Lucene search
+L

7746 matches found

Cvelist
Cvelist
added 2005/07/19 4:0 a.m.21 views

CVE-2004-2275

i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter...

7.6AI score0.12805EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.30 views

FreeBSD : perl -- vulnerabilities in PERLIO_DEBUG handling (a5eb760a-753c-11d9-a36f-000a95bc6fae)

Kevin Finisterre discovered bugs in perl's I/O debug support : - The environmental variable PERLIODEBUG is honored even by the set-user-ID perl command usually named sperl or suidperl. As a result, a local attacker may be able to gain elevated privileges. CVE-2005-0155 - A buffer overflow may occ...

4.6CVSS5.7AI score0.01315EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2005/06/23 12:0 a.m.25 views

igallery33.txt

Hat-Squad Advisory: i-Gallery directory traversal Product: i-Gallery Vendor Url: http://www.b-cp.com Version: 3.3 older versions not tested , but assumed vulnerable Vulnerability: Directory traversal and CSS bug Release Date: Vendor Status: Informed: 15 June 2005 Second Contact: 19 June 2005...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/22 12:0 a.m.10 views

i-Gallery Traversal File Access / XSS

Binary data 3026.prm...

5CVSS7.3AI score0.0746EPSS
Exploits0References3
CVE
CVE
added 2005/06/21 4:0 a.m.58 views

CVE-2005-2033

The CVE concerns i-Gallery by Blue-Collar Productions (version up to 3.3). A directory traversal flaw in folderview.asp allows an unauthenticated user to read arbitrary files and directories via the folder parameter. Connected Nessus data also notes potential XSS issues in i-Gallery

5CVSS6.8AI score0.0746EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/06/21 4:0 a.m.20 views

CVE-2002-1668

HP-UX 11.11 and earlier allows local users to cause a denial of service kernel deadlock, due to a "file system weakness" that is possibly via an mmap system call and performing an I/O operation using data from the mapped buffer on the file descriptor for the mapped file...

6.5AI score0.00486EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/06/21 12:0 a.m.24 views

[Hat-Squad] i-Gallery directory traversal

Hat-Squad Advisory: i-Gallery directory traversal Product: i-Gallery Vendor Url: http://www.b-cp.com Version: 3.3 older versions not tested , but assumed vulnerable Vulnerability: Directory traversal and CSS bug Release Date: Vendor Status: Informed: 15 June 2005 Second Contact: 19 June 2005...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/06/21 12:0 a.m.16 views

i-Gallery <= 3.3 Multiple Vulnerabilities

The remote host is running i-Gallery, a web-based photo gallery from Blue-Collar Productions. The installed version of i-Gallery fails to sanitize user-supplied input before using it as a folder name in several scripts. An unauthenticated attacker can exploit this flaw to access files and folders...

5CVSS5.4AI score0.0746EPSS
Exploits0References3
NVD
NVD
added 2005/06/20 4:0 a.m.17 views

CVE-2005-2033

Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and directories via the folder parameter...

5CVSS6.8AI score0.0746EPSS
Exploits0References3
exploitpack
exploitpack
added 2005/06/20 12:0 a.m.11 views

I-Gallery - Folder Argument Cross-Site Scripting

I-Gallery - Folder Argument Cross-Site Scripting source: https://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2005/06/20 12:0 a.m.14 views

I-Gallery - Folder Argument Directory Traversal

I-Gallery - Folder Argument Directory Traversal source: https://www.securityfocus.com/bid/14000/info i-Gallery is prone to a directory traversal vulnerability. This could let remote attackers access files on the computer in the context of the Web server process...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2005/06/20 12:0 a.m.23 views

I-Gallery - Folder Argument Cross-Site Scripting

source: https://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'. An attacker may leverage this issue to have...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/06/20 12:0 a.m.20 views

I-Gallery - Folder Argument Directory Traversal

source: https://www.securityfocus.com/bid/14000/info i-Gallery is prone to a directory traversal vulnerability. This could let remote attackers access files on the computer in the context of the Web server process...

7AI score
Exploits0
NVD
NVD
added 2005/06/09 4:0 a.m.23 views

CVE-2005-1868

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension...

7.5CVSS7.7AI score0.01939EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/06/07 4:0 a.m.23 views

CVE-2005-1868

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension...

7.7AI score0.01939EPSS
Exploits0References3
CVE
CVE
added 2005/06/07 4:0 a.m.63 views

CVE-2005-1868

I-Man 0.9 and earlier versions are affected by a vulnerability that allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension through the file upload functionality. The underlying issue is a failure to restrict uploaded file types, enabling PHP exe...

7.5CVSS8.1AI score0.01939EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2005/06/07 12:0 a.m.14 views

PT-2005-2825 · I-Man · I-Man

Name of the Vulnerable Software and Affected Versions: I-Man versions 0.9 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension. This can be done by exploiting the file upload functionality, potentially leadin...

7.5CVSS7.8AI score0.01939EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/06/01 12:0 a.m.37 views

[SA15558] I-Man File Attachments Upload Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2005/05/04 12:0 a.m.23 views

I-Mall Commerce - i-mall.cgi Remote Command Execution

I-Mall Commerce - i-mall.cgi Remote Command Execution I-Mall explo Spawn bash style Shell with webserver uid Greetz z, spax, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my $shiz; my @results; my $probe; my @U; $U1...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2005/05/04 12:0 a.m.32 views

I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit

No description provided by source. I-Mall explo Spawn bash style Shell with webserver uid Greetz z, spax, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my $shiz; my @results; my $probe; my @U; $U1 =...

7.1AI score
Exploits0
Rows per page
Query Builder