Lucene search
K

28 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2006-4201

Malware in sbrugna...

4.3CVSS6.4AI score0.01272EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2003-0336

Malware in sbrugna...

6.8CVSS6.4AI score0.01703EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2006-4202

Malware in sbrugna...

7.5CVSS6.4AI score0.01308EPSS
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Owl Intranet Engine 0.95 'register.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30410/info Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Owl Intranet Engine 0.7 Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7595/info Owl has been reported prone to an authentication bypass vulnerability. The issue presents itself due to a lack of sufficient sanitization when checking the validity of usernames and passwords supplied to...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.128 views

[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass

Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...

Exploits0
Packet Storm
Packet Storm
added 2011/12/15 12:0 a.m.41 views

Owl Intranet Engine 1.00 Authentication Bypass

Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2011/12/15 12:0 a.m.20 views

Owl Intranet Engine 1.00 - 'userid' Authentication Bypass

source: https://www.securityfocus.com/bid/51076/info Owl Intranet Engine is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication process and gain administrative access to the application. Owl Intranet Engine 1.00 is affected; other...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/28 12:0 a.m.21 views

Owl Intranet Engine 0.95 - 'register.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30410/info Owl Intranet Engine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score
Exploits0
NVD
NVD
added 2006/08/17 9:4 p.m.11 views

CVE-2006-4212

SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.01308EPSS
Exploits0References6
CVE
CVE
added 2006/08/17 9:0 p.m.63 views

CVE-2006-4212

CVE-2006-4212 concerns an SQL injection in Owl Intranet Engine, a PHP-based document management system. The entry states that Owl Intranet Engine 0.90 and earlier is vulnerable and that remote attackers can execute arbitrary SQL commands via unspecified vectors. The connected JVN record notes the...

7.5CVSS8.4AI score0.01308EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2006/08/17 9:0 p.m.55 views

CVE-2006-4211

CVE-2006-4211 is an XSS vulnerability in Owl Intranet Engine (b0zz and Chris Vincent Owl Intranet Engine) 0.90 and earlier. The vulnerability allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Documented by NVD as a network-accessible XSS with base score 4.3 (...

4.3CVSS5.7AI score0.01272EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/08/17 9:0 p.m.18 views

CVE-2006-4212

SQL injection vulnerability in b0zz and Chris Vincent Owl Intranet Engine 0.90 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.01308EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2006/08/17 12:0 a.m.27 views

Owl Intranet Engine <= 0.91 Multiple Vulnerabilities

The remote host is running Owl Intranet Engine, a web-based document management system written in PHP. The version of Owl Intranet Engine on the remote host fails to sanitize input to the session id cookie before using it in a database query. Provided PHP's 'magicquotesgpc' setting is disabled, a...

7.5CVSS5.4AI score0.01308EPSS
Exploits0References3
NVD
NVD
added 2006/03/10 11:2 a.m.13 views

CVE-2006-1149

PHP remote file inclusion vulnerability in lib/OWLAPI.php in OWL Intranet Engine 0.82, when registerglobals is enabled, allows remote attackers to include arbitrary files via a URL in the xrmsfileroot parameter, which is not initialized before use...

7.5CVSS6.8AI score0.09767EPSS
Exploits1References6
Prion
Prion
added 2006/03/10 11:2 a.m.11 views

Remote file inclusion

PHP remote file inclusion vulnerability in lib/OWLAPI.php in OWL Intranet Engine 0.82, when registerglobals is enabled, allows remote attackers to include arbitrary files via a URL in the xrmsfileroot parameter, which is not initialized before use...

7.5CVSS7.3AI score0.09767EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2006/03/10 11:0 a.m.48 views

CVE-2006-1149

The CVE-2006-1149 entry applies to Owl Intranet Engine 0.82. PHP remote file inclusion arises when register_globals is on and xrms_file_root is used unsafely in lib/OWL_API.php. An unauthenticated attacker can cause arbitrary file inclusion (and potentially PHP code execution) by supplying a URL ...

7.5CVSS6.8AI score0.09767EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2006/03/10 11:0 a.m.17 views

CVE-2006-1149

PHP remote file inclusion vulnerability in lib/OWLAPI.php in OWL Intranet Engine 0.82, when registerglobals is enabled, allows remote attackers to include arbitrary files via a URL in the xrmsfileroot parameter, which is not initialized before use...

6.8AI score0.09767EPSS
Exploits1References6
securityvulns
securityvulns
added 2006/03/08 12:0 a.m.136 views

[SA19142] Owl Intranet Engine &quot;xrms_file_root&quot; File Inclusion Vulnerability

TITLE: Owl Intranet Engine "xrmsfileroot" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA19142 VERIFY ADVISORY: http://secunia.com/advisories/19142/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Owl Intranet Engine 0.x http://secunia.com/product/1579/...

0.7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/07 12:0 a.m.78 views

OWL Intranet Engine 0.82 - &#039;xrms_file_root&#039; Code Execution

!/usr/bin/perl use IO::Socket; print "WwwWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW\r\n"; print "WWwoLWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW\r\n"; print...

7.4AI score
Exploits0
Rows per page
Query Builder