CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The installed version of Magnoware DataTrack System is affected by an information disclosure vulnerability. By appending a backslash '' to a web request, it is possible for an attacker to view pages that require authorization. Although Nessus has not checked for them, the installed version is als...

5CVSS5.3AI score0.00207EPSS

Exploits1References3

OpenVAS•added 2010/06/01 12:0 a.m.•9 views

DataTrack System Version Detection

This script finds the installed DataTrack System version and saves the result in KB. OpenVAS Vulnerability Test $Id: secpoddatatracksystemdetect.nasl 5499 2017-03-06 13:06:09Z teissa $ DataTrack System Version Detection Authors: Madhuri D Copyright: Copyright c 2010 SecPod, http://www.secpod.com...

0.1AI score

Exploits0

OpenVAS•added 2010/06/01 12:0 a.m.•16 views

DataTrack System <= 3.5 Multiple Vulnerabilities

DataTrack System is prone to multiple vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you ca...

4.3CVSS6.5AI score0.00515EPSS

Exploits1References4

OpenVAS•added 2010/06/01 12:0 a.m.•11 views

DataTrack System Detection (HTTP)

HTTP based detection of DataTrack System. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...

7.1AI score

Exploits0

OpenVAS•added 2010/06/01 12:0 a.m.•22 views

DataTrack System Multiple Vulnerabilities

This host is running DataTrack System and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpoddatatracksystemmultvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ DataTrack System Multiple Vulnerabilities Authors: Madhuri D Copyright: Copyright c 2010 SecPod,...

5CVSS0.00515EPSS

Exploits3References5

NVD•added 2010/05/25 10:30 p.m.•10 views

CVE-2010-2079

DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and read arbitrary files, via a trailing backslash in a URI, as demonstrated by 1 web.config\ and 2 .ascx\ files...

5CVSS6.7AI score0.00207EPSS

Exploits1References3

NVD•added 2010/05/25 10:30 p.m.•13 views

CVE-2010-2078

DataTrack System 3.5 allows remote attackers to list the root directory via a 1 /%u0085/ or 2 /%u00A0/ URI...

5CVSS6.6AI score0.00283EPSS

Exploits1References3

Prion•added 2010/05/25 10:30 p.m.•9 views

Design/Logic Flaw

DataTrack System 3.5 allows remote attackers to list the root directory via a 1 /%u0085/ or 2 /%u00A0/ URI...

5CVSS7.2AI score0.00283EPSS

Exploits1References3Affected Software1

Prion•added 2010/05/25 10:30 p.m.•11 views

Design/Logic Flaw

5CVSS7.2AI score0.00207EPSS

Exploits1References3Affected Software1

Cvelist•added 2010/05/25 10:0 p.m.•14 views

CVE-2010-2078

DataTrack System 3.5 allows remote attackers to list the root directory via a 1 /%u0085/ or 2 /%u00A0/ URI...

6.6AI score0.00283EPSS

Exploits1References3

CVE•added 2010/05/25 10:0 p.m.•35 views

CVE-2010-2078

DataTrack System 3.5 is affected by CVE-2010-2078, where remote attackers can cause a root-directory listing via two crafted URIs: /%u0085/ and /%u00A0/. OpenVAS entries also reference DataTrack System

5CVSS6.9AI score0.00283EPSS

Exploits1References3Affected Software1

CVE•added 2010/05/25 10:0 p.m.•40 views

CVE-2010-2079

CVE-2010-2079 affects Magnoware DataTrack System (v3.5). The vulnerability arises from a flaw in URI handling that permits a trailing backslash to bypass extension restrictions and read protected files, exemplified by access to (1) web.config and (2) .ascx files. The documented impact is an infor...

5CVSS6.8AI score0.00207EPSS

Exploits1References3Affected Software1

Cvelist•added 2010/05/25 10:0 p.m.•18 views

CVE-2010-2079

6.6AI score0.00207EPSS

Exploits1References3

NVD•added 2010/05/25 2:30 p.m.•12 views

CVE-2010-2043

Cross-site scripting XSS vulnerability in Home.aspx in DataTrack System 3.5 and 3.5.8019.4 allows remote attackers to inject arbitrary web script or HTML via the WorkOrderSummary parameter aka the request summary. NOTE: some of these details are obtained from third party information...

4.3CVSS5.7AI score0.00515EPSS

Exploits1References6

Prion•added 2010/05/25 2:30 p.m.•14 views

Cross site scripting

4.3CVSS6.2AI score0.00515EPSS

Exploits1References6Affected Software1

CVE•added 2010/05/25 2:0 p.m.•49 views

CVE-2010-2043

CVE-2010-2043 describes a cross-site scripting (XSS) vulnerability in DataTrack System versions 3.5 and 3.5.8019.4, specifically affecting Home.aspx. The XSS can be triggered by manipulating the Work_Order_Summary parameter (the request summary), enabling remote attackers to inject arbitrary web ...

4.3CVSS5.9AI score0.00515EPSS

Exploits1References6Affected Software1

Cvelist•added 2010/05/25 2:0 p.m.•19 views

CVE-2010-2043

5.7AI score0.00515EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by