Lucene search
K

9887 matches found

NVD
NVD
added 2009/03/05 2:30 a.m.20 views

CVE-2009-0816

Multiple cross-site scripting XSS vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields...

4.3CVSS5.8AI score0.01056EPSS
Exploits0References4
Debian
Debian
added 2009/03/02 8:56 p.m.32 views

[SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites

------------------------------------------------------------------------ Debian Security Advisory DSA-1730-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 02, 2009 http://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.7473EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.14 views

Fedora Update for evolution-data-server FEDORA-2007-484

Check for the Version of evolution-data-server OpenVAS Vulnerability Test Fedora Update for evolution-data-server FEDORA-2007-484 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.11 views

Fedora Update for evolution-data-server FEDORA-2007-0464

Check for the Version of evolution-data-server OpenVAS Vulnerability Test Fedora Update for evolution-data-server FEDORA-2007-0464 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.4AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.13 views

Fedora Update for evolution-data-server FEDORA-2007-595

Check for the Version of evolution-data-server OpenVAS Vulnerability Test Fedora Update for evolution-data-server FEDORA-2007-595 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

7.4AI score
Exploits0References2
NVD
NVD
added 2009/02/22 10:30 p.m.20 views

CVE-2009-0440

IBM WebSphere Partner Gateway WPG 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet aka RNIF document to a backend application, related to 1 "altered service content" and 2 "digital...

6.5CVSS6.1AI score0.01195EPSS
Exploits1References5
NVD
NVD
added 2009/02/17 5:30 p.m.16 views

CVE-2008-6158

Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...

10CVSS6.9AI score0.02912EPSS
Exploits0References3
Prion
Prion
added 2009/02/17 5:30 p.m.16 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...

10CVSS7.5AI score0.02912EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2009/02/17 5:0 p.m.47 views

CVE-2008-6158

Technical details (affected product/versions, root cause, exploit vectors, or impact specifics) are not publicly available in the provided documents. Monitor for updates.

10CVSS7.1AI score0.02912EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/02/17 5:0 p.m.20 views

CVE-2008-6158

Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...

6.9AI score0.02912EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/02/17 12:0 a.m.13 views

Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS

Binary data 4934.prm...

7.8CVSS7.3AI score0.02542EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2009/02/10 12:0 a.m.38 views

typo3 -- cross-site scripting and information disclosure

Secunia reports: Some vulnerabilities have been reported in Typo3, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. Input passed via unspecified fields to the backend user interface is not properly sanitised before being return...

6.5AI score
Exploits0References2
0day.today
0day.today
added 2009/02/09 12:0 a.m.49 views

w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit

Exploit for unknown platform in category web applications ======================================================== w3bcms = v3.5.0 Multiple Remote Vulnerabilities Exploit ======================================================== !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST;...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/02/09 12:0 a.m.35 views

w3bcms 3.5.0 - Multiple Vulnerabilities

w3bcms 3.5.0 - Multiple Vulnerabilities !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/02/09 12:0 a.m.52 views

w3bcms 3.5.0 - Multiple Vulnerabilities

!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2009/02/03 12:0 a.m.10 views

DreamPics PhotoVideo Gallery - Blind SQL Injection

DreamPics PhotoVideo Gallery - Blind SQL Injection xoron 1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge ...

1.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2009/01/22 11:30 p.m.5 views

CVE-2009-0256

Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to 1 frontend and 2 backend authentication...

7.5CVSS5.5AI score0.01793EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2009/01/22 11:30 p.m.26 views

CVE-2009-0256

Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to 1 frontend and 2 backend authentication...

7.5CVSS5.9AI score0.01793EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/01/19 12:0 a.m.12 views

Ganglia Web Backend Version Detection

Binary data 4815.prm...

7.3AI score
Exploits0References1
NVD
NVD
added 2009/01/06 5:30 p.m.27 views

CVE-2008-5860

Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the editfile parameter...

5.1CVSS6.8AI score0.02048EPSS
Exploits0References3
Rows per page
Query Builder