Lucene search
K

626 matches found

Exploit DB
Exploit DB
added 2003/02/15 12:0 a.m.37 views

PHP-Board 1.0 - User Password Disclosure

source: https://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to php-board user and administrative...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/09/05 12:0 a.m.36 views

[UNIX] ADP Forum Security Vulnerabilities

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion When was the last time you checked your server's security? How about a monthly report? http://www.AutomatedScanning.com - Know that you're...

0.1AI score
Exploits0
NVD
NVD
added 2002/06/18 4:0 a.m.11 views

CVE-2002-0614

PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server...

5CVSS6.5AI score0.02421EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/01/15 12:0 a.m.44 views

PHP 4.x session spoofing

Hi, +-------------------+ | What are sessions | +-------------------+ A session ID is required to identify people. It is passed over to the browser and then is either part of the url or is stored as a cookie. With every request the browser also sends this ID over to the server which makes is...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2001/01/06 12:0 a.m.41 views

Дырка в The Bat! (обратный путь в директориях)

Если The Bat! сконфигурирован на отдельное хранение вложенных файлов, если имя файла зашифровано согласно RFC 2047 base 64 или Quoted Printable и содержит '..' то файл будет помещен в директорию более высокого уровня, что позволяет сохранить файл в любой каталог на том же диске...

0.6AI score
Exploits0References2
NVD
NVD
added 2000/07/05 4:0 a.m.16 views

CVE-2000-0575

SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS...

7.2CVSS6.8AI score0.00846EPSS
Exploits0References3
Rows per page
Query Builder