Lucene search
K

849 matches found

myhack58
myhack58
added 2006/01/31 12:0 a.m.24 views

With a Winsock implementation on the website of the database data injection-vulnerability warning-the black bar safety net

In writing this article before, it is necessary to"inject"one word describes it. The difference to the usualSQL injection, where the injection actually just construct an HTTP request packet to a program instead of a WEB page is submitted, data is automatically submitted. Hey, speaking of which, I...

7.2AI score
Exploits0
CVE
CVE
added 2005/06/21 4:0 a.m.44 views

CVE-2002-1755

The CVE-2002-1755 entry concerns tinc VPN versions 1.0pre3 and 1.0pre4 that do not authenticate forwarded packets, enabling remote attackers to inject data into user sessions and potentially alter contents via CBC-related cut-and-paste. The root cause appears to be lack of authentication for forw...

5CVSS6.8AI score0.01096EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/06/21 4:0 a.m.37 views

CVE-2002-1746

Affected software: Vtun 2.5b1. The CVE describes that remote attackers can inject data into user sessions by sniffing and replaying packets, enabling data injection into sessions. The provided documents do not specify a fix or patch version. No explicit exploitation details beyond the sniffing/re...

5CVSS6.7AI score0.01069EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2005/06/21 4:0 a.m.51 views

CVE-2001-1505

The CVE-2001-1505 entry covers tinc versions 1.0pre3 and 1.0pre4, where remote attackers can inject data into user sessions by sniffing and replaying packets. Affected component: tinc (specific versions cited). Underlying issue: packet sniffing/replay enables session data modification (integrity ...

5CVSS6.7AI score0.01372EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.22 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

6.7AI score0.01069EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.19 views

CVE-2001-1505

tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

6.7AI score0.01372EPSS
Exploits0References3
CVE
CVE
added 2005/06/21 4:0 a.m.44 views

CVE-2002-1747

Vulners notes CVE-2002-1747 affects Vtun 2.5b1, where lack of authentication for forwarded packets permits remote injection into user sessions and potential control of data contents via ECB-based cut-and-paste. This is the stated root cause and impact in connected sources; no remediation or patch...

5CVSS6.8AI score0.01069EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.20 views

CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...

6.7AI score0.01096EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2005/06/21 4:0 a.m.27 views

CVE-2002-1746

Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

5CVSS6.5AI score0.01069EPSS
Exploits0
Debian CVE
Debian CVE
added 2005/06/21 4:0 a.m.27 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

5CVSS6.2AI score0.01069EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/01 12:0 a.m.21 views

Silent-Storm Portal Multiple Input Validation Vulnerabilities

The remote host is running Silent-Storm, a web-based forum management software written in PHP. There are multiple input validation flaws in the remote version of this software : - There is a cross-site scripting vulnerability involving the 'module' parameter of the 'index.php' script. - The...

7.5CVSS5.4AI score0.06765EPSS
Exploits2References3
securityvulns
securityvulns
added 2004/09/06 12:0 a.m.39 views

OpenCA Security Advisory: Cross Site Scripting vulnerability

OpenCA Security Advisory: Cross Site Scripting vulnerability Authors Martin Bartosch [email protected] Michael Bell [email protected] 2004-09-01 Initial revision 2004-09-06 Public release Summary ------- The OpenCA Project is a collaborative effort to develop a robust, full-feature...

4.3CVSS0.4AI score0.01177EPSS
Exploits0
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.21 views

CVE-2002-1256

The SMB signing capability in the Server Message Block SMB protocol in Microsoft Windows 2000 and Windows XP allows attackers to disable the digital signing settings in an SMB session to force the data to be sent unsigned, then inject data into the session without detection, e.g. by modifying gro...

6.1AI score0.05385EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.14 views

Ximian Evolution < 1.2.3 UUEncoding Overflow DoS / Data Injection

Binary data 1307.prm...

5CVSS7.3AI score0.16522EPSS
Exploits3References3
OSV
OSV
added 2002/12/31 5:0 a.m.7 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

7AI score
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.5 views

CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...

7AI score0.01096EPSS
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.6 views

CVE-2002-1746

Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

7AI score
Exploits0References2
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1746

Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packets...

5CVSS6.7AI score0.01069EPSS
Exploits0References2
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1747

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB...

5CVSS6.7AI score0.01069EPSS
Exploits0References2
OSV
OSV
added 2002/12/31 5:0 a.m.2 views

DEBIAN-CVE-2002-1755

tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC...

5CVSS7AI score0.01096EPSS
Exploits0References1
Rows per page
Query Builder