Lucene search
K

8591 matches found

Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.43 views

SUSE-SA:2006:024: php4,php5

The remote host is missing the patch for the advisory SUSE-SA:2006:024 php4,php5. This update fixes the following security issues in the scripting languages PHP4 and PHP5: - copy and tempnam functions could bypass openbasedir restrictions CVE-2006-1494 - Cross-Site-Scripting XSS bug in phpinfo...

6.4CVSS8.2AI score0.20514EPSS
Exploits4
Exploit DB
Exploit DB
added 2006/04/13 12:0 a.m.26 views

Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow

source: https://www.securityfocus.com/bid/17513/info Opera is prone to a buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before using it in a string-copy operation. This issue allows remote attackers to crash affected web...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2006/04/12 12:0 a.m.39 views

adv28-K-159-2006.txt

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/04/12 12:0 a.m.29 views

Clever Copy connect.inc Direct Request Information Disclosure

The remote host is running Clever Copy, a free web portal written in PHP. The version of Clever Copy installed on the remote host fails to limit access to the 'admin/connect.inc' include file, which contains information used by the application to connect to a database. An unauthenticated attacker...

5CVSS5.6AI score0.07387EPSS
Exploits1References2
NVD
NVD
added 2006/04/11 11:2 p.m.17 views

CVE-2006-1718

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc...

5CVSS6.5AI score0.07387EPSS
Exploits1References6
CVE
CVE
added 2006/04/11 11:0 p.m.46 views

CVE-2006-1718

CVE-2006-1718 affects Magus Perde Clever Copy 3.0 and earlier. The application stores database credentials under the web root and does not enforce access control for connect.inc, allowing an unauthenticated remote attacker to view the file contents via a direct HTTP request. This information disc...

5CVSS6.5AI score0.07387EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/04/11 11:0 p.m.22 views

CVE-2006-1718

Magus Perde Clever Copy 3.0 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to view the database username and password via a direct request for connect.inc...

6.5AI score0.07387EPSS
Exploits1References6
exploitpack
exploitpack
added 2006/04/11 12:0 a.m.12 views

Clever Copy 3.0 - Connect.INC Information Disclosure

Clever Copy 3.0 - Connect.INC Information Disclosure source: https://www.securityfocus.com/bid/17461/info Clever Copy is prone to an information-disclosure vulnerability. A remote attacker could leverage this issue to gain access to sensitive configuration information. The attacker could then use...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/11 12:0 a.m.27 views

Clever Copy 3.0 - 'Connect.INC' Information Disclosure

source: https://www.securityfocus.com/bid/17461/info Clever Copy is prone to an information-disclosure vulnerability. A remote attacker could leverage this issue to gain access to sensitive configuration information. The attacker could then use this information to launch further attacks against t...

7.4AI score
Exploits0
NVD
NVD
added 2006/04/10 7:2 p.m.26 views

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...

2.1CVSS6.2AI score0.01097EPSS
Exploits1References16
UbuntuCve
UbuntuCve
added 2006/04/10 7:2 p.m.32 views

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...

2.1CVSS6AI score0.01097EPSS
Exploits1References2
Cvelist
Cvelist
added 2006/04/10 7:0 p.m.26 views

CVE-2006-1608

The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI...

6.1AI score0.01097EPSS
Exploits1References16
securityvulns
securityvulns
added 2006/04/10 12:0 a.m.34 views

[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure

/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure ---------------------------------------------------------------------------...

6.9AI score
Exploits0
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.28 views

Clever Copy 2.x Multiple Vulnerabilities - Active Check

Clever Copy is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.02751EPSS
Exploits3References21
Positive Technologies
Positive Technologies
added 2006/03/22 12:0 a.m.2 views

PT-2006-1129 · Linux +2 · Netfilter +3

Name of the Vulnerable Software and Affected Versions: Linux versions prior to 2.6.16-rc3 Description: The issue is related to an integer overflow in the do replace function in netfilter for Linux. This can be exploited by local users with CAP NET ADMIN rights to cause a buffer overflow in the co...

9CVSS7.6AI score0.06797EPSS
Exploits0References263
securityvulns
securityvulns
added 2006/03/12 12:0 a.m.39 views

Copy protection scheme SafeDisc allows privilege escalation

I have a found a serious flaw in the well-known and widely deployed copy protection scheme SafeDisc. The issues arrises from the how the installation of the driver secdrv.sys is managed. When installed, the associated driver service is assigned the SECHANGECONFIG flag, which means that any user i...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2006/03/11 12:0 a.m.6 views

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow (1)

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow 1 / GNU PeerCast include include include include include include include include include struct target char name; int retaddr...

0.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/03/07 3:15 p.m.3 views

local to local copy uses shell expansion twice

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

4.6CVSS6.9AI score0.00474EPSS
Exploits1References4
NVD
NVD
added 2006/02/19 9:2 p.m.10 views

CVE-2006-0796

Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

4.3CVSS5.5AI score0.0118EPSS
Exploits0References5
Prion
Prion
added 2006/02/19 9:2 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

4.3CVSS6AI score0.0118EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder