Lucene search
K

660 matches found

NVD
NVD
added 2005/12/31 5:0 a.m.9 views

CVE-2005-2464

login.php in PCXP/TOPPE CMS allows remote attackers to bypass authentication and gain privileges by modifying the cookie to match the target userid...

7.5CVSS7.1AI score0.0153EPSS
Exploits0References1
NVD
NVD
added 2005/12/09 3:3 p.m.11 views

CVE-2005-4139

Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the 1 year parameter in calendar.php, 2 user parameter array in vprofile.php, and 3 the userid parameter in misc.php...

7.5CVSS8.5AI score0.01763EPSS
Exploits1References8
securityvulns
securityvulns
added 2005/11/24 12:0 a.m.51 views

OvBB SQL vulnerabilities.

OvBB SQL vulnerabilities. Vuln. dicovered by : r0t Date: 24 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/ovbb-sql-vulnerabilities.html Vendor:http://www.ovbb.org/ affected version: V0.08a and prior Vuln. description: Input passed to the "threadid" parameter in "thread.php" isn't...

0.6AI score
Exploits0
NVD
NVD
added 2005/10/30 2:34 p.m.10 views

CVE-2005-3383

SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...

7.5CVSS8.6AI score0.01579EPSS
Exploits1References6
NVD
NVD
added 2005/10/30 2:34 p.m.15 views

CVE-2005-3386

SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...

7.5CVSS8.6AI score0.01631EPSS
Exploits1References7
Cvelist
Cvelist
added 2005/10/29 7:0 p.m.15 views

CVE-2005-3383

SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...

8.6AI score0.01579EPSS
Exploits1References6
CVE
CVE
added 2005/10/29 7:0 p.m.48 views

CVE-2005-3385

The CVE-2005-3385 entry describes a SQL injection vulnerability in Techno Dreams Mailing List script that allows remote attackers to execute arbitrary SQL and bypass authentication via the userid parameter in admin/login.asp. Affected component: the Mailing List script; vulnerability type: SQL in...

7.5CVSS9AI score0.01579EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2005/09/21 10:3 p.m.15 views

CVE-2005-3024

Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 announcement parameter to announcement.php, the 2 threadforumid or 3 criteria parameters to thread.php, 4 userid parameter to user.php, the 5...

7.5CVSS8.5AI score0.01224EPSS
Exploits1References2
Cvelist
Cvelist
added 2005/08/03 4:0 a.m.21 views

CVE-2005-2441

Multiple cross-site scripting XSS vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the 1 UserName parameter to profile.php or 2 UserID parameter to login.php...

5.7AI score0.02121EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2005/02/08 12:0 a.m.12 views

MSN Messenger UserID Detection (deprecated)

Binary data 2600.prm...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.13 views

CVE-2005-0216

Cross-site scripting XSS vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter...

5.9AI score0.0125EPSS
Exploits1References4
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.23 views

CVE-2002-1264

Buffer overflow in Oracle iSQLPlus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL...

7.4AI score0.07724EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2003/06/25 12:0 a.m.27 views

kerio563.txt

/ Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / / ========================================================= / / By B-r00t ok rcpt to: [email protected] 550 5.1.1 Mailbox does not exist rcpt to:[email protected] 250 2.1.5 Recipient ok local ok local user fred seems to...

7.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.12 views

CVE-2002-2219

chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user userid field...

7.5CVSS6.5AI score0.06043EPSS
Exploits1References5
CVE
CVE
added 2002/03/09 5:0 a.m.55 views

CVE-2001-1016

The CVE-2001-1016 entry affects PGP Corporate Desktop < 7.1 , Personal Security < 7.0.3 , Freeware < 7.0.3 , and E-Business Server

7.5CVSS6.9AI score0.0136EPSS
Exploits0References5Affected Software5
securityvulns
securityvulns
added 2001/09/05 12:0 a.m.42 views

Проблемы с отображением недействительных ключей в PGP

Если в ключ с подписаным USERID добавить второй USERID он будет отображаться как подписаный...

0.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/08/30 12:0 a.m.75 views

xinetd 2.3.0 audit status

Hi, As some of you may know, I've performed an audit of the xinetd 2.3.0 source code for certain classes of vulnerabilities. The audit has resulted in a significant number of fixes many are for non-security issues. The patch was over 100 KB large and got incorporated into xinetd starting with...

7.8AI score
Exploits0
Exploit DB
Exploit DB
added 2001/07/20 12:0 a.m.23 views

Oracle 8i - TNS Listener Buffer Overflow

// source: https://www.securityfocus.com/bid/2941/info Oracle 8i ships with a component called TNS Listener. TNS Listener is used to arbitrate communication between remote database clients/applications and the database server. There exists a remotely exploitable buffer overflow in TNS Listener...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/03/27 12:0 a.m.20 views

SCO Open Server 5.0.6 - lpshut Buffer Overflow

source: https://www.securityfocus.com/bid/2555/info SCO OpenServer 5.0.6 and possibly earlier versions ships with several suid bin executables used in printer administration and related tasks. This includes lpshut, a component used to shut down the LP print service. 'lpshut' contains a locally...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.34 views

perliis.txt

http://www.rootshell.com/ From [email protected] Sun Jul 12 17:42:29 1998 Date: Mon, 13 Jul 1998 01:31:11 +0100 From: Mnemonix To: [email protected] Subject: New Perl.exe, IIS exploit Russ Cooper of ntbugtraq seems unwilling to publish this information - perhaps it shows how to exploit th...

7.4AI score
Exploits0
Rows per page
Query Builder