Lucene search
K

9794 matches found

Tenable Nessus
Tenable Nessus
added 2009/11/06 12:0 a.m.27 views

CGI Generic SQL Injection (HTTP Cookies)

By sending specially crafted HTTP cookies to one or more CGI scripts hosted on the remote web server, Nessus was able to cause an error in the underlying database. This error suggests that the CGI scripts are prone to SQL injection attack. An attacker may be able to exploit this issue to bypass...

5.9AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/11/06 12:0 a.m.547 views

CGI Generic SSI Injection (HTTP headers)

The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings and seem to be vulnerable to an 'SSI injection' attack. By leveraging this issue, an attacker may be able to execute arbitrary commands on the remote host. %NASLMINLEVEL 70300 C Tenable Network...

6.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/11/06 12:0 a.m.1812 views

CGI Generic SQL Injection (blind)

By sending specially crafted parameters to one or more CGI scripts hosted on the remote web server, Nessus was able to get a very different response, which suggests that it may have been able to modify the behavior of the application and directly access the underlying database. An attacker may be...

5.6AI score
Exploits0References3
securityvulns
securityvulns
added 2009/11/05 12:0 a.m.31 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

8.5CVSS1.6AI score0.02943EPSS
Exploits0References5Affected Software2
securityvulns
securityvulns
added 2009/11/02 12:0 a.m.34 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.6AI score0.02322EPSS
Exploits1References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2009/11/02 12:0 a.m.122 views

Adobe ColdFusion Detection

Adobe ColdFusion formerly Macromedia ColdFusion, a rapid application development platform, is running on the remote web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid42339; scriptversion"1.16"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2009/11/01 12:0 a.m.2 views

Oracle Application Server Reports desname Arbitrary File Overwriting (CVE-2005-2371)

Oracle Application Server is a multi-platform solution for developing and deploying enterprise applications and web sites. The server ships with several additional components that extend its functionality. One of such component is the Oracle Reports Services. The Reports Services component allows...

5CVSS6.4AI score0.22288EPSS
Exploits0
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.72 views

Matt Wright guestbook.pl Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

7.5CVSS0.3AI score0.85205EPSS
Exploits6
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.21 views

Dogfood CRM spell.php Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Dogfood CRM...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2009/10/30 12:0 a.m.25 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References4Affected Software4
exploitpack
exploitpack
added 2009/10/30 12:0 a.m.16 views

Nagios3 - statuswml.cgi Command Injection (Metasploit)

Nagios3 - statuswml.cgi Command Injection Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

0.83453EPSS
Exploits14
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.40 views

HP Openview connectedNodes.ovpl Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Openview...

7.5CVSS0.7AI score0.7409EPSS
Exploits9
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.55 views

AWStats configdir Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...

7.5CVSS0.3AI score0.74941EPSS
Exploits11
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.42 views

AWStats migrate Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...

5.1CVSS0.3AI score0.58356EPSS
Exploits10
securityvulns
securityvulns
added 2009/10/29 12:0 a.m.26 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2009/10/28 12:0 a.m.25 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2009/10/27 12:0 a.m.37 views

Mercantec Softcart CGI Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Mercantec...

7.5CVSS0.2AI score0.34763EPSS
Exploits7
OpenVAS
OpenVAS
added 2009/10/27 12:0 a.m.35 views

Debian: Security Advisory (DSA-1914-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.4AI score0.09011EPSS
Exploits6References3
OpenVAS
OpenVAS
added 2009/10/27 12:0 a.m.36 views

Mandrake Security Advisory MDVSA-2009:285 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:285. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

9.3CVSS6.9AI score0.1021EPSS
Exploits1References1
securityvulns
securityvulns
added 2009/10/26 12:0 a.m.25 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.6AI score
Exploits0References2Affected Software1
Rows per page
Query Builder