Lucene search
K

777 matches found

Cvelist
Cvelist
added 2007/10/23 5:0 p.m.22 views

CVE-2007-5631

Multiple PHP remote file inclusion vulnerabilities in PeopleAggregator 1.2pre6, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the currentblockmodulepath parameter to 1 AudiosMediaGalleryModule/AudiosMediaGalleryModule.php, 2...

7.6AI score0.39416EPSS
Exploits1References12
myhack58
myhack58
added 2007/06/10 12:0 a.m.15 views

New ideas, make the time to black out Action Network-vulnerability warning-the black bar safety net

Today in detection of a site to guess the background of the time Suddenly came inspiration, is the program guess the background of the function used to guess the database This method theoretically can achieve The practice is also able to achieve, and I immediately also carried out in practice Use...

6.7AI score
Exploits0
Ubuntu
Ubuntu
added 2007/03/13 1:33 a.m.68 views

USN-436-1: KTorrent vulnerabilities

Bryan Burns of Juniper Networks discovered that KTorrent did not correctly validate the destination file paths nor the HAVE statements sent by torrent peers. A malicious remote peer could send specially crafted messages to overwrite files or execute arbitrary code with user privileges...

7.5CVSS5.9AI score0.02483EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2007/02/24 2:41 a.m.5 views

security flaw

Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocked popup...

4.3CVSS7.2AI score0.0167EPSS
Exploits1References4
securityvulns
securityvulns
added 2007/01/28 12:0 a.m.48 views

local Calendar System v1.1 (lcStdLib.inc) Remote File Include

+------------------------------------------------------------------------------------------- local Calendar System v1.1 lcStdLib.inc Remote File Include TrZiNDaN [email protected] Turkey -------------------------------------------------------------------------------------------- download :...

2.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.2 views

CVE-2006-6248

index.php in GPhotos 1.5 allows remote attackers to obtain sensitive information via an invalid rep parameter, which reveals the full path in an error message...

7.8CVSS5.5AI score0.01426EPSS
Exploits0References5
exploitpack
exploitpack
added 2006/12/01 12:0 a.m.22 views

BlazeVideo HDTV Player 2.1 - .PLF Local Buffer Overflow

BlazeVideo HDTV Player 2.1 - .PLF Local Buffer Overflow / ======================================================================== 0-day BlazeVideo HDTV Player 30 days of Media Player Exploits by Greg Linares Discovered and Reported By: Greg Linares [email protected] Reported Exploit Date:...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2006/12/01 12:0 a.m.31 views

AtomixMP3 <= 2.3 Malformed M3U Buffer Overflow Exploit

No description provided by source. / ======================================================================== 0-day AtomixMP3 = v2.3 Malformed M3U Buffer Overflow PoC ======================================================================== AtomixMP3 Player/Mixer fails to properly handle large fil...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/09/25 1:7 a.m.29 views

CVE-2006-4976

The Date Library in John Lim ADOdb Library for PHP allows remote attackers to obtain sensitive information via a direct request for 1 server.php, 2 adodb-errorpear.inc.php, 3 adodb-iterator.inc.php, 4 adodb-pear.inc.php, 5 adodb-perf.inc.php, 6 adodb-xmlschema.inc.php, and 7 adodb.inc.php; files ...

5CVSS5.9AI score0.01403EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/03/30 12:0 a.m.47 views

Full path disclosure in Webcalendar 1.1.0-CVS

Full path disclosure in webcalendar Author : Rusydi Hasan M a.k.a : cR45H3R Location : Indonesia, Cilacap Date : March,28th 2006 Version : 1.1.0-CVS --- software description WebCalendar is a PHP application used to maintain a calendar for one or more persons and for a variety of purposes. ---...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.18 views

WS FTP Server DoS Vulnerability (Nov 2005)

WSFTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.6AI score0.07502EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/05/24 12:0 a.m.4 views

PT-2005-2673 · Postnuke · Postnuke

Name of the Vulnerable Software and Affected Versions: PostNuke versions 0.750 through 0.760RC3 Description: The issue allows remote attackers to obtain sensitive information via direct requests to various files, including theme.php and Xanthia.php in the Xanthia module, multiple files in the...

5CVSS6.2AI score0.01125EPSS
Exploits0References2
OSV
OSV
added 2005/05/20 4:0 a.m.8 views

CVE-2005-1688

Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in 1 wp-content/themes/, 2 wp-includes/, or 3 wp-admin/, which reveal the path in an error message...

5AI score
Exploits0References1
Cvelist
Cvelist
added 2003/11/05 5:0 a.m.19 views

CVE-2003-0621

The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument...

6.7AI score0.06926EPSS
Exploits1References4
Exploit DB
Exploit DB
added 2003/09/25 12:0 a.m.22 views

SBox 1.0.4 - Full Path Disclosure

source: https://www.securityfocus.com/bid/8705/info sbox has been reported prone to a path disclosure vulnerability. The issue has been reported to present itself when a HTTP request is made for a CGI resource that does not exist. sbox will reportedly return an error message that contains path...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/06 12:0 a.m.23 views

E-theni - Remote File Inclusion Command Execution

source: https://www.securityfocus.com/bid/6970/info E-theni may allow inclusion of malicious remote files. This is due to remote users being able to influence the include path of an external file 'paralangue.php' referenced by the 'afflistelangue.php' script. This could result in arbitrary comman...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/05/10 12:0 a.m.47 views

Очередной способ получить путь к файлам через FrontPage Server

Запросив у shtml.exe из каталога vtibin несуществующий файл можно получить путь к этому файлу...

0.4AI score
Exploits0References1
Rows per page
Query Builder