Lucene search
K

17 matches found

Cvelist
Cvelist
added 2009/07/14 2:0 p.m.24 views

CVE-2008-6856

Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

7.2AI score0.02537EPSS
Exploits1References4
Prion
Prion
added 2007/12/07 11:46 a.m.13 views

Information disclosure

Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct request to getpath.aspx, which reveals the installation path in an error message...

5CVSS6.6AI score0.02666EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2007/12/07 11:46 a.m.9 views

Directory traversal

Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. dot dot in the template parameter...

5CVSS7.2AI score0.08403EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2007/12/07 11:46 a.m.15 views

CVE-2007-6268

Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. dot dot in the template parameter...

5CVSS6.6AI score0.08403EPSS
Exploits1References8
NVD
NVD
added 2007/12/07 11:46 a.m.9 views

CVE-2007-6270

Multiple cross-site scripting XSS vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the 1 rmore parameter to xlaabsolutenm.aspx and the 2 template parameter to pages/default.aspx...

4.3CVSS5.8AI score0.02334EPSS
Exploits1References9
NVD
NVD
added 2007/12/07 11:46 a.m.17 views

CVE-2007-6271

Absolute News Manager.NET 5.1 allows remote attackers to obtain sensitive information via a direct request to getpath.aspx, which reveals the installation path in an error message...

5CVSS6.1AI score0.02666EPSS
Exploits1References5
Prion
Prion
added 2007/12/07 11:46 a.m.10 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the 1 rmore parameter to xlaabsolutenm.aspx and the 2 template parameter to pages/default.aspx...

4.3CVSS6.1AI score0.02334EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2007/12/07 11:0 a.m.50 views

CVE-2007-6269

CVE-2007-6269 affects Absolute News Manager.NET 5.1. Multiple SQL injection vulnerabilities exist in xlaabsolutenm.aspx exploitable via the (1) z, (2) pz, (3) ord, and (4) sort parameters. Remote attackers can execute arbitrary SQL commands. CVSS v2 base score 7.5 (HIGH) with network attack vecto...

7.5CVSS8.5AI score0.02879EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2007/12/07 11:0 a.m.20 views

CVE-2007-6270

Multiple cross-site scripting XSS vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the 1 rmore parameter to xlaabsolutenm.aspx and the 2 template parameter to pages/default.aspx...

5.8AI score0.02334EPSS
Exploits1References9
Cvelist
Cvelist
added 2007/12/07 11:0 a.m.20 views

CVE-2007-6269

Multiple SQL injection vulnerabilities in xlaabsolutenm.aspx in Absolute News Manager.NET 5.1 allow remote attackers to execute arbitrary SQL commands via the 1 z, 2 pz, 3 ord, and 4 sort parameters...

8.5AI score0.02879EPSS
Exploits1References8
Cvelist
Cvelist
added 2007/12/07 11:0 a.m.16 views

CVE-2007-6268

Directory traversal vulnerability in pages/default.aspx in Absolute News Manager.NET 5.1 allows remote attackers to read arbitrary files via a .. dot dot in the template parameter...

6.6AI score0.08403EPSS
Exploits1References8
CVE
CVE
added 2007/12/07 11:0 a.m.36 views

CVE-2007-6270

Absolute News Manager.NET 5.1 is affected by multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary script or HTML via the rmore parameter in xlaabsolutenm.aspx and the template parameter in pages/default.aspx. The issue arises from unsafely handling u...

4.3CVSS5.8AI score0.02334EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2007/12/07 11:0 a.m.44 views

CVE-2007-6268

In CVE-2007-6268, Absolute News Manager.NET 5.1 is vulnerable via directory traversal in pages/default.aspx, allowing an attacker to read arbitrary files by manipulating the template parameter (..). The underlying issue is a path traversal in the template parameter; no exploitation details are pr...

5CVSS6.7AI score0.08403EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2007/12/07 11:0 a.m.46 views

CVE-2007-6271

CVE-2007-6271 affects Absolute News Manager.NET 5.1. The vulnerability is an information disclosure: remote attackers can obtain the installation path by requesting getpath.aspx, which leads to an error message revealing path details. The connected sources confirm this specific behavior across mu...

5CVSS6.1AI score0.02666EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2007/12/07 11:0 a.m.3 views

EUVD-2007-6238

Multiple cross-site scripting XSS vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the 1 rmore parameter to xlaabsolutenm.aspx and the 2 template parameter to pages/default.aspx...

4.3CVSS5.8AI score0.02334EPSS
Exploits1References9
Packet Storm
Packet Storm
added 2007/12/06 12:0 a.m.22 views

ProCheckUp Security Advisory 2007.39

PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection Vulnerabilities found: 16 November 2007 Vendor informed: 19 November 2007 Vulnerability fixed: 28 November 2007 Severity: High Description: Multiple vulnerabilities were found on Absolute...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2007/12/05 12:0 a.m.92 views

PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection

PR07-39: Multiple vulnerabilities on Absolute News Manager.NET 5.1 including file retrieval and SQL injection Vulnerabilities found: 16 November 2007 Vendor informed: 19 November 2007 Vulnerability fixed: 28 November 2007 Severity: High Description: Multiple vulnerabilities were found on Absolute...

7.2AI score
Exploits0
Rows per page
Query Builder