Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2004/09/29 12:0 a.m.23 views

Debian DSA-125-1 : analog - XSS

Yuji Takahashi discovered a bug in analog which allows a cross-site scripting type attack. It is easy for an attacker to insert arbitrary strings into any web server logfile. If these strings are then analysed by analog, they can appear in the report. By this means an attacker can introduce...

7.5CVSS5.7AI score0.01414EPSS
Exploits0References2
Cvelist
Cvelistadded 2004/09/01 4:0 a.m.15 views

CVE-2002-1154

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service disk consumption by using the command to report updates more frequently and fill the web server error log...

6.8AI score0.00672EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2004/09/01 4:0 a.m.18 views

CVE-2002-1154

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service disk consumption by using the command to report updates more frequently and fill the web server error log...

5CVSS6.4AI score0.00672EPSS
Exploits0
OSV
OSVadded 2002/10/11 4:0 a.m.2 views

DEBIAN-CVE-2002-1154

anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote attackers to cause a denial of service disk consumption by using the command to report updates more frequently and fill the web server error log...

5CVSS7AI score0.00672EPSS
Exploits0References1
Cvelist
Cvelistadded 2002/06/25 4:0 a.m.16 views

CVE-2002-0166

Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display...

6.5AI score0.01414EPSS
Exploits0References6
Debian
Debianadded 2002/03/28 8:47 a.m.9 views

[SECURITY] [DSA 125-1] New analog packages fix cross-site scripting vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 125-1 [email protected] http://www.debian.org/security/ Martin Schulze March 28th, 2002 - -------------------------------------------------------------------------- Package : analog...

1.1AI score
Exploits0
Debian
Debianadded 2001/03/07 1:34 p.m.15 views

[SECURITY] [DSA 033-1] New versions of analog available

---------------------------------------------------------------------------- Debian Security Advisory DSA-033-1 [email protected] http://www.debian.org/security/ Martin Schulze March 7, 2001 - ---------------------------------------------------------------------------- Package : analog...

5.9AI score
Exploits0
securityvulns
securityvulnsadded 2001/02/14 12:0 a.m.21 views

Security advisory for analog

SECURITY ADVISORY 13th February 2001 ---------------------------------------------------------------------- Program: analog logfile analysis program Versions: all versions except 4.16 and 4.90beta3 Operating systems: all ---------------------------------------------------------------------- There...

0.3AI score
Exploits0
Rows per page
Query Builder