Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1078 matches found

Drupal
Drupaladded 2010/05/19 12:0 a.m.15 views

SA-CONTRIB-2010-055 - Simplenews - Access bypass

Simplenews publishes and sends email newsletters to lists of subscribers, with both anonymous and authenticated users being able to opt-in to mailing lists. The user subscription form does not use the correct access permission resulting in any user with the permission 'subscribe to newsletters'...

6.9AI score
Exploits0References8
Packet Storm
Packet Stormadded 2009/12/30 12:0 a.m.21 views

UBB.Threads 6 Remote File Inclusion

..:::::::::.. ..:::aad8888888baa:::.. .::::d:?88888888888?::8b::::. .:::d8888:?88888888??a888888b:::. .:::d8888888a8888888aa8888888888b:::. ::::dP::::::::Dz-GhostTeam:::::::Yb:::: ::::dP:::::::::Y888888888P:::::::::Yb:::: ::::d8:::::::::::indoushka:::::::::::8b::::...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2009/07/21 12:0 a.m.41 views

openSUSE Security Update : cups (cups-322)

local users could crash cups by adding a large number of RSS subscriptions CVE-2008-5183, CVE-2008-5184. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update cups-322. The text description of this...

10CVSS7.4AI score0.04639EPSS
Exploits2References3
OpenVAS
OpenVASadded 2009/06/05 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-707-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.08268EPSS
Exploits9References2
0day.today
0day.todayadded 2009/05/29 12:0 a.m.49 views

AMember 3.1.7 (XSS/SQL/HI) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== AMember 3.1.7 XSS/SQL/HI Multiple Remote Vulnerabilities ========================================================== AMember - Multiple Vulnerabilities Version Affected: 3.1.7...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2009/05/29 12:0 a.m.25 views

amember 3.1.7 - Cross-Site Scripting SQL Injection HTML Injection

amember 3.1.7 - Cross-Site Scripting SQL Injection HTML Injection AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow...

Exploits0
seebug.org
seebug.orgadded 2009/05/29 12:0 a.m.47 views

AMember 3.1.7 (XSS/SQL/HI) Multiple Remote Vulnerabilities

No description provided by source. AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow, Authorize.Net, PaySystems,...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2009/05/27 12:0 a.m.46 views

AMember 3.1.7 XSS / SQL Injection

AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow, Authorize.Net, PaySystems, Probilling, Multicards, E-Gold and...

0.4AI score
Exploits0
securityvulns
securityvulnsadded 2009/05/25 12:0 a.m.189 views

[InterN0T] AMember 3.1.7 - Multiple Vulnerabilities

AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow, Authorize.Net, PaySystems, Probilling, Multicards, E-Gold and...

6.9AI score
Exploits0
Ubuntu
Ubuntuadded 2009/01/12 3:35 p.m.74 views

USN-707-1: CUPS vulnerabilities

It was discovered that CUPS didn't properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. CVE-2008-5183 It was discovered that CUPS did not...

10CVSS7.7AI score0.08268EPSS
Exploits9
NVD
NVDadded 2008/12/19 4:30 p.m.20 views

CVE-2008-5681

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs...

4.3CVSS6.6AI score0.00357EPSS
Exploits0References5
Cvelist
Cvelistadded 2008/12/19 4:9 p.m.32 views

CVE-2008-5681

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs...

6.6AI score0.00357EPSS
Exploits0References5
Opera Security Advisories
Opera Security Advisoriesadded 2008/12/16 12:0 a.m.9 views

Feed links can link to local files

As a security precaution, Opera does not allow Web pages to link to files on the user's local disk. However, a flaw exists that allows Web pages to link to feed source files on the user's computer. Suitable detection of JavaScript events and appropriate manipulation can unreliably allow a script ...

0.9AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linuxadded 2008/12/15 1:25 p.m.3 views

cups: DoS (daemon crash) caused by the large number of subscriptions

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

10CVSS7.2AI score0.04639EPSS
Exploits2References4
NVD
NVDadded 2008/11/21 2:30 a.m.17 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.5CVSS7.2AI score0.04639EPSS
Exploits1References21
Prion
Prionadded 2008/11/21 2:30 a.m.27 views

Null pointer dereference

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

4.3CVSS6.3AI score0.04639EPSS
Exploits2References21Affected Software5
OSV
OSVadded 2008/11/21 2:30 a.m.1 views

DEBIAN-CVE-2008-5184

The web interface cgi-bin/admin.c in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for remote attackers to bypass intended policy and conduct CSRF attacks via the 1 add and 2 cancel RSS subscription functions...

10CVSS6.8AI score0.00285EPSS
Exploits1References1
OSV
OSVadded 2008/11/21 2:30 a.m.7 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.5CVSS7.3AI score
Exploits0References23
Cvelist
Cvelistadded 2008/11/21 2:0 a.m.26 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.3AI score0.04639EPSS
Exploits1References21
Debian CVE
Debian CVEadded 2008/11/21 2:0 a.m.22 views

CVE-2008-5183

cupsd in CUPS 1.3.9 and earlier allows local users, and possibly remote attackers, to cause a denial of service daemon crash by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference. NOTE: this issue can be triggered remotely by leveraging CVE-2008-5184...

7.5CVSS6AI score0.04639EPSS
Exploits1
Rows per page
Query Builder