Lucene search
K

110 matches found

Tenable Nessus
Tenable Nessus
added 2005/07/21 12:0 a.m.54 views

osCommerce Unprotected Admin Directory

The installation of osCommerce on the remote host apparently lets anyone access the application's admin directory, which means that they have complete administrative access to the site. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

5.5AI score
Exploits0References1
NVD
NVD
added 2005/05/11 4:0 a.m.15 views

CVE-2005-1510

PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message...

7.5CVSS6.1AI score0.01532EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/04/18 4:0 a.m.21 views

CVE-2005-1169

Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php...

7.6AI score0.01532EPSS
Exploits0References3
CVE
CVE
added 2005/04/18 4:0 a.m.43 views

CVE-2005-1169

CVE-2005-1169 affects the Mafia Blog .4 BETA package, where the admin directory is not properly protected. This allows remote attackers to execute arbitrary PHP code by abusing writeinfo.php to inject code into info.php. The flaw enables arbitrary code execution with no authentication required an...

7.5CVSS8AI score0.01532EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2004/02/03 12:0 a.m.26 views

Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities

Qualiteam X-Cart 3.x - Multiple Remote Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/9563/info X-Cart has been reported to be prone to an issue that may allow remote attackers to view any web server readable files on the affected system. The issue is caused by a...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2004/01/30 12:0 a.m.13 views

JBrowser 1.02.x - Unauthorized Admin Access

JBrowser 1.02.x - Unauthorized Admin Access source: https://www.securityfocus.com/bid/9537/info Due to a lack of access validation to the 'admin' directory, malevolent users may be able to execute arbitrary admin scripts. This may allow a malicious user to upload arbitrary files to the affected...

1AI score
Exploits0
exploitpack
exploitpack
added 2003/07/13 12:0 a.m.8 views

ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions

ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions source: https://www.securityfocus.com/bid/8172/info It has been reported that a vulnerability exists in ASP-DEV Discussion Forum that exposes potentially sensitive information. Because of this, an attacker may be able to gain...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/07/13 12:0 a.m.21 views

ASP-DEV Discussion Forum 2.0 - Admin Directory Weak Default Permissions

source: https://www.securityfocus.com/bid/8172/info It has been reported that a vulnerability exists in ASP-DEV Discussion Forum that exposes potentially sensitive information. Because of this, an attacker may be able to gain access to user credentials. User credentials are stored in the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/03/22 12:0 a.m.24 views

phpESP (php Easy Survey Package)

Product : phpESP php Easy Survey Package Version : 1.11 WebSite : http://acm.jhu.edu Problem : Access in dbase Description: ------------ In admin directory exist file phpEST.ini if we look this file we can see database dbpassword, dblogin, dbhost, dbname and other private info. phpESP.ini...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2002/03/02 12:0 a.m.36 views

Phorum Discussion Board Security Bug (Email Disclosure)

Concerning latest Phorum version 3.3.2 A bug in the PHP based forum script Phorum makes it possible to obtain the email addresses of the 10 most active users. In the 'admin/' directory of the forum there is a script called 'stats.php' that allows administrators and anyone else, since there is no...

0.5AI score
Exploits0
Rows per page
Query Builder