Lucene search
+L

7018 matches found

Exploit DB
Exploit DB
added 2003/05/20 12:0 a.m.36 views

Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access

source: https://www.securityfocus.com/bid/7638/info BadBlue is prone to a vulnerability that could allow remote attackers to gain unauthorized access to administrative functions. It is possible to bypass BadBlue security checks when '.hts' files are requested by a remote user. BadBlue restricts...

7.4AI score
Exploits0
CERT
CERT
added 2003/05/05 12:0 a.m.12 views

Cisco Catalyst switches allow access to "enable mode" without password

Overview Cisco Catalyst OS 7.51 contains a vulnerability that allows anyone who can obtain command line access to gain "enable" mode access without knowledge of the "enable" password. Description Cisco Catalyst OS is an operating system for Cisco's line of Catalyst switches. Version 7.51 of...

7.2AI score
Exploits0References2
exploitpack
exploitpack
added 2003/04/24 12:0 a.m.16 views

Libopt.a 3.1x - Error Logging Buffer Overflow (2)

Libopt.a 3.1x - Error Logging Buffer Overflow 2 source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when...

1AI score
Exploits0
exploitpack
exploitpack
added 2003/04/24 12:0 a.m.16 views

Libopt.a 3.1x - Error Logging Buffer Overflow (1)

Libopt.a 3.1x - Error Logging Buffer Overflow 1 / source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when...

1.1AI score
Exploits0
CVE
CVE
added 2003/04/02 5:0 a.m.50 views

CVE-2002-0185

The CVE-2002-0185 issue affects Apache mod_python versions 2.7.6 and earlier, where a module indirectly imported by a published module can be accessed via the publisher, allowing remote attackers to call potentially dangerous functions from the imported module. The OpenVAS/NVD/CVE listings corrob...

7.5CVSS6.7AI score0.04166EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.24 views

CVE-2002-0185

modpython version 2.7.6 and earlier allows a module indirectly imported by a published module to then be accessed via the publisher, which allows remote attackers to call possibly dangerous functions from the imported module...

6.7AI score0.04166EPSS
Exploits0References6
CVE
CVE
added 2003/04/02 5:0 a.m.56 views

CVE-2002-0359

Summary of the CVE-2002-0359 (IRIX xfsmd): The SGI XFS journaling file-system daemon (xfsmd), part of the optional eoe.sw.xfsmserv package on IRIX 6.5, uses a weak (default) AUTH_UNIX RPC authentication mechanism. This allows remote, unauthenticated attackers to invoke privileged RPC functions (i...

10CVSS7.1AI score0.03622EPSS
Exploits0References5Affected Software1
exploitpack
exploitpack
added 2003/03/29 12:0 a.m.18 views

Beanwebb Guestbook 1.0 - Unauthorized Administrative Access

Beanwebb Guestbook 1.0 - Unauthorized Administrative Access source: https://www.securityfocus.com/bid/7232/info A vulnerability has been reported for Guestbook that may allow remote attackers to obtain unauthorized access to administrative functions. The vulnerability is likely due to insufficien...

1.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/03/29 12:0 a.m.23 views

Beanwebb Guestbook 1.0 - Unauthorized Administrative Access

source: https://www.securityfocus.com/bid/7232/info A vulnerability has been reported for Guestbook that may allow remote attackers to obtain unauthorized access to administrative functions. The vulnerability is likely due to insufficient permissions on the 'admin.php' script file...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/03/26 12:0 a.m.31 views

Multiple PHP problems

Local integer overflow in socketiovecalloc may be exploited if PHP is compiled with --enable-sockets option. Memory allocation troubles. Buffer overflow in openlog...

2.5AI score
Exploits0References7Affected Software1
CVE
CVE
added 2003/03/21 5:0 a.m.52 views

CVE-2003-0151

CVE-2003-0151 affects BEA WebLogic Server and Express versions 6.0–7.0. The vulnerability is an access-control flaw in internal admin servlets that may allow remote attackers to read arbitrary files or execute arbitrary code. The connected sources confirm the affected products and the nature of t...

7.5CVSS7.3AI score0.03948EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2003/03/18 12:0 a.m.29 views

SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express

Remote Administration of BEA WebLogic Server and Express Release Date: March 18, 2003 Severity: High Systems Affected: • WebLogic Server and Express 6.0 • WebLogic Server and Express 6.1 • WebLogic Server and Express 7.0 Description: SPI Labs and S21sec have identified a serious vulnerability tha...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2003/02/23 12:0 a.m.12 views

Nuked-klaN 1.3 - Remote Information Disclosure

Nuked-klaN 1.3 - Remote Information Disclosure source: https://www.securityfocus.com/bid/6917/info A vulnerability has been discovered in Nuked-Klan which may be exploited to execute certain PHP functions on a target server. This issue occurs in the 'Team', 'News', and 'Lien' modules and is due t...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2003/02/23 12:0 a.m.44 views

Nuked-klaN 1.3 - Remote Information Disclosure

source: https://www.securityfocus.com/bid/6917/info A vulnerability has been discovered in Nuked-Klan which may be exploited to execute certain PHP functions on a target server. This issue occurs in the 'Team', 'News', and 'Lien' modules and is due to insufficient sanitization of user-supplied UR...

7.4AI score
Exploits0
NVD
NVD
added 2003/02/19 5:0 a.m.15 views

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

7.2CVSS7.7AI score0.01194EPSS
Exploits0References4
OSV
OSV
added 2003/02/19 5:0 a.m.8 views

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

8AI score
Exploits0References5
Debian CVE
Debian CVE
added 2003/02/05 5:0 a.m.29 views

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

7.2CVSS7.6AI score0.01194EPSS
Exploits0
Cvelist
Cvelist
added 2003/02/05 5:0 a.m.21 views

CVE-2003-0074

Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions 1 debuglog, 2 errorlog, and 3 infolog...

7.7AI score0.01194EPSS
Exploits0References4
exploitpack
exploitpack
added 2003/02/05 12:0 a.m.21 views

Oracle 9.x - Database Statement Buffer Overflow

Oracle 9.x - Database Statement Buffer Overflow source: https://www.securityfocus.com/bid/9587/info Oracle database has been reported prone to multiple buffer overflow vulnerabilities when processing certain parameters and functions. Specifically the TIMEZONE parameter, NUMTOYMINTERVAL,...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/01/23 12:0 a.m.3131 views

HTTP TRACE / TRACK Methods Allowed

The remote web server supports the TRACE and/or TRACK methods. TRACE and TRACK are HTTP methods that are used to debug web server connections. This script was written by Thomas Reinke Improvements re TRACK and RFP reference courtesy of Improvements by rd - httpget to get full HTTP/1.1 support,...

8.1CVSS6.2AI score0.25061EPSS
Exploits1References6
Rows per page
Query Builder