Lucene search
K

74 matches found

OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.22 views

Generic HTTP SQLi (Web Application) - Active Check

This script attempts to use SQL injection SQLi techniques on CGI / web application scripts. SPDX-FileCopyrightText: 2002 John Lampe Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

8.3AI score
Exploits0References3
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.15 views

Psychoblogger SQL Injection

Psychoblogger is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2003 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.9AI score
Exploits0
exploitpack
exploitpack
added 2005/03/11 12:0 a.m.18 views

phpDEV5 - Remote Default Insecure Users

phpDEV5 - Remote Default Insecure Users ------------------------------------------------------------------------ PHPDev5 Remote Insecure Default Users & Passwords vuln. By : Ali7 e-mail : [email protected] date : 09-03-2k5 greetz : all my friends ; AlkaeN ; s4a.cc boyz ; Target : PHPDev 5 URL :...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/11/22 12:0 a.m.28 views

Invision Power Board ibProArcade Module index.php cat Parameter SQL Injection

The installation of Invision Power Board on the remote host includes an optional module, named 'Arcade', that allows unauthorized users to inject SQL commands into the remote SQL database through the 'cat' parameter. An attacker may use this flaw to gain control of the remote database and possibl...

7.5CVSS5.9AI score0.02417EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/11/22 12:0 a.m.39 views

Invision Power Board sources/post.php qpid Parameter SQL Injection

The version of Invision Power Board on the remote host suffers from a flaw in 'sources/post.php' that allows injection of SQL commands into the remote SQL database. An attacker may use this flaw to gain control of the remote database and possibly to overwrite files on the remote host. %NASLMINLEV...

7.5CVSS6AI score0.01341EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/08/02 12:0 a.m.32 views

Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)

The remote host is running the Comersus Shopping Cart Software. There is a flaw in this interface that allows an attacker to log in as any user by using a SQL injection flaw in the code of comersusbackofficelogin.php. An attacker may use this flaw to gain unauthorized access on this host, or to...

7.5CVSS5.9AI score0.06851EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2004/06/11 12:0 a.m.22 views

Invision Power Board ssi.php f Parameter SQL Injection

A vulnerability exists in the version of Invision Power Board on the remote host such that unauthorized users can inject SQL commands through the 'ssi.php' script. An attacker may use this flaw to gain the control of the remote database. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. From:...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/02/06 12:0 a.m.49 views

Oracle Database 9i Multiple Functions Local Overflow

The remote Oracle Database, according to its version number, is vulnerable to a buffer overflow in the query SET TIMEZONE. An attacker with a database account may use this flaw to gain the control on the whole database, or even to obtain a shell on this host. %NASLMINLEVEL 70300 C Tenable Network...

10CVSS5.9AI score0.13193EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2003/08/11 12:0 a.m.33 views

phpWebSite < 0.9.x Multiple Vulnerabilities

There are multiple flaws in the remote version of phpWebSite that may allow an attacker to gain the control of the remote database, or to disable this site entirely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.8CVSS5.4AI score0.02589EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2003/03/26 12:0 a.m.17 views

paFileDB pafiledb.php Multiple Parameter SQL Injection

The remote installation of paFileDB is vulnerable to SQL injection attacks because of its failure to sanitize input to the 'id' and 'rating' parameters to the 'pafiledb.php' script. An attacker may use this flaw to control your database. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Date:...

5.8AI score
Exploits0References1
securityvulns
securityvulns
added 2002/10/17 12:0 a.m.25 views

Microsoft SQL Server Webtasks privilege upgrade &#40;#NISR17102002&#41;

NGSSoftware Insight Security Research Advisory Name: Microsoft SQL Server Webtasks privilege elevation Systems: Microsoft SQL Server 2000 and 7 Severity: High Risk Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected] Advisory URL:...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2001/07/04 12:0 a.m.48 views

Advisory CA-2001-16

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-16 Oracle 8i contains buffer overflow in TNS listener Original release date: July 03, 2001 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Systems running Oracle 8i Overview A...

0.7AI score
Exploits0
CERT
CERT
added 2001/06/28 12:0 a.m.29 views

Oracle 8i contains buffer overflow in TNS Listener

Overview A vulnerability in Oracle 8i allows intruders to assume control of the database server and/or the operating system on which the database server is running, depending on the platform used. Description The COVERT labs at PGP Security have discovered a buffer overflow vulnerability in Oracl...

10CVSS7.5AI score0.85201EPSS
Exploits4References2
Exploit DB
Exploit DB
added 2001/01/10 12:0 a.m.33 views

Borland/Inprise Interbase 4.0/5.0/6.0 - Backdoor Password

source: https://www.securityfocus.com/bid/2192/info Interbase is an open source relational database offered by Borland Inprise Corporation. Interbase contains a backdoor user account and password called "LOCKSMITH". When accessed this account will eliminate all implemented security allowing full...

7.4AI score
Exploits0
Rows per page
Query Builder