Lucene search
K

3605 matches found

Cvelist
Cvelist
added 2005/09/28 4:0 a.m.17 views

CVE-2005-3102

The administrative interface in Movable Type allows attackers to upload files with arbitrary extensions under the web root...

6.6AI score0.01137EPSS
Exploits0References2
NVD
NVD
added 2005/09/22 10:3 a.m.22 views

CVE-2005-3041

Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."...

5CVSS6.6AI score0.01848EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/09/22 4:0 a.m.23 views

CVE-2005-3041

Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."...

6.6AI score0.01848EPSS
Exploits0References3
CVE
CVE
added 2005/09/22 4:0 a.m.51 views

CVE-2005-3041

CVE-2005-3041 concerns Opera for Windows versions before 8.50. The issue is a drag‑and‑drop vulnerability described as an unspecified flaw that enables unintentional file uploads. The NVD entry lists a base score of 5.0 (Medium) with network attack vector, low complexity, and partial integrity im...

5CVSS6.6AI score0.01848EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/09/14 12:0 a.m.26 views

Mail-it Now! Upload2Server Predictable Filename Upload Arbitrary Code Execution

The remote host is running Mail-it Now! Upload2Server, a free, PHP feedback form script supporting file uploads. The version of Upload2Server installed on the remote host stores uploaded files insecurely. An attacker may be able to exploit this flaw to upload a file with arbitrary code and then...

6.1AI score
Exploits0References1
Packet Storm
Packet Storm
added 2005/08/07 12:0 a.m.36 views

pwpphp122.txt

PwsPHP v1.2.2 Final - Multiples vulnerabilities ----------------------------------------------- VULNERABLE PRODUCT ------------------ Forum: Pwsphp Version: 1.2.2 Final Vulnerabilities: Multiples -------------------------- / / / / / / / / / / / \ / // / /// // / // / / / / // / / .///// / .//...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/06/06 12:0 a.m.7 views

PT-2005-2838 · Yapig · Yapig

Name of the Vulnerable Software and Affected Versions: YaPiG versions 0.92b through 0.94u Description: The issue concerns the upload.php file in YaPiG, which does not properly restrict the file extension for uploaded image files. This allows remote attackers to upload arbitrary files and execute...

7.5CVSS7.4AI score0.03429EPSS
Exploits1References7
securityvulns
securityvulns
added 2005/05/10 12:0 a.m.23 views

PwsPHP v1.2.2 Final - Multiples vulnerabilities

PwsPHP v1.2.2 Final - Multiples vulnerabilities ----------------------------------------------- VULNERABLE PRODUCT ------------------ Forum: Pwsphp Version: 1.2.2 Final Vulnerabilities: Multiples -------------------------- / / / / / / / / / / / / // / /// // / // / / / / // / / .///// / .// // ./...

8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/15 12:0 a.m.23 views

paFileDB <= 3.1 Multiple Vulnerabilities (2)

The remote host is running a version of paFileDB that is prone to a wide variety of vulnerabilities, including arbitrary file uploads, local file inclusion, SQL injection, and cross-site scripting issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

7.5CVSS5.5AI score0.03628EPSS
Exploits2References9
Packet Storm
Packet Storm
added 2005/03/07 12:0 a.m.25 views

browserDisclose.txt

Multi browser sensitive information disclosure I. DESCRIPTION: Mr.upken disclosed this issue publicly on 19th Feb. 2005. Here is his advisory.language is Japanese http://xxx.upken.jp/report/ieup/ I have a few additional details to add to his original advisory. II. IMPACT: Disclosure of sensitive...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-2672

Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors...

7.5CVSS6.5AI score0.01348EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/12/19 12:0 a.m.59 views

Mandrake Linux Security Advisory : php (MDKSA-2004:151)

A number of vulnerabilities in PHP versions prior to 4.3.10 were discovered by Stefan Esser. Some of these vulnerabilities were not deemed to be severe enough to warrant CVE names, however the packages provided, with the exception of the Corporate Server 2.1 packages, include fixes for all of the...

10CVSS7.9AI score0.1616EPSS
Exploits1References8
securityvulns
securityvulns
added 2004/12/16 12:0 a.m.30 views

STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki

STG Security Advisory: SSA-20041215-15 Vulnerability of uploading files with multiple extensions in MoniWiki Revision 1.0 Date Published: 2004-12-15 KST Last Update: 2004-12-15 Disclosed by SSR Team [email protected] Summary ======== MoniWiki is a wiki web application used by many Korean...

0.6AI score
Exploits0
NVD
NVD
added 2004/10/18 4:0 a.m.16 views

CVE-2004-1612

Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. dot dot in a ProcessQueueFile request...

5CVSS6.8AI score0.03266EPSS
Exploits1References7
exploitpack
exploitpack
added 2004/09/10 12:0 a.m.13 views

GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities

GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11149/info Reportedly getSolutions getIntranet is affected by multiple remote input validation vulnerabilities. These issues are caused by a failure of the application to...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/10 12:0 a.m.28 views

GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/11149/info Reportedly getSolutions getIntranet is affected by multiple remote input validation vulnerabilities. These issues are caused by a failure of the application to properly sanitize user-supplied input. These issues may be leveraged to carry out SQ...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.11 views

PHP 3.0.x < 3.0.17 / 4.0.x < 4.0.3 Hidden Form Field File Upload

Binary data 1478.prm...

5CVSS7.3AI score0.02745EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.15 views

PHP Arbitrary File Upload

Binary data 2286.prm...

2.1CVSS7.3AI score0.00577EPSS
Exploits0References2
securityvulns
securityvulns
added 2004/05/11 12:0 a.m.32 views

McAfee ePolicy Orchestrator unauthorized access

Invalid HTTP POST request allows to upload files on server...

1.1AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2004/04/12 12:0 a.m.35 views

TikiWiki Project 1.8 - &#039;tiki-view_faq.php?faqId&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection,...

7AI score
Exploits0
Rows per page
Query Builder