Lucene search
+L

1237 matches found

securityvulns
securityvulns
added 2006/01/16 12:0 a.m.33 views

[eVuln] Light Weight Calendar PHP Code Execution

New eVuln Advisory: Light Weight Calendar PHP Code Execution http://evuln.com/vulns/29/summary.html --------------------Summary---------------- Software: Light Weight Calendar Sowtware's Web Site: http://sourceforge.net/projects/lwcal/ Versions: 1.0 Critical Level: Dangerous Type: PHP Code...

0.8AI score
Exploits0
Prion
Prion
added 2006/01/13 11:3 p.m.20 views

Sql injection

Eval injection vulnerability in Light Weight Calendar LWC 1.0 20040909 and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php...

7.5CVSS8.3AI score0.04279EPSS
Exploits1References9Affected Software1
EUVD
EUVD
added 2006/01/13 11:0 p.m.6 views

EUVD-2006-0214

Eval injection vulnerability in Light Weight Calendar LWC 1.0 20040909 and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php...

7.5CVSS7.8AI score0.04279EPSS
Exploits1References9
securityvulns
securityvulns
added 2006/01/13 12:0 a.m.37 views

[SA18450] Light Weight Calendar "date" PHP Code Execution Vulnerability

TITLE: Light Weight Calendar "date" PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA18450 VERIFY ADVISORY: http://secunia.com/advisories/18450/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Light Weight Calendar 1.x http://secunia.com/product/6810/...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2005/11/15 12:0 a.m.32 views

fipsCMS light - vulnerable to script injection.

fipsCMS lights is a freeware product of fipsasp.com. If you log on as admin, you can generate new pages in the CMS system. If you inject the "headline" field with scriptingcode like scriptalert‘code executed’/script, this will automaticly launch when a users visits that site. Please credit to:...

1.9AI score
Exploits0
myhack58
myhack58
added 2005/11/13 12:0 a.m.30 views

Large traffic network of the classic the invasion of technology-vulnerability warning-the black bar safety net

【Introduction】 According to legend, in the magical world of the Internet, there is a group of habits a nocturnal person, their freedom, against a fee, the same belief is shared in that group of people's eyes, all living beings are equal, there is no strong unbreakable walls, they just--hacker!...

8.8AI score
Exploits0
NVD
NVD
added 2005/05/02 4:0 a.m.18 views

CVE-2005-0805

SQL injection vulnerability in index.php in Subdreamer Light, when magicquotesgpc is enabled, allows remote attackers to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not properly handled by...

7.5CVSS8.4AI score0.01229EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2005/03/22 12:0 a.m.29 views

subdreamerSQL.txt

//==========================================// \ GHC - Subdreamer - ADVISORY // Product: Subdreamer \ Version: Subdreamer Light // URL: www.subdreamer.com \ VULNERABILITY CLASS: SQL injection //==========================================// Product Description "Powered by PHP and MySQL, Subdreamer...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/03/20 5:0 a.m.22 views

CVE-2005-0805

SQL injection vulnerability in index.php in Subdreamer Light, when magicquotesgpc is enabled, allows remote attackers to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not properly handled by...

8.4AI score0.01229EPSS
Exploits1References4
CVE
CVE
added 2005/03/20 5:0 a.m.51 views

CVE-2005-0805

The CVE-2005-0805 entry describes a SQL injection in Subdreamer Light’s index.php when magic_quotes_gpc is enabled. The vulnerability allows remote attackers to run arbitrary SQL via parameters treated as global variables, demonstrated via the imageid parameter that imagegallery.php fails to sani...

7.5CVSS8.8AI score0.01229EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2005/03/19 12:0 a.m.28 views

possible SQL injection in Subdreamer

//==========================================// GHC - Subdreamer - ADVISORY // Product: Subdreamer Version: Subdreamer Light // URL: www.subdreamer.com VULNERABILITY CLASS: SQL injection //==========================================// Product Description "Powered by PHP and MySQL, Subdreamer provid...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2005/03/18 12:0 a.m.9 views

Subdreamer 1.0 - SQL Injection

Subdreamer 1.0 - SQL Injection source: https://www.securityfocus.com/bid/12839/info Subdreamer is prone to an SQL injection vulnerability. Because of this, a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or th...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2005/03/18 12:0 a.m.28 views

Subdreamer 1.0 - SQL Injection

source: https://www.securityfocus.com/bid/12839/info Subdreamer is prone to an SQL injection vulnerability. Because of this, a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. Subdreamer Light is...

7.4AI score
Exploits0
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2287

Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. dot dot in the wdir parameter...

5CVSS6.7AI score0.02722EPSS
Exploits1References1
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1459

Cisco Secure Access Control Server ACS 3.2, when configured as a Light Extensible Authentication Protocol LEAP RADIUS proxy, allows remote attackers to cause a denial of service device crash via certain LEAP authentication requests...

5CVSS6.9AI score0.01757EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.29 views

Debian DSA-156-1 : epic4-script-light - arbitrary script execution

All versions of the EPIC script Light prior to 2.7.30p5 on the 2.7 branch and prior to 2.8pre10 on the 2.8 branch running on any platform are vulnerable to a remotely-exploitable bug, which can lead to nearly arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS5.9AI score0.0374EPSS
Exploits0References2
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.24 views

CVE-2002-1549

Buffer overflow in Light HTTPd lhttpd 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request...

7.9AI score0.11169EPSS
Exploits1References3
CVE
CVE
added 2004/09/01 4:0 a.m.50 views

CVE-2002-1549

CVE-2002-1549 concerns Light HTTPD (lhttpd) 0.1, where a buffer overflow in processing a long HTTP GET request can allow remote code execution. The issue is tied to the lhttpd 0.1 HTTP server and is documented across multiple sources in the connected set, including CVE records and OpenVAS entries...

7.5CVSS7.9AI score0.11169EPSS
Exploits1References3Affected Software1
exploitpack
exploitpack
added 2004/05/18 12:0 a.m.15 views

dsm light Web file browser 2.0 - Directory Traversal

dsm light Web file browser 2.0 - Directory Traversal source: https://www.securityfocus.com/bid/10381/info DSM Light has been reported to be prone to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue woul...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2004/04/20 12:0 a.m.39 views

eudora61.pl

Eudora 6.1 on Windows is evil - have tested "Light Mode" free only so far, do not know if "Sponsored Mode" or "Paid Mode" would be any different. Do not use: stay away from Eudora, or maybe use version 6.0.3. --- Attachment spoof, LaunchProtect:...

7.4AI score
Exploits0
Rows per page
Query Builder