174 matches found
oracleasp-bypass.txt
Affected Software/Device: Oracle Application Server Portal Vulnerability: Authentication Bypass Tested Version: 10G Risk: Medium Description: Oracle Application Server Portal OracleAS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environmen...
SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion
The remote host is running SQLiteManager, a web-based application for managing SQLite databases. The version of SQLiteManager installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter of the 'spaw/dialogs/confirm.php' script before using it to include PHP code...
Help Center Live class/auth.php check_logout Function Admin Authentication Bypass
The remote host is running Help Center Live, an open source, web-based help desk application written in PHP. The version of Help Center Live installed on the remote host has several administrative scripts that fail to exit if called without valid credentials. An unauthenticated attacker may be ab...
Softerra Time-Assistant <= 6.2 (inc_dir) Remote File Inclusion Vuln
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV80$2007 ----------------------------------------------------------------------------------------- ECHOADV80$2007 Softerra Time-Assistant = 6.2 incdir Remote File Inclusion...
Symantec On-Demand Protection加密数据信息泄露漏洞
Symantec On-Demand Agent(SODA)和Symantec On-Demand Protection(SODP)可为基于WEB的应用和服务提供虚拟桌面环境。 本地攻击者可以解密Symantec On-Demand虚拟桌面环境所加密的文件,访问文件中的数据。攻击的具体影响取决于所加密文件的内容。 Symantec SODP 2.6 build 2232 Symantec SODA 2.5 MR2 build 2156 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://support.sygate.com/...
PHPMyManga 0.8.1 - 'template.php' Multiple File Inclusions
+------------------------------------------------------------------------------------------- + PhpMyManga +------------------------------------------------------------------------------------------- + Details: + Input passed to the 'actionsPage' or 'formPage' parameter in template.php is not...
Community Link Pro webeditor login.cgi remote command execution
The remote host is running Community Link Pro, a web-based application written in Perl. The remote version of this software contains a flaw in the script 'login.cgi' which may allow an attacker to execute arbitrary commands on the remote host. OpenVAS Vulnerability Test $Id:...
dotProject < 2.0.2 Multiple Script Remote File Inclusion
Binary data 3433.prm...
IRM 013: Ultraapps Issue Manager is vulnerable to Privilege Escalation
---------------------------------------------------------------------- IRM Security Advisory No. 013 Ultraapps Issue Manager is vulnerable to Privilege Escalation Vulnerablity Type / Importance: Privilege Escalation / High Problem discovered: November 25th 2005 Vendor contacted: November 25th 200...
DSA-746-1 phpgroupware - remote command execution
Bulletin has no description...
FreeBSD : ImageMagick -- PSD handler heap overflow vulnerability (597e2bee-68ea-11d9-a9e7-0001020eed82)
An iDEFENSE Security Advisory reports : Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. Exploitation may allow attackers to run arbitrary code on a victim's computer if t...
Echo Security Advisory 2005.21
--------------------------------------------------------------------------- ECHOADV21$2005 MUltiple Vulnarable In ActiveBuyAndSell --------------------------------------------------------------------------- Author: Dedi Dwianto Date: June, 24th 2005 Location: Indonesia, Jakarta Web:...
eGroupWare Detection
The remote host is running eGroupWare, a web-based groupware solution. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid15720; scriptversion"1.17"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"eGroupWare Detection";...
CVSTrac Detection
The remote host is running CVSTrac, a web-based bug and patch-set tracking system for CVS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; ifdescription scriptid15722; scriptversion"1.14";...