CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

seebug.org•added 2014/07/01 12:0 a.m.•9 views

GONiCUS System Administrator 1.0 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6922/info GONiCUS System Administrator is prone to an issue that may allow remote attackers to include files located on remote servers. This issue is present in several PHP pages existing in the /plugins and /includes...

7.1AI score

Exploits0

CVE•added 2007/10/20 10:0 a.m.•52 views

CVE-2003-1412

CVE-2003-1412 affects GOsa (GOnicus System Administrator) 1.0. It is a PHP remote file inclusion vulnerability where the plugin parameter in index.php can be controlled to include arbitrary PHP code from several paths: 3fax/1blocklists/index.php, 6departamentadmin/index.php, 5terminals/index.php,...

6.8CVSS7.7AI score0.06072EPSS

Exploits1References6Affected Software1

Cvelist•added 2007/10/20 10:0 a.m.•10 views

CVE-2003-1412

PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator GOsa 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to 1 3fax/1blocklists/index.php; 2 6departamentadmin/index.php, 3 5terminals/index.php, 4 4mailinglists/index.php, 5...

7.7AI score0.06072EPSS

Exploits1References6

NVD•added 2007/01/18 12:28 a.m.•12 views

CVE-2007-0313

Unspecified vulnerability in GONICUS System Administration GOsa before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests...

9CVSS6.2AI score0.00625EPSS

Exploits0References5

Prion•added 2007/01/18 12:28 a.m.•12 views

Design/Logic Flaw

Unspecified vulnerability in GONICUS System Administration GOsa before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests...

9CVSS6.6AI score0.00625EPSS

Exploits0References5Affected Software1

OSV•added 2007/01/18 12:28 a.m.•5 views

CVE-2007-0313

Unspecified vulnerability in GONICUS System Administration GOsa before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests...

6.4AI score

Exploits0References5

Debian CVE•added 2007/01/18 12:0 a.m.•21 views

CVE-2007-0313

Unspecified vulnerability in GONICUS System Administration GOsa before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests...

9CVSS6.1AI score0.00625EPSS

Exploits0

CVE•added 2007/01/18 12:0 a.m.•60 views

CVE-2007-0313

CVE-2007-0313 affects GONICUS System Administration (GOsa) up to, but not including, version 2.5.8. The issue allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests. Impact is described as complete confidentiality, integrity, and avai...

9CVSS6.2AI score0.00625EPSS

Exploits0References5Affected Software1

Cvelist•added 2007/01/18 12:0 a.m.•18 views

CVE-2007-0313

Unspecified vulnerability in GONICUS System Administration GOsa before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests...

6.2AI score0.00625EPSS

Exploits0References5

NVD•added 2003/12/31 5:0 a.m.•7 views

CVE-2003-1412

6.8CVSS7.7AI score0.06072EPSS

Exploits1References6

Tenable Nessus•added 2003/02/27 12:0 a.m.•19 views

GOsa Multiple Script plugin Parameter Remote File Inclusion

The remote web server is hosting GOnicus System Administrator GOsa, a PHP-based administration tool for managing accounts and systems in LDAP databases. The version of GOsa installed on the remote host fails to sanitize user input to the 'plugin' parameter of several scripts before using it to...

6.8CVSS6.2AI score0.06072EPSS

Exploits1References2

Exploit DB•added 2003/02/24 12:0 a.m.•24 views

GONiCUS System Administrator 1.0 - Remote File Inclusion

source: https://www.securityfocus.com/bid/6922/info GONiCUS System Administrator is prone to an issue that may allow remote attackers to include files located on remote servers. This issue is present in several PHP pages existing in the /plugins and /includes folders. By crafting specific URI...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by