Lucene search
K

793 matches found

Prion
Prion
added 2006/03/02 11:2 p.m.19 views

Code injection

Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the 1 X-Forwarded-For and 2 Client-Ip HTTP headers, which are stored in Data/flood.db.php...

7.5CVSS8.1AI score0.01709EPSS
Exploits1References6Affected Software1
myhack58
myhack58
added 2005/11/13 12:0 a.m.27 views

Buffer overflow in the principles of the vernacular of the draft-vulnerability warning-the black bar safety net

First of all,to be described herein to explain the appeal of merely vernacular. Just say some ideas, After all, I also feel trepidation. There is nothing any not understand of place,as long as you can adhere to after reading this article, It will preliminary understand the buffer overflow concept...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2005/10/11 12:0 a.m.30 views

Множественные уязвимости в SimpleViewerAdmin

+++++++++++++++++++++++++++++++++++++++++++++++ Множественные уязвимости в SimpleViewerAdmin +++++++++++++++++++++++++++++++++++++++++++++++ Затронутые продукты: SimpleViewerAdmin v1.7, возможно и более ранние версии. +++++++++++++++++++++++++++++++++++++++++++++++ Описание: SimpleViewerAdmin - э...

0.6AI score
Exploits0
NVD
NVD
added 2005/05/18 4:0 a.m.13 views

CVE-2005-1648

Gurgens GASoft Ultimate Forum 1.0 stores the db/Genid.dat database file under the web document root with insufficient access control, which allows remote attackers to obtain and decrypt usernames and passwords...

7.5CVSS6.7AI score0.01727EPSS
Exploits1References3
CVE
CVE
added 2005/05/18 4:0 a.m.47 views

CVE-2005-1647

CVE-2005-1647 affects Gurgens (GASoft) Guest Book 2.1. The vulnerability arises because db/Genid.dat is stored under the web document root with insufficient access control, allowing remote attackers to obtain and decrypt usernames and passwords. Red Hat and CVE listings corroborate this issue. Th...

7.5CVSS7.1AI score0.01708EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2005/04/12 4:0 a.m.34 views

CVE-2005-1055

CVE-2005-1055 (TowerBlog): TowerBlog 0.6 and earlier stores the login data file under the web root, enabling remote access to the file via a direct request to the _dat/login path. This exposes MD5 checksums of usernames and passwords, constituting a partial confidentiality impact. The connected r...

7.5CVSS7.2AI score0.0159EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/02/14 5:0 a.m.51 views

CVE-2005-0229

CVE-2005-0229 affects CitrusDB up to version 0.3.5, where a temporary file newfile.txt is stored under the web root and can be accessed via HTTP (e.g., /io/newfile.txt), enabling remote attackers to exfiltrate credit card data. The vulnerability arises from storing sensitive data in a web-accessi...

5CVSS6.4AI score0.07652EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2003/12/19 12:0 a.m.42 views

Множество уязвимостей в Ultimate PHP Board (UPB) Version 1.5

Множество уязвимостей в Ultimate PHP Board UPB Version 1.5 Script: Ultimate PHP Board UPB Version 1.5 Author: PHP Outburst http://www.myupb.com/ Exploit: yes В скриптах: adminmembers.php adminban.php adminbannedaddresses.php adminbanuser.php admincat.php adminconfig.php adminconfigdo.php...

7.2AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.15 views

CVE-2002-0259

InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in 1 .pwd files in the miniportal/apache directory, or 2 mplog.txt, which could allow local users to gain privileges...

6.5AI score0.00385EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/02/12 12:0 a.m.45 views

InstantServers MiniPortal Multiple Vulnerabilities

Strumpf Noir Society Advisories ! Public release ! -- -= InstantServers MiniPortal Multiple Vulnerabilities =- Release date: Saturday, February 9, 2002 Introduction: InstantServers' MiniPortal provides a complete solution for fast and easy web site hosting on a Windows PC. It features a Apache-...

0.5AI score
Exploits0
CVE
CVE
added 2000/06/02 4:0 a.m.43 views

CVE-1999-0854

CVE-1999-0854 affects Ultimate Bulletin Board. The issue arises because data files are stored in the cgi-bin directory, enabling remote viewing by an attacker when the HTTP server erroneously tries to execute such files. Documentation in PT-1999-1407 confirms affected software but does not specif...

5CVSS7.2AI score0.0132EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.23 views

linuxfs.txt

http://www.rootshell.com/ Date: Sun, 5 Jul 1998 10:12:43 +0200 From: Michal Zalewski Subject: Linux kernel filesystem oddities -----BEGIN PGP SIGNED MESSAGE----- Any amount of data, overriding quotas and kernel resource limits, can be stored in root-owned +t directory like /tmp - inside...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.21 views

topdesk.passwd.txt

Date: Mon, 15 Feb 1999 14:05:52 GMT From: dapozza To: [email protected] Subject: lame TOPdesk program encryption Hi all, I was just playing with a program called TOPdesk, it's a helpdesk program and you have the usual login for normal users and superusers. I don't know if this is a Dutch only...

7.4AI score
Exploits0
Rows per page
Query Builder