Lucene search
K

3467 matches found

securityvulns
securityvulns
added 2010/01/08 12:0 a.m.65 views

Novell iManager eDirectory plugin buffer overflow

Buffer overflow on schema parsing...

7.5CVSS4.4AI score0.0433EPSS
Exploits0References1Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2010/01/07 12:0 a.m.21 views

Novell iManager eDirectory Plugin Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Novell iManager. Authentication is not required to exploit this vulnerability. The flaw exists in an application called by the iManager in order to handle importing/exporting of schema information. While...

10CVSS2.2AI score0.0433EPSS
Exploits0References1
seebug.org
seebug.org
added 2009/10/22 12:0 a.m.46 views

phpMyAdmin SQL注入和跨站脚本漏洞

BUGTRAQ ID: 36658 CVE ID: CVE-2009-3697,CVE-2009-3696 phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。 phpMyAdmin没有正确地过滤对MySQL表格名称所提交的输入参数,远程攻击者可以通过提交恶意请求执行存储式跨站脚本攻击,并在用户浏览恶意数据时执行所注入的HTML和脚本代码;此外phpMyAdmin还没有正确地过滤提交给PDF schema生成器功能的各种参数,远程攻击者可以通过提交恶意请求执行SQL注入攻击。 phpMyAdmin 3.x phpMyAdmin 2.11.x 厂商补丁:...

7.5CVSS0.02602EPSS
Exploits1
OSV
OSV
added 2009/10/16 4:30 p.m.3 views

DEBIAN-CVE-2009-3697

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...

7.5CVSS8.8AI score0.02602EPSS
Exploits1References1
Prion
Prion
added 2009/10/16 4:30 p.m.12 views

Sql injection

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...

7.5CVSS8.9AI score0.02602EPSS
Exploits1References19Affected Software1
UbuntuCve
UbuntuCve
added 2009/10/16 4:30 p.m.26 views

CVE-2009-3697

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...

7.5CVSS6.2AI score0.02602EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2009/10/16 4:0 p.m.19 views

CVE-2009-3697

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...

7.5CVSS8.3AI score0.02602EPSS
Exploits1
FreeBSD
FreeBSD
added 2009/10/13 12:0 a.m.25 views

phpmyadmin -- XSS and SQL injection vulnerabilities

phpMyAdmin Team reports: Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted MySQL table name. SQL injection vulnerability allows remote attackers to inject SQL via various interface parameters of the PDF schema generator feature...

6.5AI score
Exploits0References1
0day.today
0day.today
added 2009/08/25 12:0 a.m.20 views

EMO Breader Manager (video.php movie) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= EMO Breader Manager video.php movie SQL Injection Vulnerability ================================================================= Remote SQL Injection Vulnerability video.ph...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/08/25 12:0 a.m.51 views

Camfrog.com SQL Injection

Camfrog.com suffers from a remote SQL injection vulnerability Millions of accounts are exposed Vulnerable parameter: popular.php?orderby=&st=dir&r=&cg= Available database: informationschema, cf, cfgift, cfimage, cfonline Users password are in CLEAR TEXT !!! More on...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/25 12:0 a.m.32 views

EMO Breader Manager - 'video.php?movie' SQL Injection

Viva IslaM Viva IslaM Remote SQL Injection Vulnerability video.php movie EMO Breader Manager http://www.emophp.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...

7AI score
Exploits0
NVD
NVD
added 2009/05/21 3:30 p.m.16 views

CVE-2009-0897

IBM WebSphere Partner Gateway WPG 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive aka the archiver script...

4CVSS5.5AI score0.00963EPSS
Exploits0References3
Prion
Prion
added 2009/05/21 3:30 p.m.12 views

Information disclosure

IBM WebSphere Partner Gateway WPG 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive aka the archiver script...

4CVSS6AI score0.00963EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2009/03/29 12:0 a.m.1695 views

glFusion 1.1.2 - COM_applyFilter()order SQL Injection

glFusion 1.1.2 - COMapplyFilterorder SQL Injection = 4.1 php.ini independent our site: http://retrogod.altervista.org/ software site: http://www.glfusion.org/ google dork: "Page created in" "seconds by glFusion" +RSS Vulnerability, sql injection in 'order' and 'direction' arguments: look...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.27 views

Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1

Ubuntu Update for Linux kernel vulnerabilities USN-454-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4541.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks...

6CVSS0.3AI score0.03184EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2009/03/13 12:0 a.m.25 views

Gentoo Security Advisory GLSA 200903-19 (xerces-c)

The remote host is missing updates announced in advisory GLSA 200903-19. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

7.8CVSS6.7AI score0.04183EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2009/02/11 12:0 a.m.18 views

Rarlab.com SQL Injection

MurderSkillz rarlab.com Home of winrar! = Here is your sql injection =P exposes tableschema - tablename - columnname I am NOT responsible for any stupidity or damage! Learn skiddies! = Fix your shit winrar...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2008/10/24 12:0 a.m.21 views

DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability

No description provided by source. --------------------------------------------------------- Portal Name: Dorsa CMS Vendor : http://www.dorsacms.com Description : A CMS written by iranian programmers which uses by governmental websites. Vulnerable File : ShowPage.aspx Dork: Powered by DorsaCms...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/10/08 2:0 a.m.22 views

CVE-2008-4482

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...

7.8CVSS5.9AI score0.04183EPSS
Exploits1References1
Prion
Prion
added 2008/10/08 2:0 a.m.22 views

Design/Logic Flaw

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...

7.8CVSS6.6AI score0.04183EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder