663 matches found
CVE-2006-1586
CVE-2006-1586 concerns a SQL injection in the admin_login.asp script of ISP of Egypt SiteMan, exploitable via the pass parameter to allow remote execution of arbitrary SQL commands. The vulnerability affects the login-related functionality and arises from improper handling of input in the pass pa...
ISP Site Man - admin_login.asp SQL Injection
ISP Site Man - adminlogin.asp SQL Injection source: https://www.securityfocus.com/bid/17347/info Site Man is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
ISP Site Man - 'admin_login.asp' SQL Injection
source: https://www.securityfocus.com/bid/17347/info Site Man is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
Mail Transport System Professional--Open Relay Hole
What: Mail Transport System Professional is a RFC compliant mail server for Windows. Who: http://www.mtsprofessional.com/ Problem: Open relay hole when forwarding all outgoing mail through an ISP. When configured to forward all outgoing mail through an ISP MTS Pro will accept and forward all...
Mail Transport System Professional open mail relay
Mail relayed without IP address verification if smart host ISP relay is configured...
Extent RBS ISP
The 'Extent RBS ISP 2.5' software is installed. This software has a well known security flaw that lets anyone read arbitrary files with the privileges of the http daemon root or nobody. OpenVAS Vulnerability Test $Id: rbs.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Extent RBS ISP Authors...
Extent RBS ISP
The SPDX-FileCopyrightText: 2000 Zorgon Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10521"; scriptversion"2025-04-11T05:40:28+0000";...
CVE-2005-1639
The connected PT-Security entry confirms a SQL injection in Sigma ISP Manager 6.6 via Sigmaweb.DLL, exploitable by remote attackers through the username, password, or domain fields; impact is arbitrary SQL execution. Remediation guidance: restrict access to the vulnerable fields and avoid using t...
Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection
Sigma ISP Manager 6.6 - Sigmaweb.dll SQL Injection source: https://www.securityfocus.com/bid/13640/info Sigma ISP Manager is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in an SQL query...
Sigma ISP Manager 6.6 - 'Sigmaweb.dll' SQL Injection
source: https://www.securityfocus.com/bid/13640/info Sigma ISP Manager is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to using it in an SQL query. Successful exploitation could result in a compromise of...
D-Link DSL Broadband Modem SNMP Cleartext ISP Credential Disclosure
This script uses SNMP to obtain the account and password of the remote ADSL connection. D-Link DSL Broadband routers uses a default community string and stores the ISP credentials in cleartext. C Tenable Network Security, Inc. Ref: Date: 27 Mar 2003 15:31:41 -0000 From: Arhont Information Securit...
IMail Web Service User Aliases / Mailing Lists Admin Vulnerability
IMail Web Service User Aliases / Mailing Lists Admin Vulnerability Date : January 1, 2002 Author : Zeeshan Mustafa [email protected] Application : IPSwitch IMail Web Service Versions Test : 7.05/7.04/7.03/7.02/7.01/6.x Exploitable : Remote Vendor Status : Notified Impact of vulnerability :...
CVE-1999-1128
The CVE-1999-1128 entry describes Internet Explorer 3.01 on Windows 95 as vulnerable. A .isp file is automatically downloaded and executed from remote malicious sites without user prompts, allowing remote arbitrary command execution. The available documents do not specify a remediation or patch, ...
CVE-2000-1036
The CVE-2000-1036 issue affects Extent RBS ISP web server. A directory traversal flaw exists in the Image parameter of the Newuser CGI, allowing an unauthenticated attacker to read arbitrary files with the web server’s privileges by crafting a .. (dot dot) path. OpenVAS/Nessus entries corroborate...
CVE-2000-1036
Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. dot dot attack on the Image parameter...
CVE-2000-1036
Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. dot dot attack on the Image parameter...
extent technologies rbs isp 2.5 - Directory Traversal
extent technologies rbs isp 2.5 - Directory Traversal source: https://www.securityfocus.com/bid/1704/info A remote user is capable of gaining read access to any file residing in the same directory of a host running Extent RBS ISP through directory traversal. Appending '../' to the 'image' variabl...
extent technologies rbs isp 2.5 - Directory Traversal
source: https://www.securityfocus.com/bid/1704/info A remote user is capable of gaining read access to any file residing in the same directory of a host running Extent RBS ISP through directory traversal. Appending '../' to the 'image' variable request on port 8002 will enable a user to read any...
wingate.hijack.txt
Date: Tue, 9 Mar 1999 16:37:49 -0800 To: [email protected] Subject: Hacking USER's email with WinGate, lack of security on some ISPs Found out something to read some emails on my ISP, maybe this will work with other people if the ISP's site works just like mine... It consists that, i...
iis.system.isapi.txt
Date: Mon, 8 Mar 1999 11:27:48 -0500 From: Fabien Royer To: [email protected] Subject: ISAPI Extension vulnerability allows to execute code as SYSTEM There's a vulnerability in IIS and other WEB servers executing as SYSTEM that allows to execute an ISAPI extension in the security...