8 matches found
MAL-2025-3580 Malicious code in mongo-errorlog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e32915bf4c99db1cb294f47f98fa059abf22bbbb6729673f93f8370a0b9882e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mongo-errorlog (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e32915bf4c99db1cb294f47f98fa059abf22bbbb6729673f93f8370a0b9882e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Mbedthis AppWeb 2.2.2 URL Protocol Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24454/info Mbedthis AppWeb is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. This...
Simple Machine Forum 2.0.x 2.0.4 - File Disclosure Directory Traversal
Simple Machine Forum 2.0.x 2.0.4 - File Disclosure Directory Traversal Exploit Title: SMF /index.php?action=admin;area=logs;sa=errorlog;file=BASE64 ENCODED FILE PATH;line=LINE NUMBER Example : /srv/www/smf/Settings.php : L3Nydi93d3cvc21mL1NldHRpbmdzLnBocA= /etc/passwd : L2V0Yy9wYXNzd2Q= SMF...
Mbedthis AppWeb 2.2.2 - URL Protocol Format String
Mbedthis AppWeb 2.2.2 - URL Protocol Format String source: https://www.securityfocus.com/bid/24454/info Mbedthis AppWeb is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printin...
Mbedthis AppWeb 2.2.2 - URL Protocol Format String
source: https://www.securityfocus.com/bid/24454/info Mbedthis AppWeb is prone to a format-string vulnerability because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. This issue affects only applications th...
DEBIAN-CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...
CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon GLD 1.3 and 1.4 allows remote attackers to execute arbitrary code via format string specifiers in data that is passed directly to syslog...