Lucene search
K

1287 matches found

Saint
Saint
added 2006/03/24 12:0 a.m.23 views

BakBone NetVault remote heap overflow

Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.6AI score0.57017EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2006/03/23 12:0 a.m.9 views

SUSE-SA:2006:017: sendmail

The remote host is missing the patch for the advisory SUSE-SA:2006:017 sendmail. The popular MTA sendmail is vulnerable to a race condition when handling signals. Under certain circumstances this bug can be exploited by an attacker to execute commands remotely. Sendmail was the default MTA in SuS...

5.7AI score
Exploits0
Cvelist
Cvelist
added 2006/03/22 2:0 a.m.18 views

CVE-2006-1353

Multiple SQL injection vulnerabilities in ASPPortal 3.1.1 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the downloadid parameter in downloadclick.asp and 2 contentID parameter in news/NewsItem.asp; authenticated administrators can also conduct attacks via 3 userid...

8.3AI score0.0427EPSS
Exploits1References21
FreeBSD
FreeBSD
added 2006/02/13 12:0 a.m.31 views

SSH.COM SFTP server -- format string vulnerability

SSH Communications Security Corp reports a format string vulnerability in their SFTP server. This vulnerability could cause a user with SCP/SFTP access only to get permission to execute also other commands. It could also allow user A to create a special file that when accessed by user B allows us...

6.5CVSS6.6AI score0.10188EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/01/27 12:0 a.m.21 views

CVE-2006-0446

Unspecified vulnerability in WeBWorK 2.1.3 and 2.2-pre1 allows remote privileged attackers to execute arbitrary commands as the web server via unknown attack vectors...

7.5AI score0.0317EPSS
Exploits0References5
OSV
OSV
added 2006/01/25 2:3 a.m.5 views

CVE-2006-0410

SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings...

8.1AI score
Exploits0References19
exploitpack
exploitpack
added 2006/01/24 12:0 a.m.15 views

creLoaded 6.15 - HTMLAREA Automated Perl

creLoaded 6.15 - HTMLAREA Automated Perl !/usr/bin/perl creLoaded Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. Can specify: User-defined PHP script or one provided in this script suits most...

Exploits0
0day.today
0day.today
added 2006/01/24 12:0 a.m.185 views

creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit

Exploit for unknown platform in category web applications =================================================== creLoaded Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. Can specify: User-defined...

7.1AI score
Exploits0
Saint
Saint
added 2006/01/24 12:0 a.m.71 views

Trend Micro ServerProtect Management Console isaNVWRequest.dll chunked POST buffer overflow

Added: 01/24/2006 CVE: CVE-2005-1929 BID: 15865 OSVDB: 21771 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in ServerProtect Management Console could allow a remote attacker to execute commands using a chunked POST request to isaNVWRequest.dll. Resolution Use t...

7.5CVSS7.3AI score0.04944EPSS
Exploits4
Exploit DB
Exploit DB
added 2006/01/03 12:0 a.m.19 views

EFileGo 3.0 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/16124/info eFileGo is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to retrieve arbitrary files, upload files to...

7.4AI score
Exploits0
Saint
Saint
added 2005/12/20 12:0 a.m.27 views

BrightStor ARCserve Backup agent for MS-SQL buffer overflow

Added: 12/20/2005 CVE: CVE-2005-1272 BID: 14453 OSVDB: 18501 Background BrightStor ARCserve Backup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in the backup agent for Microsoft SQL Server allows remote attackers to execute arbitrary commands. Resolution App...

7.5CVSS7.9AI score0.66121EPSS
Exploits8
Cvelist
Cvelist
added 2005/11/18 11:0 a.m.18 views

CVE-2005-1925

Multiple directory traversal vulnerabilities in Tikiwiki before 1.9.1 allow remote attackers to read arbitrary files and execute commands via 1 the suckurl parameter to tiki-editpage.php or 2 language parameter to tiki-userpreferences.php...

7.3AI score0.0265EPSS
Exploits0References7
CVE
CVE
added 2005/11/18 11:0 a.m.40 views

CVE-2005-1925

CVE-2005-1925 concerns multiple directory traversal vulnerabilities in TikiWiki before 1.9.1. The issues reside in tiki-editpage.php (suck_url) and tiki-user_preferences.php (language) where user-controlled input is read as file paths without proper sanitization, enabling reading arbitrary files ...

7.5CVSS7.4AI score0.0265EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2005/11/08 12:0 a.m.31 views

upload phpshell in PHPFM

upload phpshell in PHPFM discovered by rUnViRuS www.worlddefacers.net www.security-arab.com =-=-=-=-=-=-=-=-= the code shell :- --------------- pre ? passthru$GET'cmd'; ? save as cmd.php now upload in PHPFM =-=-=-= Used Shell =-=-=-= www.site.com/file upload name/files/cmd.php?cmd=command linux...

1.2AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.52 views

NT IIS 5.0 Malformed HTTP Printer Request Header Buffer Overflow Vulnerability

There is a buffer overflow in the remote IIS web server. It is possible to overflow the remote Web server and execute commands as the SYSTEM user. At attacker may make use of this vulnerability and use it to gain access to confidential data and/or escalate their privileges on the Web server. See...

10CVSS0.7AI score0.87032EPSS
Exploits10References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.71 views

Microsoft SQL Server (MSSQL) Hello Overflow Vulnerability (Q316333) - Active Check

Microsoft SQL Server MSSQL is prone to a hello overflow vulnerability. SPDX-FileCopyrightText: 2002 Dave Aitel Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.7AI score0.77712EPSS
Exploits9References3
EUVD
EUVD
added 2005/09/02 4:0 a.m.2 views

EUVD-2005-2778

Looking Glass 20040427 allows remote attackers to execute arbitrary commands via shell metacharacters in the DNS lookup query field...

7.5CVSS7.6AI score0.12193EPSS
Exploits1References6
NVD
NVD
added 2005/08/29 8:14 p.m.26 views

CVE-2005-2716

The eventpincoderequest function in the btsrv daemon btsrv.c in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name...

7.5CVSS7.5AI score0.026EPSS
Exploits1References8
Cvelist
Cvelist
added 2005/08/01 4:0 a.m.18 views

CVE-2005-2411

Cross-Site Request Forgery CSRF vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user...

6.9AI score0.01911EPSS
Exploits0References7
NVD
NVD
added 2005/08/01 4:0 a.m.14 views

CVE-2005-2411

Cross-Site Request Forgery CSRF vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user...

5.1CVSS7AI score0.01911EPSS
Exploits0References7
Rows per page
Query Builder