Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

508 matches found

Cvelist
Cvelistadded 2009/02/17 5:0 p.m.11 views

CVE-2009-0612

Trend Micro InterScan Web Security Virtual Appliance IWSVA 3.x and InterScan Web Security Suite IWSS 3.x, when basic authorization is enabled on the standalone proxy, forwards the Proxy-Authorization header from Windows Media Player, which allows remote web servers to obtain credentials by offeri...

6.6AI score0.0068EPSS
Exploits0References5
securityvulns
securityvulnsadded 2009/02/10 12:0 a.m.25 views

Trend Micro InterScan Web Security Appliance / Trend Micro InterScan Web Security Suite information leak

Proxy-Authorization header is not removed from client request, leaking proxy username/password...

2.1AI score
Exploits0References1
securityvulns
securityvulnsadded 2009/02/10 12:0 a.m.74 views

Trend micro - IWSVA/IWSS - Authorization module password leak

There is possbile get username and password from "Proxy-Authorization" header, which is not correctly removed when authorization header sends WMP. Requirements: - IWSVA/IWSS basic authorization on - Client is using WMP 8-11 as video player - Standalone proxy if upstream proxy is used,...

0.2AI score
Exploits0
Exploit DB
Exploit DBadded 2006/12/21 12:0 a.m.60 views

Ixprim CMS 1.2 - Blind SQL Injection

!/usr/bin/perl INFORMATIONS ============ Affected.scr..: Ixprim 1.2 Poc.ID........: 16061221 Type..........: Blind SQL Injection Risk.level....: Medium Conditions....: loadfile privilege ixp code only Src.download..: www.ixprim-cms.org Poc.link......: acid-root.new.fr/poc/16061221.txt...

7.4AI score
Exploits0
0day.today
0day.todayadded 2006/11/24 12:0 a.m.45 views

Cahier de texte 2.0 (Database Backup/Source Disclosure) Remote Exploit

Exploit for unknown platform in category web applications ====================================================================== Cahier de texte 2.0 Database Backup/Source Disclosure Remote Exploit ====================================================================== !/usr/bin/perl INFORMATIONS...

7.1AI score
Exploits0
Packet Storm
Packet Stormadded 2006/10/04 12:0 a.m.28 views

PixelMotionV2.1.1.txt

!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...

7.4AI score
Exploits0
Cvelist
Cvelistadded 2005/08/29 4:0 a.m.18 views

CVE-2005-2730

The HTTP proxy in Astaro Security Linux 6.0 allows remote attackers to obtain sensitive information via an invalid request, which reveals a Proxy-authorization string in an error message...

6.2AI score0.00306EPSS
Exploits0References2
securityvulns
securityvulnsadded 2003/11/19 12:0 a.m.33 views

Kerio Winroute firewall account information leak

If proxy authorization is used authentication information is not stripped from browser's request...

3.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder