346 matches found
CVE-2011-0453
F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port...
Authentication flaw
F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port...
Zen Cart v1.3.9f Multiple Remote Vulnerabilities
Exploit for php platform in category web applications ================================================ Zen Cart v1.3.9f Multiple Remote Vulnerabilities ================================================ Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f...
zen cart 1.3.9f - Multiple Vulnerabilities
Zen Cart v1.3.9f Multiple Remote Vulnerabilities Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for numerous...
CVE-2007-1848
CVE-2007-1848 describes a cross-site scripting (XSS) flaw in Drake CMS where the admin/classes/ui.dta.php script fails to properly sanitize the desc[][title] input, allowing remote attackers to inject arbitrary web-script or HTML. The issue is associated with Drake CMS’s beta release; the vendor ...
SOL7147 - Execution of UNIX shell commands from the URL in the Admin UI
A URL that is accessible from the Device Management Maintenance Troubleshooting Tools page can be modified to inject UNIX shell commands, which are then executed with user-level privileges. Only FirePass Administrators with permission to access this URL can perform this action. Standard FirePass...