Lucene search
+L

177 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.19 views

Debian: Security Advisory (DSA-642-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.01477EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2007/10/23 3:56 p.m.45 views

Moderate: Red Hat Security Advisory: php security update

Updated PHP packages that fix several security issues are now available for Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. The...

7.5CVSS6.1AI score0.07919EPSS
Exploits2References8
seebug.org
seebug.org
added 2007/09/19 12:0 a.m.18 views

saforum 注射漏洞

saforum是国内安全研究人员修改过的saforum论坛,但是代码中有一点瑕疵导致可能被获取管理员权限: \include\common.php 行4149引入没有过滤的变量 ------cut----------------- ifgetenv'HTTPCLIENTIP' $onlineip = getenv'HTTPCLIENTIP'; elseifgetenv'HTTPXFORWARDEDFOR' $onlineip = getenv'HTTPXFORWARDEDFOR'; elseifgetenv'REMOTEADDR' $onlineip =...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/04/19 12:0 a.m.49 views

Fedora Core 6 : php-5.1.6-3.5.fc6 (2007-415)

This update fixes a number of security issues in PHP. A denial of service flaw was found in the way PHP processed a deeply nested array. A remote attacker could cause the PHP interpreter to crash by submitting an input variable with a deeply nested array. CVE-2007-1285 A flaw was found in the way...

7.8CVSS7.3AI score0.18162EPSS
Exploits3References1
NVD
NVD
added 2006/09/01 11:4 p.m.17 views

CVE-2006-4530

Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php...

7.5CVSS7.8AI score0.01673EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2006/07/09 12:0 a.m.38 views

pearl24.txt

Pearl Products Multiple Remote File Inclusion Discovered By zero Moroccan Security Team Affected softwares: Pearl Forums 2.4 Ngoc Biec 1.4 Pearl For Biz 2.4 Pearl For Mambo 1.6 URL : http://sourceforge.net/projects/pearlforums/ Risk : High Impact: System access ------ PoC...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/07/29 12:0 a.m.12 views

Easypx41 - Multiple Variable Injection Vulnerabilities

Easypx41 - Multiple Variable Injection Vulnerabilities source: https://www.securityfocus.com/bid/14421/info Easypx41 is prone to multiple variable injection vulnerabilities. An attacker can manipulate multiple script input variables and bypass access controls to retrieve sensitive and privileged...

1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/07/29 12:0 a.m.17 views

Easypx41 - Multiple Variable Injection Vulnerabilities

source: https://www.securityfocus.com/bid/14421/info Easypx41 is prone to multiple variable injection vulnerabilities. An attacker can manipulate multiple script input variables and bypass access controls to retrieve sensitive and privileged information. Information obtained may aid in further...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/04 12:0 a.m.30 views

GLSA-200503-07 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-07 phpMyAdmin: Multiple vulnerabilities phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through '$cfg' and 'GLOBALS'...

5CVSS5.9AI score0.03964EPSS
Exploits1References7
Gentoo Linux
Gentoo Linux
added 2005/03/03 12:0 a.m.39 views

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through...

5CVSS6.7AI score0.03964EPSS
Exploits1
phpMyAdmin
phpMyAdmin
added 2005/02/25 12:0 a.m.32 views

A variable injection vulnerability was found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting (XSS) attacks and / or perform remote file inclusion.

PMASA-2005-1 Announcement-ID: PMASA-2005-1 Date: 2005-02-25 Summary A variable injection vulnerability was found in phpMyAdmin, that may allow an attacker to conduct Cross-site scripting XSS attacks and / or perform remote file inclusion. Description We received two bug reports by Maksymilian...

7.5CVSS5.9AI score0.02726EPSS
Exploits0Affected Software1
Debian
Debian
added 2005/01/17 3:21 p.m.48 views

[SECURITY] [DSA 642-1] New gallery packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 642-1 [email protected] http://www.debian.org/security/ Martin Schulze January 17th, 2005 http://www.debian.org/security/faq -...

6.8CVSS0.3AI score0.01477EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/01/17 12:0 a.m.23 views

Debian DSA-642-1 : gallery - several vulnerabilities

Several vulnerabilities have been discovered in gallery, a web-based photo album written in PHP4. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2004-1106 Jim Paris discovered a cross site scripting vulnerability which allows code to be inserted ...

6.8CVSS5.2AI score0.01477EPSS
Exploits0References2
OSV
OSV
added 2005/01/17 12:0 a.m.71 views

DSA-642-1 gallery - several

Bulletin has no description...

6.8CVSS6.1AI score0.01477EPSS
Exploits0
exploitpack
exploitpack
added 2004/01/26 12:0 a.m.45 views

Gallery 1.3.x1.4 - Remote Global Variable Injection

Gallery 1.3.x1.4 - Remote Global Variable Injection source: https://www.securityfocus.com/bid/9490/info It has been reported that Gallery is prone to a vulnerability that may allow a remote attacker to gain unauthorized access by overwriting various values for global variables. The issue occurs d...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2004/01/26 12:0 a.m.45 views

Gallery 1.3.x/1.4 - Remote Global Variable Injection

source: https://www.securityfocus.com/bid/9490/info It has been reported that Gallery is prone to a vulnerability that may allow a remote attacker to gain unauthorized access by overwriting various values for global variables. The issue occurs due to improper simulation of the behaviour of...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/12/22 12:0 a.m.26 views

Subscribe Me Pro/Enterprise - Remote Code Execution via Backticked Perl Variable Injection.

Pimp industries. "Its all about the Bling, Bitches and Fame!" Subscribe Me Pro/Enterprise All recent versions of Pro/Enterprise Remote Code Execution via Backticked Perl Variable Injection. C Paul Craig Pimp Industries 2003 This advisory is also online at:...

0.5AI score
Exploits0
Rows per page
Query Builder