Lucene search
K

6043 matches found

Tenable Nessus
Tenable Nessus
added 2008/09/05 12:0 a.m.28 views

GLSA-200809-04 : MySQL: Privilege bypass

The remote host is affected by the vulnerability described in GLSA-200809-04 MySQL: Privilege bypass Sergei Golubchik reported that MySQL imposes no restrictions on the specification of 'DATA DIRECTORY' or 'INDEX DIRECTORY' in SQL 'CREATE TABLE' statements. Impact : An authenticated remote attack...

4.6CVSS8.2AI score0.02588EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.25 views

FreeBSD Ports: frontpage -- cross site scripting vulnerability

The remote host is missing an update to the system as announced in the referenced advisory. VID c0171f59-ea8a-11da-be02-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

6.8CVSS6.5AI score0.24408EPSS
Exploits1
Exploit DB
Exploit DB
added 2008/08/12 12:0 a.m.34 views

hMAilServer 4.4.1 - IMAP Command Remote Denial of Service

source: https://www.securityfocus.com/bid/30663/info hMailServer is prone to a remote denial-of-service vulnerability caused by large numbers of certain IMAP commands. Exploiting this issue will cause the server to crash and deny access to legitimate users. hMailServer 4.4.1 is vulnerable; other...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/07/15 12:0 a.m.33 views

Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)

The remote host is missing an update to mysql-dfsg-5.0 announced via advisory DSA 1608-1. OpenVAS Vulnerability Test $Id: deb16081.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1608-1 mysql-dfsg-5.0 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...

4.6CVSS0.4AI score0.02588EPSS
Exploits2
OSV
OSV
added 2008/07/13 12:0 a.m.43 views

DSA-1608-1 mysql-dfsg-5.0 - authorization bypass

Bulletin has no description...

4.6CVSS7.1AI score0.02588EPSS
Exploits2
Cvelist
Cvelist
added 2008/07/09 7:0 p.m.15 views

CVE-2008-3092

SQL injection vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for Drupal allows remote authenticated users, with create or edit post permissions, to execute arbitrary SQL commands via unspecified vectors...

8AI score0.00904EPSS
Exploits0References4
NVD
NVD
added 2008/07/03 6:41 p.m.16 views

CVE-2008-2997

Cross-site scripting XSS vulnerability in index.php in Gravity Board X GBX 2.0 Beta allows remote attackers to inject arbitrary web script or HTML via the subject parameter in a postnewsubmit aka create new thread action...

4.3CVSS5.7AI score0.01445EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/07/02 1:5 p.m.2 views

mysql: privilege escalation via DATA/INDEX DIRECTORY directives

MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified 1 DATA DIRECTORY or 2 INDEX DIRECTORY arguments that are within the MySQL home data directory,...

4.6CVSS7.2AI score0.02588EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2008/06/25 12:36 p.m.2 views

CVE-2008-2849

Cross-site scripting XSS vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00842EPSS
Exploits0References5
NVD
NVD
added 2008/06/25 12:36 p.m.20 views

CVE-2008-2849

Cross-site scripting XSS vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.3AI score0.00842EPSS
Exploits0References4
Prion
Prion
added 2008/06/25 12:36 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors...

3.5CVSS5.7AI score0.00842EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2008/06/25 10:0 a.m.23 views

CVE-2008-2849

Cross-site scripting XSS vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal allows remote authenticated users, with create post permissions, to inject arbitrary web script or HTML via unspecified vectors...

5.3AI score0.00842EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/06/23 5:0 p.m.22 views

CVE-2008-2821

Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ dot dot backslash in a response to a LIST command, a related issue to CVE-2002-1345...

6.4AI score0.02533EPSS
Exploits1References5
myhack58
myhack58
added 2008/06/15 12:0 a.m.13 views

Script to automatically create the account password script to automatically create an account password-loophole warning-the black bar safety net

@echo off net user lanye lanye /add net user localgroup administrators lanye /add It is actually very simple! Here's the@echo off you can write you can not write. Action is prompt. The above code is saved as the BAT file after that put in C:\windows\system32\GroupPolicy\Machine\Scripts\Startup th...

0.6AI score
Exploits0
Atlassian
Atlassian
added 2008/05/30 1:45 p.m.26 views

XSS vulnerability in create/edit/copy page and blogpost actions

panelThe following create/edit page URL's are vulnerable: - /pages/createpage.action - /pages/docreatepage.action - /pages/editpage.action - /pages/doeditepage.action on parentPageString panel Example of a maliciously crafted path:...

1.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/05/30 1:45 p.m.16 views

XSS vulnerability in create/edit/copy page and blogpost actions

panelThe following create/edit page URL's are vulnerable: - /pages/createpage.action - /pages/docreatepage.action - /pages/editpage.action - /pages/doeditepage.action on parentPageString panel Example of a maliciously crafted path:...

1.9AI score
Exploits0
Atlassian
Atlassian
added 2008/05/30 1:45 p.m.16 views

XSS vulnerability in create/edit/copy page and blogpost actions

panelThe following create/edit page URL's are vulnerable: - /pages/createpage.action - /pages/docreatepage.action - /pages/editpage.action - /pages/doeditepage.action on parentPageString panel Example of a maliciously crafted path:...

1.9AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2008/05/27 12:0 a.m.28 views

repaironline-admin.txt

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title :: Repair Online v1.2 sentout Create Admin...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/05/27 12:0 a.m.31 views

Repair Online v1.2 (sentout) Create Admin Vulnerability

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title :: Repair Online v1.2 sentout Create Admin...

Exploits0
Prion
Prion
added 2008/05/20 5:20 p.m.12 views

Authentication flaw

MeltingIce File System 1.0 allows remote attackers to bypass application authentication, create new user accounts, and exceed application quotas via a direct request to admin/adduser.php...

7.5CVSS7.2AI score0.02501EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder