Lucene search
+L

6207 matches found

cvelist
cvelist
added 2005/08/17 4:0 a.m.23 views

CVE-2004-2399

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service CPU consumption via delayed responses to DNS queries...

6.6AI score0.01227EPSS
Exploits0References2
cvelist
cvelist
added 2005/08/16 4:0 a.m.25 views

CVE-2004-2349

Multiple SQL injection vulnerabilities in Tunez before 1.20-pre2 allow remote attackers to execute arbitrary SQL queries...

8.3AI score0.01211EPSS
Exploits0References4
packetstorm
packetstorm
added 2005/08/11 12:0 a.m.22 views

FreznoShopSQL.txt

FreznoShop Vulnerability Details Date: May 13, 2005 Mike Shema Versions of FreznoShop http://www.freznoshop.de/ below 1.4.1 are vulnerable to SQL injection due to the use of unvalidated parameters in database queries. Some unpatched versions of 1.4.1 are vulnerable as well. The value of the 'id'...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2005/08/04 12:0 a.m.25 views

PortailPHP 2.4 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/14474/info Portail PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. The consequences of this attack may vary depending on the type of...

7AI score
Exploits0
nessus
nessus
added 2005/08/01 12:0 a.m.31 views

FreeBSD : PowerDNS -- LDAP backend fails to escape all queries (43a7b0a7-f9bc-11d9-b473-00061bc2ad93)

The LDAP backend in PowerDNS has issues with escaping queries which could cause connection errors. This would make it possible for a malicious user to temporarily blank domains. This is known to affect all releases prior to 2.9.18. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

2.1CVSS5.4AI score0.00388EPSS
Exploits0References4
nessus
nessus
added 2005/08/01 12:0 a.m.25 views

Debian DSA-771-1 : pdns - several vulnerabilities

Several problems have been discovered in pdns, a versatile nameserver that can lead to a denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2301 Norbert Sendetzky and Jan de Groot discovered that the LDAP backend did not properly...

5CVSS5.4AI score0.03256EPSS
Exploits0References4
nessus
nessus
added 2005/07/29 12:0 a.m.17 views

PHP-Fusion <= 6.00.106 Multiple Vulnerabilities

According to its banner, the remote host is running a version of PHP-Fusion that suffers from multiple vulnerabilities : - SQL Injection Vulnerability The application fails to sanitize user-supplied input to the 'msgview' parameter of the 'messages.php' script before using it in database queries...

7.5CVSS5.9AI score0.01336EPSS
Exploits1References4
nessus
nessus
added 2005/07/21 12:0 a.m.9 views

Hosting Controller <= 6.1 Hotfix 2.2 Multiple Vulnerabilities

According to its version number, the installation of Hosting Controller on the remote host improperly allows an authenticated user to add hosting plans to his account, to edit the details of his own or anyone else's hosting plans, to view the folders of all resellers and the web admin, to add...

5.5AI score
Exploits0References2
nessus
nessus
added 2005/07/20 12:0 a.m.13 views

PHP-Fusion < 6.00.107 Multiple Vulnerabilities

Binary data 3100.prm...

7.5CVSS7.3AI score0.01336EPSS
Exploits1References4
exploitdb
exploitdb
added 2005/07/20 12:0 a.m.26 views

PHPNews 1.2.x - &#039;auth.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/14333/info PHPNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. This vulnerability could permit remote attackers to pass malicious...

7.4AI score
Exploits0
ubuntucve
ubuntucve
added 2005/07/19 4:0 a.m.23 views

CVE-2005-2301

PowerDNS before 2.9.18, when running with an LDAP backend, does not properly escape LDAP queries, which allows remote attackers to cause a denial of service failure to answer ldap questions and possibly conduct an LDAP injection attack...

5CVSS6AI score0.03256EPSS
Exploits0References1
freebsd
freebsd
added 2005/07/16 12:0 a.m.29 views

PowerDNS -- LDAP backend fails to escape all queries

The LDAP backend in PowerDNS has issues with escaping queries which could cause connection errors. This would make it possible for a malicious user to temporarily blank domains. This is known to affect all releases prior to 2.9.18...

2.1CVSS6.3AI score0.00388EPSS
Exploits0References2
cvelist
cvelist
added 2005/07/14 4:0 a.m.21 views

CVE-2000-1233

SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter...

8.2AI score0.02054EPSS
Exploits1References3
cve
cve
added 2005/07/13 4:0 a.m.47 views

CVE-2005-2253

CVE-2005-2253 is a SQL injection in PhpAuction 2.5, where an attacker can modify SQL queries through the category parameter in adsearch.php. Root cause: unsanitized input used in database queries. Affected: PhpAuction 2.5. Impact: as described by CVE/NVD (base score 7.5, HIGH). Exploitation detai...

7.5CVSS7.5AI score0.0121EPSS
Exploits1References2Affected Software1
nvd
nvd
added 2005/07/11 4:0 a.m.14 views

CVE-2005-2197

SQL injection vulnerability in sql.cls.php in Id Board 1.1.3 allows remote attackers to modify SQL queries, as demonstrated using the f parameter to index.php...

7.5CVSS7.6AI score0.0133EPSS
Exploits1References4
cvelist
cvelist
added 2005/07/10 4:0 a.m.21 views

CVE-2004-2185

Multiple cross-site scripting XSS vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via 1 the UnicodeConverter extension, 2 raw page views, 3 SpecialIpblocklist, 4 SpecialEmailuser, 5 SpecialMaintenance, and 6 ImagePage...

6.7AI score0.02039EPSS
Exploits0References2
debiancve
debiancve
added 2005/07/10 4:0 a.m.40 views

CVE-2004-2185

Multiple cross-site scripting XSS vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via 1 the UnicodeConverter extension, 2 raw page views, 3 SpecialIpblocklist, 4 SpecialEmailuser, 5 SpecialMaintenance, and 6 ImagePage...

6.8CVSS6.7AI score0.02039EPSS
Exploits0
nessus
nessus
added 2005/07/05 12:0 a.m.16 views

osTicket < 1.3.1 Multiple Vulnerabilities

Binary data 3046.prm...

7.5CVSS7.3AI score0.02435EPSS
Exploits4References10
nessus
nessus
added 2005/07/05 12:0 a.m.40 views

osTicket <= 1.3.1 Multiple Vulnerabilities

The version of osTicket installed on the remote host suffers from several vulnerabilities, including: - A Local File Include Vulnerability The application fails to sanitize user-supplied input to the 'inc' parameter in the 'view.php' script. An attacker may be able to exploit this flaw to run...

7.5CVSS6.3AI score0.02435EPSS
Exploits2References5
nessus
nessus
added 2005/06/28 12:0 a.m.48 views

DUamazon Pro Multiple Scripts SQL Injection

The remote host is running DUamazon Pro, an ASP-based storefront from DUware for Amazon affiliates. The installed version of DUamazon Pro fails to properly sanitize user- supplied input in several instances before using it in SQL queries. By exploiting these flaws, an attacker can affect database...

7.5CVSS5.8AI score0.02083EPSS
Exploits1References3
Rows per page
Query Builder