Lucene search
K

1096 matches found

Cvelist
Cvelist
added 2009/02/26 4:0 p.m.27 views

CVE-2009-0622

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.2 and Cisco ACE 4710 Application Control Engine Appliance before A18a allows remote authenticated users to execute arbitrary operating-system commands through a command...

7.3AI score0.0147EPSS
Exploits1References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

QUICK CART OS command injection vulnerability

Overview QUICK CART is a shopping cart system that provides functionalities used for managing an Internet store. An OS command injection vulnerability exists in QUICK CART as it does not properly validate the user input. Impact A remote attacker could execute arbitrary operating system commands o...

7.5CVSS8.2AI score
Exploits0References2
exploitpack
exploitpack
added 2007/03/02 12:0 a.m.15 views

WordPress 2.1.1 - wp-includestheme.php?iz Arbitrary Command Execution

WordPress 2.1.1 - wp-includestheme.php?iz Arbitrary Command Execution source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2007/03/02 12:0 a.m.12 views

WordPress 2.1.1 - Arbitrary Command Execution

WordPress 2.1.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/02 12:0 a.m.21 views

WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution

source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject PHP code or execute operating system commands...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2007/03/02 12:0 a.m.48 views

WordPress Core 2.1.1 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject PHP code or execute operating system commands...

7AI score
Exploits0
NVD
NVD
added 2007/01/30 4:28 p.m.13 views

CVE-2007-0565

CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors...

7.5CVSS7AI score0.01359EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/01/30 4:0 p.m.20 views

CVE-2007-0565

CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors...

7AI score0.01359EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2006/04/13 12:0 a.m.17 views

JVN#10222000 QUICK CART OS command injection vulnerability

Impact A remote attacker could execute arbitrary operating system commands on a server running QUICK CART. Solution Products Affected QUICK CART Ver 1 QUICK CART Ver 2 QUICK CART Free QUICK CART Pro QUICK CART Plugin for Movable Type 3.2...

8AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.20 views

Snitz Forums 2000 SQL injection

The remote host is using Snitz Forum 2000 This version allow an attacker to execute stored procedures and non-interactive operating system commands on the system. The problem stems from the fact that the 'Email' variable in the register.asp module fails to properly validate and strip out maliciou...

7.5CVSS0.5AI score0.02442EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.17 views

Snitz Forums 2000 SQL injection

The remote host is using Snitz Forum 2000 which allows an attacker to execute stored procedures and non-interactive operating system commands on the system. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

7.5CVSS6.9AI score0.02442EPSS
Exploits1References2
NVD
NVD
added 2003/05/12 4:0 a.m.13 views

CVE-2003-0118

SQL injection vulnerability in the Document Tracking and Administration DTA website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to 1 rawdocdata.asp or 2 RawCustomSearchField.asp containing an embedded SQL statement...

7.5CVSS8AI score0.08144EPSS
Exploits0References2
Cvelist
Cvelist
added 2003/05/02 4:0 a.m.16 views

CVE-2003-0118

SQL injection vulnerability in the Document Tracking and Administration DTA website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to 1 rawdocdata.asp or 2 RawCustomSearchField.asp containing an embedded SQL statement...

8AI score0.08144EPSS
Exploits0References2
exploitpack
exploitpack
added 2002/07/25 12:0 a.m.15 views

Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection

Microsoft SQL Server 2000 - spMScopyscript SQL Injection source: https://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the abili...

8.6AI score
Exploits0
securityvulns
securityvulns
added 2000/11/22 12:0 a.m.62 views

Update: Microsoft Security Bulletin (MS00-086)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-086 - -------------------------------------- Patch...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2000/11/08 12:0 a.m.64 views

Security Bulletin (MS00-086)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-086 - -------------------------------------- Patch...

0.3AI score
Exploits0
Rows per page
Query Builder