Lucene search
K

2522 matches found

UbuntuCve
UbuntuCve
added 2005/08/15 4:0 a.m.23 views

CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call...

5CVSS6.2AI score0.02665EPSS
Exploits0References2
OSV
OSV
added 2005/08/15 4:0 a.m.8 views

CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call...

7.5AI score
Exploits0References18
OSV
OSV
added 2005/08/15 4:0 a.m.2 views

DEBIAN-CVE-2005-1527

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call...

5CVSS8.2AI score0.02665EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/08/15 12:0 a.m.3 views

PT-2005-2520 · Awstats · Awstats

Name of the Vulnerable Software and Affected Versions: AWStats versions 6.4 and earlier Description: The issue allows remote attackers to execute arbitrary Perl code via the HTTP Referrer when a URLPlugin is enabled. This is achieved by inserting the $url parameter into an eval function call,...

5CVSS7.5AI score0.02665EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2005/08/10 12:0 a.m.141 views

AWStats Referrer Header Arbitrary Command Execution

The remote host is running AWStats, an open source web analytics tool used for analyzing data from internet services such as web, streaming, media, mail and FTP servers. The version of AWStats installed on the remote host collects data about the web referrers and uses them without proper sanitati...

5CVSS5.9AI score0.02665EPSS
Exploits0References4
exploitpack
exploitpack
added 2005/08/08 12:0 a.m.15 views

SysCP 1.2.x - Multiple Script Execution Vulnerabilities

SysCP 1.2.x - Multiple Script Execution Vulnerabilities source: https://www.securityfocus.com/bid/14490/info SysCP is affected by multiple script execution vulnerabilities. The following specific vulnerabilities were identified: The application is affected by a remote file include vulnerability. ...

0.2AI score
Exploits0
CVE
CVE
added 2005/08/07 4:0 a.m.44 views

CVE-2005-2483

Karrigell before 2.1.8 is affected by an eval-injection vulnerability in its services (.ks) scripts, allowing remote attackers to run arbitrary Python code by passing modified arguments that reference library functions used by the script. The connected documents do not provide exploit details bey...

7.5CVSS8.1AI score0.03068EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2005/07/21 5:42 p.m.8 views

security flaw

Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a variant of CVE-2005-1160...

7.5CVSS5.9AI score0.09473EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/07/13 4:0 a.m.28 views

CVE-2005-2262

Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" in Firefox or "Set as Background" in Netscape context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewallin...

5.1CVSS6.3AI score0.06546EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.22 views

FreeBSD : mozilla -- privilege escalation via non-DOM property overrides (a6427195-c2c7-11d9-89f7-02061b08fc24)

A Mozilla Foundation Security Advisory reports : Additional checks were added to make sure JavaScript eval and Script objects are run with the privileges of the context that created them, not the potentially elevated privilege of the context calling them in order to protect against an additional...

5.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.12 views

FreeBSD : mozilla -- privilege escalation via DOM property overrides (f650d5b8-ae62-11d9-a788-0001020eed82)

A Mozilla Foundation Security Advisory reports : mozbugra4 reported several exploits giving an attacker the ability to install malicious code or steal data, requiring only that the user do commonplace actions like click on a link or open the context menu. The common cause in each case was...

5.7AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2005/07/07 7:56 p.m.5 views

security flaw

Eval injection vulnerability in PEAR XMLRPC 1.3.0 and earlier aka XML-RPC or xmlrpc and PHPXMLRPC aka XML-RPC For PHP or php-xmlrpc 1.1 and earlier, as used in products such as 1 WordPress, 2 Serendipity, 3 Drupal, 4 egroupware, 5 MailWatch, 6 TikiWiki, 7 phpWebSite, 8 Ampache, and others, allows...

7.5CVSS6.2AI score0.79071EPSS
Exploits5References4
FreeBSD
FreeBSD
added 2005/07/07 12:0 a.m.15 views

pear-XML_RPC -- information disclosure vulnerabilities

The pear-XMLRPC release notes reports that the following issues has been fixed: Eliminate path disclosure vulnerabilities by suppressing error messages when eval'ing. Eliminate path disclosure vulnerability by catching bogus parameters submitted to XMLRPCValue::serializeval...

3.4AI score
Exploits0References1
Cvelist
Cvelist
added 2005/07/01 4:0 a.m.31 views

CVE-2005-1921

Eval injection vulnerability in PEAR XMLRPC 1.3.0 and earlier aka XML-RPC or xmlrpc and PHPXMLRPC aka XML-RPC For PHP or php-xmlrpc 1.1 and earlier, as used in products such as 1 WordPress, 2 Serendipity, 3 Drupal, 4 egroupware, 5 MailWatch, 6 TikiWiki, 7 phpWebSite, 8 Ampache, and others, allows...

7.6AI score0.79071EPSS
Exploits5References50
securityvulns
securityvulns
added 2005/07/01 12:0 a.m.24 views

PEAR XML_RPC Remote Code Execution Vulnerability

GulfTech Security Research June 29th, 2005 Vendor : The PEAR Group URL : http://pear.php.net/package/XMLRPC/ Version : PEAR XMLRPC 1.3.0 && Earlier Risk : Remote Command Execution Description: PEAR XMLRPC is a PHP implementation of the XML-RPC web RPC protocol, and used by many different develope...

0.5AI score
Exploits0
Positive Technologies
Positive Technologies
added 2005/07/01 12:0 a.m.9 views

PT-2005-2876 · Egroupware +10 · Egroupware +10

Name of the Vulnerable Software and Affected Versions: PEAR XML RPC versions 1.3.0 and earlier PHPXMLRPC versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement...

7.5CVSS7.5AI score0.79071EPSS
Exploits5References63
FreeBSD
FreeBSD
added 2005/06/29 12:0 a.m.45 views

pear-XML_RPC -- arbitrary remote code execution

GulfTech Security Research Team reports: PEAR XMLRPC is vulnerable to a very high risk php code injection vulnerability due to unsanatized data being passed into an eval call...

7.5CVSS6.8AI score0.79071EPSS
Exploits5References2
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.22 views

CVE-2002-1751

csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

7.5AI score0.02117EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.20 views

CVE-2002-1753

csNewsPro.cgi in CGIScript.net csNews Professional csNewsPro allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function...

7.5AI score0.25916EPSS
Exploits0References3
CVE
CVE
added 2005/06/21 4:0 a.m.58 views

CVE-2002-1752

CVE-2002-1752 ffects CGIScript.net csChat-R-Box. csChatRBox.cgi processes the setup parameter with Perl’s eval, enabling remote attackers to execute arbitrary code. The vulnerability is confirmed across multiple sources (NVD/CVE entries; PT-Security advisory) and is described as a remote code exe...

7.5CVSS7.5AI score0.03236EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder