Lucene search
K

9791 matches found

OpenVAS
OpenVAS
added 2009/05/06 12:0 a.m.25 views

Nagios External Commands and Adaptive Commands Unspecified Vulnerability

Nagios is prone to an unspecified vulnerability related to the CGI submission of external commands and the processing of adaptive commands. The issue affects versions prior to Nagios 3.0.6. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced...

5CVSS6.8AI score0.04692EPSS
Exploits0References1
securityvulns
securityvulns
added 2009/05/05 12:0 a.m.54 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

6.5CVSS1.5AI score0.04885EPSS
Exploits9References8Affected Software5
securityvulns
securityvulns
added 2009/05/04 12:0 a.m.26 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. OpenX: crossite scripting, information leak...

1.5AI score
Exploits0References4Affected Software4
securityvulns
securityvulns
added 2009/05/03 12:0 a.m.53 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2009/05/01 12:0 a.m.26 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2009/04/29 12:0 a.m.24 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/28 7:36 a.m.2 views

Web Mailer from CGI RESCUE vulnerable to HTTP header injection

Overview Web Mailer from CGI RESCUE contains a HTTP header injection vulnerability. Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. This vulnerability has been fixed and an updated...

4.3CVSS7AI score0.01065EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/28 7:35 a.m.3 views

Cross-site scripting vulnerability in MiniBBS from CGI RESCUE

Overview MiniBBS from CGI RESCUE contains a cross-site scripting vulnerability. MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. This vulnerability has been fixed and an updated version was released on December 13, 2008. Impact An arbitrary...

4.3CVSS6.2AI score0.01223EPSS
Exploits0References10
securityvulns
securityvulns
added 2009/04/28 12:0 a.m.63 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Webglimpse: information leak, crossite scripting, directory traversal, authentication bypass...

1.7AI score
Exploits0References3Affected Software1
Prion
Prion
added 2009/04/27 10:30 p.m.15 views

Code injection

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

5CVSS6.9AI score0.01205EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2009/04/27 10:30 p.m.17 views

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

5CVSS6.7AI score0.01205EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2009/04/27 10:30 p.m.22 views

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

5CVSS6AI score0.01205EPSS
Exploits0References1
CVE
CVE
added 2009/04/27 10:0 p.m.47 views

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 leaves /etc/zm.conf owned by the apache user and 0600-permissioned. This weakens protection of the configuration file and allows remote attackers to modify it via a web-accessible PHP or CGI script. The described vulnerability is limited to file ownership/permission...

5CVSS6.9AI score0.01205EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2009/04/27 10:0 p.m.20 views

CVE-2008-6755

ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a 1 PHP or 2 CGI script...

5CVSS5.7AI score0.01205EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.38 views

JVN#76370393 FORM2MAIL from CGI RESCUE allows unauthorized email transmission

FORM2MAIL from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. FORM2MAIL contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send emails to arbitrary addresses. Solution Updat...

5CVSS6.3AI score0.01222EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.43 views

JVN#36982346 MiniBBS22 from CGI RESCUE allows unauthorized email transmission

MiniBBS22 is a message board script provided by CGI RESCUE. MiniBBS22 contains a vulnerability which allows unauthorized email transmission regardless of the configuration. Impact A remote attacker may send any email to an arbitrary address. Solution Update the software Update to the latest versi...

5CVSS6.4AI score0.01173EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.49 views

JVN#11396739 Cross-site scripting vulnerability in MiniBBS from CGI RESCUE

MiniBBS is a message board script provided by CGI RESCUE, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version according to the information provided by the vendor. Products...

4.3CVSS5.9AI score0.01223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/04/27 12:0 a.m.40 views

JVN#28020230 Web Mailer from CGI RESCUE vulnerable to HTTP header injection

Web Mailer from CGI RESCUE is a software that sends emails with contents that are input into a HTML form. Web Mailer contains a HTTP header injection vulnerability. Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. HTTP response...

4.3CVSS6.5AI score0.01065EPSS
Exploits0
securityvulns
securityvulns
added 2009/04/24 12:0 a.m.28 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2009/04/24 12:0 a.m.800 views

Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure

The remote host is a Linksys WVC54GCA network camera. The version of the firmware of the remote camera contains a flaw that allows authenticated users to download the .htpasswd file from the remote host, which gives them the ability to crack the passwords of other users, including the password of...

3.5CVSS5.5AI score0.00924EPSS
Exploits1References2
Rows per page
Query Builder