Lucene search
K

841 matches found

OSV
OSV
added 2004/12/31 5:0 a.m.1 views

DEBIAN-CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg'Servers' variables...

7.5CVSS7AI score0.03764EPSS
Exploits1References1
CERT
CERT
added 2004/11/03 12:0 a.m.17 views

MailPost discloses sensitive system information when operating in debug mode

Overview A vulnerability is reported to exist in MailPost version 5.1.1sv and possibly earlier versions that may permit a remote attacker to gain sensitive information about the server configuration and environment.. Description According to the ProCheckUp report, MailPost contains a vulnerabilit...

7.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.40 views

GLSA-200406-05 : Apache: Buffer overflow in mod_ssl

The remote host is affected by the vulnerability described in GLSA-200406-05 Apache: Buffer overflow in modssl A bug in the function sslutiluuencodebinary in sslutil.c may lead to a remote buffer overflow on a server configured to use FakeBasicAuth that will trust a client certificate with an...

7.5CVSS6.2AI score0.37681EPSS
Exploits0References2
exploitpack
exploitpack
added 2004/08/23 12:0 a.m.10 views

Compulsive Media CNU5 - News.mdb Database Disclosure

Compulsive Media CNU5 - News.mdb Database Disclosure source: https://www.securityfocus.com/bid/11004/info CNU5 is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file 'news.mdb' and gain access to sensitive information including...

7.4AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/07/29 12:0 a.m.39 views

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a popular, web-based MySQL administration tool written in PHP. It allows users to administer a MySQL database from a web-browser. Description Two serious vulnerabilities exist in phpMyAdmin. The first allows any user to alter the server configuration variables including...

7.5CVSS2.9AI score0.09353EPSS
Exploits2
exploitpack
exploitpack
added 2004/07/19 12:0 a.m.9 views

Zixforum - ZixForum.mdb Database Disclosure

Zixforum - ZixForum.mdb Database Disclosure source: https://www.securityfocus.com/bid/10982/info Zixforum is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file ''ZixForum.mdb' and gain access to sensitive information including...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/19 12:0 a.m.25 views

Zixforum - ZixForum.mdb Database Disclosure

source: https://www.securityfocus.com/bid/10982/info Zixforum is reported prone to a database disclosure vulnerability. It is reported that remote users may download the database file ''ZixForum.mdb' and gain access to sensitive information including unencrypted authentication credentials. All...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/07/18 12:0 a.m.18 views

PHP-Fusion Database Backup - Information Disclosure

PHP-Fusion Database Backup - Information Disclosure source: https://www.securityfocus.com/bid/10974/info It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from th...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2004/07/18 12:0 a.m.27 views

PHP-Fusion Database Backup - Information Disclosure

source: https://www.securityfocus.com/bid/10974/info It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from the server. Authentication would not be required. A...

7AI score
Exploits0
phpMyAdmin
phpMyAdmin
added 2004/06/29 12:0 a.m.35 views

When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration.

PMASA-2004-1 Announcement-ID: PMASA-2004-1 Date: 2004-06-29 Summary When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration. Description phpMyAdmin used eval function to fill some values and one parameter used there w...

7.5CVSS6.1AI score0.09353EPSS
Exploits1Affected Software1
exploitpack
exploitpack
added 2004/04/23 12:0 a.m.28 views

PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure

PW New Media Network Modular Site Management System 0.2.1 - Ver.asp Information Disclosure source: https://www.securityfocus.com/bid/10208/info It has been reported that Modular Site Management System may be prone to an information disclosure issue that could allow an attacker to gain access to a...

Exploits0
Exploit DB
Exploit DB
added 2004/04/23 12:0 a.m.28 views

PW New Media Network Modular Site Management System 0.2.1 - 'Ver.asp' Information Disclosure

source: https://www.securityfocus.com/bid/10208/info It has been reported that Modular Site Management System may be prone to an information disclosure issue that could allow an attacker to gain access to a server's configuration information. MSMS version 0.2.1 is reported to be affected by this...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/01/16 12:0 a.m.11 views

MetaDot Portal Server 5.6.x - index.pl Multiple Cross-Site Scripting Vulnerabilities

MetaDot Portal Server 5.6.x - index.pl Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/9439/info A number of vulnerabilities have been found in all version of MetaDot Corporation's MetaDot Portal Server. Due to a failure of the software to properly validate...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/12/01 12:0 a.m.19 views

CuteNews 1.3 - Debug Query Information Disclosure

source: https://www.securityfocus.com/bid/9130/info An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configuration data. The problem occurs due to CuteNews accepting a debug query that will result in the exposure of information returned from a...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/11/19 12:0 a.m.54 views

Half Life dedicated server information leak

Dear [email protected], Probably is known, but is not documented: Vendor: Valve software Software: hlds, all versions including steam. Problem: Information leak, DoS Author: SYZoSND Problem: in server configuration, if allowdownload = 1, it's possible to download any file from directory o...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2003/11/13 12:0 a.m.33 views

Corsaire Security Advisory: PeopleSoft Gateway Administration servlet path disclosure issue

-- Corsaire Security Advisory -- Title: PeopleSoft Gateway Administration servlet path disclosure issue Date: 04.07.03 Application: PeopleTools 8.20/8.43 and prior Environment: Various Author: Martin O'Neal [email protected] Audience: General distribution Reference: c030704-003 -- Scope -...

5CVSS0.4AI score0.01194EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/06/02 12:0 a.m.18 views

mod_gzip Detection

The remote host is running modgzip and configured so that its status can be obtained by sending a special request. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11685; scriptversion"$Revision: 1.14 $"; scriptcvsdate"$Date: 2013/01/25 01:19:08 $";...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2003/05/31 12:0 a.m.35 views

W3Mail multiple bugs

delete.cgi invokes external program though system call without escaping shell characters. It's possible to change server configuration without administrator's permissions. All passwords are stored in Base64 encoding...

2.2AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2003/05/12 12:0 a.m.61 views

Snitz Forums 3.3.03 - Remote Command Execution

!/usr/bin/perl use Socket; print "\nRemote command execution against Snitz Forums 3.3.03 and probably others.\n"; print "You accept full responsibility for your actions by using this script.\n"; print "INTERNAL USE ONLY!! DO NOT DISTRIBUTE!!\n"; print "\nWeb server? www.enterthegame.com: "; my...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/20 12:0 a.m.1036 views

Web Server Unconfigured - Default Install Page Present

The remote web server uses its default welcome page. Therefore, it's probable that this server is not used at all or is serving content that is meant to be hidden. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11422; scriptversion"1.45"; scriptcvsdate"Date: 2018/08/...

5.5AI score
Exploits0
Rows per page
Query Builder