Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8683 matches found

CERT
CERTadded 2002/09/27 12:0 a.m.39 views

Microsoft Word does not check for macros contained in linked template file when opening RTF document

Overview There is a vulnerability caused by a failure to detect macros embedded in templates used by rich text format documents opened in Microsoft Word. This vulnerability may allow the author of a malicious document to execute arbitrary commands as the user who opens the document. Description...

4.6CVSS7.1AI score0.00528EPSS
Exploits0References2
CERT
CERTadded 2002/09/27 12:0 a.m.22 views

PGPMail.pl does not adequately validate user input thereby allowing arbitrary command execution

Overview PGPMail.pl does not adequately filter user input, allowing arbitrary command execution. Description PGPMail.pl is an adaptation of the FormMail.pl CGI script, enhanced to use PGP encryption. PGPMail.pl does not adequately filter the "recipient" and "pgpuserid" CGI variables before passin...

7.5CVSS7.1AI score0.01125EPSS
Exploits0References1
CERT
CERTadded 2002/09/27 12:0 a.m.21 views

MS Excel XLM Text Macro execution fails to trigger warning when default medium security set

Overview Excel fails to present a warning dialog when a macro is called from an external XLM text macro file. Description If a spreadsheet contains a reference to an external macro XLM file, Excel does not generate the usual warning dialog asking if the user wants to run the macro. Microsoft...

7.2CVSS7.1AI score0.01667EPSS
Exploits0References7
CERT
CERTadded 2002/09/26 12:0 a.m.29 views

WebCalendar does not adequately validate user input

Overview WebCalendar does not properly validate user input, allowing attackers to execute arbitrary commands. Description WebCalendar is a free PHP application providing web calendar services for user groups. WebCalendar contains an unspecified input validation vulnerability, allowing arbitrary...

7.5CVSS7.5AI score0.01794EPSS
Exploits0References1
CERT
CERTadded 2002/09/24 12:0 a.m.15 views

Textor Webmasters Ltd listrec.pl does not adequately validate user input thereby allowing arbitrary commands to be executed

Overview Textor Webmasters Ltd listrec.pl CGI script does not properly validate input to the "TEMPLATE" CGI variable, allowing arbitrary command execution. Description The CGI script listrec.pl by Textor Webmasters Ltd does not properly validate input to the "TEMPLATE" CGI variable. This value is...

7.9AI score
Exploits0References1
Exploit DB
Exploit DBadded 2002/09/23 12:0 a.m.22 views

phpWebSite 0.8.2 - PHP File Inclusion

source: https://www.securityfocus.com/bid/5779/info A vulnerability has been discovered in phpWebsite which allows an attacker to remotely include a malicious PHP file. It is possible for an attacker to specify a remote location for phpWebsite to download an attacker-supplied htmlheader.php scrip...

7AI score
Exploits0
CERT
CERTadded 2002/09/16 12:0 a.m.27 views

Input-validation vulnerability in PHP-Nuke allows arbitrary command execution via request for remote web site

Overview PHP-Nuke has an input-validation vulnerability that can lead to execution of arbitrary PHP code hosted on another web server. Description PHP-Nuke is a tool designed to ease web site creation and maintenance. PHP-Nuke includes a script named index.php, which uses PHP's include function t...

7.5CVSS7.2AI score0.00588EPSS
Exploits0References1
securityvulns
securityvulnsadded 2002/09/10 12:0 a.m.45 views

phpGB: DoS and executing_arbitrary_commands

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following design error in phpGB: Details - ------- Product: phpGB Affected Version: 1.20 and maybe all versions before Immune Version: 1.30 OS affected: all OS with php Vendor-URL: http://www.walzl.net Vendor-Status: informed, new...

0.3AI score
Exploits0
Packet Storm
Packet Stormadded 2002/08/29 12:0 a.m.26 views

idefense.webmin.txt

Reference: http://www.securiteam.com/unixfocus/5CP0R1P80G.html Webmin Vulnerability Leads to Remote Compromise RPC CGI ------------------------------------------------------------------------ SUMMARY Webmin is a web-based interface for system administration for Linux/UNIX. Using any browser that...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2002/08/23 12:0 a.m.23 views

Arbitrary Command Execution on Distributor SQL Server 2000 machines (#NISR22002002A)

NGSSoftware Insight Security Research Advisory Name: Arbitrary Command Execution on SQL Server 2000 Systems: Microsoft SQL Server 2000 SP 2 Severity: High Risk for Distributor servers Category: Arbitrary Command Execution Vendor URL: http://www.microsoft.com/ Author: David Litchfield...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2002/08/22 12:0 a.m.36 views

Directory Manager edit_image.php Arbitrary Command Execution

Directory Manager is installed and does not properly filter user input. A remote attacker may use this flaw to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid11104; scriptversion"1.26";...

7.5CVSS7.6AI score0.01458EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2002/08/22 12:0 a.m.35 views

Viralator CGI Script Arbitrary Command Execution

The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server. No flaw was tested. Your script might be a safe version. %NASLMINLEVEL 70300 C Tenable Network Security, In...

7.5CVSS5.5AI score0.01983EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2002/08/21 12:0 a.m.62 views

Mountain Network Systems webcart.cgi Arbitrary Command Execution

webcart.cgi is installed and does not properly filter user input. An attacker may use this flaw to execute any command on your system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. untested Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists...

7.5CVSS7.3AI score0.08721EPSS
Exploits1References2
Exploit DB
Exploit DBadded 2002/08/14 12:0 a.m.31 views

GoAhead Web Server 2.1 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platforms including Microsoft Windows and Linux variant...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/08/14 12:0 a.m.7 views

GoAhead Web Server 2.1 - Arbitrary Command Execution

GoAhead Web Server 2.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/5464/info GoAhead WebServer is an Open Source embedded web server which supports Active Server Pages, embedded javascript, and SSL authentication and encryption. It is available for a variety of platfor...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2002/08/06 12:0 a.m.53 views

Sun Sunsolve CD Pack sscd_suncourier.pl email Parameter Arbitrary Command Execution

The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment. Sunsolve CD CGI scripts does not validate user input. Crackers may use them to execute some commands on your system. Note: Nessus did not try to...

10CVSS5.7AI score0.03931EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2002/08/05 9:4 p.m.4 views

Important: Red Hat Security Advisory: xchat security update

A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...

7.5CVSS6AI score0.01079EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2002/07/30 12:0 a.m.23 views

Dispair 0.1/0.2 - Remote Command Execution

source: https://www.securityfocus.com/bid/5392/info Dispair fails to sufficiently validate user-supplied input before it is passed to the shell via the Perl open function. Remote attackers may potentially exploit this issue to execute arbitrary commands on the underlying shell with the privileges...

7.4AI score
Exploits0
Cvelist
Cvelistadded 2002/07/26 4:0 a.m.18 views

CVE-2002-0645

SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine MSDE 2000 may allow authenticated users to execute arbitrary commands...

7.6AI score0.01935EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2002/07/25 12:0 a.m.338 views

rsh NULL Login Remote Privilege Escalation

It is possible to execute arbitrary command on this host using rsh by supplying a NULL username. C Tenable Network Security, Inc. include"compat.inc"; include"dataprotection.inc"; ifdescription scriptid10096; scriptversion "1.17"; scriptcvsdate"Date: 2018/08/13 14:32:36";...

7.5CVSS5.9AI score0.00639EPSS
Exploits0References1
Rows per page
Query Builder