Lucene search
K

6483 matches found

Cvelist
Cvelist
added 2009/08/12 10:0 a.m.25 views

CVE-2008-6960

download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php...

6.7AI score0.06968EPSS
Exploits1References6
securityvulns
securityvulns
added 2009/07/27 12:0 a.m.103 views

DOMPDF Arbitrary File Read <= 0.5.1

================================= DOMPDF Arbitrary File Read = 0.5.1 ================================= Discovered by: Aung Khant, YGN Ethical Hacker Group, Myanmar http://yehg.net/ believe in full disclosure Advisory URL: http://yehg.net/lab/pr0js/view.php/Apache20Security20Bypass20Vul20DomPDF.pd...

0.9AI score
Exploits0
CVE
CVE
added 2009/07/21 5:0 p.m.54 views

CVE-2009-2557

The vulnerability CVE-2009-2557 affects Admin News Tools 2.5, with a directory traversal flaw in system/download.php that permits reading arbitrary files via a .. sequence in the fichier parameter. This is described across multiple sources (NVD entry for CVE-2009-2557 and OpenVAS detail for Admin...

5CVSS6.8AI score0.06785EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2009/07/09 4:0 p.m.39 views

CVE-2009-2398

CVE-2009-2398 : Affected software is PHP-Sugar 0.80, vulnerable in test/index.php. The vulnerability is a directory traversal via the t parameter using a ..// sequence, allowing a remote attacker to read arbitrary files. Connected sources corroborate the same description (NVD/NVD mirrors). No exp...

5CVSS6.8AI score0.02811EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2009/06/05 12:0 a.m.16 views

Fedora Core 11 FEDORA-2009-5769 (ocsinventory)

The remote host is missing an update to ocsinventory announced via advisory FEDORA-2009-5769. OpenVAS Vulnerability Test $Id: fcore20095769.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-5769 ocsinventory Authors: Thomas Reinke Copyright: Copyright...

5CVSS6.4AI score0.01558EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/06/03 12:0 a.m.24 views

Fedora 11 : ocsinventory-1.02.1-1.fc11 (2009-5769)

2 Security fixes - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users - SQL injection and Unauthenticated Arbitrary File Read Some Other minor bug fixes http://www.ocsinventory-ng. org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01r...

5CVSS5.7AI score0.01558EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/06/03 12:0 a.m.15 views

Fedora 9 : ocsinventory-1.02.1-1.fc9 (2009-5764)

2 Security fixes - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users - SQL injection and Unauthenticated Arbitrary File Read Some Other minor bug fixes http://www.ocsinventory-ng. org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01r...

5CVSS5.7AI score0.01558EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/06/03 12:0 a.m.20 views

Fedora 10 : ocsinventory-1.02.1-1.fc10 (2009-5773)

2 Security fixes - CVE-2009-1769 OCS Inventory NG: Authentication result varies for existent and non-existent users - SQL injection and Unauthenticated Arbitrary File Read Some Other minor bug fixes http://www.ocsinventory-ng. org/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=140&cntnt01r...

5CVSS5.7AI score0.01558EPSS
Exploits0References4
Prion
Prion
added 2009/05/12 4:30 p.m.13 views

Directory traversal

Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arbitrary files via a .. dot dot in the route parameter...

5CVSS7.1AI score0.06444EPSS
Exploits2References4Affected Software1
OpenVAS
OpenVAS
added 2009/04/06 12:0 a.m.44 views

Fedora Core 9 FEDORA-2009-3283 (moodle)

The remote host is missing an update to moodle announced via advisory FEDORA-2009-3283. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

6.4CVSS9AI score0.06237EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2009/04/03 12:0 a.m.34 views

Fedora 9 : moodle-1.9.4-6.fc9 (2009-3283)

CVE-2009-1171: The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a '$$' sequence, which causes LaTeX to include the contents of the file. Upstream bug and CVS commit:...

4.3CVSS5.6AI score0.06237EPSS
Exploits1References8
CVE
CVE
added 2009/03/30 10:0 p.m.83 views

CVE-2009-1171

The vulnerability CVE-2009-1171 affects Moodle’s TeX filter in Moodle 1.6 (before 1.6.9+), 1.7 (before 1.7.7+), 1.8 (before 1.8.9), and 1.9 (before 1.9.5). A user-assisted attacker can cause LaTeX to read and include arbitrary files by crafting a input command within a "$${...}$" sequence. This l...

4.3CVSS7.3AI score0.06237EPSS
Exploits1References14Affected Software1
UbuntuCve
UbuntuCve
added 2009/03/30 12:0 a.m.29 views

CVE-2009-1171

The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the file...

4.3CVSS5.9AI score0.06237EPSS
Exploits1References3
myhack58
myhack58
added 2009/03/15 12:0 a.m.27 views

pluck 4.6 read arbitrary files vulnerability!- Vulnerability warning-the black bar safety net

by:xhming data/modules/albums/pagesadmin/albumsgetimage.php .................................... $image = $GET'image'; if ! ereg dividing"thumb", $image if pregmatch". /A-Za-z0-9. 0,11", $image, $matches if $image != $matches0 unset$image; die"A hacking attempt has been detected. For security...

1.9AI score
Exploits0
Prion
Prion
added 2009/03/12 3:20 p.m.20 views

Directory traversal

Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the defaultlanguage parameter...

5CVSS7.1AI score0.06539EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2009/02/19 6:0 p.m.47 views

CVE-2008-6183

CVE-2008-6183 affects My PHP Indexer 1.0. The vulnerability is in index.php where the d and f parameters can be used to perform a directory traversal using .., allowing remote attackers to read arbitrary files. The CVSSv2 base score is 7.8 (HIGH) with network access and no authentication required...

7.8CVSS7.1AI score0.02845EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2009/02/14 2:0 a.m.45 views

CVE-2008-6139

CVE-2008-6139 describes a directory traversal vulnerability in WebBiscuits Modules Controller 1.1, where the download parameter in faqsupport/wce.download.php can be manipulated with .. to read arbitrary files. Supported by NVD/NIST records and multiple references; exploitation details are not de...

5CVSS6.8AI score0.02672EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2009/01/29 12:0 a.m.6 views

PT-2009-2988 · Ninja · Ninja Blog

Name of the Vulnerable Software and Affected Versions: Ninja Blog version 4.8 Description: The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the entries/index.php file when magic quotes gpc is disabled. This is achieved by using a .. dot dot i...

4.3CVSS6.8AI score0.02562EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2009/01/27 12:0 a.m.22 views

PT-2009-2954 · Tftputil · Tftputil Gui

Name of the Vulnerable Software and Affected Versions: TFTPUtil GUI versions 1.2.0 through 1.3.0 Description: A directory traversal issue allows remote attackers to read arbitrary files outside the TFTP root directory via directory traversal sequences in a GET request, such as "/../" or "/../../"...

5CVSS6.5AI score0.02675EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2008/12/30 12:0 a.m.29 views

RSS Simple News SQL Injection

!/usr/bin/perl Coded by Piker pikerdotther00tatgmaildotcom D.O.M Team piker,ka0x,an0de,xarnuz 2008 Security Researchers RSS Simple News Remote SQL Injection Exploit http://sourceforge.net/projects/rss-simple-news/ This exploit tries to read an arbitrary file. It needs magicquotesgpc=off...

0.4AI score
Exploits0
Rows per page
Query Builder