Lucene search
K

1481 matches found

Prion
Prion
added 2007/02/16 1:28 a.m.16 views

Buffer overflow

Buffer overflow in swcons in IBM AIX 5.3 allows local users to gain privileges via long input data...

7.2CVSS6.8AI score0.00374EPSS
Exploits0References6Affected Software1
exploitpack
exploitpack
added 2007/01/02 12:0 a.m.13 views

AShop Deluxe 4.5 - catalogue.php Cross-Site Scripting

AShop Deluxe 4.5 - catalogue.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2007/01/02 12:0 a.m.42 views

AShop Deluxe 4.5 - 'editcatalogue.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21845/info AShop Deluxe and AShop Administration Panel are prone to multiple cross-site scripting vulnerabilities because they fail to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/11/14 12:0 a.m.18 views

Plesk 7.58.0 - get_password.php Cross-Site Scripting

Plesk 7.58.0 - getpassword.php Cross-Site Scripting source: https://www.securityfocus.com/bid/21067/info Plesk is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/10/10 12:0 a.m.24 views

Tagit2b - 'DelTagUser.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/20451/info Tagit2b is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/10/10 12:0 a.m.15 views

Tagit2b - DelTagUser.php Remote File Inclusion

Tagit2b - DelTagUser.php Remote File Inclusion source: https://www.securityfocus.com/bid/20451/info Tagit2b is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in...

Exploits0
exploitpack
exploitpack
added 2006/09/30 12:0 a.m.12 views

Yblog - funk.php Cross-Site Scripting

Yblog - funk.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execut...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2006/09/30 12:0 a.m.12 views

Yblog - uss.php Cross-Site Scripting

Yblog - uss.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/30 12:0 a.m.26 views

Yblog - 'tem.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting us...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/30 12:0 a.m.32 views

Yblog - 'uss.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20280/info Yblog is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting us...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/25 12:0 a.m.42 views

Photostore - 'details.php?gid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20172/info Photostore is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecti...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/25 12:0 a.m.27 views

DanPHPSupport 0.5 - 'index.php?page' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20203/info DanPHPSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage these issues to have arbitrary script code execute in the browser of an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/09/21 12:0 a.m.17 views

BandSite CMS 1.1 - sendemail.php Cross-Site Scripting

BandSite CMS 1.1 - sendemail.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2006/05/01 12:0 a.m.27 views

FW: ExBB <=1.1 XSS vuln.

Извиняюсь ExBB =1.9.1 XSS vuln. From: KeVRter mailto:[email protected] Sent: Monday, May 01, 2006 7:53 PM To: ' [email protected]' Subject: ExBB =1.1 XSS vuln. Cross Site Scripting При добавлении сообщения/темы/голосования осуществляется не достаточная фильтрация входных данных: Примеры...

0.7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/04/26 12:0 a.m.39 views

JVN#72225922 Apache Struts Validator allows to bypass input data validation

Impact Depending on the web application, an attacker may be able to manipulate unexpected operations by bypassing validation of input data. For example, unintended format data may be saved. Solution Products Affected Apache Struts 1.2.8 and earlier...

7.5CVSS7.4AI score0.06142EPSS
Exploits0
Prion
Prion
added 2006/03/09 1:6 p.m.25 views

Buffer overflow

Buffer overflow in the sgetstr function in shared/cube.h in Sauerbraten 20060228 and earlier, as derived from the Cube engine, allows remote attackers to execute arbitrary code via long streams of input data...

7.5CVSS8.3AI score0.08114EPSS
Exploits1References12Affected Software2
Exploit DB
Exploit DB
added 2005/12/19 12:0 a.m.18 views

Miraserver 1.0 RC4 - 'index.php?page' SQL Injection

source: https://www.securityfocus.com/bid/15960/info Miraserver is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise o...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.21 views

IPSwitch IMail SMTP Buffer Overflow

A vulnerability exists within IMail that allows remote attackers to gain SYSTEM level access to servers running IMail's SMTP daemon versions 6.06 and below. The vulnerability stems from the IMail SMTP daemon not doing proper bounds checking on various input data that gets passed to the IMail...

7.5CVSS0.4AI score0.04308EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/27 12:0 a.m.9 views

PHP-Fusion < 6.00.106 submit.php Multiple Parameter HTML Injection

Binary data 3037.prm...

5CVSS7.3AI score0.06844EPSS
Exploits1References2
exploitpack
exploitpack
added 2005/04/14 12:0 a.m.14 views

OneWorldStore - OWAddItem.asp SQL Injection

OneWorldStore - OWAddItem.asp SQL Injection source: https://www.securityfocus.com/bid/13181/info OneWorldStore is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

8.6AI score
Exploits0
Rows per page
Query Builder