Lucene search
K

2922 matches found

OpenVAS
OpenVAS
added 2008/12/05 12:0 a.m.19 views

Gallery Unspecified Security Bypass Vulnerability

Gallery is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.01331EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2008/12/05 12:0 a.m.158 views

PHP 5 < 5.2.7 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is prior to 5.2.7. It is, therefore, affected by multiple vulnerabilities : - There is a buffer overflow flaw in the bundled PCRE library that allows a denial of service attack. CVE-2008-2371 - Multiple directory traversal...

10CVSS8.4AI score0.13923EPSS
Exploits19References27
OpenVAS
OpenVAS
added 2008/11/05 12:0 a.m.27 views

WordPress cat Parameter Directory Traversal Vulnerability

WordPress is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...

9.3CVSS6.3AI score0.08974EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2008/01/10 12:0 a.m.31 views

simple-xss.txt

HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/01/10 12:0 a.m.39 views

Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities

HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...

1.2AI score
Exploits0
myhack58
myhack58
added 2007/09/19 12:0 a.m.41 views

kav/kis 6/7 vulnerabilities-vulnerability warning-the black bar safety net

Foreign famous Rootkit research site rootkit. com published an article: "Exploiting Kaspersky Antivirus 6.0-7.0" the author as EPXOFF/UG North,is famous for its anti-Rootkit tool Rootkit Unhooker,Process walker developers. The article said that Kaspersky Anti-virus software from 6. 0 to the curre...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/08/10 12:0 a.m.24 views

FreeBSD : clamav -- heap overflow vulnerability (342d2e48-26db-11db-9275-000475abc56f)

"Clamav team reports : A heap overflow vulnerability was discovered in libclamav which could cause a denial of service or allow the execution of arbitrary code. The problem is specifically located in the PE file rebuild function used by the UPX unpacker. Relevant code from libclamav/upx.c :...

7.5CVSS5.9AI score0.19058EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2006/08/07 12:0 a.m.31 views

clamav -- heap overflow vulnerability

Clamav team reports: A heap overflow vulnerability was discovered in libclamav which could cause a denial of service or allow the execution of arbitrary code. The problem is specifically located in the PE file rebuild function used by the UPX unpacker. Relevant code from libclamav/upx.c: memcpyds...

7.5CVSS7AI score0.19058EPSS
Exploits1References1
securityvulns
securityvulns
added 2006/06/15 12:0 a.m.42 views

Improper Validation of User-mode Pointers

Improper Validation of User-mode Pointers Many of the hooks that KAV installs and even the custom system services suffer from flaws that are detrimental to the operation of the system. For instance, KAV's modified NtOpenProcess attempts to determine if a user address is valid by comparing it to t...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.15 views

PHP-Fusion <= 4.0.1 'members.php' SQLi Vulnerability

A vulnerability exists in PHP-Fusion that may allow an attacker to inject arbitrary SQL code and possibly execute arbitrary code, due to improper validation of user supplied input in the SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced source...

7.5CVSS7.5AI score0.01211EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/08/18 12:0 a.m.27 views

bluez-utils unauthorized bluethooth access

Improper validation of bluetooth device name...

4.7AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2005/02/08 12:0 a.m.39 views

php-fusion 4.x vuln

TheGreatOne2176, Reapercore I have a found an error in php-fusion 4.x where you can view any thread on the forum. In fusionforum/viewthread.php the $GET variables arent properly checked or queried making it possible to view all threads. The example I tested was...

1.8AI score
Exploits0
Packet Storm
Packet Storm
added 2005/01/11 12:0 a.m.21 views

invisionSQL.txt

Invision Community Blog , is a powerful blogging system that will plug straight into your Invision Power Board. Allow your members to create their own individual blogs. Invision Community Blog is a comprehensive system with a very easy to use interface. Due to improper validation checks in the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/09/27 12:0 a.m.22 views

@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion

@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion source: https://www.securityfocus.com/bid/11260/info A vulnerability is reported to exist in the @lexPHPTeam @lex Guestbook software that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/27 12:0 a.m.59 views

@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion

source: https://www.securityfocus.com/bid/11260/info A vulnerability is reported to exist in the @lexPHPTeam @lex Guestbook software that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. The issue exists due to improper validati...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/16 12:0 a.m.22 views

rsync sanitize_path() Function Arbitrary File Disclosure

An information disclosure vulnerability exists in rsync due to improper validation of user-supplied input to the sanitizepath function. An unauthenticated, remote attacker can exploit this, via a specially crafted path, to generated an absolute filename in place of a relative filename, resulting...

6.4CVSS5.8AI score0.02317EPSS
Exploits0References1
NVD
NVD
added 2003/12/31 5:0 a.m.20 views

CVE-2003-1229

X509TrustManager in 1 Java Secure Socket Extension JSSE in SDK and JRE 1.4.0 through 1.4.001, 2 JSSE before 1.0.3, 3 Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and 4 Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in...

7.5CVSS6.7AI score0.04627EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2003/03/12 12:0 a.m.28 views

Simple File Manager Directory / Filename XSS

The remote Simple File Manager CGI fm.php improperly validates the names of the directories entered and created by the user. As a result, a user could generate a cross-site scripting attack on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

4.3CVSS5AI score0.01085EPSS
Exploits1References1
securityvulns
securityvulns
added 2003/01/05 12:0 a.m.27 views

A security vulnerability in S8Forum

INFORMATIONS : ============= - Product : S8Forum - Tested version : 3.0 maybe other versions. - Website : http://www.kellishaver.com/ Vendor Status: not informed yet !!! - Problem : A security vulnerability in S8Forum PROBLEM : ========= This forum writen by PHP. It doesn't use database, instead...

0.1AI score
Exploits0
Symantec
Symantec
added 2002/09/19 12:0 a.m.15 views

Microsoft Virtual Machine Multiple JDBC Vulnerabilities

Description Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in...

0.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder