1366 matches found
CVE-2005-1201
Summary: CVE-2005-1201 affects AZ Bulletin Board (AZBB) prior to version 1.0.08. The issue comprises two directory traversal flaws: (1) restricted to remote authenticated admin users who can delete arbitrary files via a “..” in the URL to admin_avatar.php or admin_attachment.php; (2) remote attac...
CVE-2005-0744
The CVE-2005-0744 issue affects the web GUI of Novell iChain versions 2.2 and 2.3 SP2/SP3. The underlying risk is session hijacking leading to administrator privileges via two methods: (1) sniffing the connection on TCP port 51100 and replaying authentication data, and (2) obtaining and replaying...
CVE-2002-1482
This CVE (CVE-2002-1482) affects phpGB 1.20 and earlier. The connected NVD entry describes a SQL injection in login.php when magic_quotes_gpc is not enabled, allowing remote attackers to gain administrative privileges via SQL in the password entry. The vulnerability is rated with base score 10.0 ...
CVE-2002-0096
The CVE-2002-0096 entry concerns Geeklog 1.3. The installation process creates an extra group_assignments record that is not deleted, causing the first newly created user to be added to the GroupAdmin and UserAdmin groups and potentially receive unintended administrative privileges. Connected sou...
CVE-2001-0320
CVE-2001-0320 affects PHP-Nuke 4.4. The flaw is in bb_smilies.php and bbcode_ref.php where a malformed username argument containing a null byte and ".." sequences can allow remote attackers to read arbitrary files and gain PHP administrator privileges. This is supported by the NVD entry and corro...
Microsoft Windows SMB Registry : Key Permission Weakness Admin Privilege Escalation
The following keys contain the name of the program that shall be started when the computer starts. The users who have the right to modify them can easily make the admin run a Trojan program that will give them admin privileges. C Tenable Network Security, Inc. include"compat.inc"; if description...