Lucene search
+L

883 matches found

FireEye
FireEye
added 2012/10/31 6:36 p.m.16 views

That’s a Wrap! Highlights from MIRcon 2012

Three years ago when we set out to create a conference that would bring together the greatest minds in the information security industry, we could not imagine the overwhelmingly positive response and growth MIRcon™ would receive year after year. Our goal for MIRcon is simple: to inform innovators...

6.8AI score
Exploits0
NVD
NVD
added 2012/09/19 7:55 p.m.9 views

CVE-2012-2105

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...

7.5CVSS8.7AI score0.01923EPSS
Exploits1References9
Prion
Prion
added 2012/09/19 7:55 p.m.13 views

Sql injection

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...

7.5CVSS9.4AI score0.01923EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2012/09/19 7:0 p.m.38 views

CVE-2012-2105

Timesheet Next Gen 1.5.2 contains multiple SQL injection vulnerabilities in login.php that allow remote attackers to execute arbitrary SQL commands through the username or password parameters. This CVE entry is supported by NVD/NVD-derived records and multiple references. No remediation or fix de...

7.5CVSS8.9AI score0.01923EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2012/09/19 7:0 p.m.20 views

CVE-2012-2105

Multiple SQL injection vulnerabilities in login.php in Timesheet Next Gen 1.5.2 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameters...

8.7AI score0.01923EPSS
Exploits1References9
0day.today
0day.today
added 2012/05/04 12:0 a.m.21 views

Next Gen CMS XSS Presistent Vulnerability

Exploit for php platform in category web applications Exploit Title: ACTIVE XSS Next Gen CMS Author: mix0x0 Vendor or Software Link: http://ngcms.ru/ Version: 0.9.3 Release SVN880+FIX01 Vulnerable to the field: "title", test blog Exploit test: var t = new Image;...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/03/03 12:0 a.m.13 views

Timesheet Next Gen 1.5.2 - Multiple SQL Injections

Timesheet Next Gen 1.5.2 - Multiple SQL Injections Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi Date: 02/23/12 Author: G13 Software Link: https://sourceforge.net/projects/tsheetx/ Version: 1.5.2 Category: webapps php Vulnerability The login.php page has multiple SQL injection...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2012/03/03 12:0 a.m.19 views

Timesheet Next Gen 1.5.2 SQL Injection

Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi Date: 02/23/12 Author: G13 Software Link: https://sourceforge.net/projects/tsheetx/ Version: 1.5.2 Category: webapps php Vulnerability The login.php page has multiple SQL injection vulnerabilities. Both the 'username' and 'password' parameters...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/03 12:0 a.m.25 views

Timesheet Next Gen 1.5.2 - Multiple SQL Injections

Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi Date: 02/23/12 Author: G13 Software Link: https://sourceforge.net/projects/tsheetx/ Version: 1.5.2 Category: webapps php Vulnerability The login.php page has multiple SQL injection vulnerabilities. Both the 'username' and 'password' parameters...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2010/06/14 12:0 a.m.34 views

E-PHP B2B Cross Site Scripting / SQL Injection

/ Name : E-PHP B2B Marketplace Multiple Vulns WebSite : http://www.ephpscripts.com/b2b-trading-portal.php Price : 150 USD Author : Hamza 'MizoZ' N. Email : [email protected] / XSS - genconfirm.php shows the error message of $GET'errmsg' , but it's not protected against XSS - Exploit :...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2010/05/11 9:55 p.m.7 views

NSA Director to Head U.S. Cyber Command

The U.S. Senate has approved Lt. Gen. Keith Alexander, director of the National Security Agency, to also head the military’s recently created U.S. Cyber Command. Read the full article. Computerworld...

1.2AI score
Exploits0References1
NVD
NVD
added 2008/11/05 3:0 p.m.14 views

CVE-2008-4939

apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.lex.cc, b /tmp/.deformat.l, c /tmp/.reformat.l, d /tmp/docxorig, e /tmp/docxsalida.zip, f /tmp/xlsxembed, g /tmp/xlsxorig, and h /tmp/xslxsalida.zip temporary files, related to the 1...

6.9CVSS6.4AI score0.0039EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2008/11/05 3:0 p.m.26 views

CVE-2008-4939

apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.lex.cc, b /tmp/.deformat.l, c /tmp/.reformat.l, d /tmp/docxorig, e /tmp/docxsalida.zip, f /tmp/xlsxembed, g /tmp/xlsxorig, and h /tmp/xslxsalida.zip temporary files, related to the 1...

6.9CVSS6AI score0.0039EPSS
Exploits1References1
Cvelist
Cvelist
added 2008/11/05 2:51 p.m.23 views

CVE-2008-4939

apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.lex.cc, b /tmp/.deformat.l, c /tmp/.reformat.l, d /tmp/docxorig, e /tmp/docxsalida.zip, f /tmp/xlsxembed, g /tmp/xlsxorig, and h /tmp/xslxsalida.zip temporary files, related to the 1...

6.4AI score0.0039EPSS
Exploits1References7
NVD
NVD
added 2007/08/08 2:17 a.m.18 views

CVE-2007-4208

SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the 1 UsersEmail or 2 UsersPassword parameter in an ExecuteTheLogin action...

7.5CVSS8.4AI score0.01691EPSS
Exploits0References8
Prion
Prion
added 2007/08/08 2:17 a.m.10 views

Sql injection

SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the 1 UsersEmail or 2 UsersPassword parameter in an ExecuteTheLogin action...

7.5CVSS9.1AI score0.01691EPSS
Exploits0References8
CVE
CVE
added 2007/08/08 1:52 a.m.37 views

CVE-2007-4208

The documents describe CVE-2007-4208 as a SQL injection vulnerability in default.asp of Next Gen Portfolio Manager. The issue allows remote attackers to manipulate the database by supplying crafted values in the ExecuteTheLogin action, specifically via the (1) Users_Email or (2) Users_Password pa...

7.5CVSS8.4AI score0.01691EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/08/08 1:52 a.m.18 views

CVE-2007-4208

SQL injection vulnerability in default.asp in Next Gen Portfolio Manager allows remote attackers to execute arbitrary SQL commands via the 1 UsersEmail or 2 UsersPassword parameter in an ExecuteTheLogin action...

8.4AI score0.01691EPSS
Exploits0References8
exploitpack
exploitpack
added 2007/08/03 12:0 a.m.15 views

Next Gen Portfolio Manager - default.asp Multiple SQL Injections

Next Gen Portfolio Manager - default.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/25195/info Next Gen Portfolio Manager is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

0.7AI score
Exploits0
Cvelist
Cvelist
added 2007/01/25 9:0 p.m.27 views

CVE-2007-0501

PHP remote file inclusion vulnerability in index.php in Mafia Scum Tools 2.0.0 in Matthew Wardrop Advanced Random Generators adv-random-gen allows remote attackers to execute arbitrary PHP code via a URL in the gen parameter...

7.5AI score0.02365EPSS
Exploits0References5
Rows per page
Query Builder