Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-0378

Malware in sbrugna...

5CVSS6.3AI score0.02821EPSS
Exploits1References12
NVD
NVD
added 2006/01/22 8:3 p.m.8 views

CVE-2006-0371

Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator's account name and password, via a .. dot dot in the post parameter...

5CVSS6.7AI score0.02821EPSS
Exploits1References11
Prion
Prion
added 2006/01/22 8:3 p.m.15 views

Improper access control

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes...

5CVSS7AI score0.01721EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2006/01/22 8:3 p.m.9 views

CVE-2006-0370

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes...

5CVSS6.7AI score0.01721EPSS
Exploits1References7
CVE
CVE
added 2006/01/22 8:0 p.m.51 views

CVE-2006-0371

CVE-2006-0371 concerns RCBlog 1.03 (PHP) where index.php accepts a post parameter that is not properly sanitized, enabling a directory traversal attack. An attacker can use a .. in the post parameter to read arbitrary .txt files on the remote host, potentially exposing sensitive data such as the ...

5CVSS6.7AI score0.02821EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2006/01/22 8:0 p.m.24 views

CVE-2006-0370

Noah Medling RCBlog 1.03 stores the data and config directories under the web root with insufficient access control, which allows remote attackers to view account names and MD5 password hashes...

6.7AI score0.01721EPSS
Exploits1References7
CVE
CVE
added 2006/01/22 8:0 p.m.49 views

CVE-2006-0370

RCBlog 1.03 is affected by CVE-2006-0370 due to insufficient access control that allows remote attackers to view account names and MD5 password hashes by accessing data and config directories under the web root. OpenVAS/Nessus entries corroborate a related directory traversal/vector in RCBlog’s P...

5CVSS6.7AI score0.01721EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder