Lucene search
K

5909 matches found

CERT
CERT
added 2006/01/27 12:0 a.m.48 views

Oracle PL/SQL Gateway fails to properly validate HTTP requests

Overview The Oracle PL/SQL Gateway fails to properly validate HTTP requests. This may allow a remote attacker to execute SQL commands on an Oracle database. Description Oracle uses the Oracle PL/SQL Gateway to access Oracle databases over HTTP. A lack of validation in the Oracle PL/SQL Gateway ma...

7.5CVSS9.4AI score0.05715EPSS
Exploits0References9
Cvelist
Cvelist
added 2006/01/18 2:0 a.m.21 views

CVE-2006-0248

Virata-EmWeb web server 610, as used in 1 Intracom JetSpeed 500 and 520 and 2 Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such as user lists and configuration settings, via direct HTTP requests...

6.7AI score0.01392EPSS
Exploits0References4
NVD
NVD
added 2006/01/18 1:51 a.m.14 views

CVE-2006-0248

Virata-EmWeb web server 610, as used in 1 Intracom JetSpeed 500 and 520 and 2 Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such as user lists and configuration settings, via direct HTTP requests...

5CVSS6.7AI score0.01392EPSS
Exploits0References4
Prion
Prion
added 2006/01/18 1:51 a.m.15 views

Design/Logic Flaw

Virata-EmWeb web server 610, as used in 1 Intracom JetSpeed 500 and 520 and 2 Allied Data Technologies CopperJet 811 RouterPlus, allows remote attackers to access privileged information, such as user lists and configuration settings, via direct HTTP requests...

5CVSS7.2AI score0.01392EPSS
Exploits0References4Affected Software1
Saint
Saint
added 2005/12/22 12:0 a.m.40 views

MySQL MaxDB WebTools special character buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0684 BID: 13368 OSVDB: 15816 Background MaxDB is a SAP-certified open-source database developed by MySQL. The WebTools component offers a set of database tools which are accessible from a web browser. The wahttp program listens on port 9999 and processes HTTP...

10CVSS7AI score0.68504EPSS
Exploits7
CVE
CVE
added 2005/11/21 11:0 a.m.49 views

CVE-2004-2547

NetWin SurgeMail (before 2.0c) and NetWin WebMail expose sensitive information through HTTP error handling. Requests to the root ("/"), to "/scripts/", or to a non-existent file can cause error messages that reveal the server path. This vulnerability is described as an information disclosure affe...

2.6CVSS6.6AI score0.03094EPSS
Exploits1References7Affected Software2
Cvelist
Cvelist
added 2005/11/16 9:17 p.m.30 views

CVE-2002-2152

The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected...

7.1AI score0.02444EPSS
Exploits0References3
CVE
CVE
added 2005/11/16 9:17 p.m.54 views

CVE-2002-2152

The CVE-2002-2152 entry concerns the Czech edition of Software602’s Web Server prior to 2002.0.02.0916. Affected component: web server software; vulnerability: remote attackers can gain administrator privileges by directly requesting /admin/, which is not password protected. Underlying cause: lac...

10CVSS7.5AI score0.02444EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2005/11/03 2:2 a.m.23 views

CVE-2005-3475

Hasbani Web Server WindWeb 2.0 allows remote attackers to cause a denial of service infinite loop via HTTP crafted GET requests...

5CVSS6.6AI score0.08279EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.22 views

Generic HTTP SQLi (Web Application) - Active Check

This script attempts to use SQL injection SQLi techniques on CGI / web application scripts. SPDX-FileCopyrightText: 2002 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

8.3AI score
Exploits0References3
Cvelist
Cvelist
added 2005/10/20 4:0 a.m.20 views

CVE-2005-3182

Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as 1 Host and 2 Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could me...

7.9AI score0.03995EPSS
Exploits0References8
Cvelist
Cvelist
added 2005/10/13 4:0 a.m.30 views

CVE-2005-3190

Buffer overflow in Computer Associates CA iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests...

8AI score0.65615EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.41 views

RHEL 4 : cups (RHSA-2005:772)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2005:772 advisory. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating systems. A bug was found in the way CUPS processes malform...

5CVSS5.5AI score0.02969EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2005/10/05 12:0 a.m.32 views

Fedora Core 3 : cups-1.1.22-0.rc1.8.7 (2005-908)

A bug was found in the way CUPS processes malformed HTTP requests. It is possible for a remote user capable of connecting to the CUPS daemon to issue a malformed HTTP GET request which will cause CUPS to enter an infinite loop. This is CVE-2005-2874. Note that Tenable Network Security has extract...

5CVSS5.4AI score0.02969EPSS
Exploits1References2
Symantec
Symantec
added 2005/10/04 8:0 a.m.27 views

Symantec Antivirus Scan Engine: Web Service Administrative Interface Buffer Overflow

SUMMARY The remote exploitation of a buffer overflow vulnerability in the web-based Administrative Interface of the Symantec AntiVirus Scan Engine product could potentially allow remote attackers to execute arbitrary code on a targeted system Risk Impact HIGH Remote Access | Yes ---|--- Local...

10CVSS0.7AI score0.13436EPSS
Exploits0Affected Software1
securityvulns
securityvulns
added 2005/10/01 12:0 a.m.34 views

[SA16975] sblim-sfcb Multiple Requests Denial of Service Vulnerability

TITLE: sblim-sfcb Multiple Requests Denial of Service Vulnerability SECUNIA ADVISORY ID: SA16975 VERIFY ADVISORY: http://secunia.com/advisories/16975/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: sblim-sfcb 0.x http://secunia.com/product/5777/ DESCRIPTION: A vulnerability has...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2005/10/01 12:0 a.m.24 views

sblim-sfcb DoS

Resource exhaustion on large number of HTTP requests with oversized headers...

0.8AI score
Exploits0References1Affected Software1
NVD
NVD
added 2005/09/23 7:3 p.m.24 views

CVE-2005-2703

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smuggling and HTTP request splitting...

5CVSS6.5AI score0.01789EPSS
Exploits0References31
Tenable Nessus
Tenable Nessus
added 2005/09/12 12:0 a.m.14 views

punBB < 1.2.7 Multiple SQL Injection Vulnerabilities

Binary data 3220.prm...

4.3CVSS7.3AI score0.02429EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2005/08/30 12:0 a.m.134 views

Savant Web Server 3.1 - Remote Buffer Overflow (2)

!/usr/local/bin/perl Savant Buffer Overflow Exploit ---------------------------------- Infam0us Gr0up - Securiti Research Tested on Windows2000 SP4 Win NT Info: infamous.2hell.com Vendor URL: http://savant.sourceforge.net $ARGC=@ARGV; if $ARGC !=3 print "\nUsage: $0 remote IP Port\n"; print...

7AI score
Exploits0
Rows per page
Query Builder