Lucene search
+L

88 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

ATutor cross-site scripting vulnerability

Overview ATutor, an open source e-learning content management system, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Authentication information could be stolen as a result. Solution None...

4.3CVSS6.1AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.5 views

Buffalo router configuration management interface vulnerable to remote access and password leakage

Overview Some Buffalo routers have a vulnerability that could allow remote access from the WAN side. A remote attacker could exploit this vulnerability to manipulate a router by gaining administrative privileges. By accessing the management interface, a remote attacker could also obtain user's...

6.4CVSS7AI score
Exploits0References3
Exploit DB
Exploit DB
added 2008/04/10 12:0 a.m.56 views

WinWebMail 3.7.3 - IMAP Login Data Handling Denial of Service

source: https://www.securityfocus.com/bid/28721/info WinWebMail is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied input. Remote attackers can exploit this issue to crash the server and deny service to legitimate users. Given the...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2007/05/21 12:0 a.m.43 views

sparkassen-xss.txt

The "Sparkassen-Finanzgruppe" with a transaction volume of over 3.300 billion euro is one of the largest banks for private customers in germany. Many local member-banks of the group use the online banking portal provided by sfze http://www.sfze.de/, a subsidiary company of Sparkassen-Finanzgruppe...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2005/04/12 4:0 a.m.15 views

CVE-2005-1055

TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the dat/login file...

6.7AI score0.0159EPSS
Exploits0References5
NVD
NVD
added 2005/04/10 4:0 a.m.11 views

CVE-2005-1055

TowerBlog 0.6 and earlier stores the login data file under the web root, which allows remote attackers to obtain the MD5 checksums of the username and password via a direct request to the dat/login file...

7.5CVSS6.7AI score0.0159EPSS
Exploits0References5
NVD
NVD
added 2002/05/29 4:0 a.m.10 views

CVE-2002-0259

InstantServers MiniPortal 1.1.5 and earlier stores sensitive login and account data in plaintext in 1 .pwd files in the miniportal/apache directory, or 2 mplog.txt, which could allow local users to gain privileges...

4.6CVSS6.5AI score0.00385EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 1999/11/04 12:0 a.m.25 views

RealServer G2 Malformed Telnet Data Remote Overflow

If a user sends an oversized login / password combination to the administrative server of a RealServer G2, it will overflow the server's buffer. An attacker can use this flaw to execute arbitrary code on the remote system. C Tenable Network Security, Inc. Original exploit code : see...

5CVSS6.2AI score0.01184EPSS
Exploits0References1
Rows per page
Query Builder