Lucene search
K

2871 matches found

Prion
Prion
added 2007/02/16 11:28 a.m.14 views

Directory traversal

Directory traversal vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to include and execute arbitrary local files via a .. dot dot, or an absolute pathname, in the n parameter...

7.5CVSS7.6AI score0.02998EPSS
Exploits1References7Affected Software1
RedHat Linux
RedHat Linux
added 2007/02/09 4:23 p.m.2 views

security flaw

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

9.3CVSS6.1AI score0.03632EPSS
Exploits0References4
NVD
NVD
added 2007/02/08 12:28 a.m.16 views

CVE-2007-0836

admin.php in Coppermine Photo Gallery 1.4.10, and possibly earlier, allows remote authenticated users to include arbitrary local and possibly remote files via the 1 "Path to custom header include" and 2 "Path to custom footer include" form fields. NOTE: The provenance of this information is...

4CVSS6.2AI score0.01748EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/02/07 7:57 p.m.4 views

security flaw

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

9.3CVSS6.1AI score0.03632EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/02/05 12:0 a.m.34 views

Mozilla Firefox weak PRNG generator

Weak PRNG generator is used to generate temporary files names for XMLHttpRequest. It may be used to access content of local files by creating temporary HTML file with predictable name...

4.3CVSS8.9AI score0.01796EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2007/01/31 9:28 p.m.13 views

Directory traversal

Directory traversal vulnerability in zdnumer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included ...

7.5CVSS7.6AI score0.03536EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/01/31 9:0 p.m.19 views

CVE-2007-0637

Directory traversal vulnerability in zdnumer.php in Galeria Zdjec 3.0 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the galeria parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included ...

7.2AI score0.03536EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2007/01/24 12:0 a.m.4 views

security flaw

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

9.3CVSS6.1AI score0.03632EPSS
Exploits0References4
NVD
NVD
added 2007/01/19 12:28 a.m.16 views

CVE-2007-0349

Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. dot dot in the gateway parameter...

5CVSS6.6AI score0.01479EPSS
Exploits0References3
Prion
Prion
added 2007/01/19 12:28 a.m.18 views

Directory traversal

Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. dot dot in the gateway parameter...

5CVSS7.1AI score0.01479EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/01/19 12:0 a.m.29 views

CVE-2007-0349

Directory traversal vulnerability in upgrade.php in nicecoder.com INDEXU 5.x allows remote attackers to include arbitrary local files via a .. dot dot in the gateway parameter...

6.6AI score0.01479EPSS
Exploits0References3
Prion
Prion
added 2007/01/18 2:28 a.m.20 views

Directory traversal

Directory traversal vulnerability in sesskglogadmin.php in KGB 1.9 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the skinnn parameter, as demonstrated by invoking kg.php with a postek parameter containing PHP code, which is injected into a fi...

7.5CVSS7.7AI score0.03011EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2007/01/18 2:0 a.m.36 views

CVE-2007-0335

CVE-2007-0335 affects Jax Petition Book 1.0.3.06. Affected component: languagepack handling in jax_petitionbook.php and smileys.php. Root cause: directory traversal via a .. in the languagepack parameter enables inclusion of arbitrary local files. Impact: remote attackers can include and execute ...

6.8CVSS7.3AI score0.03216EPSS
Exploits0References10Affected Software1
Kaspersky
Kaspersky
added 2007/01/18 12:0 a.m.29 views

KLA10293 Multiple vulnerabilities in PentaWare

Multiple serious vulnerabilities have been found in PentaWare. Malicious users can exploit these vulnerabilities to cause denial of service or extract files to an arbitrary directory. Below is a complete list of vulnerabilities 1. Unknown vectors can be exploited remotely via a specially designed...

7.1CVSS7AI score0.01638EPSS
Exploits0References2
CERT
CERT
added 2007/01/12 12:0 a.m.34 views

Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability

Overview Web browsers running the Apple QuickTime plugin may allow remote web sites to reference content on the local filesystem. This may allow an attacker to execute script within the security context of the local machine. Description Web browser plugins that allow remote web sites to reference...

6.8CVSS5.7AI score0.05638EPSS
Exploits1References2
Prion
Prion
added 2007/01/11 12:28 a.m.17 views

Directory traversal

Directory traversal vulnerability in index.php in L2J Statistik Script 0.09 and earlier, when registerglobals is enabled and magicquotes is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter, as demonstrated by injecting PHP...

6.8CVSS7.6AI score0.02455EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2007/01/05 6:28 p.m.20 views

Directory traversal

Directory traversal vulnerability in language.php in VerliAdmin 0.3 and earlier, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang cookie, as demonstrated by injecting PHP sequences into an Apache HTTP Server log fil...

6.8CVSS7.6AI score0.02049EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/12/26 11:0 p.m.67 views

CVE-2006-6731

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

6.9AI score0.03632EPSS
Exploits0References33
Gentoo Linux
Gentoo Linux
added 2006/12/14 12:0 a.m.19 views

Links: Arbitrary Samba command execution

Background Links is a web browser running in both graphics and text modes. Description Teemu Salmela discovered that Links does not properly validate "smb://" URLs when it runs smbclient commands. Impact A remote attacker could entice a user to browse to a specially crafted "smb://" URL and execu...

7.5CVSS6.8AI score0.0805EPSS
Exploits0
CVE
CVE
added 2006/12/11 6:0 p.m.37 views

CVE-2006-6465

WikyBlog v1.3.2 and earlier exposes a directory traversal risk in WBmap.php via the l parameter. The vulnerability is described as allowing remote inclusion/execution of local files, with the note that the l parameter is validated by ctype_alpha before use, which CVE disputes. Affected software i...

6.5CVSS7.5AI score0.01343EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder