8004 matches found
Design/Logic Flaw
Perl-Compatible Regular Expression PCRE library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service crash, possibly involving forward references...
CVE-2007-1323
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2893. Reason: this candidate was intended for one issue, but some sources used this identifier for a separate issue, and a duplicate identifier had also been created by the time dual use was detected. Notes: All CVE users...
Design/Logic Flaw
httpd.tkd in Radia Integration Server in Hewlett-Packard HP OpenView Configuration Management CM Infrastructure 4.0 through 4.2i and Client Configuration Manager CCM 2.0 allows remote attackers to read arbitrary files via URLs containing tilde references to home directories, as demonstrated by ro...
CVE-2007-5553
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-4158. Reason: This candidate is a duplicate of CVE-2007-4158. It was based on a vague pre-advisory, so the duplicate was not detected until more details were provided. Notes: All CVE users should reference CVE-2007-4158 inste...
CVE-2007-4851
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5137. Reason: This candidate is a duplicate of CVE-2007-5137. Notes: All CVE users should reference CVE-2007-5137 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
SimpNews version 2.41.03 File Content Disclosure Vulnerability
netVigilance Security Advisory 69 SimpNews version 2.41.03 File Content Disclosure Vulnerability Description: SimpNews is a news system written in PHP. Features: Data stored in MySQL, admin interface, support for multiple languages, support for multiple instances in one database, own header,...
rt-sa-2007-001.txt
Advisory: Alcatel-Lucent OmniPCX Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Alcatel-Lucent OmniPCX during a penetration test. The masterCGI script of the OmniPXC integrated communication solution web interface is vulnerable to a remote command...
CVE-2007-4274
CVE-2007-4274 is rejected/not used and does not represent an active vulnerability entry.
ProCheckUp Security Advisory 2007.19
PR07-19: Cross-site Scripting XSS / HTML injection on Webbler CMS admin login page 2 This advisory has been published following consultation with UK CPNI formerly known as NISCC Date Found: 14th June 2007 Successfully tested on: Webbler CMS version 3.1.3. Earlier versions are possibly affected as...
CVE-2007-3595
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-3399. Reason: This candidate is a duplicate of CVE-2007-3399. Notes: All CVE users should reference CVE-2007-3399 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
[Full-disclosure] Secunia Research: Symantec Mail Security for SMTP Boundary Errors
====================================================================== Secunia Research 27/06/2007 - Symantec Mail Security for SMTP Boundary Errors - ====================================================================== Table of Contents Affected...
CVE-2007-2449.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-2449: Apache Tomcat XSS vulnerabilities in the JSP examples Severity: low cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.2...
[Full-disclosure] [CVE-2007-2449] Apache Tomcat XSS vulnerabilities in the JSP examples
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-2449: Apache Tomcat XSS vulnerabilities in the JSP examples Severity: low cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.2...
CVE-2007-1752
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1499. Reason: This candidate is a duplicate of CVE-2007-1499. Notes: All CVE users should reference CVE-2007-1499 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-3125
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-6772. Reason: This candidate is a duplicate of CVE-2006-6772. Notes: All CVE users should reference CVE-2006-6772 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-3004
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2788. Reason: This candidate is a duplicate of CVE-2007-2788. Notes: All CVE users should reference CVE-2007-2788 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-2413
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2459. Reason: This candidate is a duplicate of CVE-2007-2459. Notes: All CVE users should reference CVE-2007-2459 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
Secunia Research: Evolution Shared Memo Categories Format String Vulnerability
====================================================================== Secunia Research 21/03/2007 - Evolution Shared Memo Categories Format String Vulnerability - ====================================================================== Table of Contents Affected...
Dem_trac acces to log file wihtout authentification
Demtrac acces to log file wihtout authentification By : sn0oPy Risk : low site : http://jc.meier.free.fr exploit : juste add to the url "ancsit.txt" http://www.target.ma http://www.target.ma/ancsit.txt Dork : intitle:"Gestion des fichiers log" contact : [email protected] greetz :...
admentor-sql.txt
AdMentor banners admin SQL injection By : sn0oPy Risk : high Site : http://www.aspcode.net/products/admentor Dork : inurl:"admentor/admin" exploit : UserID = 'or' '=' Password = 'or' '=' contact : [email protected] greetz : subzero, Avg Teamhttp://forums.avenir-geopolitique.net. references :...