Lucene search
+L

285 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.29 views

openSUSE Security Update : inn (openSUSE-SU-2012:1171-1)

fix starttls command injection issue CVE-2012-3523, bnc776967 - handle /var/run on tmpfs. bnc778439 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-600. The text description of...

6.8CVSS5.4AI score0.03233EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/09/12 12:0 a.m.26 views

SuSE 10 Security Update : inn (ZYPP Patch Number 8276)

A STARTTLS injection issue has been fixed in inn. CVE-2012-3523 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid62061;...

6.8CVSS5.2AI score0.03233EPSS
Exploits0References2
NVD
NVD
added 2012/07/23 5:55 p.m.20 views

CVE-2012-2976

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue...

10CVSS7.5AI score0.05354EPSS
Exploits1References3
CVE
CVE
added 2012/07/23 5:0 p.m.44 views

CVE-2012-2976

Symantec Web Gateway is affected by CVE-2012-2976: the management console in 5.0.x up to 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts (injection). Connected sources corroborate a remote command execution/Vulnerabilities in the SYM12...

10CVSS7.7AI score0.05354EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2012/07/23 5:0 p.m.20 views

CVE-2012-2976

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue...

7.5AI score0.05354EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2012/06/04 12:0 a.m.19 views

Fedora 17 : moodle-2.2.3-1.fc17 (2012-8284)

CVE-2012-2353 MSA-12-0024: Hidden information access issue CVE-2012-2354 MSA-12-0025: Personal communication access issue CVE-2012-2355 MSA-12-0026: Quiz capability issue CVE-2012-2356 MSA-12-0027: Question bank capability issues CVE-2012-2357 MSA-12-0028: Insecure authentication issue...

6.5CVSS5.4AI score0.0169EPSS
Exploits0References1
Cvelist
Cvelist
added 2012/03/03 2:0 a.m.30 views

CVE-2012-0319

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue...

7.2AI score0.02421EPSS
Exploits0References7
exploitpack
exploitpack
added 2010/02/18 12:0 a.m.12 views

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities

New-CMS 1.08 - Multiple Local File Inclusion HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/38307/info New-CMS is prone to multiple local file-include vulnerabilities and an HTML-Injection vulnerability because it fails to properly sanitize user-supplied input. An attack...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/09/02 12:0 a.m.18 views

CS-Cart 1.3.5 - Authentication Bypass

CS-Cart 1.3.5 - Authentication Bypass GulfTech Security Research September 02, 2008 Vendor : CS-Cart.com URL : http://www.cs-cart.com/ Version : CS-Cart = 1.3.5 Risk : SQL Injection Description: CS-Cart Cart is a full featured online ecommerce application written in php that allows users to build...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2008/08/18 12:0 a.m.22 views

PHP Live Helper <= 2.0.1 Multiple Remote Vulnerabilities

No description provided by source. GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper = 2.0.1 Risk : Multiple Vulnerabilities Description: PHP Live Helper is an online support system written in php that allows...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/09/25 12:0 a.m.24 views

JSPWiki 2.5.139 - UserPreferences.jsp Multiple Cross-Site Scripting Vulnerabilities

JSPWiki 2.5.139 - UserPreferences.jsp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25803/info JSPWiki is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting issues and an HTML-injection issue, because the applicati...

7AI score
Exploits0
Prion
Prion
added 2006/04/11 11:2 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection...

4.3CVSS7AI score0.01176EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/04/11 11:0 p.m.18 views

CVE-2006-1720

Cross-site scripting XSS vulnerability in search.php in SaphpLesson 3.0 allows remote attackers to inject arbitrary web script or HTML via the Word parameter. NOTE: it is possible that this issue is resultant from SQL injection...

6.4AI score0.01176EPSS
Exploits0References6
Cvelist
Cvelist
added 2005/12/15 11:0 a.m.25 views

CVE-2005-4262

Cross-site scripting XSS vulnerability in the News module in Envolution allows remote attackers to inject arbitrary web script or HTML via the 1 startrow and 2 catid parameter. NOTE: this issue might be resultant from the SQL injection problem CVE-2005-4263...

6.4AI score0.01014EPSS
Exploits1References5
securityvulns
securityvulns
added 2005/04/12 12:0 a.m.29 views

AzDGDatingPlatinum multiple vulnerabilities

ADZ Security Team =================== Info Program: AzDGDatingPlatinum Version: tested 1.1.0 Modules: view.php, members/index.php Bug type: SQL Injection, XSS Vendor site: http://www.azdg.com/ Vendor Informed: Yes =================== Bug Info SQL Injection: At module view.php I've found a logical...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2004/11/02 12:0 a.m.44 views

WebHost Automation Helm Control Panel 3.1.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/11586/info Helm Control Panel is reported prone to multiple vulnerabilities. These include an SQL injection issue and an HTML injection vulnerability. A remote attacker can execute arbitrary HTML and script code in a user's browser. Manipulation of SQL...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/10/07 12:0 a.m.209 views

Full path disclosure and sql injection on CubeCart 2.0.1

-------------------------------------------------------- Full path disclosure and sql injection on CubeCart 2.0.1 -------------------------------------------------------- 1Introduction 2The Problem 3The Solution 4Timeline 5Feddback 1Introduction "CubeCart is an eCommerce script written with PHP &...

Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/06 12:0 a.m.13 views

PHP-Fusion Database Multiple Vulnerabilities

Binary data 2352.prm...

7.5CVSS7.3AI score0.01211EPSS
Exploits0References2
exploitpack
exploitpack
added 2004/08/21 12:0 a.m.11 views

MyDms 1.4 - SQL Injection Directory Traversal

MyDms 1.4 - SQL Injection Directory Traversal source: https://www.securityfocus.com/bid/10996/info MyDMS is reportedly susceptible to both a directory traversal vulnerability and an SQL injection vulnerability. The SQL injection vulnerability is present because a script improperly sanitizes...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2003/12/26 12:0 a.m.33 views

[Full-Disclosure] Bugtraq Security Systems XMAS Advisory 0001

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bugtraq Security Systems, Incorporated www.bugtraq.org Security Advisory Advisory Name: Command Injection Issue in Squirrelmail Release Date: 12/24/2003 Application: Squirrelmail Platform: Linux IA32 Linux sparc Linux sparc64 Linux hppa Linux ppc Linu...

7.5CVSS7.1AI score0.28792EPSS
Exploits4
Rows per page
Query Builder