Lucene search
K

3920 matches found

securityvulns
securityvulns
added 2004/03/04 12:0 a.m.48 views

Spider Sales shopping cart software multiple security vulnerabilities

S-Quadra Advisory 2004-03-03 Topic: Spider Sales shopping cart software multiple security vulnerabilities Severity: High Vendor URL: http://www.spidersales.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040303.txt Release date: 03 Mar 2004 1. DESCRIPTION "Spider Sales is a powerful...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/03 12:0 a.m.29 views

SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/9799/info Multiple vulnerabilities have been identified in the application that may allow an attacker to obtain the private cryptographic key and gain access to sensitive information. The application is also reported prone to an SQL injection vulnerabilit...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/02/20 12:0 a.m.52 views

PunkBuster SQL Injection Attack

Timberlake Advisory 200402181e-03. Program: http://pbdb.sourceforge.net/ PunkBuster screenshot management system. Simplifying the task of capturing and cataloguing screenshots. It sticks to the roof like a gecko. It supports screenshot retrieval and cataloguing to a website - which includes searc...

8.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2004/01/26 7:2 p.m.24 views

Moderate: Red Hat Security Advisory: slocate security update

Updated slocate packages are now available that fix vulnerabilities allowing a local user to gain "slocate" group privileges. Slocate is a security-enhanced version of locate, designed to find files on a system via a central database. Patrik Hornik discovered a vulnerability in Slocate versions u...

7.2CVSS6AI score0.01091EPSS
Exploits0References3
exploitpack
exploitpack
added 2003/12/16 12:0 a.m.41 views

Aardvark Topsites 4.1.0 - Multiple Vulnerabilities

Aardvark Topsites 4.1.0 - Multiple Vulnerabilities Aardvark Topsites Multiple Vulnerabilities Vendor: Aardvark Industries Product: Aardvark Topsites Version: = 4.1.0 Website: http://www.aardvarkind.com/ BID: 9231 Description: Aardvark Topsites is a popular free PHP topsites script. See URL for...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2003/07/22 12:0 a.m.24 views

MySQL AB ODBC Driver 3.51 - Plain Text Password

MySQL AB ODBC Driver 3.51 - Plain Text Password source: https://www.securityfocus.com/bid/8245/info A vulnerability has been reported in the MySQL AB ODBC Open Data Base Connectivity driver implementation. The MySQL ODBC driver reportedly stores plain text credentials used to connect to the...

7.4AI score
Exploits0
Debian
Debian
added 2003/06/29 1:47 a.m.12 views

[SECURITY] [DSA-335-1] New mantis packages fix insecure file permissions

-------------------------------------------------------------------------- Debian Security Advisory DSA 335-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 28th, 2003 http://www.debian.org/security/faq -...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2003/06/24 12:0 a.m.105 views

TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0

TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0 contributed by: rushjo ============================================================================ Tripbit Security Advisory TA-2003-06 Denial of Service Attack against Armida Databased Web Server v1.0...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2003/05/15 12:0 a.m.33 views

More and More SQL injection on PHP-Nuke 6.5.

/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 011 |-----------------------------------------------------------------------------| | | PHP-Nuke SQL injection | -----------------------------------------------------------------------------/ |...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/05/13 12:0 a.m.36 views

Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!)

/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 010 |-----------------------------------------------------------------------------| | | PHP-Nuke SQL injection | -----------------------------------------------------------------------------/ |...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/17 12:0 a.m.21 views

Web Wiz Forum 6.34 - Information Disclosure

Web Wiz Forum 6.34 - Information Disclosure source: https://www.securityfocus.com/bid/7380/info Web Wiz Forum has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Forum...

7.2AI score
Exploits0
NVD
NVD
added 2003/04/11 4:0 a.m.15 views

CVE-2002-1421

SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via 1 report.php, 2 selmsg.php, and 3 showposts.php...

7.5CVSS7.8AI score0.02129EPSS
Exploits1References4
NVD
NVD
added 2003/04/02 5:0 a.m.12 views

CVE-2002-1499

Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via 1 the authornumber parameter in author.asp, 2 the discussblurbid parameter in discuss.asp, 3 the name parameter in holdcomment.asp, and 4 the email parameter in...

7.5CVSS7.8AI score0.02479EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2003/03/24 12:0 a.m.39 views

Adcycle build.cgi Remote Password Disclosure

The CGI 'build.cgi' is installed. This CGI has a well known security flaw that lets an attacker obtain the password of the remote AdCycle database or delete databases. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS5.5AI score0.01387EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/03/22 12:0 a.m.24 views

phpESP (php Easy Survey Package)

Product : phpESP php Easy Survey Package Version : 1.11 WebSite : http://acm.jhu.edu Problem : Access in dbase Description: ------------ In admin directory exist file phpEST.ini if we look this file we can see database dbpassword, dblogin, dbhost, dbname and other private info. phpESP.ini...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.19 views

CVE-2002-1421

SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorized database operations via 1 report.php, 2 selmsg.php, and 3 showposts.php...

7.8AI score0.02129EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2003/03/10 12:0 a.m.23 views

SimpleBBS users disclosure

The remote installation of SimpleChat allows an unauthenticated, remote attacker to retrieve its user database via a direct request to 'data/usr', which contains confidential information such as user passwords. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2003/03/03 12:0 a.m.23 views

web-erp 0.1.4 database access vulnerability

================================== Security REPORT web-erp 0.1.4 and earlier ================================== Product: web-erp 0.1.4 and earlier Vulnerabilities: full database access Vendor: Phil Daintree http://web-erp.sourceforge.net/ Vendor-Status: E-Mail to "[email protected]" date:...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2003/02/19 12:0 a.m.39 views

PHPBB2 - 'Page_Header.php' SQL Injection

source: https://www.securityfocus.com/bid/6888/info A SQL injection vulnerability has been reported in phpBB2. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries. As a result, attackers may supply malicious parameters to manipulat...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/02/19 12:0 a.m.30 views

PHP-Nuke 5.6/6.0 - Search Engine SQL Injection

source: https://www.securityfocus.com/bid/6887/info It has been reported that the search module distributed with PHPNuke is vulnerable to an SQL injection attack. PHPNuke, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries. As a result,...

7.4AI score
Exploits0
Rows per page
Query Builder