Lucene search
K

292 matches found

exploitdb
exploitdb
added 2004/02/18 12:0 a.m.29 views

Fool's Workshop Owl's Workshop 1.0 - 'readings/index.php' Arbitrary File Access

source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI parameter. Upon successful exploitation of these issues, an attacker may be able t...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/18 12:0 a.m.11 views

Fools Workshop Owls Workshop 1.0 - newmultiplechoice.php Arbitrary File Access

Fools Workshop Owls Workshop 1.0 - newmultiplechoice.php Arbitrary File Access source: https://www.securityfocus.com/bid/9689/info Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilities because the application fails to validate user-supplied input passed via a URI...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2004/01/20 12:0 a.m.55 views

Yabb SE SQL Injection

Summary: YaBB SE is a PHP/MySQL port of the popular forum software YaBB yet another bulletin board. An SQL Injection vulnerability in the product allows a remote attacker to insert malicious SQL statements. Details: Vulnerable Systems: Yabb Se version 1.5.4 tested, 1.5.3tested maybe others Immune...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2003/08/16 12:0 a.m.15 views

MatrikzGB Guestbook 2.0 - Administrative Privilege Escalation

MatrikzGB Guestbook 2.0 - Administrative Privilege Escalation source: https://www.securityfocus.com/bid/8430/info MatrikzGB Guestbook is prone to a vulnerability that may permit guestbook users to gain administrative rights. It is possible to exploit this issue by manipulating URI parameters...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2003/06/20 12:0 a.m.15 views

WebJeff FileManager 1.6 - File Disclosure

WebJeff FileManager 1.6 - File Disclosure source: https://www.securityfocus.com/bid/7995/info A vulnerability has been reported for Filemanager that may result in the disclosure of arbitrary files. The vulnerability exists due to insufficient sanitization of user-supplied values for URI parameter...

7.4AI score
Exploits0
cvelist
cvelist
added 2003/05/09 4:0 a.m.17 views

CVE-2003-0243

Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the 1 normalhtml.cgi or 2 memberhtml.cgi scripts...

7.6AI score0.03461EPSS
Exploits1References2
nvd
nvd
added 2002/10/04 4:0 a.m.15 views

CVE-2002-0998

Directory traversal vulnerability in cafenews.php for CARE 2002 before beta 1.0.02 allows remote attackers to read arbitrary files via .. dot dot sequences and null characters in the lang parameter, which is processed by a call to the include function...

5CVSS6.8AI score0.02276EPSS
Exploits1References4
cvelist
cvelist
added 2002/08/31 4:0 a.m.24 views

CVE-2002-0923

CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the 1 pheader or 2 pfooter parameters in the "Advanced Settings" capability...

6.5AI score0.06978EPSS
Exploits1References3
cvelist
cvelist
added 2002/08/31 4:0 a.m.29 views

CVE-2001-1401

Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in 1 processbug.cgi, 2 showactivity.cgi, 3 showvotes.cgi, 4 showdependencytree.cgi, 5 showdependencygraph.cgi, 6...

6.6AI score0.01672EPSS
Exploits0References9
nvd
nvd
added 2002/07/26 4:0 a.m.22 views

CVE-2002-0032

Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI...

7.5CVSS7.3AI score0.03871EPSS
Exploits0References5
cve
cve
added 2002/06/25 4:0 a.m.56 views

CVE-2001-1095

CVE-2001-1095 describes a buffer overflow in the uuq utility on AIX 4, allowing local users to execute arbitrary code by supplying a long -r parameter. The available records (NVD, CVE List) confirm the affected platform and the vulnerable component, but do not provide concrete patch/version detai...

4.6CVSS7.8AI score0.00434EPSS
Exploits0References3Affected Software1
exploitpack
exploitpack
added 2002/05/17 12:0 a.m.15 views

Hosting Controller 1.x - DSNManager Directory Traversal

Hosting Controller 1.x - DSNManager Directory Traversal source: https://www.securityfocus.com/bid/4759/info Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems. The DSNManager script does not...

0.2AI score
Exploits0
Rows per page
Query Builder