Lucene search
K

2769 matches found

Tenable Nessus
Tenable Nessus
added 2008/12/08 12:0 a.m.39 views

FreeBSD : php -- multiple vulnerabilities (27d01223-c457-11dd-a721-0030843d3802)

Secunia reports : Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the 'ZipArchive::extractTo'...

7.5CVSS7.7AI score0.06847EPSS
Exploits6References8
FreeBSD
FreeBSD
added 2008/12/04 12:0 a.m.46 views

php -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the "ZipArchive::extractTo"...

7.5CVSS7.1AI score0.06847EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2008/09/29 12:0 a.m.32 views

FreeBSD : lighttpd -- multiple vulnerabilities (fb911e31-8ceb-11dd-bb29-000c6e274733)

Lighttpd seurity announcement : lighttpd 1.4.19, and possibly other versions before 1.5.0, does not decode the url before matching against rewrite and redirect patterns, which allows attackers to bypass rewrites rules. this can be a security problem in certain configurations if these rules are us...

7.5CVSS7.3AI score0.04345EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.13 views

Gentoo Security Advisory GLSA 200408-17 (rsync)

The remote host is missing updates announced in advisory GLSA 200408-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.4CVSS6.7AI score0.02317EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2008/09/08 12:0 a.m.27 views

PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' / 'open_basedir' Restriction Bypass Vulnerabilities

source: https://www.securityfocus.com/bid/31064/info PHP is prone to 'safemodeexecdir' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary code. These vulnerabilities would be an issue in shared-hosting configurations where multip...

7AI score
Exploits0
Cvelist
Cvelist
added 2008/08/27 8:0 p.m.20 views

CVE-2008-3736

Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...

7.4AI score0.00559EPSS
Exploits0References6
OSV
OSV
added 2008/08/19 12:0 a.m.25 views

DSA-1629-2 postfix - privilege escalation

Bulletin has no description...

6.2CVSS6.2AI score0.01001EPSS
Exploits6
exploitpack
exploitpack
added 2008/06/18 12:0 a.m.31 views

PHP 5.2.6 - chdir() Function http URL Argument Safe_mode Restriction Bypass

PHP 5.2.6 - chdir Function http URL Argument Safemode Restriction Bypass source: https://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized...

0.2AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

tDiary cross-site request forgery vulnerability

Overview tDiary, a weblog system from the tDiary development project, contains a cross-site request forgery CSRF vulnerability. Impact If a user loads a malicious web page, an attacker could alter or delete the diary text or alter tDiary configurations. In addition, a remote attacker could execut...

5.1CVSS7AI score0.01911EPSS
Exploits0References8
0day.today
0day.today
added 2008/05/09 12:0 a.m.20 views

txtCMS 0.3 (index.php) Local File Inclusion Exploit

Exploit for unknown platform in category web applications =================================================== txtCMS 0.3 index.php Local File Inclusion Exploit =================================================== txtCMS 0.3 index.php Local File Inclusion Exploit 0day.today 2018-03-09...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/02/15 12:0 a.m.62 views

JSPWiki Multiple Vulnerabilities

JSPWiki Multiple Vulnerabilities Vendor: Janne Jalkanen JSPWiki – http://www.jspwiki.org Application Description: From JSPWiki website - “JSPWiki is a feature-rich and extensible WikiWiki engine built around a standart J2EE components Java, servlets, JSP.” Tested versions: JSPWiki v2.4.104 JSPWik...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2008/02/15 12:0 a.m.36 views

StatCounteX 3.0 & 3.1 Admin Vulnerability

StatCounteX 3.0 & 3.1 Admin Vulnerability No need to exploit ; An attacker can follow /admin.asp link and edit the scripts configurations google dork : intitle:StatCounteX 3.1 Yцnetici SekoMirza From Turkiye !...

2.6AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/14 12:0 a.m.38 views

jspwiki-multi.txt

JSPWiki Multiple Vulnerabilities Vendor: Janne Jalkanen JSPWiki – http://www.jspwiki.org Application Description: From JSPWiki website - “JSPWiki is a feature-rich and extensible WikiWiki engine built around a standart J2EE components Java, servlets, JSP.” Tested versions: JSPWiki v2.4.104 JSPWik...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.17 views

Debian Security Advisory DSA 1150-1 (shadow)

The remote host is missing an update to shadow announced via advisory DSA 1150-1. A bug has been discovered in several packages that execute the setuid system call without checking for success when trying to drop privileges, which may fail with some PAM configurations. OpenVAS Vulnerability Test...

7.2CVSS0.9AI score0.00398EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian: Security Advisory (DSA-1150-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.8AI score0.00341EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.19 views

Debian: Security Advisory (DSA-1217-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.02039EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.32 views

Debian Security Advisory DSA 674-1 (mailman)

The remote host is missing an update to mailman announced via advisory DSA 674-1. OpenVAS Vulnerability Test $Id: deb6741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 674-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

5CVSS9.4AI score0.02856EPSS
Exploits0
securityvulns
securityvulns
added 2007/12/26 12:0 a.m.138 views

[CVE-2007-5342] Apache Tomcat's default security policy is too open

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-5342: Tomcat's default security policy is too open Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.9 to 5.5.25 Tomcat 6.0.0 to 6.0.15 Description: The JULI logging component allows web applications to provid...

6.4CVSS7.2AI score0.05156EPSS
Exploits1
Oracle linux
Oracle linux
added 2007/11/19 12:0 a.m.25 views

conga security, bug fix, and enhancement update

0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...

5CVSS6.3AI score0.01745EPSS
Exploits0
NVD
NVD
added 2007/07/17 1:30 a.m.15 views

CVE-2007-3821

Cross-site request forgery CSRF vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors...

7.5CVSS7AI score0.02744EPSS
Exploits1References6
Rows per page
Query Builder