Lucene search
K

1859 matches found

CVE
CVE
added 2010/12/22 8:0 p.m.48 views

CVE-2010-4590

CVE-2010-4590 describes a Cross-site scripting (XSS) vulnerability in the HTTP Access Services (HTTP-AS) component of IBM Lotus Mobile Connect (LMC) prior to version 6.1.4. The flaw affects the Connection Manager and allows remote attackers to inject arbitrary web script or HTML via unspecified v...

4.3CVSS5.7AI score0.01053EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2009/12/02 4:30 p.m.20 views

CVE-2009-4151

Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages "HTTP access to the RT server," a relate...

5.8CVSS5.8AI score0.01838EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2009/07/24 12:0 a.m.52 views

Pixaria Gallery 2.3.5 - 'file' Remote File Disclosure

?php iniset"maxexecutiontime",0; printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Pixaria Gallery 2.3.5 /QQQ/\QQQ\ Remote File Disclosure /QQQQQ/ \QQQQQQ\ q GET 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q http://pixaria.com |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait,...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

WirelessIP5000 has multiple vulnerabilities

Overview WirelessIP5000, a wireless IP phone from Hitachi Cable, contains multiple vulnerabilities; - Illegal access using the port TCP3390 - SNMP access using an arbitrary community name - Access to the HTTP server by an unauthorized user in the factory default configuration - The HTTP server...

7.5CVSS6.9AI score0.01532EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.3 views

WirelessIP5000 has multiple vulnerabilities

Overview WirelessIP5000, a wireless IP phone from Hitachi Cable, contains multiple vulnerabilities; - Illegal access using the port TCP3390 - SNMP access using an arbitrary community name - Access to the HTTP server by an unauthorized user in the factory default configuration - The HTTP server...

7.5CVSS7AI score0.01532EPSS
Exploits0References5
securityvulns
securityvulns
added 2006/08/09 12:0 a.m.86 views

Barracuda Arbitrary File Disclosure + Command Execution

Title: Barracuda Arbitrary File Disclosure + Command Execution Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair Credits: Matthew Hall Update: 07 August 2006 Updated by: PATz...

1.7AI score
Exploits0
seebug.org
seebug.org
added 2006/08/08 12:0 a.m.19 views

Barracuda Spam Firewall <= 3.3.03.053 Remote Code Execution (extra)

No description provided by source. Title: Barracuda Arbitrary File Disclosure + Command Execution Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair Credits: Matthew Hall...

7.1AI score
Exploits0
CERT
CERT
added 2006/06/29 12:0 a.m.20 views

Cisco Access Point Web Browser Interface contains a vulnerability

Overview A vulnerability in the HTTP management interface for some configurations of Cisco wireless access points could allow a remote attacker to take complete control over the affected device. Description Cisco wireless access points allow administrators to create more than one set of...

9.3CVSS6.8AI score0.03739EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/05/13 12:0 a.m.28 views

FreeBSD : awstats -- arbitrary code execution vulnerability (e86fbb5f-0d04-11da-bc08-0001020eed82)

An iDEFENSE Security Advisory reports : Remote exploitation of an input validation vulnerability in AWStats allows remote attackers to execute arbitrary commands. The problem specifically exists because of insufficient input filtering before passing user-supplied data to an eval function. As part...

5CVSS6.1AI score0.02665EPSS
Exploits0References4
Prion
Prion
added 2006/05/09 10:2 a.m.18 views

Authentication flaw

Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...

7.5CVSS7.4AI score0.08825EPSS
Exploits1References11Affected Software4
NVD
NVD
added 2006/05/09 10:2 a.m.14 views

CVE-2006-0515

Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...

7.5CVSS6.9AI score0.08825EPSS
Exploits1References11
Cvelist
Cvelist
added 2006/05/09 10:0 a.m.19 views

CVE-2006-0515

Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...

6.9AI score0.08825EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.27 views

Ubuntu 4.10 / 5.04 : squid vulnerability (USN-122-1)

Michael Bhola discovered that errors in the httpaccess configuration, in particular missing or invalid ACLs, did not cause a fatal error. This could lead to wider access permissions than intended by the administrator. Note that Tenable Network Security has extracted the preceding description bloc...

7.5CVSS5.4AI score0.01727EPSS
Exploits0References1
OSV
OSV
added 2005/05/06 12:0 a.m.22 views

DSA-721-1 squid - design flaw

Bulletin has no description...

7.5CVSS6.3AI score0.01727EPSS
Exploits0
securityvulns
securityvulns
added 2002/07/29 12:0 a.m.32 views

Phenoelit Advisory 0815 ++ /+ HP ProCurve

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +-+- Authors FX [email protected] kim0 [email protected] Zet [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/HPProCurve.txt Affected Products Hewlett Packard HP ProCurve Switch Tested on HP J4121A...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2002/02/07 12:0 a.m.218 views

Oracle 9iAS Java Process Manager /oprocmgr-status Anonymous Process Manipulation

The remote host is an Oracle 9iAS server. By default, accessing the location /oprocmgr-status via HTTP lets an attacker obtain the list of processes running on the remote host, and even to to start or stop them. %NASLMINLEVEL 70300 This script was written by Matt Moore Script audit and...

5CVSS5.5AI score0.51129EPSS
Exploits0References2
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.21 views

CVE-1999-1264

WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled...

6.7AI score0.01502EPSS
Exploits1References3
CVE
CVE
added 2001/09/12 4:0 a.m.40 views

CVE-1999-1264

The CVE-1999-1264 entry describes a vulnerability in WebRamp M3 routers where remote access (telnet/HTTP) is not disabled as configured, allowing access to the device despite explicit disablement. The NVD entry lists a CVSS 2.0 base score of 7.5 (HIGH) with network impact across confidentiality, ...

7.5CVSS7.1AI score0.01502EPSS
Exploits1References3Affected Software1
NVD
NVD
added 1999/01/21 5:0 a.m.22 views

CVE-1999-1264

WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled...

7.5CVSS6.7AI score0.01502EPSS
Exploits1References3
Rows per page
Query Builder