Lucene search
K

232 matches found

Packet Storm
Packet Storm
added 2008/12/12 12:0 a.m.36 views

TmaxSoft JEUS Alternate Data Streams Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: -...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/12/12 12:0 a.m.22 views

TmaxSoft JEUS - Alternate Data Streams File Disclosure

TmaxSoft JEUS - Alternate Data Streams File Disclosure Title: TmaxSoft JEUS Alternate Data Streams Vulnerability Author: Simon Ryeobar4mi at gmail Severity: High Impact: Remote File Disclosure Vulnerable Version: JEUS 5: Fix26 on NTFS References: -...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.15 views

Gentoo Security Advisory GLSA 200403-11 (Squid)

The remote host is missing updates announced in advisory GLSA 200403-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

7.5CVSS0.4AI score0.13809EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.11 views

Gentoo Security Advisory GLSA 200403-11 (Squid)

The remote host is missing updates announced in advisory GLSA 200403-11. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.13809EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/11/01 5:0 p.m.21 views

CVE-2002-2413

WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name...

6.8AI score0.01173EPSS
Exploits0References3
CVE
CVE
added 2007/11/01 5:0 p.m.48 views

CVE-2002-2413

WebSite Pro 3.1.11.0 on Windows is affected by CVE-2002-2413, where a remote attacker can read script source code for files with extensions longer than 3 characters by requesting a URL that uses the equivalent 8.3 file name. The vulnerability is described in multiple sources (RH and NVD entries) ...

5CVSS7.2AI score0.01173EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/10/31 4:0 p.m.20 views

CVE-2002-2370

SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service crash via a URL request that does not end with a newline...

6.6AI score0.0317EPSS
Exploits1References3
NVD
NVD
added 2007/03/24 12:19 a.m.12 views

CVE-2007-1642

Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...

4CVSS6.2AI score0.01206EPSS
Exploits0References8
Prion
Prion
added 2007/03/24 12:19 a.m.16 views

Cross site request forgery (csrf)

Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...

4CVSS6.6AI score0.01206EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/03/24 12:0 a.m.19 views

CVE-2007-1642

Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...

6.2AI score0.01206EPSS
Exploits0References8
Prion
Prion
added 2007/03/16 9:19 p.m.15 views

Authentication flaw

admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp...

7.5CVSS7.7AI score0.07441EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2007/03/16 9:19 p.m.14 views

CVE-2007-1471

admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp...

7.5CVSS7.1AI score0.07441EPSS
Exploits0References3
CVE
CVE
added 2006/12/12 8:0 p.m.55 views

CVE-2006-6482

CVE-2006-6482 affects Adobe ColdFusion MX7. The issue allows remote disclosure of sensitive information via URL requests: (1) requesting non-existent files (JWS, CFM, CFML, or CFC) causes error messages revealing the installation path; (2) accessing /CFIDE/administrator/login.cfm without a host c...

5CVSS6.5AI score0.02115EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2006/06/28 11:5 p.m.15 views

CVE-2006-3290

HTTP server in Cisco Wireless Control System WCS for Linux and Windows before 3.251 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request...

5CVSS6.2AI score0.02314EPSS
Exploits0References7
0day.today
0day.today
added 2006/04/26 12:0 a.m.24 views

OCE 3121/3122 Printer (parser.exe) Denial of Service Exploit

Exploit for hardware platform in category dos / poc ============================================================ OCE 3121/3122 Printer parser.exe Denial of Service Exploit ============================================================ !/usr/bin/perl OCE 3121/3122 Printer DoS Exploit...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/03/12 12:0 a.m.20 views

linux/x86 HTTP/1.x GET Downloads and JMP - 68 bytes+

No description provided by source. / linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ This shellcode allows you to download a binary code straight off a standard HTTP server and execute it. The downloaded shellcode e.g. binary code will be executed on the stack. DEMONSTRATION: Starting by...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2005/11/16 7:37 a.m.21 views

CVE-2003-1257

findthenihome.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo...

6.2AI score0.01548EPSS
Exploits1References3
CVE
CVE
added 2005/11/16 7:37 a.m.46 views

CVE-2003-1245

The CVE-2003-1245 issue affects Mambo Site Server (CMS) in version 4.0.12, where index2.php allows a remote attacker to gain administrator access by sending a URL with session_id set to the MD5 hash of a valid session cookie. Root cause is improper validation of cookies, enabling session imperson...

10CVSS6.9AI score0.04144EPSS
Exploits1References3
CVE
CVE
added 2005/11/16 7:37 a.m.47 views

CVE-2003-1248

CVE-2003-1248 affects H-Sphere WebShell 2.3. The vulnerability allows remote command execution by passing shell metacharacters in the mode and zipfile URL parameters. Impact is partial confidentiality, integrity, and availability. No explicit exploitation status is provided in the documents; expl...

7.5CVSS8AI score0.0221EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/11/16 7:37 a.m.18 views

CVE-2003-1248

H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 mode and 2 zipfile parameters in a URL request...

7.6AI score0.0221EPSS
Exploits0References6
Rows per page
Query Builder