CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9791 matches found

UbuntuCve•added 2007/10/23 4:46 p.m.•19 views

CVE-2007-5624

Cross-site scripting XSS vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts...

4.3CVSS6AI score0.02001EPSS

Exploits0References2

NVD•added 2007/10/23 4:46 p.m.•17 views

CVE-2007-5624

Cross-site scripting XSS vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts...

4.3CVSS5.4AI score0.02001EPSS

Exploits0References12

Prion•added 2007/10/23 4:46 p.m.•23 views

Cross site scripting

Cross-site scripting XSS vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts...

4.3CVSS5.6AI score0.02001EPSS

Exploits0References12Affected Software1

CVE•added 2007/10/23 4:0 p.m.•82 views

CVE-2007-5624

CVE-2007-5624 concerns a cross-site scripting flaw in Nagios2 (Nagios 2.x) via multiple CGI parameters. The vulnerability arises from missing input sanitising in several CGI scripts, enabling an attacker to inject arbitrary HTML/script via remote vectors. Public documentation (including Debian DS...

4.3CVSS5.3AI score0.02001EPSS

Exploits0References12Affected Software1

Cvelist•added 2007/10/23 4:0 p.m.•35 views

CVE-2007-5624

Cross-site scripting XSS vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts...

5.3AI score0.02001EPSS

Exploits0References12

securityvulns•added 2007/10/23 12:0 a.m.•23 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References11Affected Software5

myhack58•added 2007/10/22 12:0 a.m.•15 views

Hack explore of browser execute exe files-bug warning-the black bar safety net

A: really can in the browser command file? The answer is Yes. But don't happy, can only be performed server-side, but is must be authorized. Otherwise the server think the Black you're too easy, who would dare to look at me, I just formatted who. Two: he is how to achieve. Is against the asp file...

0.2AI score

Exploits0

securityvulns•added 2007/10/20 12:0 a.m.•38 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

9CVSS1.5AI score0.07563EPSS

Exploits6References8Affected Software8

securityvulns•added 2007/10/18 12:0 a.m.•22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References4Affected Software3

CVE•added 2007/10/17 1:0 a.m.•42 views

CVE-2003-1365

The CVE-2003-1365 entry concerns the escape_dangerous_chars function in CGI::Lite 2.0 and earlier. The function fails to remove certain dangerous characters (backslash, ?, ~, ^, newline, and carriage return), allowing remote attackers to read or write arbitrary files or execute arbitrary commands...

5CVSS7.7AI score0.01893EPSS

Exploits1References7Affected Software1

Cvelist•added 2007/10/17 1:0 a.m.•20 views

CVE-2003-1365

The escapedangerouschars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including 1 "" backslash, 2 "?", 3 "" tilde, 4 "^" carat, 5 newline, or 6 carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands...

7.3AI score0.01893EPSS

Exploits1References7

Tenable Nessus•added 2007/10/17 12:0 a.m.•29 views

openSUSE 10 Security Update : ruby (ruby-2219)

A denial of service problem in the CGI multipart parsing of 'ruby' was fixed, which could have allowed remote attackers to affect a denial of service attack against ruby based webservices. CVE-2006-5467 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks i...

5CVSS7.3AI score0.04071EPSS

Exploits1References1

Tenable Nessus•added 2007/10/17 12:0 a.m.•28 views

openSUSE 10 Security Update : ruby (ruby-2655)

The ruby package was updated to fix a denial of service problem in its CGI module when parsing multipart MIME messages. CVE-2006-6303 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update ruby-2655...

5CVSS5.3AI score0.03589EPSS

Exploits1References1

securityvulns•added 2007/10/16 12:0 a.m.•22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References4

securityvulns•added 2007/10/15 12:0 a.m.•23 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.2CVSS1.5AI score0.00392EPSS

Exploits0References5Affected Software3

Cvelist•added 2007/10/14 8:0 p.m.•12 views

CVE-2002-2257

Stack-based buffer overflow in the parsefield function in cgilib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument...

8.1AI score0.0543EPSS

Exploits1References3

Cvelist•added 2007/10/14 8:0 p.m.•17 views

CVE-2002-2251

Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument...

7.9AI score0.0658EPSS

Exploits1References3

CVE•added 2007/10/14 8:0 p.m.•51 views

CVE-2002-2251

Technical details about CVE-2002-2251 are not publicly available in the provided documents. Monitor for updates.

10CVSS8.3AI score0.0658EPSS

Exploits1References3Affected Software1

securityvulns•added 2007/10/12 12:0 a.m.•132 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

1.5AI score

Exploits0References5Affected Software2

Tenable Nessus•added 2007/10/11 12:0 a.m.•98 views

TikiWiki tiki-graph_formula.php f Parameter Arbitrary Command Execution

The remote host is running TikiWiki, an open source wiki application written in PHP. The version of TikiWiki on the remote host fails to sanitize input to the 'f' parameter of the 'tiki-graphformula.php' script before using it as a function call. Regardless of PHP's 'registerglobals' setting, an...

7.5CVSS6AI score0.76661EPSS

Exploits6References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by