Lucene search
+L

66 matches found

CVE
CVE
added 2005/07/14 4:0 a.m.58 views

CVE-2001-1537

The CVE concerns TWIG webmail versions 2.7.4 and earlier where the default 'basic' security setting in config.php stores cleartext usernames and passwords in cookies. This could allow an attacker to obtain authentication information and gain privileges. The PT-2001-2622 entry reiterates the affec...

7.5CVSS7.2AI score0.01115EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.23 views

e107 search.php search_info Parameter Traversal Arbitrary File Inclusion

The version of e107 installed on the remote host is affected by a remote file inclusion vulnerability because it fails to properly sanitize user-supplied input to the 'searchinfo' parameter of the 'search.php' script. This vulnerability could allow a remote, unauthenticated attacker to view...

6.2AI score
Exploits0References2
CVE
CVE
added 2001/02/02 5:0 a.m.43 views

CVE-2001-0104

MDaemon Pro 3.5.1 and earlier have a local privilege bypass: a user can bypass the "lock server" security setting by pressing Cancel at the password prompt and then pressing Enter. The available documents confirm the affected product and UI-based trigger, but do not provide concrete mitigation st...

7.2CVSS7AI score0.00396EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2000/07/12 4:0 a.m.60 views

CVE-2000-0562

BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, fail to block Back Orifice traffic when the security setting is Nervous or lower. The CVE-2000-0562 entry documents this condition for these products, indicating a partial confidentiality, integrity, and availability impact w...

7.5CVSS6.7AI score0.01277EPSS
Exploits1References1Affected Software2
NVD
NVD
added 2000/06/22 4:0 a.m.13 views

CVE-2000-0562

BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower...

7.5CVSS6.7AI score0.01277EPSS
Exploits1References1
NVD
NVD
added 1999/05/06 4:0 a.m.20 views

CVE-1999-1241

Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object...

10CVSS7.6AI score0.14416EPSS
Exploits0References2
Rows per page
Query Builder