CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5285 matches found

Exploit DB•added 2007/11/06 12:0 a.m.•25 views

Weblord.it MS-TopSites - Unauthorized Access / HTML Injection

source: https://www.securityfocus.com/bid/26358/info MS-TopSites is prone to an unauthorized-access vulnerability and an HTML-injection vulnerability because the application fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to gain elevated privileges on the...

7.4AI score

Exploits0

UbuntuCve•added 2007/11/05 7:46 p.m.•23 views

CVE-2007-5824

webserver.c in mt-dappd in Firefly Media Server 0.2.4 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a stats method action to /xml-rpc with 1 an empty Authorization header line, which triggers a crash in the wsdecodepassword function; or 2 a...

7.1CVSS5.9AI score0.05592EPSS

Exploits0References1

NVD•added 2007/11/05 7:46 p.m.•14 views

CVE-2007-5824

7.1CVSS6.4AI score0.05592EPSS

Exploits0References13

Cvelist•added 2007/11/05 7:0 p.m.•32 views

CVE-2007-5824

6.3AI score0.05592EPSS

Exploits0References13

exploitpack•added 2007/11/05 12:0 a.m.•9 views

i-Gallery 3.4 - igallery.asp Remote Information Disclosure

i-Gallery 3.4 - igallery.asp Remote Information Disclosure source: https://www.securityfocus.com/bid/26348/info i-Gallery is prone to a remote information-disclosure vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote use...

7.3AI score

Exploits0

Exploit DB•added 2007/11/05 12:0 a.m.•24 views

i-Gallery 3.4 - 'igallery.asp' Remote Information Disclosure

source: https://www.securityfocus.com/bid/26348/info i-Gallery is prone to a remote information-disclosure vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to view arbitrary local files in the context of the...

7.4AI score

Exploits0

exploitpack•added 2007/10/23 12:0 a.m.•15 views

Japanese PHP Gallery Hosting - Arbitrary File Upload

Japanese PHP Gallery Hosting - Arbitrary File Upload source: https://www.securityfocus.com/bid/26179/info Japanese PHP Gallery Hosting is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to uplo...

0.2AI score

Exploits0

Exploit DB•added 2007/10/23 12:0 a.m.•34 views

Japanese PHP Gallery Hosting - Arbitrary File Upload

source: https://www.securityfocus.com/bid/26179/info Japanese PHP Gallery Hosting is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of th...

7.4AI score

Exploits0

Exploit DB•added 2007/10/23 12:0 a.m.•38 views

Korean GHBoard FlashUpload Component - 'download.jsp?name' Arbitrary File Access

source: https://www.securityfocus.com/bid/26182/info GHBoard is prone to multiple vulnerabilities that let attackers upload and download arbitrary files and execute arbitrary code within the context of the webserver process...

7.4AI score

Exploits0

Exploit DB•added 2007/10/23 12:0 a.m.•19 views

Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload

7.4AI score

Exploits0

exploitpack•added 2007/10/18 12:0 a.m.•19 views

SiteBar 3.3.8 - index.php?target Cross-Site Scripting

SiteBar 3.3.8 - index.php?target Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...

6.8AI score

Exploits0

exploitpack•added 2007/10/18 12:0 a.m.•13 views

SiteBar 3.3.8 - command.php?Modify User Action uid Cross-Site Scripting

SiteBar 3.3.8 - command.php?Modify User Action uid Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include...

6.8AI score

Exploits0

exploitpack•added 2007/10/18 12:0 a.m.•10 views

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting

SiteBar 3.3.8 - integrator.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability -...

6.8AI score

Exploits0

exploitpack•added 2007/10/18 12:0 a.m.•10 views

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution

SiteBar 3.3.8 - translator.php?updcmdActionedit Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include...

0.2AI score

Exploits0

Exploit DB•added 2007/10/18 12:0 a.m.•31 views

SiteBar 3.3.8 - 'command.php?Modify User Action uid' Cross-Site Scripting

source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities -...

7AI score

Exploits0

Exploit DB•added 2007/10/18 12:0 a.m.•25 views

SiteBar 3.3.8 - 'integrator.php?lang' Cross-Site Scripting

7.4AI score

Exploits0

Exploit DB•added 2007/10/18 12:0 a.m.•23 views

SiteBar 3.3.8 - 'index.php?target' Cross-Site Scripting

7.4AI score

Exploits0

Cvelist•added 2007/10/14 8:0 p.m.•15 views

CVE-2002-2256

Directory traversal vulnerability in pWins Webserver 0.2.5 and earlier allows remote attackers to read arbitrary files via Unicode characters...

6.8AI score0.01502EPSS

Exploits0References3

CVE•added 2007/10/14 8:0 p.m.•44 views

CVE-2002-2256

The CVE-2002-2256 entry concerns the pWins Webserver (versions 0.2.5 and earlier). Affected component: the webserver’s handling of Unicode characters enables a directory traversal vulnerability, allowing remote attackers to read arbitrary files. The public records describe the vulnerability as a ...

5CVSS7.1AI score0.01502EPSS

Exploits0References3Affected Software1

Prion•added 2007/10/08 9:17 p.m.•9 views

Format string

Multiple format string vulnerabilities in websrv.cpp in Dawn of Time 1.69s beta4 and earlier allow remote attackers to execute arbitrary code via format string specifiers in the 1 username or 2 password fields when accessing certain "restricted zones", which are not properly handled by the a...

7.5CVSS8.5AI score0.0533EPSS

Exploits1References8Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by