Lucene search
+L

8100 matches found

OSV
OSV
added 2008/02/11 9:0 p.m.3 views

DEBIAN-CVE-2008-0665

wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...

3.6CVSS6.2AI score0.00433EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2008/01/29 12:0 a.m.5 views

PT-2008-1820 · Ge Fanuc · Ge Fanuc Proficy Real-Time Information Portal

Name of the Vulnerable Software and Affected Versions: GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier Description: The issue allows remote attackers to steal passwords and gain privileges due to the use of HTTP Basic Authentication, which transmits usernames and passwords ...

9.8CVSS9.6AI score0.01957EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2007/12/18 12:0 a.m.6 views

PT-2007-7276 · Fonality · Fonality Trixbox

Name of the Vulnerable Software and Affected Versions: Fonality Trixbox version 2.0 Description: The issue allows remote attackers to execute arbitrary commands via a DNS spoofing attack, as the registry.pl script reads and executes commands from a remote web site without proper validation. This...

4.3CVSS7.4AI score0.02469EPSS
Exploits1References8
OSV
OSV
added 2007/10/12 10:17 a.m.7 views

DEBIAN-CVE-2007-5386

Cross-site scripting XSS vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string...

4.3CVSS5.6AI score0.03326EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2007/07/10 12:0 a.m.6 views

PT-2007-4905 · Mozilla · Firefox

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox version 2.0.0.4 Description: The issue allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. However, this issue has been disputed by third-party researchers, who claim that they cann...

4.3CVSS7.2AI score0.01133EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2007/05/01 2:17 p.m.6 views

GDB buffer overflow

Buffer overflow in the 1 DWARF dwarfread.c and 2 DWARF2 dwarf2read.c debugging code in GNU Debugger GDB 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block DWFORMblock that contains a large number of operations...

5.1CVSS6.2AI score0.03227EPSS
Exploits0References4
OSV
OSV
added 2007/04/12 7:19 p.m.7 views

CVE-2007-2016

Cross-site scripting XSS vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

5.5AI score
Exploits0References3
seebug.org
seebug.org
added 2007/03/19 12:0 a.m.16 views

ScriptMagix Photo Rating <= 2.0 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Script Name: ScriptMagix Photo Rating = 2.0 viewcomments.php Remote Blind SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.scriptmagix.com $$ : 75$ .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/03/14 5:2 a.m.7 views

NSS: SSLv2 protocol buffer overflows

Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...

6.8CVSS7.9AI score0.04335EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/03/14 12:24 a.m.4 views

NSS: SSLv2 protocol buffer overflows

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...

6.8CVSS8AI score0.5036EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/03/02 6:27 p.m.3 views

NSS: SSLv2 protocol buffer overflows

Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...

6.8CVSS7.9AI score0.04335EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/02/24 2:41 a.m.5 views

NSS: SSLv2 protocol buffer overflows

Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...

6.8CVSS8AI score0.5036EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2007/02/23 9:6 p.m.5 views

NSS: SSLv2 protocol buffer overflows

Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...

6.8CVSS7.9AI score0.04335EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2007/01/26 12:0 a.m.9 views

PT-2007-1990 · Unknown · Advanced Guestbook

Name of the Vulnerable Software and Affected Versions: Advanced Guestbook version 2.4.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter to API endpoints such as "index.php", "addentry.php", or "picture.php". Recommendations: For...

7.5CVSS8.3AI score0.01194EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2007/01/24 4:9 p.m.6 views

security flaw

The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 before 2.4.13 allows context-dependent attackers to cause a denial of service crash via a malformed image file...

2.1CVSS5.8AI score0.00904EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2006/12/04 11:28 a.m.2 views

CVE-2006-6245

Multiple SQL injection vulnerabilities in Photo Organizer PO 2.32b and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS6.3AI score0.01152EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2006/11/10 12:0 a.m.6 views

PT-2006-6517 · Speedywiki · Speedywiki

Name of the Vulnerable Software and Affected Versions: Speedywiki version 2.0 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the showRevisions parameter in the "index.php" file. Recommendations: For...

6.8CVSS5.7AI score0.01868EPSS
Exploits1References8
seebug.org
seebug.org
added 2006/11/10 12:0 a.m.32 views

LetterIt v2 (inc/session.php) Remote File Include Vulnerability

No description provided by source. ================================================================================== LetterIt RFI ================================================================================== Info:- Scripts: LetterIt download : http://otterware.net/index.php?dl=45 Version : ...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2006/10/11 12:0 a.m.5 views

PT-2006-5967 · Isearch · Isearch

Name of the Vulnerable Software and Affected Versions: iSearch version 2.16 Description: The issue concerns remote file inclusion vulnerabilities that could allow remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the isearch path parameter within various PHP...

7.5CVSS8AI score0.02761EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2006/10/06 12:0 a.m.9 views

PT-2006-5919 · Pkr · Internet Taskjitsu

Name of the Vulnerable Software and Affected Versions: PKR Internet Taskjitsu versions prior to 2.0.6 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the key parameter when the limit query parameter is set to customerid. Recommendations: For...

7.5CVSS7.9AI score0.01308EPSS
Exploits0References7
Rows per page
Query Builder