Lucene search
K

146 matches found

OSV
OSV
added 2011/01/11 3:0 a.m.1 views

DEBIAN-CVE-2011-0402

dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory...

6.8CVSS6.7AI score0.02873EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2010/01/13 12:0 a.m.6 views

PT-2010-1350 · Ruby +1 · Ruby +1

Name of the Vulnerable Software and Affected Versions: Ruby versions 1.8.6 through patchlevel 383 Ruby versions 1.8.7 through patchlevel 248 Ruby version 1.8.8dev Ruby versions 1.9.1 through patchlevel 376 Ruby version 1.9.2dev Description: The issue allows remote attackers to potentially modify ...

7.5CVSS6.7AI score0.15684EPSS
Exploits4References29
seebug.org
seebug.org
added 2009/12/18 12:0 a.m.19 views

zope 2.2 DTML模板和DTML方法远程修改漏洞

No description provided by source...

7.1AI score
Exploits0
OSV
OSV
added 2009/04/27 10:30 p.m.2 views

DEBIAN-CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

5CVSS6.8AI score0.01205EPSS
Exploits0References1
OSV
OSV
added 2009/04/27 10:30 p.m.5 views

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

6.6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/01/09 6:54 a.m.2 views

MODx cross-site request forgery vulnerability

Overview MODx, an open source contents management system, contains a cross-site request forgery vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

6CVSS6.6AI score0.00479EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2008/09/23 12:0 a.m.19 views

Debian DSA-1640-1 : python-django - several vulnerabilities

Simon Willison discovered that in Django, a Python web framework, the feature to retain HTTP POST data during user reauthentication allowed a remote attacker to perform unauthorized modification of data through cross site request forgery. This is possible regardless of the Django plugin to preven...

5.8CVSS5.1AI score0.01799EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2007/04/22 12:0 a.m.4 views

PT-2007-3317 · Bmc · Bmc Performance Manager

Name of the Vulnerable Software and Affected Versions: BMC Performance Manager affected versions not specified Description: The issue concerns a lack of authentication requirement for requests to modify configuration files. This could potentially allow remote attackers to execute arbitrary code b...

7.5CVSS8.2AI score0.03968EPSS
Exploits0References8
NVD
NVD
added 2007/01/23 2:28 a.m.10 views

CVE-2006-6946

The web server in the NEC MultiWriter 1700C allows remote attackers to modify the device configuration via unspecified vectors...

7.5CVSS6.6AI score0.01201EPSS
Exploits0References1
seebug.org
seebug.org
added 2006/04/21 12:0 a.m.52 views

Symantec Scan Engine 5.0.x.x Change Admin Password Remote Exploit

No description provided by source. !/usr/bin/perl -w Remotely change the administrator password or password hash of Symantec Scan Engine. Author: Marc Bevand of Rapid7 marcbevandatrapid7.com Copyright 2006 Rapid7, LLC. All rights reserved. Redistribution and use in source and binary forms, with o...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.29 views

CVE-2004-1982

Post.pl in YaBB 1 Gold SP 1.2 allows remote attackers to modify records in the board's .txt file via carriage return characters in the subject field...

6.6AI score0.01457EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.4 views

PT-2002-2428 · Cisco · Cisco Ios +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS software versions 11.3 through 12.2 Description: The issue allows remote attackers to modify Data Over Cable Service Interface Specification DOCSIS settings via a DOCSIS file without a Message Integrity Check MIC signature, which is...

7.5CVSS6.4AI score0.01186EPSS
Exploits0References5
CVE
CVE
added 2001/01/22 5:0 a.m.140 views

CVE-2000-1001

CVE-2000-1001 affects Element InstantShop: the add_2_basket.asp endpoint allows remote attackers to modify price information via the hidden form variable price. The underlying issue is input/data integrity on the price field, enabling tampering before processing. The CVSS data assigns a base scor...

7.5CVSS6.8AI score0.01612EPSS
Exploits0References3Affected Software1
FreeBSD Advisory
FreeBSD Advisory
added 2000/08/14 12:0 a.m.6 views

FreeBSD-SA-00:38.zope

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:38 Security Advisory FreeBSD, Inc. Topic: zope port allows remote modification of DTML documents Category: ports Module: zope Announced: 2000-08-14 Credits: Unknown...

5.9AI score
Exploits0
Cvelist
Cvelist
added 2000/02/08 5:0 a.m.16 views

CVE-2000-0108

The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

6.3AI score0.02032EPSS
Exploits0References1
Cvelist
Cvelist
added 2000/02/08 5:0 a.m.19 views

CVE-2000-0110

The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

6.3AI score0.02032EPSS
Exploits0References1
Cvelist
Cvelist
added 2000/02/08 5:0 a.m.20 views

CVE-2000-0103

The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

6.3AI score0.02085EPSS
Exploits0References1
NVD
NVD
added 2000/02/01 5:0 a.m.11 views

CVE-2000-0134

The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

7.5CVSS6.3AI score0.02146EPSS
Exploits0References1
NVD
NVD
added 2000/02/01 5:0 a.m.13 views

CVE-2000-0136

The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

7.5CVSS6.3AI score0.0683EPSS
Exploits0References1
NVD
NVD
added 2000/02/01 5:0 a.m.12 views

CVE-2000-0101

The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

7.5CVSS6.3AI score0.0215EPSS
Exploits0References1
Rows per page
Query Builder