Lucene search
+L

7753 matches found

NVD
NVD
added 2005/06/09 4:0 a.m.23 views

CVE-2005-1868

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension...

7.5CVSS7.7AI score0.01939EPSS
Exploits0References3
CVE
CVE
added 2005/06/07 4:0 a.m.63 views

CVE-2005-1868

I-Man 0.9 and earlier versions are affected by a vulnerability that allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension through the file upload functionality. The underlying issue is a failure to restrict uploaded file types, enabling PHP exe...

7.5CVSS8.1AI score0.01939EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/06/07 4:0 a.m.24 views

CVE-2005-1868

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension...

7.7AI score0.01939EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2005/06/07 12:0 a.m.14 views

PT-2005-2825 · I-Man · I-Man

Name of the Vulnerable Software and Affected Versions: I-Man versions 0.9 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension. This can be done by exploiting the file upload functionality, potentially leadin...

7.5CVSS7.8AI score0.01939EPSS
Exploits0References5
securityvulns
securityvulns
added 2005/06/01 12:0 a.m.38 views

[SA15558] I-Man File Attachments Upload Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2005/05/04 12:0 a.m.23 views

I-Mall Commerce - i-mall.cgi Remote Command Execution

I-Mall Commerce - i-mall.cgi Remote Command Execution I-Mall explo Spawn bash style Shell with webserver uid Greetz z, spax, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my $shiz; my @results; my $probe; my @U; $U1...

7.7AI score
Exploits0
seebug.org
seebug.org
added 2005/05/04 12:0 a.m.32 views

I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit

No description provided by source. I-Mall explo Spawn bash style Shell with webserver uid Greetz z, spax, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my $shiz; my @results; my $probe; my @U; $U1 =...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/05/04 12:0 a.m.41 views

I-Mall Commerce (i-mall.cgi) Remote Command Execution Exploit

Exploit for cgi platform in category web applications ============================================================= I-Mall Commerce i-mall.cgi Remote Command Execution Exploit ============================================================= I-Mall explo Spawn bash style Shell with webserver uid Gree...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/05/04 12:0 a.m.82 views

I-Mall Commerce - 'i-mall.cgi' Remote Command Execution

I-Mall explo Spawn bash style Shell with webserver uid Greetz z, spax, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my $shiz; my @results; my $probe; my @U; $U1 = "/i-mall/i-mall.cgi?p=|"; sub intro sleep 1; ; sub...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2005/04/22 8:17 p.m.6 views

security flaw

Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction...

2.1CVSS5.8AI score0.00388EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/03/13 5:0 a.m.24 views

CVE-2005-0747

ApplyYourself i-Class allows remote attackers to obtain sensitive information about their own applications by reusing the hidden ID field, as demonstrated using the id parameter to ApplicantDecision.asp...

6.2AI score0.01194EPSS
Exploits0References1
CVE
CVE
added 2005/03/13 5:0 a.m.51 views

CVE-2005-0747

The CVE-2005-0747 entry describes an information disclosure in ApplyYourself i-Class where remote attackers can obtain sensitive information about their own applications by reusing a hidden ID field, demonstrated via the id parameter to ApplicantDecision.asp. The vulnerability stems from relying ...

5CVSS6.6AI score0.01194EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2005/02/10 5:0 a.m.61 views

CVE-2005-0295

The CVE-2005-0295 entry concerns npptnt2.sys in nProtect Gameguard, where the kernel driver exposes unrestricted I/O to any process that calls it. This lack of access control permits local users to gain privileges, i.e., a local privilege escalation. The description and connected sources consiste...

4.6CVSS6.9AI score0.0034EPSS
Exploits0References4Affected Software1
FreeBSD
FreeBSD
added 2005/02/02 12:0 a.m.33 views

perl -- vulnerabilities in PERLIO_DEBUG handling

Kevin Finisterre discovered bugs in perl's I/O debug support: The environmental variable PERLIODEBUG is honored even by the set-user-ID perl command usually named sperl or suidperl. As a result, a local attacker may be able to gain elevated privileges. CVE-2005-0155 A buffer overflow may occur in...

4.6CVSS6.9AI score0.01315EPSS
Exploits2
NVD
NVD
added 2005/01/17 5:0 a.m.15 views

CVE-2005-0295

npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allows local users to gain privileges...

4.6CVSS6.5AI score0.0034EPSS
Exploits0References4
NVD
NVD
added 2004/12/31 5:0 a.m.20 views

CVE-2004-2275

i-mall.cgi in I-Mall Commerce allows remote attackers to execute arbitrary commands via shell metacharacters via the p parameter...

10CVSS7.6AI score0.12805EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2004/11/18 12:0 a.m.128 views

Webman I-Mall i-mall.cgi Arbitrary Command Execution

The script i-mall.cgi is installed. Some versions of this script are vulnerable to remote command execution flaw, due to insufficient user input sanitization to the 'p' parameter of the i-mall.cgi script. A malicious user can pass arbitrary shell commands on the remote server through this script...

10CVSS6AI score0.12805EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.46 views

Debian DSA-312-1 : kernel-patch-2.4.18-powerpc - several vulnerabilities

A number of vulnerabilities have been discovered in the Linux kernel. CVE-2002-0429: The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a binary compatibility interface lcall. CAN-2003-0001: Multiple...

10CVSS6.1AI score0.73006EPSS
Exploits20References9
Tenable Nessus
Tenable Nessus
added 2004/08/27 12:0 a.m.25 views

AIX 5.2 : IY46784

The remote host is missing AIX Critical Security Patch number IY46784 Possible data error using memory mapped I/O in cachefs. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.36 views

RHEL 2.1 : fileutils (RHSA-2003:310)

Updated fileutils packages that close a potential denial of service vulnerability are now available. The fileutils package contains several basic system utilities. One of these utilities is the 'ls' program, which is used to list information about files and directories. Georgi Guninski discovered...

5CVSS5.5AI score0.10444EPSS
Exploits1References5
Rows per page
Query Builder