CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9791 matches found

CVE•added 2008/08/29 6:0 p.m.•61 views

CVE-2008-2928

CVE-2008-2928 affects Red Hat Directory Server 7.1 with Service Pack 7. A buffer overflow in the adminutil CGI components can be triggered by a crafted Accept-Language HTTP header, allowing remote attackers to crash the daemon or possibly execute arbitrary code. Connected advisory RHSA-2008:0596 ...

10CVSS7.7AI score0.06643EPSS

Exploits1References14Affected Software1

seebug.org•added 2008/08/28 12:0 a.m.•27 views

Red Hat Directory Server接受语言HTTP头字段缓冲区溢出漏洞

BUGTRAQ ID: 30869 CVE ID: CVE-2008-2928 CNCVE ID：CNCVE-20082928 Red Hat Directory Server是一款LDAPv3兼容的目录服务程序。 Red Hat Directory Server包含的对个CGI应用吃呢供需处理Accept-Language HTTP头字段存在缓冲区溢出，远程攻击者可以利用漏洞以管理服务器应用程序权限执行任意指令。能访问管理服务器WEB接口的攻击者可使用这个漏洞使这些CGI应用程序崩溃，或者可能以应用程序权限执行任意代码。注意：Red Hat Directory Server...

10CVSS6.4AI score0.06643EPSS

Exploits1

Tenable Nessus•added 2008/08/27 12:0 a.m.•35378 views

AWStats Totals awstatstotals.php multisort() Function sort Parameter Arbitrary PHP Code Execution

The remote web server is running a version of awstatstotals.php which does not properly sanitize its 'sort' argument. An attacker can run arbitrary commands on the remote host within the context of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

9.3CVSS8.5AI score0.53202EPSS

Exploits5References3

securityvulns•added 2008/08/26 12:0 a.m.•30 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PHP-Nuke: crossite scripting...

1.4AI score

Exploits0References8Affected Software7

securityvulns•added 2008/08/24 12:0 a.m.•27 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Envolution: SQL injection, information leakage...

1.6AI score

Exploits0References3Affected Software1

Tenable Nessus•added 2008/08/24 12:0 a.m.•19 views

openSUSE 10 Security Update : perl (perl-5443)

Specially crafted regular expressions could crash perl CVE-2008-1927. Additionally problem in the CGI module was fixed that could result in an endless loop if uploads were cancelled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

5CVSS5.2AI score0.03153EPSS

Exploits1References1

Tenable Nessus•added 2008/08/24 12:0 a.m.•22 views

SuSE 10 Security Update : Perl (ZYPP Patch Number 5444)

Specially crafted regular expressions could crash perl. CVE-2008-1927 Additionally problem in the CGI module was fixed that could result in an endless loop if uploads were cancelled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

5CVSS5.2AI score0.03153EPSS

Exploits1References2

securityvulns•added 2008/08/23 12:0 a.m.•21 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. osCommerce: crossite scripting...

1.6AI score

Exploits0References1

Tenable Nessus•added 2008/08/23 12:0 a.m.•28 views

TWiki bin/configure 'image' Parameter Traversal Arbitrary File Access/Execution

The version of TWiki running on the remote host allows access to the 'configure' script, and fails to sanitize the 'image' parameter of that script. When the 'action' parameter is set to 'image', an unauthenticated attacker can exploit this issue to execute arbitrary code or to view arbitrary fil...

6.8CVSS6AI score0.0828EPSS

Exploits6References3

securityvulns•added 2008/08/21 12:0 a.m.•28 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References2Affected Software2

securityvulns•added 2008/08/20 12:0 a.m.•23 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Envolution: crossite scripting, information leak...

1.7AI score

Exploits0References1Affected Software1

securityvulns•added 2008/08/19 12:0 a.m.•23 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Envolution: crossite scripting, automation protection bypass...

1.8AI score

Exploits0References4Affected Software4

securityvulns•added 2008/08/18 12:0 a.m.•29 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WP-ContactForm for WordPress: Spamming, Envolution: crossite scripting, informaiton leak...

1.5AI score

Exploits0References9Affected Software8

Tenable Nessus•added 2008/08/17 12:0 a.m.•99 views

Solaris 10 (sparc) : 122239-03

SunOS 5.10: Apache 2 modperl Perl cgi pat. Date this patch was last updated by Sun : Aug/08/08 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

7.5CVSS0.2AI score0.0483EPSS

Exploits1References2

Tenable Nessus•added 2008/08/17 12:0 a.m.•24 views

Solaris 10 (x86) : 122240-03

SunOS 5.10x86: Apache 2 modperl Perl cgi. Date this patch was last updated by Sun : Aug/08/08 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

7.5CVSS0.3AI score0.0483EPSS

Exploits1References2

securityvulns•added 2008/08/12 12:0 a.m.•23 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Contact Form : crossite request forgery, crossite scripting...

1.8AI score

Exploits0References4Affected Software1

securityvulns•added 2008/08/08 12:0 a.m.•24 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Contact Form : antiautomation protection bypass, crossite scripting...

2.4AI score

Exploits0References4Affected Software2

securityvulns•added 2008/08/07 12:0 a.m.•40 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress ME for XOOPS: crossite scripting...

7.2CVSS1.3AI score0.00444EPSS

Exploits1References7Affected Software3

securityvulns•added 2008/08/04 12:0 a.m.•25 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Smeego: automation protection bypass, crossite scripting...

2.2AI score

Exploits0References9Affected Software2

securityvulns•added 2008/08/01 12:0 a.m.•36 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References4Affected Software3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by