Lucene search
K

1234 matches found

Prion
Prion
added 2008/04/18 3:5 p.m.14 views

Design/Logic Flaw

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

7.5CVSS7.5AI score0.06658EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/04/18 3:0 p.m.29 views

CVE-2008-1886

The NeffyLauncher 1.0.5 ActiveX control NeffyLauncher.dll in CDNetworks Nefficient Download uses weak cryptography for a KeyCode that blocks unauthorized use of the control, which allows remote attackers to bypass this protection mechanism by calculating the required KeyCode. NOTE: this can be us...

6.9AI score0.06658EPSS
Exploits0References4
Prion
Prion
added 2008/03/31 5:44 p.m.13 views

Sql injection

SQL injection vulnerability in account/index.php in TopperMod 2.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via a non-alphanumeric first character the localita parameter, which bypasses a protection mechanism...

6.8CVSS9AI score0.00996EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2008/02/26 12:44 a.m.23 views

Directory traversal

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...

6.9CVSS6.9AI score0.00486EPSS
Exploits2References20Affected Software5
UbuntuCve
UbuntuCve
added 2008/02/26 12:44 a.m.37 views

CVE-2008-0923

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...

6.9CVSS6AI score0.00486EPSS
Exploits2References1
Cvelist
Cvelist
added 2008/02/26 12:0 a.m.24 views

CVE-2008-0923

Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character string containing...

6.4AI score0.00486EPSS
Exploits2References20
NVD
NVD
added 2007/12/28 12:46 a.m.18 views

CVE-2007-6552

Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/adminusers.php to bypass a protection...

6CVSS6.8AI score0.0164EPSS
Exploits1References4
Prion
Prion
added 2007/12/28 12:46 a.m.15 views

Directory traversal

Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/adminusers.php to bypass a protection...

6CVSS7.3AI score0.0164EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2007/12/28 12:0 a.m.26 views

CVE-2007-6552

Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/adminusers.php to bypass a protection...

6.8AI score0.0164EPSS
Exploits1References4
Prion
Prion
added 2007/11/20 8:46 p.m.14 views

Format string

frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...

5CVSS7.2AI score0.02783EPSS
Exploits1References5
CVE
CVE
added 2007/11/20 8:0 p.m.54 views

CVE-2007-6056

The CVE-2007-6056 entry describes a vulnerability in frame.html of Aida-Web where remote attackers can bypass a protection mechanism and access comment and task details by modifying the Mehr and SUPER parameters. Documents consistently identify Aida-Web as affected and the root cause as improper ...

5CVSS6.7AI score0.02783EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2007/11/20 8:0 p.m.21 views

CVE-2007-6056

frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...

6.7AI score0.02783EPSS
Exploits1References5
Prion
Prion
added 2007/10/14 6:17 p.m.25 views

Cross site scripting

Microsoft Internet Explorer 7 and earlier allows remote attackers to bypass the "File Download - Security Warning" dialog box and download arbitrary .exe files by placing a '?' question mark followed by a non-.exe filename after the .exe filename, as demonstrated by 1 .txt, 2 .cda, 3 .log, 4 .dif...

7.5CVSS7.1AI score0.19891EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2006/09/06 10:4 p.m.19 views

CVE-2006-4592

Incomplete blacklist vulnerability in default.asp in 8pixel.net Simple Blog 2.3 and earlier allows remote attackers to conduct SQL injection attacks via "" characters in the id parameter, which are not filtered by the protection mechanism...

7.5CVSS7.6AI score0.01224EPSS
Exploits1References6
Rows per page
Query Builder