Lucene search
+L

3939 matches found

FreeBSD
FreeBSD
added 2006/05/03 12:0 a.m.17 views

awstats -- arbitrary command execution vulnerability

OS Reviews reports: If the update of the stats via web front-end is allowed, a remote attacker can execute arbitrary code on the server using a specially crafted request involving the migrate parameter. Input starting with a pipe character "|" leads to an insecure call to Perl's open function and...

2.7AI score
Exploits0References3
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.31 views

CMSimple 'index.php?search' XSS Vulnerability - Active Check

CMSimple is prone to cross-site scripting XSS attacks due to its failure to sanitize user-supplied input to the search field. SPDX-FileCopyrightText: 2006 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

4.3CVSS5.8AI score0.01406EPSS
Exploits0References4
Saint
Saint
added 2006/03/24 12:0 a.m.23 views

BakBone NetVault remote heap overflow

Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.6AI score0.57017EPSS
Exploits8
Saint
Saint
added 2006/03/24 12:0 a.m.50 views

BakBone NetVault remote heap overflow

Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.6AI score0.57017EPSS
Exploits8
NVD
NVD
added 2006/03/16 1:2 a.m.18 views

CVE-2006-1182

Adobe Graphics Server 2.0 and 2.1 formerly AlterCast and Adobe Document Server ADS 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the 1 saveContent...

2.6CVSS6.7AI score0.0075EPSS
Exploits0References10
exploitpack
exploitpack
added 2005/11/16 12:0 a.m.45 views

Microsoft Windows Server 2000 - UPNP getdevicelist Memory Leak Denial of Service

Microsoft Windows Server 2000 - UPNP getdevicelist Memory Leak Denial of Service / Author: Winny Thomas Nevis Labs, Pune, INDIA Details: While working on the exploit for MS05-047 i came across a condition where a specially crafted request to upnpgetdevicelist would cause services.exe to consume...

Exploits0
Tenable Nessus
Tenable Nessus
added 2005/11/14 12:0 a.m.20 views

TikiWiki < 1.8.6 / 1.9.1 Multiple Vulnerabilities

The remote host is running TikiWiki, an open source wiki application written in PHP. The version of TikiWiki installed on the remote host fails to sanitize input to the 'language' parameter of the 'tiki-userpreferences.php' script before using it in a PHP 'include' function. An authenticated...

7.5CVSS6.2AI score0.0265EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/07/27 12:0 a.m.45 views

Allegro Software RomPager 2.10 Malformed Authentication Request DoS

The remote host is running Allegro Software RomPager version 2.10, according to its banner. This version is vulnerable to a denial of service attack that can be exploited by sending a specifically crafted request to crash the affected system. Sarju Bhagat GPLv2 include"compat.inc"; ifdescription...

7.5CVSS5.5AI score0.0712EPSS
Exploits3References2
Debian CVE
Debian CVE
added 2005/07/19 4:0 a.m.27 views

CVE-2004-2283

Removed by vendor...

5CVSS7AI score0.01435EPSS
Exploits0
securityvulns
securityvulns
added 2005/06/27 12:0 a.m.40 views

[EXPL] TCP-IP Datalook DoS Vulnerability &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/07 12:0 a.m.12 views

RaidenHTTPd < 1.1.31 Crafted Request Remote File Access

Binary data 2594.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.14 views

LocalWeb2000 2.10 Crafted Request File Disclosure

Binary data 1508.prm...

7.5CVSS7.3AI score0.08052EPSS
Exploits2References2
exploitpack
exploitpack
added 2004/08/04 12:0 a.m.11 views

PHP-Nuke 0-7 - Delete God Admin Access Control Bypass

PHP-Nuke 0-7 - Delete God Admin Access Control Bypass source: https://www.securityfocus.com/bid/10861/info PHP-Nuke is reported prone to an access control bypass vulnerability. Reports indicate that a PHP-Nuke superuser may bypass access controls and privilege restrictions, to delete the PHP-Nuke...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/08/04 12:0 a.m.17 views

PHP-Nuke 0-7 - Delete God Admin Access Control Bypass

source: https://www.securityfocus.com/bid/10861/info PHP-Nuke is reported prone to an access control bypass vulnerability. Reports indicate that a PHP-Nuke superuser may bypass access controls and privilege restrictions, to delete the PHP-Nuke "God Admin" account. This may be accomplished by maki...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/05/25 12:0 a.m.26 views

IBM Lotus Domino Server Crafted .nsf Request Traversal Arbitrary File Access

Using a specially crafted request URL containing '.nsf/..', the installed version of Lotus Domino on the remote host can be abused to reveal the contents of arbitrary files on the server. Copyright C 2000 - 2009 Net-Square Solutions Pvt Ltd. By: Hemil Shah Desc: This script will check for the...

5CVSS5.7AI score0.09336EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2003/04/07 12:0 a.m.20 views

Vignette StoryServer 4.1 - Sensitive Stack Memory Information Disclosure

source: https://www.securityfocus.com/bid/7296/info It has been reported that Vignette StoryServer, under some circumstances may reveal stack memory content. If a specially crafted request is made for a page that accepts user-supplied data an error state may be triggered. If the attack is...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/05/26 12:0 a.m.28 views

Omnicron OmniHTTPd 2.0.4-8 - File Source Disclosure

source: https://www.securityfocus.com/bid/2788/info Submitting a specially crafted GET request for a known file .php, .pl, or .shtml, could cause OmniHTTPD to disclose the source code of the requested resource. The GET requested would have to be appended with the Unicode equivalent of a space...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/01/03 12:0 a.m.28 views

Roxen Web Server Counter Module Crafted Request Saturation DoS

Roxen Challenger WebServer is running with the counter module installed. Requesting large counter GIFs can lead to CPU exhaustion. If the server does not support threads, this will prevent the server from serving other clients. %NASLMINLEVEL 70300 Copyright 2000 by Hendrik Scholz Changes by...

5.5AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.8 views

Security Update For Exchange Server 2016 CU15 (KB4540123)

A cross-site-scripting XSS vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server...

2.8AI score
Exploits0
Rows per page
Query Builder