Lucene search
+L

883 matches found

CVE
CVE
added 2007/01/25 9:0 p.m.52 views

CVE-2007-0501

CVE-2007-0501 corresponds to a PHP remote file inclusion vulnerability in Mafia Scum Tools 2.0.0 within Matthew Wardrop Advanced Random Generators (adv-random-gen). The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the gen parameter, enabling remote code execution. T...

6.8CVSS7.5AI score0.02365EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2007/01/22 12:0 a.m.22 views

Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit

No description provided by source. !/usr/bin/perl mafia-2-0-0 Index.phpRemote File Include Vulnerability &n...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/09/16 12:0 a.m.21 views

haberx.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++ + Haberx v1.1 tr SQL Injection Vulnerability + + Author : Fix TR + + Site : www.hack.gen.tr + + Contact : fixtratbsdmail.com + +++++++++++++++++++++++++++++++++++++++++++++++++++ + Download: http://www.aspindir.com/Goster/3983 + Versions: 1.02...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/03 12:0 a.m.44 views

[SA18715] PHP GEN Unspecified Cross-Site Scripting and SQL Injection

TITLE: PHP GEN Unspecified Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA18715 VERIFY ADVISORY: http://secunia.com/advisories/18715/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: PHP GEN 1.x...

0.7AI score
Exploits0
Prion
Prion
added 2006/02/01 8:46 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

4.3CVSS6.1AI score0.0118EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2006/02/01 8:46 p.m.16 views

Sql injection

Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors...

7.5CVSS8.9AI score0.02032EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2006/02/01 8:46 p.m.17 views

CVE-2006-0498

Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

4.3CVSS5.8AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/02/01 8:0 p.m.20 views

CVE-2006-0498

Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

5.8AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/02/01 8:0 p.m.20 views

CVE-2006-0497

Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors...

8.1AI score0.02032EPSS
Exploits0References6
CVE
CVE
added 2006/02/01 8:0 p.m.55 views

CVE-2006-0498

CVE-2006-0498 describes multiple cross-site scripting (XSS) vulnerabilities in PHP GEN prior to 1.4, allowing remote attackers to inject arbitrary web script or HTML via unknown attack vectors. The connected documents corroborate the flaw across several sources (NVD entry and multiple mirrors), s...

4.3CVSS5.8AI score0.0118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/02/01 8:0 p.m.43 views

CVE-2005-4707

An XSS vulnerability affects PHP GEN prior to 1.3, allowing remote attackers to inject arbitrary script/HTML via unknown attack vectors. The NVD entry lists a base score of 4.3 (MEDIUM) with Network attack vector, no confidentiality impact, partial integrity impact, and no availability impact. Af...

4.3CVSS6AI score0.0118EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2006/02/01 8:0 p.m.26 views

CVE-2005-4707

Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

5.8AI score0.0118EPSS
Exploits0References5
CVE
CVE
added 2006/02/01 8:0 p.m.44 views

CVE-2006-0497

CVE-2006-0497 affects PHP GEN before 1.4, with multiple SQL injection vulnerabilities that allow remote attackers to inject arbitrary SQL commands via unknown attack vectors. The vulnerability targets the application’s database interaction (SQL layer) and is documented across multiple sources (NV...

7.5CVSS8.1AI score0.02032EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2005/12/31 5:0 a.m.14 views

CVE-2005-4707

Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...

4.3CVSS5.8AI score0.0118EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/11/16 12:0 a.m.37 views

[SA17560] PHP GEN Cross-Site Scripting Vulnerabilities

TITLE: PHP GEN Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA17560 VERIFY ADVISORY: http://secunia.com/advisories/17560/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PHP GEN 1.x http://secunia.com/product/6131/ DESCRIPTION: Some vulnerabilities...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/10/25 12:0 a.m.34 views

[SA17295] phpBB Avatar Script Insertion Vulnerability

TITLE: phpBB Avatar Script Insertion Vulnerability SECUNIA ADVISORY ID: SA17295 VERIFY ADVISORY: http://secunia.com/advisories/17295/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpBB 2.x http://secunia.com/product/463/ DESCRIPTION: K-Gen has discovered a...

0.1AI score
Exploits0
CVE
CVE
added 2005/07/10 4:0 a.m.56 views

CVE-2005-2180

CVE-2005-2180 concerns the GNATS generator, where in GNATS 4.0/4.1.0 (and possibly earlier) if the binary is installed setuid, it fails to properly validate files passed to the -o option and opens the target with write access, enabling a local user to overwrite arbitrary files. This is the core c...

2.1CVSS6.6AI score0.00349EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/07/10 4:0 a.m.25 views

CVE-2005-2180

gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files...

6.5AI score0.00349EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2005/07/07 12:0 a.m.27 views

gnats.txt

Name: GNATS - gen-index Vendor URL: http://www.gnu.org/software/gnats Author: Adam Zabrocki Date: June 16, 2005 Issue: GNATS - the GNU problem report management system allows attacker to overwrite files with privileges suid root when compiled from sources and there isn't in system gnats user, whe...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/07/06 12:0 a.m.11 views

GNU GNATS 4.04.1 - Gen-Index Arbitrary Local File DisclosureOverwrite

GNU GNATS 4.04.1 - Gen-Index Arbitrary Local File DisclosureOverwrite source: https://www.securityfocus.com/bid/14169/info GNU GNATS gen-index allows local attackers to disclose and overwrite arbitrary files. A successful attack can result in privilege escalation and a complete compromise of the...

7.4AI score
Exploits0
Rows per page
Query Builder