Lucene search
K

7808 matches found

OpenVAS
OpenVAS
added 2010/10/08 12:0 a.m.258 views

Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability

The host is running Microsoft IIS Webserver and is prone to stack based buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbmsiisbofvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 201...

9.3CVSS0.5AI score0.32826EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2010/10/08 12:0 a.m.76 views

Microsoft IIS ASP Stack Based Buffer Overflow Vulnerability (MS10-065) - Active Check

Microsoft IIS Webserver is prone to a stack based buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.3CVSS5.2AI score0.32826EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2010/09/17 12:0 a.m.19 views

XMB 1.9.11 Cross Site Request Forgery

...

0.7AI score
Exploits0
0day.today
0day.today
added 2010/09/07 12:0 a.m.21 views

phpcrs <= 3.Za / Local File Inclusion Vulnerability

Exploit for php platform in category web applications =================================================== phpcrs Software Link: http://sourceforge.net/projects/phpcrs/ Version: eNYe-Sec - www.enye-sec.org --Bug -- 123. elseif isset$POST'btnStartImport' 124...

7.1AI score
Exploits0
htbridge
htbridge
added 2010/09/01 12:0 a.m.44 views

Cross-site Scripting (XSS) Vulnerability in AChecker

High-Tech Bridge SA Security Research Lab has discovered vulnerability in AChecker which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in AChecker: CVE-2010-3455 The vulnerability exists due to input sanitation error in the "uri" parameter in...

4.3CVSS5.7AI score0.01096EPSS
Exploits1Affected Software1
htbridge
htbridge
added 2010/09/01 12:0 a.m.38 views

Cross-site Scripting (XSS) Vulnerabilities in ATutor

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ATutor which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in ATutor The vulnerability exists due to input sanitation error in the "cid" parameter in...

2.6CVSS6.3AI score
Exploits0Affected Software1
OSV
OSV
added 2010/08/24 8:0 p.m.2 views

DEBIAN-CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

7.5CVSS7.8AI score0.14714EPSS
Exploits1References1
OSV
OSV
added 2010/08/24 8:0 p.m.6 views

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

7.2AI score
Exploits0References11
Prion
Prion
added 2010/08/24 8:0 p.m.23 views

Cross site request forgery (csrf)

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

7.5CVSS7.7AI score0.14714EPSS
Exploits1References10Affected Software1
CVE
CVE
added 2010/08/24 7:0 p.m.99 views

CVE-2010-3055

CVE-2010-3055 affects phpMyAdmin 2.11.x before 2.11.10.1. The configuration setup script (scripts/setup.php) does not properly restrict key names in its output file, enabling a remote attacker to execute arbitrary PHP code via a crafted POST request. The issue, with a CVSS v2 base score of 7.5 (H...

7.5CVSS6.6AI score0.14714EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2010/08/24 7:0 p.m.34 views

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

6.7AI score0.14714EPSS
Exploits1References10
Debian CVE
Debian CVE
added 2010/08/24 7:0 p.m.23 views

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

7.5CVSS7.1AI score0.14714EPSS
Exploits1
htbridge
htbridge
added 2010/08/23 12:0 a.m.44 views

Multiple Vulnerabilities in SantaFox

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in SantaFox which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in SantaFox: CVE-2010-3463 The vulnerability exists due to input...

5.1CVSS6.2AI score0.01096EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/08/23 12:0 a.m.28 views

Open-Realty index.php select_users_lang Parameter Traversal Local File Inclusion

The web server hosts Open-Realty, a web-based real estate listing management application written in PHP. At least one install of Open-Realty on the remote host fails to sanitize user-supplied input to the 'selectuserslang' parameter in POST requests to the 'index.php' script before using it to...

6.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2010/08/03 12:0 a.m.21 views

Novell iManager Class Name Remote Buffer Overflow (CVE-2010-1929)

Novell iManager is a web-based administration console that provides management of many other Novell products. The iManager service itself is a Java web application running on top of the Tomcat application container. A buffer overflow vulnerability exists in Novell iManager. The vulnerability is d...

9CVSS7.6AI score0.16097EPSS
Exploits10
Packet Storm
Packet Storm
added 2010/07/13 12:0 a.m.20 views

chillyCMS 1.1.3 Cross Site Request Forgery

input type="hidden...

1AI score
Exploits0
exploitpack
exploitpack
added 2010/07/09 12:0 a.m.17 views

dotDefender 3.8-5 - Remote Code Execution (via Cross-Site Scripting)

dotDefender 3.8-5 - Remote Code Execution via Cross-Site Scripting / DotDefender = 3.8-5 No Authentication Remote Code Execution Through XSS Tested on DotDefender 3.8-5 On Ubuntu Server 9.10 64-bit with Firefox 3.6.3 Paul Hand aka rAWjAW AT offsec.com Original Post-Authentication Remote Command...

0.5AI score
Exploits0
htbridge
htbridge
added 2010/07/08 12:0 a.m.36 views

Multiple Cross-site Scripting (XSS) Vulnerabilities in Spitfire

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Spitfire which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in Spitfire 1.1 The vulnerability exists due to input sanitation error in the "cmsid" and...

4.3CVSS6.5AI score
Exploits0Affected Software1
myhack58
myhack58
added 2010/07/05 12:0 a.m.22 views

Star outside the virtual host management system brush money vulnerability+injection vulnerability-vulnerability warning-the black bar safety net

Test station: http://www.. com/ Register for an account, for example: test Visit: http://www.. com/netpay/ips/ Enter your username and amount of recharge. For example: test 1 $ 0 Point the next step will be to generate you an order number. Such as 7 2 2 9 7 8 Remember it Parameter structure:...

0.1AI score
Exploits0
htbridge
htbridge
added 2010/07/01 12:0 a.m.31 views

Multiple Vulnerabilities in Pixie

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Pixie which could be exploited to perform cross-site scripting, script insertions and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Pixie The vulnerability exists due to input...

7.5CVSS7.6AI score0.02388EPSS
Exploits1Affected Software1
Rows per page
Query Builder