Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1680 matches found

exploitpack
exploitpackadded 2003/03/19 12:0 a.m.12 views

WFChat 1.0 - Information Disclosure

WFChat 1.0 - Information Disclosure source: https://www.securityfocus.com/bid/7147/info An information disclosure vulnerability has been reported for WFChat. The vulnerability will result in the disclosure of authentication information to a remote attacker. Information obtained in this manner may...

7.2AI score
Exploits0
exploitpack
exploitpackadded 2003/03/15 12:0 a.m.23 views

Samba 2.2.x - CIFS9000 Server A.01.x Packet Assembling Buffer Overflow

Samba 2.2.x - CIFS9000 Server A.01.x Packet Assembling Buffer Overflow / source: https://www.securityfocus.com/bid/7106/info Samba is prone to a buffer-overflow vulnerability when the ' ' service tries to reassemble specially crafted SMB/CIFS packets. An attacker can exploit this vulnerability by...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2003/03/13 12:0 a.m.259 views

Microsoft IIS fpcount.exe CGI Remote Overflow

Nessus detected the 'fpcount.exe' CGI on the remote web server. Some versions of this CGI have a remote buffer overflow vulnerability. A remote attacker could exploit it to crash the web server, or possibly execute arbitrary code. Nessus did not actually check for this flaw, but solely relied on...

10CVSS6.2AI score0.23962EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2003/03/11 12:0 a.m.35 views

Man Program 1.5 - Unsafe Return Value Command Execution

source: https://www.securityfocus.com/bid/7066/info It has been reported that the man program does not properly handle some types of input. When a man page is processed that could pose a potential security risk, the program reacts in a way that may open a window of opportunity for an attacker to...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2003/01/09 12:0 a.m.13 views

FormMail-Clone - Cross-Site Scripting

FormMail-Clone - Cross-Site Scripting source: https://www.securityfocus.com/bid/6570/info FormMail-clone is allegedly prone to cross-site scripting attacks. The FormMail-clone script does not sufficiently sanitize HTML tags and script code. As a result, a remote attacker may construct a malicious...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2003/01/06 12:0 a.m.25 views

DCP-Portal 5.0.1 - 'lib.php?Root' Remote File Inclusion

source: https://www.securityfocus.com/bid/6525/info DCP-Portal is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2003/01/03 12:0 a.m.26 views

PEEL (PHP)

Informations : °°°°°°°°°°°°°° Version : 1.0b Website : http://www.mapetite-entreprise.com Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° modeles/haut.php : ----------------------------------------------------------- ? $langfile = $dirroot."/lang/".$SESSION"lang"."/lang.php"; requi...

7.1AI score
Exploits0
NVD
NVDadded 2002/12/31 5:0 a.m.11 views

CVE-2002-2109

Matt Wright FormMail 1.9 and earlier allows remote attackers to bypass the HTTPREFERER check and conduct unauthorized activities via 1 a blank referer, 2 a spoofed referer with a trusted domain/URL after the beginning of the referer, or 3 a spoofed referer with a trusted domain/URL in the beginni...

7.5CVSS6.7AI score0.02686EPSS
Exploits1References4
Exploit DB
Exploit DBadded 2002/12/20 12:0 a.m.18 views

SPGPartenaires 3.0.1 - 'delete.php' SQL Injection

source: https://www.securityfocus.com/bid/6455/info Several vulnerabilities have been discovered in SPGPartenaires. The vulnerabilities are due to insufficient sanitization of the 'pass' and 'SPGP' variables used to construct SQL queries in various PHP scripts. By exploiting these issues it is...

7.4AI score
Exploits0
OSV
OSVadded 2002/12/11 5:0 a.m.6 views

CVE-2002-1336

TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users...

7.3AI score
Exploits0References9
CERT
CERTadded 2002/12/09 12:0 a.m.15 views

Netscape and iPlanet Enterprise Servers fail to sanitize log files before they are displayed using the administration client

Overview IPlanet Enterprise Server and Netscape Enterprise Server versions prior to 4.1. SP12 have a vulnerability involving the rendering of tags embedded in the web logs when viewed through the administration client. Description Requests made to web servers are routinely logged by the web serve...

7.2AI score
Exploits0References2
exploitpack
exploitpackadded 2002/11/28 12:0 a.m.24 views

YaBB 1 Gold SP 1 - YaBB.pl Cross-Site Scripting

YaBB 1 Gold SP 1 - YaBB.pl Cross-Site Scripting source: https://www.securityfocus.com/bid/6272/info A cross-site scripting vulnerability has been reported in the YaBB forum. This vulnerability is due to insufficient sanitization of URI parameters in some scripts. As a result, it is possible for a...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2002/11/28 12:0 a.m.46 views

MS02-052: Flaw in Microsoft VM Could Allow Code Execution (810030)

The remote host is running a Microsoft VM machine that has a bug in its bytecode verifier that could allow a remote attacker to execute arbitrary code on this host, with the privileges of the SYSTEM. To exploit this vulnerability, an attacker would need to send a malformed applet to a user on thi...

10CVSS6AI score0.22445EPSS
Exploits0References7
exploitpack
exploitpackadded 2002/11/27 12:0 a.m.15 views

BizDesign ImageFolio 2.x3.0.1 - nph-build.cgi Cross-Site Scripting

BizDesign ImageFolio 2.x3.0.1 - nph-build.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input. The vulnerability exists in various cgi scripts included...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2002/11/26 12:0 a.m.28 views

Null HTTPd 0.5 - Remote Heap Corruption

// source: https://www.securityfocus.com/bid/6255/info A heap corruption vulnerability has been discovered in Null httpd. By passing a small content length value to the server and triggering the server to make a second recv of POST data, it is possible to overrun a buffer. An attacker may exploit...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/11/25 12:0 a.m.14 views

Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting

Working Resources BadBlue 1.7.1 - Search Page Cross-Site Scripting source: https://www.securityfocus.com/bid/6253/info The ext.dll ISAPI does not sufficiently sanitize user-supplied input when processing search queries. This may allow an attacker to create a custom URL containing script code that...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2002/11/22 12:0 a.m.28 views

vBulletin 2.0/2.2.x - 'memberlist.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/6226/info vBulletin does not filter HTML tags from URI parameters, making it prone to cross-site scripting attacks. As a result, it is possible for a remote attacker to create a malicious link containing script code which will be executed in the browser o...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/11/19 12:0 a.m.21 views

TFTPD32 2.50 - 'Filename' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/6199/info A buffer-overflow vulnerability has been reported for Tftpd32. The vulnerability is due to insufficient checks on user-supplied input. A remote attacker can exploit this vulnerability by supplying a long string as a name of the file to retrieve...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/10/28 12:0 a.m.20 views

Benjamin Lefevre Dobermann Forum 0.x - 'index.php?subpath' Remote File Inclusion

source: https://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker may exploit this by supplying a pa...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/10/18 12:0 a.m.12 views

vBulletin 2.02.2.x - Cross-Site Scripting

vBulletin 2.02.2.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/5997/info vBulletin does not filter HTML tags from URI parameters, making it prone to cross-site scripting attacks. As a result, it is possible for a remote attacker to create a malicious link containing script co...

6.8AI score
Exploits0
Rows per page
Query Builder