Lucene search
K

1410 matches found

Cvelist
Cvelist
added 2009/05/18 6:0 p.m.35 views

CVE-2009-1669

The smartyfunctionmath function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these details are obtained from third party information...

7.1AI score0.14117EPSS
Exploits1References10
Prion
Prion
added 2009/04/22 6:30 p.m.20 views

Memory corruption

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors involving 1 jsFindPropertyHelper, related to the definition...

5CVSS7.2AI score0.021EPSS
Exploits1References27Affected Software3
RedHat Linux
RedHat Linux
added 2009/04/22 1:40 a.m.3 views

Firefox 3 JavaScript engine crashes

The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors involving 1 jsFindPropertyHelper, related to the definition...

5CVSS5.9AI score0.021EPSS
Exploits1References4
Nmap
Nmap
added 2008/11/06 2:52 a.m.219 views

irc-info NSE Script

Gathers information from an IRC server. It uses STATS, LUSERS, and other queries to obtain this information. Example Usage nmap -sV -sC Script Output 6665/tcp open irc | irc-info: | server: asimov.freenode.net | version: ircd-seven-1.1.320111112-b71671d1e846,charybdis-3.4-dev. asimov.freenode.net...

10CVSS9.2AI score0.99448EPSS
Exploits33
xssed
xssed
added 2008/10/27 12:0 a.m.13 views

Unfixed XSS vulnerability at www.math-net.de

Security researcher xylitol, has submitted on 27/10/2008 a cross-site-scripting XSS vulnerability affecting www.math-net.de, which at the time of submission ranked 1890326 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/07/2009. It is...

Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/05/16 12:0 a.m.18 views

Fedora 7 : perl-Imager-0.64-2.fc7 (2008-3920)

Thu Apr 24 2008 Steven Pritchard 0.64-2 - Rebuild. - Thu Apr 24 2008 Steven Pritchard 0.64-1 - Update to 0.64 CVE-2008-1928. - Add versioned Test::More BR. - Thu Mar 6 2008 Tom 'spot' Callaway - 0.62-3 - rebuild for new perl - Tue Feb 19 2008 Fedora Release Engineering - 0.62-2 - Autorebuild for...

5CVSS5.4AI score0.01672EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.15 views

Debian Security Advisory DSA 263-1 (netpbm-free)

The remote host is missing an update to netpbm-free announced via advisory DSA 263-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7AI score0.06542EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2008/01/15 12:0 a.m.41 views

WordPress Plugin Peter's Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass

source: https://www.securityfocus.com/bid/27287/info Peter's Math Anti-Spam for WordPress is prone to a security-bypass vulnerability. This issue occurs when presenting a visitor with challenge data to determine if they are a legitimate user or an automaton. The challenge data is poorly obfuscate...

7AI score
Exploits0
exploitpack
exploitpack
added 2008/01/15 12:0 a.m.23 views

WordPress Plugin Peters Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass

WordPress Plugin Peters Math Anti-Spam 0.1.6 - Audio CAPTCHA Security Bypass source: https://www.securityfocus.com/bid/27287/info Peter's Math Anti-Spam for WordPress is prone to a security-bypass vulnerability. This issue occurs when presenting a visitor with challenge data to determine if they...

0.1AI score
Exploits0
Prion
Prion
added 2008/01/10 12:46 a.m.20 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...

4.3CVSS7.6AI score0.01885EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/01/10 12:46 a.m.17 views

CVE-2008-0204

Multiple cross-site scripting XSS vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...

4.3CVSS5.9AI score0.01854EPSS
Exploits1References4
Prion
Prion
added 2008/01/10 12:46 a.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...

4.3CVSS6.2AI score0.01854EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2008/01/10 12:46 a.m.17 views

CVE-2008-0205

Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...

4.3CVSS7.1AI score0.01885EPSS
Exploits1References4
CVE
CVE
added 2008/01/10 12:0 a.m.39 views

CVE-2008-0204

CVE-2008-0204 affects the WordPress plugin Math Comment Spam Protection (versions 2.1 and earlier). The vulnerability is multiple cross-site scripting (XSS) flaws in the file math-comment-spam-protection.php, exploitable via the parameters mcsp_opt_msg_no_answer or mcsp_opt_msg_wrong_answer in wp...

4.3CVSS5.9AI score0.01854EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2008/01/10 12:0 a.m.36 views

CVE-2008-0205

CVE-2008-0205 concerns the WordPress Math Comment Spam Protection plugin (version 2.1 and earlier). The vulnerability is a set of cross-site request forgery (CSRF) flaws in the file math-comment-spam-protection.php that let remote attackers perform administrator actions via the parameters mcsp_op...

4.3CVSS7.1AI score0.01885EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/01/10 12:0 a.m.22 views

CVE-2008-0205

Multiple cross-site request forgery CSRF vulnerabilities in math-comment-spam-protection.php in the Math Comment Spam Protection 2.1 and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 mcspoptmsgnoanswer or 2 mcspoptmsgwronganswer parameter to...

7.1AI score0.01885EPSS
Exploits1References4
securityvulns
securityvulns
added 2007/11/26 12:0 a.m.22 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Math Comment Spam Protection: Crossite scripting...

1.5AI score
Exploits0References6Affected Software3
OSV
OSV
added 2006/10/23 5:7 p.m.3 views

DEBIAN-CVE-2006-5443

Unspecified vulnerability in XIAO Gang WWW Interactive Mathematics Server WIMS before 3.60 allows remote attackers to modify unspecified data via unspecified vectors involving "variable rights."...

5CVSS7AI score0.01284EPSS
Exploits0References1
0day.today
0day.today
added 2006/03/20 12:0 a.m.129 views

ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================ ASPPortal use IO::Socket; use Math::BigInt; if@ARGV != 3 usage; else exploit; sub header print "\n- NukedX Security Advisory Nr.2006-21\r\n"; print "- ASPPortal \r\n"; print "- -...

7.1AI score
Exploits0
OSV
OSV
added 2005/10/06 10:2 a.m.2 views

DEBIAN-CVE-2005-3165

Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via 1 tags or 2 Extension or sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet...

4.3CVSS5.5AI score0.01265EPSS
Exploits0References1
Rows per page
Query Builder