Lucene search
K

804 matches found

exploitpack
exploitpack
added 2004/10/21 12:0 a.m.63 views

S9Y Serendipity 0.x - exit.php HTTP Response Splitting

S9Y Serendipity 0.x - exit.php HTTP Response Splitting source: https://www.securityfocus.com/bid/11497/info Serendipity is reported prone to an HTTP response splitting vulnerability. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached or...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/01 12:0 a.m.38 views

Comersus Cart 5.0 - HTTP Response Splitting

source: https://www.securityfocus.com/bid/11083/info Comersus Cart is reported prone to a HTTP response splitting vulnerability. A remote attacker may exploit this vulnerability to influence or misrepresent how web content is served, cached or interpreted. This could aid in various attacks, which...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/08/09 12:0 a.m.22 views

GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Buffer Overrun (2)

// source: https://www.securityfocus.com/bid/10899/info GNU cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue function. The issue exists due to a lack of sufficient boundary chec...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/03/17 12:0 a.m.10 views

IBM Lotus Domino 67 - HTTP webadmin.nsf Directory Traversal

IBM Lotus Domino 67 - HTTP webadmin.nsf Directory Traversal source: https://www.securityfocus.com/bid/9900/info It has been reported that Lotus Domino may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/11 12:0 a.m.16 views

VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion

VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/9638/info It has been reported that ezContents may be prone to a file include vulnerability in multiple modules. The problem reportedly exists because remote users may influence the...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2003/12/20 12:0 a.m.20 views

BES-CMS 0.40.5 - index.inc.php File Inclusion

BES-CMS 0.40.5 - index.inc.php File Inclusion source: https://www.securityfocus.com/bid/9268/info It has been reported that BES-CMS is vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/12/15 12:0 a.m.21 views

[Opera 7] Arbitrary File Delete Vulnerability

---------------------------------------------------------------------- TITLE : Opera 7 Arbitrary File Delete Vulnerability -= How Dare You Delete My Important Files? =- PRODUCT : Opera 7 for Windows VERSIONS : 7.22 build 3221 JP:build 3222 7.21 build 3218 JP:build 3219 7.20 build 3144 JP:build 31...

Exploits0
Exploit DB
Exploit DB
added 2003/08/27 12:0 a.m.24 views

Tellurian TftpdNT 1.8/2.0 - 'Filename' Buffer Overrun

source: https://www.securityfocus.com/bid/8505/info A vulnerability has been discovered in Tellurian TftpdNT that could allow a remote attacker to execute arbitrary code. The problem likely occurs due to insufficient bounds checking when handling user-supplied filenames. As a result, it may be...

7AI score
Exploits0
exploitpack
exploitpack
added 2003/05/21 12:0 a.m.21 views

Maelstrom Player 3.0.x - Argument Buffer Overflow (1)

Maelstrom Player 3.0.x - Argument Buffer Overflow 1 source: https://www.securityfocus.com/bid/7632/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/26 12:0 a.m.31 views

Pi3Web 2.0.1 - GET Denial of Service

// source: https://www.securityfocus.com/bid/7555/info It has been reported that Pi3Web server is prone to a denial of service vulnerability. Reportedly, when a malicious GET request is sent to the Pi3Web server the server will fail. It should be noted that the Unix version has been reported...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/04/21 12:0 a.m.9 views

Mod_NTLM 0.x - Authorisation Heap Overflow

ModNTLM 0.x - Authorisation Heap Overflow source: https://www.securityfocus.com/bid/7388/info The modntlm Apache module has been reported prone to a heap overflow vulnerability. The vulnerability occurs due to a lack of sufficient bounds checking performed on user-supplied data, stored in heap...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/03 12:0 a.m.51 views

Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow

The remote Sendmail server, according to its version number, may be affected by a remote buffer overflow allowing remote users to gain root privileges. Sendmail versions from 5.79 to 8.12.7 are affected. Nessus reports this vulnerability using only the banner of the remote SMTP server. Therefore,...

10CVSS5.8AI score0.72202EPSS
Exploits1References2
FreeBSD Advisory
FreeBSD Advisory
added 2003/02/24 12:0 a.m.6 views

FreeBSD-SA-03:02.openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:02.openssl Security Advisory The FreeBSD Project Topic: OpenSSL timing-based SSL/TLS attack Category: core Module: openssl Announced: 2003-02-25 Credits: Brice...

5.8AI score
Exploits0
exploitpack
exploitpack
added 2002/10/31 12:0 a.m.11 views

SmartMail Server 1.0 Beta 10 - Oversized Request Denial of Service

SmartMail Server 1.0 Beta 10 - Oversized Request Denial of Service source: https://www.securityfocus.com/bid/6075/info SmartMail Server is reported to be prone to a remote denial of service condition. It is possible to trigger this condition by sending large amounts 5MB+ of data to the server via...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/08/20 12:0 a.m.28 views

[Mantis Advisory/2002-02] Limiting output to reporters can be bypassed

Mantis Advisory/2002-02 Limiting output to reporters can be bypassed 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Contact details 1. Introduction Mantis is an Open Source web-based bugtracking system,...

Exploits0
securityvulns
securityvulns
added 2002/01/25 12:0 a.m.53 views

squirrelmail bug

Squirrelmail remote execute commands bug Version Affected : 1.2.2 Squirrelmail is a webmail system, which allows users to send, get, read etc. mails. It has some themes, plugins etc. One of the plugins has a very interesting piece of code : from file checkme.mod.php : $sqspellcommand =...

2AI score
Exploits0
securityvulns
securityvulns
added 2001/07/09 12:0 a.m.31 views

basilix bug

+--------------------------------------+ | Basilix Webmail System Vulnerability | +--------------------------------------+ Release Date : 13:49, 6 July 2001 Version Affected : Basilix Webmail System 1.0.2beta Basilix Webmail System 1.0.3beta Description : basilix lunches a file which name is read...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/01 12:0 a.m.20 views

Debian 2.1/2.2 - Man Cache File Creation

source: https://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy search path. Combined with the...

7AI score
Exploits0
NVD
NVD
added 2001/03/12 5:0 a.m.18 views

CVE-2001-0131

htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack...

3.3CVSS6.1AI score0.02309EPSS
Exploits0References4
securityvulns
securityvulns
added 2000/11/29 12:0 a.m.36 views

Re: [MSY] S(ecure)Locate heap corruption vulnerability

On Sun, Nov 26, 2000 at 11:38:25PM +0100, Michel Kaempf wrote: The author, Kevin Lindsay, was contacted and confirmed Secure Locate v2.3 is not affected by the vulnerability described in this advisory. Every Secure Locate version, from 1.4 included to 2.2 included, is affected by the problem, and...

1.3AI score
Exploits0
Rows per page
Query Builder