Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7618 matches found

Packet Storm
Packet Stormadded 2002/08/29 12:0 a.m.25 views

idefense.webmin.txt

Reference: http://www.securiteam.com/unixfocus/5CP0R1P80G.html Webmin Vulnerability Leads to Remote Compromise RPC CGI ------------------------------------------------------------------------ SUMMARY Webmin is a web-based interface for system administration for Linux/UNIX. Using any browser that...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2002/08/23 12:0 a.m.23 views

Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)

NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2002/08/22 12:0 a.m.36 views

Directory Manager edit_image.php Arbitrary Command Execution

Directory Manager is installed and does not properly filter user input. A remote attacker may use this flaw to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid11104; scriptversion"1.26";...

7.5CVSS7.6AI score0.01458EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2002/08/22 12:0 a.m.35 views

Viralator CGI Script Arbitrary Command Execution

The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server. No flaw was tested. Your script might be a safe version. %NASLMINLEVEL 70300 C Tenable Network Security, In...

7.5CVSS5.5AI score0.01983EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2002/08/21 12:0 a.m.62 views

Mountain Network Systems webcart.cgi Arbitrary Command Execution

webcart.cgi is installed and does not properly filter user input. An attacker may use this flaw to execute any command on your system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. untested Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists...

7.5CVSS7.3AI score0.08721EPSS
Exploits1References2
Exploit DB
Exploit DBadded 2002/08/14 12:0 a.m.31 views

GoAhead Web Server 2.1 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platforms including Microsoft Windows and Linux variant...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/08/14 12:0 a.m.7 views

GoAhead Web Server 2.1 - Arbitrary Command Execution

GoAhead Web Server 2.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platfor...

0.3AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2002/08/05 9:4 p.m.4 views

Important: Red Hat Security Advisory: xchat security update

A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...

7.5CVSS6AI score0.01079EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2002/07/30 12:0 a.m.23 views

Dispair 0.1/0.2 - Remote Command Execution

source: https://www.securityfocus.com/bid/5392/info Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open function. Remote attackers may potentially exploit this issue to execute arbitrary commands on the underlying shell with the privileges...

7.4AI score
Exploits0
Cvelist
Cvelistadded 2002/07/26 4:0 a.m.18 views

CVE-2002-0645

SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 may allow authenticated users to execute arbitrary commands...

7.6AI score0.01935EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2002/07/25 12:0 a.m.338 views

rsh NULL Login Remote Privilege Escalation

It is possible to execute arbitrary command on this host using rsh by supplying a NULL username. C Tenable Network Security, Inc. include"compat.inc"; include"dataprotection.inc"; ifdescription scriptid10096; scriptversion "1.17"; scriptcvsdate"Date: 2018/08/13 14:32:36";...

7.5CVSS5.9AI score0.00639EPSS
Exploits0References1
securityvulns
securityvulnsadded 2002/07/13 12:0 a.m.35 views

[SPSadvisory#47]RealONE Player Gold / RealJukebox2 skin file download vulnerability

SPS Advisory 47 RealONE Player Gold / RealJukebox2 skin file download vulnerability UNYUN [email protected] Shadow Penguin Security http://www.shadowpenguin.org -------------------------------------------------------------- Date July. 12, 2002 vulnerable RealONE Player Gold Ver. 6.0.10.505...

7AI score
Exploits0
CERT
CERTadded 2002/07/13 12:0 a.m.26 views

Microsoft Windows 2000 Network Dynamic Data Exchange (DDE) executes code as Local System

Overview The Windows 2000 Network DDE agent permits local users to execute commands with system privileges. Description Dynamic Data Exchange DDE is an interprocess communication mechanism used in Microsoft Windows. A DDE share is an area of memory which is used to store and retrieve data. Networ...

7.2CVSS6.8AI score0.02886EPSS
Exploits1References5
securityvulns
securityvulnsadded 2002/07/11 12:0 a.m.58 views

IE allows universal Cross Domain Scripting (TL#003)

Thor Larholm, PivX, security advisory TL003 ------------------------------------- By Thor Larholm, Denmark 10 July 2002 HTML format: http://www.PivX.com/larholm/adv/TL003/ Topic: IE allows universal Cross Domain Scripting. Discovery date: 25 June 2002. Severity: High Affected applications:...

6.9AI score
Exploits0
exploitpack
exploitpackadded 2002/06/30 12:0 a.m.9 views

E-Guest 1.1 - Server Side Include Arbitrary Command Execution

E-Guest 1.1 - Server Side Include Arbitrary Command Execution source: https://www.securityfocus.com/bid/5129/info E-Guest guest book is a freely available, open source guest book. It is designed for Unix and Linux operating systems. E-Guest does not adequately sanitize user-supplied input in gues...

1AI score
Exploits0
Cvelist
Cvelistadded 2002/06/25 4:0 a.m.11 views

CVE-2002-0211

Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed...

7.2AI score0.00315EPSS
Exploits1References5
exploitpack
exploitpackadded 2002/06/15 12:0 a.m.9 views

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution source: https://www.securityfocus.com/bid/5028/info Zeroboard is a PHP web board package available for the Linux and Unix platforms. Under some circumstances, it may be possible to include arbitrary PHP files. The head.php file does not...

0.2AI score
Exploits0
Cvelist
Cvelistadded 2002/06/11 4:0 a.m.13 views

CVE-2002-0508

wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters 1 prolog or 2 epilog...

7.6AI score0.04426EPSS
Exploits0References7
CVE
CVEadded 2002/06/11 4:0 a.m.73 views

CVE-2002-0436

The CVE-2002-0436 entry maps to the SunSolve CD package: the CGI script sscd_suncourier.pl does not validate the email parameter, enabling remote command execution via shell metacharacters. Documented by NVD/Nessus/OpenVAS references, this is a clientless, remote issue affecting Sunsolve CD CGI i...

10CVSS7.6AI score0.03931EPSS
Exploits0References3Affected Software2
RedHat Linux
RedHat Linuxadded 2002/06/04 7:9 p.m.4 views

Important: Red Hat Security Advisory: : : : Updated xchat packages fix "/dns" vulnerability

A security vulnerability in XChat allows a malicious server to execute arbitrary commands. Updated 11 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IR...

7.5CVSS5.9AI score0.01079EPSS
Exploits0References1
Rows per page
Query Builder