Lucene search
K

350 matches found

UbuntuCve
UbuntuCve
added 2012/02/23 5:0 a.m.26 views

CVE-2012-1054

Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k5login...

4.4CVSS5.9AI score0.00368EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2011/06/08 12:0 a.m.10 views

PT-2011-1330 · Cre Loaded · Cre Loaded

Name of the Vulnerable Software and Affected Versions: CRE Loaded versions prior to 6.3.x CRE Loaded version 6.2.14 and earlier Description: The issue allows remote attackers to bypass authentication and gain administrator privileges. This is achieved by sending a request with specific PHP files,...

7.5CVSS7AI score0.01409EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2009/09/25 12:0 a.m.4 views

PT-2009-5715 · Zenas · Zenas Paobacheca Guestbook

Name of the Vulnerable Software and Affected Versions: Zenas PaoBacheca Guestbook version 2.1 Description: The issue allows remote attackers to bypass authentication and gain administrative access. This is achieved by setting the login ok parameter to 1 when register globals is enabled...

9.8CVSS9.6AI score0.04989EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2007/09/27 12:0 a.m.6 views

PT-2007-6213 · Frontaccounting · Frontaccounting

Name of the Vulnerable Software and Affected Versions: FrontAccounting version 1.13 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the path to root parameter to specific PHP files, such as "access/login.php" and "includes/lang/language.php", when registe...

9.3CVSS7.9AI score0.03551EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2005/06/08 12:0 a.m.5 views

PT-2005-2861 · Jiro · Jiro'S Upload System

Name of the Vulnerable Software and Affected Versions: JiRo's Upload System JUS version 1 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands via the password parameter in the login.asp file. Recommendations: For JiRo's Upload System JUS version 1, avoid...

7.5CVSS8.3AI score0.01211EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2005/06/05 12:0 a.m.4 views

PT-2005-2867 · Wwweb Concepts · Wwweb Concepts Events System

Name of the Vulnerable Software and Affected Versions: WWWeb Concepts Events System version 1.0 Description: The issue allows remote attackers to execute arbitrary SQL commands via the password variable in the login.asp file. This can lead to unauthorized access and manipulation of database...

7.5CVSS8.5AI score0.01316EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2005/06/02 12:0 a.m.9 views

PT-2005-2863 · Unknown · Livingmailing

Name of the Vulnerable Software and Affected Versions: livingmailing version 1.3 Description: The issue allows remote attackers to execute arbitrary SQL commands via the password in the login.asp file. There is little public information available about the product and its vendor. Recommendations:...

7.5CVSS7.8AI score0.01198EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2005/05/25 12:0 a.m.7 views

PT-2005-2722 · Ezdwc · Ezdwc Newsletterez

Name of the Vulnerable Software and Affected Versions: ezdwc NewsletterEz version 3.0 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the password parameter in the "login.asp" file. Recommendations: For ezdwc NewsletterEz version 3.0, conside...

7.5CVSS7.9AI score0.0133EPSS
Exploits1References5
OSV
OSV
added 2004/08/16 4:0 a.m.1 views

DEBIAN-CVE-2004-1737

SQL injection vulnerability in authlogin.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username or 2 password parameters...

7.5CVSS8.8AI score0.02827EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.8 views

PT-2002-2745 · Horde · Horde Imp

Name of the Vulnerable Software and Affected Versions: Horde IMP version 2.2.7 Description: The issue allows remote attackers to obtain the full web root pathname via specific HTTP requests. This can be achieved by requesting certain files, including poppassd.php3, login.php3?reason=chpass2,...

5.3CVSS6.9AI score0.01924EPSS
Exploits0References5
Rows per page
Query Builder