Lucene search
+L

4515 matches found

Packet Storm
Packet Storm
added 2007/10/11 12:0 a.m.43 views

russian-multi.txt

Dear [email protected], Vulnerabilities reported by different Russian speaking authors to http://securityvulns.ru 1. ElektAntichat.ru reports protection bypass vulnerability in PHP 4 and 5. disablefunctions feature can be bypassed by using functions alias. A list of aliases is given in...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2007/09/17 12:0 a.m.9 views

Microsoft Visual Studio RPT File Handling Code Execution (MS07-052; CVE-2006-6133)

Crystal Reports is a software used for designing and generating reports from numerous data sources. A buffer overflow vulnerability has been identified in Business Objects Crystal Reports. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted Crystal Reports...

7.6CVSS7.2AI score0.5202EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/09/14 12:0 a.m.2616 views

AWStats is Openly Accessible

The remote web server is running a version of AWStats that seems to be accessible to the entire Internet. Exposing AWStats unprotected to the entire Internet can aid an attacker in gaining further knowledge of the web server and its contents therein. An attacker may gain access to administrative...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/09/12 12:0 a.m.72 views

MS07-052: Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution (941522)

The remote host is running a version of Microsoft Visual Studio that may allow arbitrary code to be run. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it. Then a bug in th...

7.6CVSS6.4AI score0.5202EPSS
Exploits0References2
securityvulns
securityvulns
added 2007/09/11 12:0 a.m.61 views

Microsoft Security Bulletin MS07-052 - Important

Microsoft Security Bulletin MS07-052 - Important Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution 941522 Published: September 11, 2007 Version: 1.0 General Information Executive Summary This important security update resolves a publicly disclosed vulnerability...

7.6CVSS0.4AI score0.5202EPSS
Exploits0
exploitpack
exploitpack
added 2007/09/06 12:0 a.m.95 views

Trend Micro ServerProtect - eng50.dll Remote Stack Overflow

Trend Micro ServerProtect - eng50.dll Remote Stack Overflow / Copyright c 2007 devcode ^^ D E V C O D E ^^ Trend Micro ServerProtect eng50.dll Stack Overflow CVE-2007-1070 Description: A boundary error within a function in eng50.dll can be exploited to cause a stack-based buffer overflow via a...

10CVSS0.4AI score0.73767EPSS
Exploits27
Atlassian
Atlassian
added 2007/08/31 4:13 a.m.23 views

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

6.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/08/31 4:13 a.m.20 views

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

6.6AI score
Exploits0
Fedora
Fedora
added 2007/06/20 8:5 p.m.17 views

[SECURITY] Fedora 7 Update: denyhosts-2.6-5.fc7

DenyHosts is a Python script that analyzes the sshd server log messages to determine which hosts are attempting to hack into your system. It also determines what user accounts are being targeted. It keeps track of the frequency of attempts from each host and, upon discovering a repeated attack...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/06/05 12:0 a.m.44 views

TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability

TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-07-09 June 4, 2007 -- CVE ID: CVE-2007-2419 -- Affected Vendor: Macrovision -- Affected Products: Update Service 3.x Update Service 4.x Update Service 5.x FLEXnet...

10CVSS1.1AI score0.05531EPSS
Exploits0
Prion
Prion
added 2007/05/11 5:19 p.m.10 views

Design/Logic Flaw

Bradford CampusManager Network Control Application Server 3.16 allows remote attackers to obtain sensitive information backup, log, and configuration files via direct request for certain files in 1 /runTime/ or 2 /remediationReports/...

7.8CVSS6.8AI score0.0169EPSS
Exploits0References6Affected Software1
Prion
Prion
added 2007/05/11 4:19 p.m.11 views

Crlf injection

CRLF injection vulnerability in index.php in Drake CMS 0.4.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the lang parameter. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We d...

5.1CVSS7.5AI score0.0119EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.60 views

CNStats 2.9 (who_r.php) Remote File Include Vulnerability

CNStats 2.9 whor.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- Scripts : CNStats 2.9 Discovered By : irvian scripts site : http://www.cnstats.com/ dork : "CNStats 2.9"...

1.1AI score
Exploits0
seebug.org
seebug.org
added 2007/04/17 12:0 a.m.33 views

CNStats 2.9 (who_r.php bj) Remote File Inclusion Vulnerability

No description provided by source. CNStats 2.9 whor.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- Scripts : CNStats 2.9 Discovered By : irvian scripts site : http://www.cnstats.com/ dork : "CNStats 2.9"...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/04/15 12:0 a.m.61 views

CNStats 2.9 (who_r.php bj) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================== CNStats 2.9 whor.php bj Remote File Inclusion Vulnerability ============================================================== CNStats 2.9 whor.php Remote File Include Vulnerabilit...

7.1AI score
Exploits0
Prion
Prion
added 2007/04/03 4:19 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/classes/ui.dta.php in Drake CMS allows remote attackers to inject arbitrary web script or HTML via the desctitle field. NOTE: Drake CMS has only a beta version available, and the vendor has previously stated "We do not consider security reports vali...

4.3CVSS6.2AI score0.01091EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2007/04/03 4:19 p.m.11 views

Directory traversal

Directory traversal vulnerability in 404.php in Drake CMS allows remote attackers to include and execute arbitrary local arbitrary files via a .. dot dot in the dprivate parameter. NOTE: some of these details are obtained from third party information. NOTE: Drake CMS has only a beta version...

7.5CVSS7.6AI score0.02435EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2007/04/03 4:19 p.m.14 views

Directory traversal

Directory traversal vulnerability in classes/captcha/captcha.jpg.php in Drake CMS allows remote attackers to read arbitrary files or list arbitrary directories, and obtain the installation path, via a .. dot dot in the dprivate parameter. NOTE: Drake CMS has only a beta version available, and the...

5CVSS7.2AI score0.01435EPSS
Exploits0References3
Prion
Prion
added 2007/03/03 9:19 p.m.17 views

Design/Logic Flaw

Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors...

7.5CVSS7.2AI score0.01164EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2007/03/03 9:19 p.m.15 views

CVE-2007-1261

Unspecified vulnerability in the reports system in OpenBiblio before 0.6.0 allows attackers to gain privileges via unspecified vectors...

7.5CVSS6.7AI score0.01164EPSS
Exploits0References4
Rows per page
Query Builder