Lucene search
+L

178 matches found

Cvelist
Cvelist
added 2008/12/30 5:0 p.m.27 views

CVE-2008-5754

Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file aka Session-File with a long second line, possibly a related issue to CVE-2008-5753...

7.7AI score0.04582EPSS
Exploits1References3
exploitpack
exploitpack
added 2008/12/28 12:0 a.m.20 views

BulletProof FTP Client - .bps Local Stack Overflow (PoC)

BulletProof FTP Client - .bps Local Stack Overflow PoC !/usr/bin/perl Bug : BulletProof FTP Client .bps Local Stack Overflow PoC Founded by : Mountassif Moad Greetz : All Freind Str0ke HOw to use = go to file after Load BP session & Enter and boom :d overflowing :d use warnings; use strict; my...

0.5AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.5 views

Hiki arbitrary file deletion vulnerability

Overview Hiki, a Wiki clone software developed by Hiki Development Team, contains a vulnerability that allows a remote attacker to delete arbitrary files. Hiki contains a vulnerability that allows an arbitrary file to be deleted on a server running Hiki. This is caused by the improper handling of...

6.4CVSS6.8AI score0.02386EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2008/04/02 6:44 p.m.33 views

CVE-2008-1657

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...

6.5CVSS7.2AI score0.02223EPSS
Exploits3References2
OSV
OSV
added 2008/04/02 6:44 p.m.4 views

DEBIAN-CVE-2008-1657

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...

6.5CVSS9.2AI score0.02223EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2008/04/02 6:0 p.m.35 views

CVE-2008-1657

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...

6.5CVSS6.3AI score0.02223EPSS
Exploits3
Prion
Prion
added 2008/03/31 10:44 p.m.24 views

Information disclosure

phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...

2.1CVSS6AI score0.00296EPSS
Exploits0References17Affected Software4
NVD
NVD
added 2008/03/31 10:44 p.m.15 views

CVE-2008-1567

phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...

5.5CVSS5.1AI score0.00296EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2008/03/31 10:44 p.m.26 views

CVE-2008-1567

phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...

5.5CVSS6.1AI score0.00296EPSS
Exploits0References1
CVE
CVE
added 2008/03/31 10:0 p.m.87 views

CVE-2008-1567

CVE-2008-1567 affects phpMyAdmin; version prior to 2.11.5.1 stores the MySQL username, password, and the Blowfish secret key in cleartext in a Session file under /tmp, enabling local users to obtain sensitive information. Connected advisories show patches upgrading to phpMyAdmin 2.11.9.4 (e.g., o...

5.5CVSS5.3AI score0.00296EPSS
Exploits0References17Affected Software1
Cvelist
Cvelist
added 2008/03/31 10:0 p.m.33 views

CVE-2008-1567

phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...

5.3AI score0.00296EPSS
Exploits0References17
Debian CVE
Debian CVE
added 2008/03/31 10:0 p.m.55 views

CVE-2008-1567

phpMyAdmin before 2.11.5.1 stores the MySQL 1 username and 2 password, and the 3 Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information...

5.5CVSS5.7AI score0.00296EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2008/03/31 12:0 a.m.3 views

PT-2008-3126 · Mysql Server · Phpmyadmin

Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions prior to 2.11.5.1 Description: The issue allows local users to obtain sensitive information, including the MySQL username, password, and the Blowfish secret key, which are stored in cleartext in a Session file under /tmp...

5.5CVSS5.1AI score0.00296EPSS
Exploits0References21
Cvelist
Cvelist
added 2006/12/15 10:0 p.m.32 views

CVE-2006-6596

HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session HAW file, which can be automatically opened using Internet Explorer...

7.6AI score0.01263EPSS
Exploits0References5
myhack58
myhack58
added 2006/05/27 12:0 a.m.18 views

Grep with web vulnerability discovery-vulnerability warning-the black bar safety net

Grep with web vulnerability mining Text/SuperHeiAtph4nt0m.org 2006-03-08 a. The following grephttp://www.interlog.com/tcharron/grep.htmldoes not support the-r parameter,you can use the following format: grep-in "\include|require\" C:\test\. php C:\test\admin\. php You can also use cygwin...

8.7AI score
Exploits0
securityvulns
securityvulns
added 2006/03/14 12:0 a.m.36 views

[SA19211] CGI::Session Insecure Default Session File Permissions

TITLE: CGI::Session Insecure Default Session File Permissions SECUNIA ADVISORY ID: SA19211 VERIFY ADVISORY: http://secunia.com/advisories/19211/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CGI::Session 4.x http://secunia.com/product/8688/...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2005/01/02 12:0 a.m.33 views

moodle142.txt

+------------------------------------------------------------------------------+ | | | Multiple Vulnerabilities in Moodle | | ================================== | | | | Author: Bartek Nowotarski | | Published: 2004-12-27 |...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.26 views

CVE-2004-1425

Directory traversal vulnerability in file.php in Moodle 1.4.2 and earlier allows remote attackers to read arbitrary session files for known session IDs via a .. dot dot in the file parameter...

5CVSS6.7AI score0.01818EPSS
Exploits1References4
Rows per page
Query Builder