Lucene search
K

173 matches found

0day.today
0day.today
added 2009/10/29 12:0 a.m.23 views

Mura CMS <= 5.1 xss

Exploit for unknown platform in category web applications =================== Mura CMS = 5.1 xss =================== Objective: Mura CMS = 5.1 Type: Disclosure of ways Threat: Medium Date Discovered: 22.09.2009 Date of notification Developer: 22.09.2009 Released corrections: Author: Vladimir...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2007/06/26 11:0 p.m.24 views

CVE-2007-3423

cgi-bin/cgi-lib/instantmessage.pl in web-app.org WebAPP before 0.9.9.7 uses the From field of an instant message as the beginning of the .dat file name when the 1 imview2 or 2 imview3 function reads a an internal IM, or a message from a b guest or c removed member, which has unknown impact and...

6.7AI score0.01126EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/12/21 7:0 p.m.16 views

CVE-2006-6682

Pedro Lineu Orso chetcpasswd 2.3.3 provides a different error message when a request with a valid username fails, compared to a request with an invalid username, which allows remote attackers to determine valid usernames on the system...

6.7AI score0.01881EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2006/07/29 12:16 a.m.42 views

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. The Mozilla Foundation...

9.3CVSS5.7AI score0.78359EPSS
Exploits12References3
securityvulns
securityvulns
added 2006/02/24 12:0 a.m.31 views

[SA18975] POPFile Email Message Handling Denial of Service

TITLE: POPFile Email Message Handling Denial of Service SECUNIA ADVISORY ID: SA18975 VERIFY ADVISORY: http://secunia.com/advisories/18975/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: POPFile 0.x http://secunia.com/product/8275/ DESCRIPTION: A vulnerability has been reported i...

0.6AI score
Exploits0
UbuntuCve
UbuntuCve
added 2005/05/11 4:0 a.m.26 views

CVE-2005-1262

Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service application crash via a malformed MSN message...

5CVSS6AI score0.01898EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.20 views

CVE-2004-1574

Buffer overflow in Vypress Messenger 3.5.1 and earlier allows remote attackers to execute arbitrary code via a message with a long first field...

7.9AI score0.04598EPSS
Exploits1References7
FreeBSD
FreeBSD
added 2005/01/28 12:0 a.m.31 views

squid -- buffer overflow in WCCP recvfrom() call

According to the Squid Proxy Cache Security Update Advisory SQUID-2005:3, The WCCP recvfrom call accepts more data than will fit in the allocated buffer. An attacker may send a larger-than-normal WCCP message to Squid and overflow this buffer. Severity: The bug is important because it allows remo...

7.5CVSS6.5AI score0.22152EPSS
Exploits0References3
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-2505

Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service memory consumption and crash by sending repeated GET or POST requests that trigger error messages that use long strings of data...

5CVSS6.7AI score0.03201EPSS
Exploits1References3
Exploit DB
Exploit DB
added 2004/12/09 12:0 a.m.28 views

F-Secure Policy Manager 5.11 - &#039;FSMSH.dll&#039; CGI Application Installation Full Path Disclosure

source: https://www.securityfocus.com/bid/11869/info F-Secure Policy Manager includes a CGI application named 'fsmsh.dll'. By supplying unexpected input as an argument to the 'fsmsh.dll' application the vulnerable software will return an error message that includes the installation path of the...

7.4AI score
Exploits0
NVD
NVD
added 2004/10/14 4:0 a.m.18 views

CVE-2004-1700

Cross-site scripting XSS vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message...

4.3CVSS5.8AI score0.01256EPSS
Exploits1References3
NVD
NVD
added 2004/10/13 4:0 a.m.16 views

CVE-2004-1597

RIM Blackberry 7230 running RIM Blackberry OS 3.7 SP1 allows remote attackers to cause a denial of service device reboot and possibly data corruption via a calendar message with a long Location field, which triggers a watchdog while the message is being stored...

5CVSS6.7AI score0.01997EPSS
Exploits1References8
exploitpack
exploitpack
added 2004/04/26 12:0 a.m.12 views

OpenBB 1.0.x - Private Message Disclosure

OpenBB 1.0.x - Private Message Disclosure source: https://www.securityfocus.com/bid/10217/info It has been reported that OpenBB is affected by a private message disclosure vulnerability. This issue is due to a design error that fails to validate user credentials. This issue might allow an attacke...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/01/26 12:0 a.m.18 views

IBM Net.Data 7.0/7.2 - db2www Error Message Cross-Site Scripting

source: https://www.securityfocus.com/bid/9488/info IBM Net.Data is prone to cross-site scripting attacks via error message output. This may permit a remote attack to create a link to a system hosting the software that includes embedded HTML and script code. This hostile code may be rendered in t...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/12/24 12:0 a.m.96 views

QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users

Indonesia Security Development Team Advisory QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users ===================================================================== Advisory Name: QuikStore Shopping Cart Discloses Installation Path & Files to Remote Users Release Date:...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2003/10/31 12:0 a.m.16 views

Citrix Metaframe XP - Cross-Site Scripting

Citrix Metaframe XP - Cross-Site Scripting source: https://www.securityfocus.com/bid/8939/info Citrix Metaframe XP is prone to cross-site scripting attacks when returning error messages to users. The error message is generated when invalid authentication credentials are transmitted to the log-in...

Exploits0
exploitpack
exploitpack
added 2003/10/22 12:0 a.m.9 views

Sun Management Center 3.03.5 - Error Message Information Disclosure

Sun Management Center 3.03.5 - Error Message Information Disclosure source: https://www.securityfocus.com/bid/8873/info A problem in the handling of error messages has been identified in Sun Management Center. Because of this, an attacker may be able to gain sensitive information about vulnerable...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/10/22 12:0 a.m.32 views

Sun Management Center 3.0/3.5 - Error Message Information Disclosure

source: https://www.securityfocus.com/bid/8873/info A problem in the handling of error messages has been identified in Sun Management Center. Because of this, an attacker may be able to gain sensitive information about vulnerable hosts. http://www.example.com:898/../../../../../tmp/.X11-unix...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/17 12:0 a.m.38 views

Microsoft IDS Server crossite scripting

Crossite scripting in error message...

1.2AI score
Exploits0References4Affected Software1
exploitpack
exploitpack
added 2003/04/11 12:0 a.m.11 views

12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure

12Planet Chat Server 2.5 - Error Message Installation Full Path Disclosure source: https://www.securityfocus.com/bid/7355/info When certain malformed URL requests are sent to a 12Planet Chat Server, the server's installation path may be revealed in the returned error message. This information cou...

0.4AI score
Exploits0
Rows per page
Query Builder