Lucene search
K

35 matches found

RedhatCVE
RedhatCVE
added 2017/06/30 4:48 a.m.33 views

CVE-2017-3142

A flaw was found in the way BIND handled TSIG authentication of AXFR requests. A remote attacker, able to communicate with an authoritative BIND server, could use this flaw to view the entire contents of a zone by sending a specially constructed request packet. Mitigation The effects of this...

5.3CVSS1.3AI score0.05356EPSS
Exploits0References2
Cisco
Cisco
added 2016/08/31 4:0 p.m.44 views

Cisco Virtual Media Packager PAM API Unauthorized Access Vulnerability

A vulnerability in the application programming interface API for the Platform and Applications Manager PAM for the Cisco Virtual Media Packager VMP could allow an unauthenticated, remote attacker to access the PAM API. The PAM API is only accessible using the SSL or TLS protocol. The vulnerabilit...

6.8CVSS8.3AI score0.01269EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2015/08/02 12:0 a.m.17 views

simple-image-manipulator <= 1.0 - Remote File Download

Plugin is still affected and has been closed. In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location. PoC $ curl...

5CVSS0.7AI score0.07038EPSS
Exploits2References2Affected Software1
Kaspersky
Kaspersky
added 2015/03/10 12:0 a.m.564 views

KLA10473 Code execution vulnerability in Microsoft products

Lack of authentication control was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed UNC share. Original advisories MS advisory CVE-2015-0008 Related products...

8.3CVSS7.5AI score0.2858EPSS
Exploits4References11
ThreatPost
ThreatPost
added 2014/07/03 9:52 a.m.11 views

Cisco Patches Hardcoded SSH Key Vulnerability in UCM

The Cisco Unified Communications Domain Manager contains a default private SSH key that could allow an attacker to run arbitrary code on vulnerable installations. The bug is about as serious as they come, giving remote, unauthenticated attackers access to affected machines with the rights of a ro...

1AI score
Exploits0References1
exploitpack
exploitpack
added 2012/04/24 12:0 a.m.12 views

Joomla! Component com_videogallery - Local File Inclusion SQL Injection

Joomla! Component comvideogallery - Local File Inclusion SQL Injection source: https://www.securityfocus.com/bid/53237/info The Video Gallery component for Joomla! is prone to local file-include and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attack...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2012/01/28 12:0 a.m.12 views

Joomla! Component com_visa - Local File Inclusion SQL Injection

Joomla! Component comvisa - Local File Inclusion SQL Injection source: https://www.securityfocus.com/bid/51726/info The 'comvisa' component for Joomla! is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2011/04/16 12:0 a.m.14 views

4Images 1.7.9 - Multiple Remote File Inclusions SQL Injections

4Images 1.7.9 - Multiple Remote File Inclusions SQL Injections source: https://www.securityfocus.com/bid/47394/info 4images is prone to multiple remote file-include vulnerabilities and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploi...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2011/04/16 12:0 a.m.23 views

4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections

source: https://www.securityfocus.com/bid/47394/info 4images is prone to multiple remote file-include vulnerabilities and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary server-side script...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2011/02/04 12:0 a.m.11 views

ReOS Local File Include and SQL Injection Vulnerabilities

ReOS is prone to a local file-include vulnerability and multiple SQL- injection vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to view and execute arbitrary local files...

0.2AI score
Exploits0References7
OpenVAS
OpenVAS
added 2010/10/13 12:0 a.m.34 views

BaconMap Local File Include and SQL Injection Vulnerabilities

BaconMap is prone to a local file-include vulnerability and an SQL- injection vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to view and execute arbitrary local files within...

7.5CVSS0.3AI score0.01997EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2010/09/16 12:0 a.m.23 views

PHP MicroCMS Local File Include and SQL Injection Vulnerabilities

PHP MicroCMS is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by t...

6.8CVSS6.5AI score0.02367EPSS
Exploits2References1
NVD
NVD
added 2007/03/20 8:19 p.m.17 views

CVE-2007-1526

Sun Java System Web Server 6.1 before 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List CRL authorization control and access secure web server instances running under an account different from that used for the admin server via...

6CVSS6.2AI score0.00908EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2006/09/07 12:0 a.m.28 views

authentificator201.txt

Discovered by Sirdarckcat from elhacker.net ------------------------------------------------------------------------------------ Autentificator v2.01 SQL Injection http://www.hotscripts.com/Detailed/15291.html ------------------------------------------------------------------------------------...

7.4AI score
Exploits0
NVD
NVD
added 2002/05/29 4:0 a.m.16 views

CVE-2002-0241

NDSAuth.DLL in Cisco Secure Authentication Control Server ACS 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services NDS, which could allow those users to authenticate to the server...

7.5CVSS6.5AI score0.01619EPSS
Exploits0References3
Rows per page
Query Builder