Lucene search
+L

7783 matches found

CVE
CVE
added 2005/11/21 11:0 a.m.43 views

CVE-2005-3697

CVE-2005-3697 affects Uresk Links 2.0 Lite. A vulnerability in the administration interface allows remote attackers to bypass authentication via unspecified vectors in index.php. The NVD entry lists CVSS v2 base score 7.5 (network, low complexity, no auth required; partial impact on confidentiali...

7.5CVSS7.3AI score0.01407EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2005/11/21 11:0 a.m.24 views

CVE-2005-3697

Unspecified vulnerability in the administration interface in Uresk Links 2.0 Lite allows remote attackers to bypass authentication via unspecified vectors in index.php...

6.9AI score0.01407EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.38 views

Comersus BackOffice Lite Administrative Bypass

Comersus ASP shopping cart is a set of ASP scripts creating an online shoppingcart. It works on a database of your own choosing, default is msaccess, and includes online administration tools. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced...

7.5CVSS6.8AI score0.01635EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/08/30 12:0 a.m.31 views

Woltlab Burning Board modcp.php Multiple Parameter SQL Injection

The remote version of Burning Board / Burning Board Lite is prone to SQL injection attacks due to its failure to sanitize user-supplied input to the 'x' and 'y' parameters of the 'modcp.php' script before using it in database queries. Provided an attacker has moderator privileges, these flaws may...

7.5CVSS5.7AI score0.0105EPSS
Exploits1References2
exploitpack
exploitpack
added 2005/08/08 12:0 a.m.17 views

PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection

PHP Lite Calendar Express 2.2 - auth.php?cid SQL Injection source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/08 12:0 a.m.36 views

PHP Lite Calendar Express 2.2 - 'auth.php?cid' SQL Injection

source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the applicatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/08/08 12:0 a.m.33 views

PHP Lite Calendar Express 2.2 - 'Subscribe.php?cid' SQL Injection

source: https://www.securityfocus.com/bid/14504/info Calendar Express is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the applicatio...

7.4AI score
Exploits0
CVE
CVE
added 2005/08/05 4:0 a.m.45 views

CVE-2002-2115

Technical details (affected product, component, version, root cause, impact, or fix) are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.

4.3CVSS6.1AI score0.01164EPSS
Exploits0References3Affected Software2
CVE
CVE
added 2005/07/17 4:0 a.m.52 views

CVE-2004-2229

Technical details about CVE-2004-2229 are not available in the provided documents. The records show a generic description of multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server with remote privilege gain, but no concrete specifics are provided. Monitor for updates.

4.6CVSS6.7AI score0.01254EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2005/07/10 4:0 a.m.57 views

CVE-2004-2195

Zanfi CMS Lite 1.1 is affected by a PHP remote file inclusion in index.php via the inc parameter, leading to arbitrary PHP code execution. The issue is a file inclusion vulnerability in Zanfi CMS Lite’s index.php that allows an attacker to have the remote script include and run attacker-controlle...

5CVSS7.6AI score0.01725EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2005/07/10 4:0 a.m.55 views

CVE-2004-2196

Affected product: Zanfi CMS lite 1.1. The vulnerability is a path disclosure issue where remote attackers can obtain the full path of the web server by directly requesting pages (1) adm_pages.php, (2) corr_pages.php, (3) del_block.php, (4) del_page.php, (5) footer.php, (6) home.php, and others. R...

5CVSS7.1AI score0.02313EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2005/07/10 4:0 a.m.23 views

CVE-2004-2196

Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to 1 admpages.php, 2 corrpages.php, 3 delblock.php, 4 delpage.php, 5 footer.php, 6 home.php, and others...

6.7AI score0.02313EPSS
Exploits1References11
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.17 views

CVE-2002-1742

SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a non-existent function in a script using a SOAP::Lite module, which causes the AUTOLOAD subroutine to trigger...

6.8AI score0.01613EPSS
Exploits0References8
CVE
CVE
added 2005/06/21 4:0 a.m.45 views

CVE-2002-1742

CVE-2002-1742 affects SOAP::Lite 0.50–0.52. Remote attackers can exploit a non-existent function in a SOAP::Lite script to trigger AUTOLOAD and load arbitrary Perl functions. Affected: SOAP::Lite 0.50–0.52. Impact: as described in sources, potentially enabling arbitrary function execution; extern...

5CVSS7.2AI score0.01613EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2005/05/16 4:0 a.m.37 views

CVE-2005-1608

The CVE-2005-1608 entry concerns the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke. Multiple unspecified vulnerabilities affect the Blocks component, with exposure described as potentially allowing a remote attacker to gain unauthorized access to the remote host. Affected produc...

5CVSS6.9AI score0.01273EPSS
Exploits0References6Affected Software2
NVD
NVD
added 2005/05/16 4:0 a.m.12 views

CVE-2005-1608

Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown impact...

5CVSS6.8AI score0.01273EPSS
Exploits0References6
Cvelist
Cvelist
added 2005/05/16 4:0 a.m.22 views

CVE-2005-1617

Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information...

6.6AI score0.00318EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/05/16 4:0 a.m.25 views

CVE-2005-1608

Multiple unknown vulnerabilities in the Blocks module in Spidean AutoTheme 1.7 and AT-Lite for PostNuke have unknown impact...

6.8AI score0.01273EPSS
Exploits0References6
CVE
CVE
added 2005/05/16 4:0 a.m.49 views

CVE-2005-1617

The CVE-2005-1617 entry concerns Willings WebCam and WebCam Lite up to version 2.8, where passwords are stored in memory in plaintext. This is the underlying vulnerability: a local-access risk that could allow a user with access to the host to read the password from memory. The available document...

2.1CVSS7AI score0.00318EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2005/05/16 4:0 a.m.12 views

CVE-2005-1617

Willings WebCam and WebCam Lite 2.8 and earlier stores the password in memory in plaintext, which allows local users to gain sensitive information...

2.1CVSS6.6AI score0.00318EPSS
Exploits0References1
Rows per page
Query Builder