Lucene search
K

847 matches found

RedHat Linux
RedHat Linux
added 2007/11/07 9:0 a.m.6 views

security flaw

pamconsole does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges...

3.4CVSS5.8AI score0.00302EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/08/27 11:0 p.m.23 views

CVE-2007-4544

Cross-site scripting XSS vulnerability in wp-newblog.php in WordPress multi-user MU 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the weblogid parameter Username field...

5.8AI score0.00893EPSS
Exploits0References4
NVD
NVD
added 2007/05/13 11:19 p.m.18 views

CVE-2007-2632

Multiple cross-site scripting XSS vulnerabilities in PHP Multi User Randomizer phpMUR 2006.09.13 allow remote attackers to inject arbitrary web script or HTML via 1 the editplugin parameter to configureplugin.tpl.php, or 2 certain array parameters to web/phpinfo.php, as demonstrated by 1 or a...

6.8CVSS5.9AI score0.0399EPSS
Exploits0References6
Prion
Prion
added 2007/05/13 11:19 p.m.13 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PHP Multi User Randomizer phpMUR 2006.09.13 allow remote attackers to inject arbitrary web script or HTML via 1 the editplugin parameter to configureplugin.tpl.php, or 2 certain array parameters to web/phpinfo.php, as demonstrated by 1 or a...

6.8CVSS6.2AI score0.0399EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2007/05/13 11:0 p.m.25 views

CVE-2007-2632

Multiple cross-site scripting XSS vulnerabilities in PHP Multi User Randomizer phpMUR 2006.09.13 allow remote attackers to inject arbitrary web script or HTML via 1 the editplugin parameter to configureplugin.tpl.php, or 2 certain array parameters to web/phpinfo.php, as demonstrated by 1 or a...

5.9AI score0.0399EPSS
Exploits0References6
exploitpack
exploitpack
added 2007/05/10 12:0 a.m.13 views

PHP Multi User Randomizer 2006.09.13 - Configure_Plugin.TPL.php Cross-Site Scripting

PHP Multi User Randomizer 2006.09.13 - ConfigurePlugin.TPL.php Cross-Site Scripting source: https://www.securityfocus.com/bid/23917/info PHP Multi User Randomizer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker m...

Exploits0
Exploit DB
Exploit DB
added 2007/05/10 12:0 a.m.31 views

PHP Multi User Randomizer 2006.09.13 - 'Configure_Plugin.TPL.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/23917/info PHP Multi User Randomizer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/04/10 12:0 a.m.29 views

CentOS 4 : mysql (CESA-2007:0152)

Updated mysql packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation...

3.6CVSS7.7AI score0.02729EPSS
Exploits1References4
securityvulns
securityvulns
added 2007/04/06 12:0 a.m.94 views

ACLS ineffective in SQL-Ledger and LedgerSMB

Hi all; I have decided to finally send to this list a serious security flaw in the design of SQL-Ledger all versions. LedgerSMB all versions is also affected but the problem with a workaround has been mentioned in our documentation since the fork. Ordinarily I would not make a big deal out of thi...

7.1AI score
Exploits0
myhack58
myhack58
added 2006/12/10 12:0 a.m.1364 views

Hacker attack and Defense of the PPPoE authentication and use-vulnerability and early warning-the black bar safety net

A Foreword In recent years, Internet data traffic has developed rapidly, broadband users showed explosive growth, the operators in the use of xDSL, LAN, HFC, wireless and other access methods at the same time, in order to build an operable, manageable and profitable broadband network, is very...

0.2AI score
Exploits0
myhack58
myhack58
added 2006/12/07 12:0 a.m.37 views

Windows XP 3 3 8 9(terminals)multi-user login-bug warning-the black bar safety net

The first step:the first is on Windows XP SP2 installed the official version, according to the conventional manner of mounting can be, not repeat them here. Second step:prepare an earlier version of the SP2 terminal server softwareit is said that from Build 2 0 8 2 start the function is disabled,...

0.4AI score
Exploits0
NVD
NVD
added 2006/07/18 3:47 p.m.15 views

CVE-2006-3669

Mercury Messenger, possibly 1.7.1.1 and other versions, when running on a multi-user Mac OS X platform, stores chat logs with world-readable permissions within the /Users directory, which allows local users to read the chat logs from other users...

2.1CVSS6.3AI score0.00333EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2006/07/09 12:0 a.m.40 views

Echo Security Advisory 2006.36

ECHO.OR.ID ECHOADV36$2006 --------------------------------------------------------------------------- ECHOADV36$2006 ExtCalendar...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/07/08 12:0 a.m.39 views

[ECHO_ADV_36$2006] ExtCalendar <== v2.0 Remote File Include Vulnerabilities

ECHO.OR.ID ECHOADV36$2006 --------------------------------------------------------------------------- ECHOADV36$2006 ExtCalendar == v2.0 Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Ahmad Maulana a.k.a Matdhule Date : Jul...

0.2AI score
Exploits0
Cent OS
Cent OS
added 2006/06/09 5:37 p.m.84 views

mysql security update

CentOS Errata and Security Advisory CESA-2006:0544 Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a...

7.5CVSS7AI score0.33497EPSS
Exploits2References8
securityvulns
securityvulns
added 2006/05/27 12:0 a.m.31 views

iBoutique.MALL - Directory Traversal

iBoutique.MALL Homepage: http://www.netartmedia.net/mall/ Description: Based on iBoutique 4.0, iBoutique.MALL is a powerful multi user mall software solution. It makes possible for the new vendors to signup and create their own customized online stores with ease. Effected files: index.php Directo...

1.4AI score
Exploits0
OSV
OSV
added 2006/05/15 12:0 a.m.12 views

DSA-1056-1 webcalendar - verbose error message

Bulletin has no description...

5CVSS6.1AI score0.01655EPSS
Exploits0
OpenVAS
OpenVAS
added 2006/03/26 12:0 a.m.11 views

PhpGroupWare Main Screen Message Script Injection Flaw

The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

7.3AI score
Exploits0References1
Debian
Debian
added 2006/03/15 8:42 a.m.19 views

[SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1002-1 [email protected] http://www.debian.org/security/ Martin Schulze March 15th, 2006 http://www.debian.org/security/faq -...

7.5CVSS8.2AI score0.07076EPSS
Exploits0
Packet Storm
Packet Storm
added 2006/02/06 12:0 a.m.20 views

PluggedOut-1.9.9c.txt

PluggedOut Blog SQL INJECTION and XSS PluggedOut Blog is an open source script you can run on your web server to give you an online multi-user journal or diary. It can be used equally well for any kind of calendar application.Rather than give you a thousand things you don't really want...

7.4AI score
Exploits0
Rows per page
Query Builder