Lucene search
K

310 matches found

Prion
Prion
added 2010/03/15 9:30 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

4.3CVSS6.1AI score0.01303EPSS
Exploits1References2
Cvelist
Cvelist
added 2010/03/15 9:0 p.m.21 views

CVE-2009-4717

Multiple cross-site scripting XSS vulnerabilities in Gonafish WebStatCaffe allow remote attackers to inject arbitrary web script or HTML via the 1 host parameter to stat/host.php, nodayshow parameter to 2 mostvisitpage.php and 3 visitorduration.php in stat/, 4 nopagesmost parameter to...

5.8AI score0.01303EPSS
Exploits1References2
Prion
Prion
added 2009/02/08 9:30 p.m.26 views

Buffer overflow

Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205...

10CVSS7.9AI score0.08437EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2009/02/08 9:30 p.m.4 views

CVE-2008-4562

Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205...

10CVSS6.2AI score0.08437EPSS
Exploits1References3
CVE
CVE
added 2009/02/08 9:0 p.m.81 views

CVE-2008-4562

CVE-2008-4562 describes a buffer overflow in the HP OpenView Network Node Manager (OV NNM) ovlaunch CGI on Windows, enabling remote code execution via a crafted Host parameter in OV NNM versions 7.01, 7.51, and 7.53. Multiple connected sources (Red Hat advisories and HP patch notes in the Nessus ...

10CVSS7.7AI score0.08437EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2007/06/19 9:30 p.m.30 views

Sql injection

PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library dblink is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1...

6.9CVSS7.6AI score0.01257EPSS
Exploits1References29Affected Software2
Positive Technologies
Positive Technologies
added 2005/12/31 12:0 a.m.4 views

PT-2005-5364 · Tellme · Tellme

Name of the Vulnerable Software and Affected Versions: TellMe versions 1.2 and earlier Description: The issue allows remote attackers to modify command line arguments for the Whois program and obtain sensitive information via "--" style options in the q Host parameter. Recommendations: For TellMe...

6.4CVSS6.5AI score0.01864EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2005/08/16 12:0 a.m.5 views

PT-2005-3450 · E107 · E107 Eping Plugin

Name of the Vulnerable Software and Affected Versions: e107 ePing plugin versions 1.02 and earlier Description: The issue allows remote attackers to execute arbitrary code or overwrite files. This can be achieved through shell metacharacters in the eping count parameter or restricted shell...

7.5CVSS7.7AI score0.02259EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/06/20 4:0 a.m.23 views

CVE-2005-1997

show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter...

6.6AI score0.01425EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2002/08/12 12:0 a.m.3 views

PT-2002-1539 · Linux Directory Penguin · Linux Directory Penguin Traceroute.Pl Cgi Script

Name of the Vulnerable Software and Affected Versions: Linux Directory Penguin traceroute.pl CGI script version 1.0 Description: The issue allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter. This is a result of a flaw in the traceroute.pl CGI script...

10CVSS7.7AI score0.06192EPSS
Exploits0References5
Rows per page
Query Builder