7783 matches found
CVE-2005-3697
CVE-2005-3697 affects Uresk Links 2.0 Lite. A vulnerability in the administration interface allows remote attackers to bypass authentication via unspecified vectors in index.php. The NVD entry lists CVSS v2 base score 7.5 (network, low complexity, no auth required; partial impact on confidentiali...
CVE-2005-3697
Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php...
Comersus BackOffice Lite Administrative Bypass
Comersus ASP shopping cart is a set of ASP scripts creating an online shoppingcart. It works on a database of your own choosing, default is msaccess, and includes online administration tools. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced...
Woltlab Burning Board modcp.php Multiple Parameter SQL Injection
The remote version of Burning Board / Burning Board Lite is prone to SQL injection attacks due to its failure to sanitize user-supplied input to the 'x' and 'y' parameters of the 'modcp.php' script before using it in database queries. Provided an attacker has moderator privileges, these flaws may...
PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection
PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful...
PHP Lite Calendar Express 2.2 - 'auth.php?cid' SQL Injection
source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the applicatio...
PHP Lite Calendar Express 2.2 - 'Subscribe.php?cid' SQL Injection
source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the applicatio...
CVE-2002-2115
Technical details (affected product, component, version, root cause, impact, or fix) are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.
CVE-2004-2229
Technical details about CVE-2004-2229 are not available in the provided documents. The records show a generic description of multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server with remote privilege gain, but no concrete specifics are provided. Monitor for updates.
CVE-2004-2195
Zanfi CMS Lite 1.1 is affected by a PHP remote file inclusion in index.php via the inc parameter, leading to arbitrary PHP code execution. The issue is a file inclusion vulnerability in Zanfi CMS Lite’s index.php that allows an attacker to have the remote script include and run attacker-controlle...
CVE-2004-2196
Affected product: Zanfi CMS lite 1.1. The vulnerability is a path disclosure issue where remote attackers can obtain the full path of the web server by directly requesting pages (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. R...
CVE-2004-2196
Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to 1 admpages.php, 2 corrpages.php, 3 delblock.php, 4 delpage.php, 5 footer.php, 6 home.php, and others...
CVE-2002-1742
SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger...
CVE-2002-1742
CVE-2002-1742 affects SOAP::Lite 0.50–0.52. Remote attackers can exploit a non-existent function in a SOAP::Lite script to trigger AUTOLOAD and load arbitrary Perl functions. Affected: SOAP::Lite 0.50–0.52. Impact: as described in sources, potentially enabling arbitrary function execution; extern...
CVE-2005-1608
The CVE-2005-1608 entry concerns the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke. Multiple unspecified vulnerabilities affect the Blocks component, with exposure described as potentially allowing a remote attacker to gain unauthorized access to the remote host. Affected produc...
CVE-2005-1608
Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown impact...
CVE-2005-1617
Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information...
CVE-2005-1608
Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown impact...
CVE-2005-1617
The CVE-2005-1617 entry concerns Willings WebCam and WebCam Lite up to version 2.8, where passwords are stored in memory in plaintext. This is the underlying vulnerability: a local-access risk that could allow a user with access to the host to read the password from memory. The available document...
CVE-2005-1617
Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information...