Lucene search
K

2769 matches found

Cvelist
Cvelist
added 2007/07/17 1:0 a.m.21 views

CVE-2007-3821

Cross-site request forgery CSRF vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors...

7AI score0.02744EPSS
Exploits1References6
NVD
NVD
added 2007/06/11 11:30 p.m.12 views

CVE-2007-2873

SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service corrupt arbitrary files via a symlink attack on a file that is used by spamd...

1.9CVSS6.3AI score0.0034EPSS
Exploits0References10
Cisco
Cisco
added 2007/02/14 11:6 p.m.23 views

Cisco PIX and ASA LOCAL Method Privilege Escalation Vulnerability

Cisco PIX 500 Series Security Appliances and Cisco ASA 5500 Series Adaptive Security Appliances ASA contain a vulnerability that could allow an authenticated, remote attacker to gain elevated privileges on the device. The vulnerability only exists on devices using LOCAL method for user...

9CVSS6.8AI score0.02561EPSS
Exploits0References1
exploitpack
exploitpack
added 2007/01/26 12:0 a.m.12 views

PHP 5.2 - FOpen Safe_mode Restriction Bypass

PHP 5.2 - FOpen Safemode Restriction Bypass source: https://www.securityfocus.com/bid/22261/info PHP is prone to a 'safemode' restriction-bypass vulnerability. Successful exploits could allow an attacker to write files in unauthorized locations; other attacks may also be possible. This...

0.7AI score
Exploits0
NVD
NVD
added 2007/01/09 2:28 a.m.13 views

CVE-2007-0123

Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote attackers to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations...

6.8CVSS7.2AI score0.01203EPSS
Exploits0References3
Prion
Prion
added 2007/01/09 2:28 a.m.17 views

Unrestricted file upload

Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote attackers to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations...

6.8CVSS7.6AI score0.01203EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/01/09 2:0 a.m.50 views

CVE-2007-0123

Technical details for CVE-2007-0123 are not publicly available in the provided connected documents. Monitor for updates from vendors and CVE databases.

6.8CVSS7.2AI score0.01203EPSS
Exploits0References3Affected Software1
Exploit DB
Exploit DB
added 2006/12/08 12:0 a.m.36 views

PHP 5.2 - Session.Save_Path() 'Safe_mode' / 'open_basedir' Restriction Bypass

source: https://www.securityfocus.com/bid/21508/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This vulnerability would be an issue in...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/11/22 12:0 a.m.26 views

Debian DSA-1217-1 : linux-ftpd - programming error

Paul Szabo discovered that the netkit ftp server switches the user id too late, which may lead to the bypass of access restrictions when running on NFS. This update also adds return value checks to setuid calls, which may fail in some PAM configurations. %NASLMINLEVEL 70300 C Tenable Network...

4.6CVSS5.4AI score0.00368EPSS
Exploits0References3
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.33 views

ColdFusion MX Remote Development Service Exploit

No description provided by source. !/usr/bin/perl RDScDump.pl By angry packet THIS IS AN UNPATCHED VULNERABILITY - THIS IS AN UNPATCHED VULNERABILITY ColdFusion 6 MX Server does several things in order to get remote dir structure so we will need to recreate these functions. This is a "almost"...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/10/20 10:28 a.m.68 views

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

7.5CVSS6AI score0.04601EPSS
Exploits3References8
NVD
NVD
added 2006/10/10 4:6 a.m.10 views

CVE-2006-5175

Cross-site request forgery CSRF vulnerability in the administrative interface for the TeraStation HD-HTGL firmware 2.05 beta 1 and earlier allows remote attackers to modify configurations or delete arbitrary data via unspecified vectors...

7.6CVSS7.1AI score0.01095EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/10/02 12:0 a.m.15 views

JVN#93484133 TeraStation HD-HTGL series cross-site request forgery vulnerability

Impact If a TeraStation HD-HTGL administrator who logged into the web administration interface views a malicous website, an attacker could possibly modify configurations or delete data on the hard disk. Solution Products Affected HD-HTGL Series firmware Ver. 2.05-beta-1 and earlier...

7.3AI score
Exploits0
OSV
OSV
added 2006/08/12 12:0 a.m.16 views

DSA-1150-1 shadow - programming error

Bulletin has no description...

7.2CVSS6.4AI score0.00341EPSS
Exploits0
Debian
Debian
added 2006/08/09 6:10 a.m.29 views

[SECURITY] [DSA 1146-1] New krb5 packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1146-1 [email protected] http://www.debian.org/security/ Martin Schulze August 9th, 2006 http://www.debian.org/security/faq -...

7.2CVSS6.6AI score0.00512EPSS
Exploits0
OSV
OSV
added 2006/07/10 12:0 a.m.13 views

DSA-1106 ppp - programming error

Bulletin has no description...

7.2CVSS6.3AI score0.00398EPSS
Exploits1
Cent OS
Cent OS
added 2006/07/08 2:51 a.m.79 views

kernel security update

CentOS Errata and Security Advisory CESA-2006:0574 Updated kernel packages that fix a privilege escalation security issue in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. Th...

4.6CVSS5.7AI score0.04387EPSS
Exploits17References8
Prion
Prion
added 2006/06/06 12:2 a.m.20 views

Code injection

Drupal 4.6.x before 4.6.8 and 4.7.x before 4.7.2, when running under certain Apache configurations such as when FileInfo overrides are disabled within .htaccess, allows remote attackers to execute arbitrary code by uploading a file with multiple extensions, a variant of CVE-2006-2743...

7.5CVSS7.7AI score0.11115EPSS
Exploits0References7Affected Software1
Drupal
Drupal
added 2006/05/24 12:0 a.m.27 views

SA-2006-006 - Drupal Core - Execution of arbitrary files in certain Apache configurations

Certain -- alas, typical -- configurations of Apache allows execution of carefully named arbitrary scripts in the files directory. Drupal now will attempt to automatically create a .htaccess file in your "files" directory to protect you. This line references SA2006006 to lead Apache administrator...

7.2AI score
Exploits0References3
Debian CVE
Debian CVE
added 2006/05/05 7:0 p.m.15 views

CVE-2006-2223

Removed by vendor...

5CVSS9.4AI score0.1128EPSS
Exploits1
Rows per page
Query Builder