CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

124 matches found

Cvelist•added 2006/01/09 11:0 p.m.•20 views

CVE-2006-0147

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PhpOpenChat, possibly 7 MAXdev MD-Pro, and 8 Simplog, allows remote attackers to execute arbitrary PHP...

7.3AI score0.29662EPSS

Exploits1References30

Positive Technologies•added 2006/01/09 12:0 a.m.•2 views

PT-2006-1226 · Adodb +9 · Adodb +9

Name of the Vulnerable Software and Affected Versions: ADODB versions prior to 4.70 Mantis versions prior to 1.1.0a PostNuke versions prior to 0.764 Moodle versions prior to 1.5.3 Cacti versions prior to 0.8.6i Xaraya versions prior to 0.98 PHPOpenChat versions prior to 1.0.6 MAXdev MD-Pro versio...

7.5CVSS7.8AI score0.09474EPSS

Exploits1References45

securityvulns•added 2005/09/29 12:0 a.m.•55 views

[UNIX] MAXdev MD-Pro Multiple Vulnerabilities (Code Execution, Path Disclosure and CSS)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7.6AI score

Exploits0

NVD•added 2005/09/14 8:3 p.m.•6 views

CVE-2005-2885

The Downloads page in MAXdev MD-Pro 1.0.73, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which could allow remote attackers to bypass file extension checks and execute arbitrary commands by uploading a file with a different extension, as...

7.5CVSS7.8AI score0.09563EPSS

Exploits1References4

NVD•added 2005/09/14 8:3 p.m.•7 views

CVE-2005-2887

MAXdev MD-Pro 1.0.73, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to 1 wiki.php, 2 AutoTheme directory, 3 Blocks directory, 4 admin.php, 5 pnadmin.php, or 6 Topics directory, which reveal the path in an error message...

5CVSS6.3AI score0.00517EPSS

Exploits1References4

NVD•added 2005/09/14 8:3 p.m.•4 views

CVE-2005-2886

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.73, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via 1 the print parameter to the print module, the sitename parameter to 2 bbsmilies or 3 bbcoderef module, or 4 the hlpfile...

4.3CVSS5.9AI score0.00565EPSS

Exploits1References5

CVE•added 2005/09/14 4:0 a.m.•40 views

CVE-2005-2886

CVE-2005-2886 affects MAXdev MD-Pro 1.0.73 (and possibly earlier) with multiple XSS vulnerabilities. The issue allows remote attackers to inject arbitrary web script or HTML via: (1) the print parameter to the print module, (2) the sitename parameter to the bb_smilies module, (3) the sitename par...

4.3CVSS6.2AI score0.00565EPSS

Exploits1References5

Cvelist•added 2005/09/14 4:0 a.m.•10 views

CVE-2005-2887

6.3AI score0.00517EPSS

Exploits1References4

CVE•added 2005/09/14 4:0 a.m.•40 views

CVE-2005-2887

MAXdev MD-Pro 1.0.73 (and possibly earlier) is vulnerable to information disclosure via direct requests to wiki.php, AutoTheme, Blocks, admin.php, pnadmin.php, or Topics directories, where an error message reveals the path. No remediation details are provided in the supplied documents.

5CVSS6.7AI score0.00517EPSS

Exploits1References4Affected Software1

CVE•added 2005/09/14 4:0 a.m.•37 views

CVE-2005-2885

The CVE-2005-2885 issue affects MAXdev MD-Pro 1.0.73 (and possibly earlier) where the Downloads page uses an incomplete blacklist for dangerous file extensions, enabling remote attackers to bypass extension checks and execute arbitrary commands by uploading a file with a non-listed extension (dem...

7.5CVSS8.1AI score0.09563EPSS

Exploits1References4Affected Software1

Cvelist•added 2005/09/14 4:0 a.m.•12 views

CVE-2005-2885

7.8AI score0.09563EPSS

Exploits1References4

Cvelist•added 2005/09/14 4:0 a.m.•10 views

CVE-2005-2886

5.9AI score0.00565EPSS

Exploits1References5

securityvulns•added 2005/09/09 12:0 a.m.•32 views

[SA16731] MAXdev MD-Pro Cross-Site Scripting and File Upload Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.4AI score

Exploits0

NVD•added 2005/09/07 8:3 p.m.•10 views

CVE-2005-2840

Multiple unknown vulnerabilities in MAXdev MD-Pro 1.0.72 and earlier have unknown impact and unspecified attack vectors, in one or more of the 1 Download, 2 Search, 3 Web links, 4 Blocks, 5 Messages, 6 News, 7 Comments, 8 Settings, 9 Stats or 10 subjects modules...

10CVSS6.9AI score0.00461EPSS

Exploits0References1

NVD•added 2005/09/07 8:3 p.m.•14 views

CVE-2005-2839

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via 1 dl-search.php or 2 wl-search.php...

4.3CVSS5.8AI score0.00297EPSS

Exploits0References1

Cvelist•added 2005/09/07 4:0 a.m.•15 views

CVE-2005-2839

Multiple cross-site scripting XSS vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via 1 dl-search.php or 2 wl-search.php...

5.8AI score0.00297EPSS

Exploits0References1

Cvelist•added 2005/09/07 4:0 a.m.•16 views

CVE-2005-2840

6.9AI score0.00461EPSS

Exploits0References1

CVE•added 2005/09/07 4:0 a.m.•77 views

CVE-2005-2839

MAXdev MD‑Pro 1.0.72 is affected by multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via parameters in dl-search.php and wl-search.php. The root cause is unsanitized user input enabling script execution in the web context. Affected product/version: MAXdev M...

4.3CVSS6AI score0.00297EPSS

Exploits0References1Affected Software1

CVE•added 2005/09/07 4:0 a.m.•37 views

CVE-2005-2840

MAXdev MD-Pro is affected (versions 1.0.72 and earlier). The vulnerability impacts one or more modules: Download, Search, Web links, Blocks, Messages, News, Comments, Settings, Stats, or subjects. The connected PT-2005-3706 entry states the issue has unknown impact and unknown attack vectors and ...

10CVSS7.3AI score0.00461EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2005/09/07 12:0 a.m.•2 views

PT-2005-3706 · Maxdev · Maxdev Md-Pro

Name of the Vulnerable Software and Affected Versions: MAXdev MD-Pro versions 1.0.72 and earlier Description: The issue affects one or more modules in MAXdev MD-Pro, including the Download, Search, Web links, Blocks, Messages, News, Comments, Settings, Stats, or subjects modules. The impact and...

10CVSS6.5AI score0.00461EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by