EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2009/02/06 7:0 p.m.22 views

CVE-2008-6089

Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. dot dot in the id parameter in a download action...

6.7AI score0.03108EPSS
Exploits0References4
CVE
CVE
added 2009/02/06 7:0 p.m.47 views

CVE-2008-6089

CVE-2008-6089 describes a directory traversal in the ScriptsEz Easy Image Downloader, specifically in the download action that uses main.php. The vulnerability allows an attacker to read arbitrary files by supplying ".." in the id parameter, enabling remote access to non‑intended files. The avail...

5CVSS6.8AI score0.03108EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder