Lucene search
K

869 matches found

Tenable Nessus
Tenable Nessus
added 2003/02/12 12:0 a.m.3409 views

Web Server info.php / phpinfo.php Detection

Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo' for debugging purposes. Various PHP applications may also include such a file. By accessing such a file, a remote attacker can discover a large amount of information about the remote web...

5.6AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.17 views

CVE-2002-1810

D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information...

7.5CVSS7.6AI score0.01748EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/11/19 12:0 a.m.24 views

Linksys router vulnerability

SUMMARY: Linksys products running affected firmware versions are susceptible to a bug that allows unauthenticated access to the management interface. This bug affects both local and remote management if enabled. AFFECTED PRODUCTS per Linksys support: BEFSR41, BEFSR11, BEFSRU31: firmware versions...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2002/04/09 12:0 a.m.34 views

multiple CGIscript.net scripts - Remote Code Execution

multiple CGIscript.net scripts - Remote Code Execution --------------------------------------------------------------------- Name : multiple CGIscript.net scripts - Remote Code Execution Date : April 8, 2002 Product : csGuestbook csLiveSupport csNewsPro csChatRBox Vuln Type : Access Validation...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2002/03/27 12:0 a.m.40 views

CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable)

CGIscript.net - csSearch.cgi - Remote Code Execution up to 17,000 sites vulnerable --------------------------------------------------------------------- Name : csSearch.cgi - Remote Code Execution Date : March 25, 2002 Product : csSearch Version : 2.3 vulnerable Vuln Type : Access Validation Erro...

0.1AI score
Exploits0
NVD
NVD
added 2001/02/28 5:0 a.m.24 views

CVE-2004-1776

Cisco IOS 12.13 and 12.13T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification DOCSIS standard...

7.5CVSS6.6AI score0.03108EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2000/12/19 12:0 a.m.26 views

rpc-everythingform.txt

Hi All, This is Yet Another Bad Perl Script. everythingform.cgi uses a hidden field 'config' to determine where to read configuration data from. --code snippit-- .. $ConfigFile = $inconfig; .. openCONFIG, "$configdir$ConfigFile" || &Error"I can't open $ConfigFile in the ReadConfig subroutine...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/13 12:0 a.m.30 views

Insecure input validation in everythingform.cgi (remote command execution)

Hi All, This is Yet Another Bad Perl Script. everythingform.cgi uses a hidden field 'config' to determine where to read configuration data from. --code snippit-- .. $ConfigFile = $inconfig; .. openCONFIG, "$configdir$ConfigFile" || &Error"I can't open $ConfigFile in the ReadConfig subroutine...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/12/05 12:0 a.m.30 views

Bypassing admin authentication in phpWebLog

Note: Although this software is still in beta stage, there are many websites using it, so i think it's a relevant issue. Author: Jason Hines Homepage: http://www.phpweblog.org | http://sourceforge.net/projects/phpweblog/ Version: 0.4.2 others? Problem: in common.inc.php, $CONF is not properly...

0.1AI score
Exploits0
Rows per page
Query Builder