CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9791 matches found

securityvulns•added 2008/04/27 12:0 a.m.•44 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.5AI score0.05001EPSS

Exploits2References3Affected Software2

CVE•added 2008/04/25 2:0 p.m.•33 views

CVE-2008-1960

CVE-2008-1960 describes a Cross-site Scripting (XSS) vulnerability in ContRay 3.x, affecting the CGI script cgi-bin/contray/search.cgi via the search parameter. Remote attackers can inject arbitrary web script or HTML. Per NVD data, the attack is network-delivery with medium complexity and no aut...

4.3CVSS5.6AI score0.01022EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2008/04/25 12:0 a.m.•26 views

Fedora 8 : fedora-ds-admin-1.1.4-1.fc8 (2008-3220)

This release addresses two security vulerabilities in the package: - shell command injection in CGI replication monitor CVE-2008-0892 - unrestricted access to CGI scripts CVE-2008-0893 Fix Description: Remove ScriptAlias for bin/admin/admin/bin - do not use that directory for CGI URIs - use only...

9CVSS5.5AI score0.1402EPSS

Exploits1References5

securityvulns•added 2008/04/25 12:0 a.m.•27 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Coppermine: SQL injection...

1.6AI score

Exploits0References2Affected Software1

Tenable Nessus•added 2008/04/25 12:0 a.m.•28 views

Fedora 7 : fedora-ds-admin-1.1.4-1.fc7 (2008-3214)

9CVSS5.5AI score0.1402EPSS

Exploits1References5

securityvulns•added 2008/04/24 12:0 a.m.•44 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Wordpress: different message for wrong username and pasword, weak inicial password generation...

4.3CVSS2.1AI score0.01486EPSS

Exploits0References4Affected Software2

Tenable Nessus•added 2008/04/23 12:0 a.m.•46 views

Red Hat Administration Server (redhat-ds-admin) Multiple Remote Vulnerabilities

The remote host is running RedHat or Fedora Directory Server Admin Service. The version of this software installed on the remote host is vulnerable to remote command execution flaw through the argument 'admurl' of the script '/bin/admin/admin/bin/download'. A malicious user could exploit this fla...

9CVSS6.2AI score0.1402EPSS

Exploits1References2

Fedora•added 2008/04/22 12:2 a.m.•54 views

[SECURITY] Fedora 8 Update: fedora-ds-admin-1.1.4-1.fc8

Fedora Administration Server is an HTTP agent that provides management feat ures for Fedora Directory Server. It provides some management web apps that can be used through a web browser. It provides the authentication, access cont rol, and CGI utilities used by the console...

9CVSS0.6AI score0.1402EPSS

Exploits1

Fedora•added 2008/04/22 12:2 a.m.•57 views

[SECURITY] Fedora 7 Update: fedora-ds-admin-1.1.4-1.fc7

9CVSS0.6AI score0.1402EPSS

Exploits1

securityvulns•added 2008/04/22 12:0 a.m.•36 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

4.3CVSS1.5AI score0.04501EPSS

Exploits3References3Affected Software2

securityvulns•added 2008/04/21 12:0 a.m.•30 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.5AI score0.07534EPSS

Exploits3References4Affected Software9

OpenVAS•added 2008/04/21 12:0 a.m.•16 views

Debian Security Advisory DSA 1539-1 (mapserver)

The remote host is missing an update to mapserver announced via advisory DSA 1539-1. OpenVAS Vulnerability Test $Id: deb15391.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1539-1 mapserver Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.3AI score0.03487EPSS

Exploits1

securityvulns•added 2008/04/20 12:0 a.m.•29 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. mnoGoSearch: crossite scripting in search.php3 via q parameter...

2.5AI score

Exploits0References4Affected Software2

Prion•added 2008/04/18 10:5 p.m.•22 views

Directory traversal

Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing 1 + plus, 2 %2b encode...

5CVSS6.8AI score0.02813EPSS

Exploits1References11Affected Software1

Cvelist•added 2008/04/18 10:0 p.m.•22 views

CVE-2008-1891

6.5AI score0.02813EPSS

Exploits1References11

CVE•added 2008/04/18 10:0 p.m.•85 views

CVE-2008-1891

The CVE-2008-1891 entry covers a directory traversal in WEBrick for Ruby (affecting Ruby 1.8.4 and earlier, 1.8.5 before p231, 1.8.6 before p230, 1.8.7 before p22, and 1.9.0 before 1.9.0‑2) when using NTFS/FAT filesystems. An attacker could read arbitrary CGI files by supplying a trailing charact...

5CVSS6.5AI score0.02813EPSS

Exploits1References11Affected Software1

securityvulns•added 2008/04/17 12:0 a.m.•34 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References1

Tenable Nessus•added 2008/04/17 12:0 a.m.•31 views

WEBrick Encoded Traversal Arbitrary CGI Source Disclosure

The remote instance of WEBrick, a standard library of Ruby to implement HTTP servers, allows an attacker to view the source of CGI scripts hosted by the affected application by appending to the URL certain characters, such as '+', '%2b', '.', '%2e', or '%20'. Note that successful exploitation may...

5CVSS7.3AI score0.02813EPSS

Exploits1References2

NVD•added 2008/04/16 6:5 p.m.•22 views

CVE-2008-0893

Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions...

7.5CVSS6.5AI score0.02012EPSS

Exploits0References9

Prion•added 2008/04/16 6:5 p.m.•18 views

Design/Logic Flaw

7.5CVSS7.1AI score0.02012EPSS

Exploits0References9Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by