5586 matches found
CVE-2008-1250
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence...
CVE-2008-1249
snomControl.swf in the central phone server for the Snom 320 SIP Phone allows remote attackers to cause a denial of service application crash and corruption of call logs via a "'; double quote, quote, close parenthesis, semicolon sequence in the "Call a number" field...
Crystal Reports Central Management Server Detection
The remote service is a Central Management Server also known as Crystal Management Server and Automated Process Scheduler, a key component of Crystal Reports Server that centralizes information about users, security levels, published objects, and servers. %NASLMINLEVEL 70300 C Tenable Network...
Perforce Server Detection
The remote service is a Perforce server. Perforce is a commercial, proprietary revision control system, and a Perforce server manages a central database to track file versions and user activity. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
[Full-disclosure] heise Security: Password exposure in Lotus Notes
Excerpt from: http://www.heise-security.co.uk/news/92958 ------ Password exposure in Lotus Notes A debug function in version 5 and up of Lotus Notes can be used to write a file containing the new password in plain text when a user password is changed. This function has been designed to bring more...
The big data library default address-vulnerability warning-the black bar safety net
/data/dvbbs7. mdb Action Network Forum database /databackup/dvbbs7. mdb Action Network Forum database /bbs/databackup/dvbbs7. mdb Action Network Forum database /admin/data/qcdnnews. mdb green to create article management system database /data/qcdnnews. mdb green to create article management syste...
SmartDefense Profiles Available for Users of VPN-1 NGX R62: Assigning a Profile per Gateway
The most significant enhancement in the NGX R62 release is the enablement of SmartDefense Profiles. SmartDefense Profiles expand the flexibility and granularity of security defenses, while allowing central control and management of the security infrastructure. By defining multiple SmartDefense...
CVE-2006-5430
Cross-site scripting XSS vulnerability in the search functionality in db-central dbc Enterprise CMS and db-central CMS allows remote attackers to inject arbitrary web script or HTML via the needle parameter. NOTE: the provenance of this information is unknown; the details are obtained from third...
CVE-2006-5430
CVE-2006-5430 is an XSS vulnerability affecting db-central (dbc) Enterprise CMS and db-central CMS, exploitable through the search needle parameter. The core issue is a reflected/script injection in the search functionality, enabling remote attackers to inject arbitrary script/HTML. The CVSS v2 v...
The Central People's Government portal gov. cn small BUG-vulnerability warning-the black bar safety net
To view the source file. Didn't find the asp. Home like The are htm. Then just find a linkhttp://www. gov. cn/banshi/wjrs/lssf. htm. There is a search, I see the source of the file also didn't find the action words. It seems like there is a jsp linkslater found. And then enterscriptalert"wolf...
From PHP Forum the vulnerability of the endoscope security management-vulnerability warning-the black bar safety net
From: ReJeCt‘s Blog Blue magic Forum is a PHP Forum in the country is widely used. Due to its user registration module in some code defect that can lead to a malicious attacker will be normal users to elevate to administrator. First let's look at an invasion of the examples. The invasion paradigm...
CVE-2005-3925
CVE-2005-3925 describes multiple SQL injection vulnerabilities in Central Manchester CLC Helpdesk Issue Manager 0.9 and earlier. The flaws allow remote attackers to execute arbitrary SQL commands through the following inputs: (1) detail[] (2) orderdir (3) orderby to find.php, and (4) id to issue....
CVE-2005-3925
Multiple SQL injection vulnerabilities in Central Manchester CLC Helpdesk Issue Manager 0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 detail, 2 orderdir, and 3 orderby parameters to find.php, and the 4 id parameter to issue.php...
CVE-2005-3220
Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and...
aMember Pro 2.3.X - Remote File Include Vulnerability
aMember Pro 2.3.X - Remote File Include Vulnerability NewAngels Advisory 2 aMember Pro 2.3.X - Remote File Include Vulnerability ============================================================================= Software: aMember Pro 2.3.4 Type: Remote PHP File Include Vulnerability Risk: High Date:...
[NewAngels Advisory] aMember Pro 2.3.X - Remote File Include Vulnerability
NewAngels Advisory 2 aMember Pro 2.3.X - Remote File Include Vulnerability ======================================================================== ===== Software: aMember Pro 2.3.4 Type: Remote PHP File Include Vulnerability Risk: High Date: Aug. 16 2005 Vendor: CGI Central Credit: =======...
[Full-disclosure] NIC Chile CGI Script Zone Transfers
NIC Chile CGI Script Zone Transfers. Autor: Rodrigo Gutierrez rodrigo at intellicomp.cl Affected: All ".cl" domains which use NIC's Chile Secondary NS. Vendor url: http://www.nic.cl Rate: Critical Background. NIC Chile is a part of the University of Chile and is in charge of handling all the...
CVE-2004-1163
Cisco CNS Network Registrar Central Configuration Management CCM server 6.0 through 6.1.1.3 allows remote attackers to cause a denial of service CPU consumption by ending a connection after sending a certain sequence of packets...
CVE-2000-0955
Cisco Virtual Central Office 4000 VCO/4K uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges...
CVE-2000-0955
Cisco Virtual Central Office 4000 VCO/4K uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges...