Lucene search
K

70 matches found

OSV
OSV
added 2012/10/01 12:55 a.m.2 views

DEBIAN-CVE-2012-2241

scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted 1 .dsc or 2 .changes file, probably related to a NULL byte in a filename...

5CVSS7AI score0.01505EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/03/01 10:42 p.m.3 views

Mailman: Three XSS flaws due improper escaping of the full name of the member

Multiple cross-site scripting XSS vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 full name or 2 username field in a confirmation message...

4.3CVSS7.3AI score0.04248EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2010/10/22 12:0 a.m.36 views

RedHat Update for thunderbird RHSA-2010:0780-01

Check for the Version of thunderbird OpenVAS Vulnerability Test RedHat Update for thunderbird RHSA-2010:0780-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

9.3CVSS0.2AI score0.04644EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2007/02/24 2:41 a.m.6 views

security flaw

browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting XSS attacks by opening a blocked popup originating from a javascript: URI in...

6.8CVSS7.3AI score0.02494EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/10/05 12:4 p.m.7 views

security flaw

mysqlinstalldb in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysqlinstalldb.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents...

4.6CVSS6.1AI score0.00615EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/06/10 12:0 a.m.28 views

Siteframe siteframe.php LOCAL_PATH Parameter Remote File Inclusion

The remote host is running Siteframe, an open source content management system using PHP and MySQL. The installed version of Siteframe does not properly sanitize the 'LOCALPATH' parameter of the 'siteframe.php' script before using it to include files. By leveraging this flaw, an attacker is able ...

7.5CVSS6AI score0.04046EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/12/06 12:0 a.m.19 views

PAFileDB Multiple Script Error Message Path Disclosure

There is a flaw in the remote version of paFileDB that may let an attacker obtain the physical path of the remote installation by sending a malformed request to one of the scripts 'admins.php', 'category.php', or 'team.php'. This information may help an attacker make more focused attacks against...

5.4AI score
Exploits0References1
Packet Storm
Packet Storm
added 2003/07/18 12:0 a.m.31 views

diginews.txt

Digi-news and Digi-ads version 1.1 admin access without password .oO Overview Oo. Digi-news and Digi-ads version 1.1 admin access without password Discovered on 2003, March, 30th Vendor: Digi-FX Digi-news 1.1 is a PHP news editor. It allows you to easily add, edit, and delete news. Digi-ad 1.1 is...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/11/21 12:0 a.m.128 views

CGIForum 1.0 Vulnerability

Hi, Date: 2000/11/20 Affected Application: CGIForum 1.0 http://www.marcbrinkmann.de/inandonline/netz/CGIForum-1.0.tar.gz Markus Triska [email protected] CGIForum is a free forum. We can set 'thesection' parameter to view files on the vulnerable system with privileges of the user "nobody". This is...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2000/05/14 12:0 a.m.35 views

allmanage.pl.txt

Allmanage.pl vulnerability 13 may 2000 Websites using 'Allmanage Website Administration Software 2.6 WITH the upload ability', and maybe earlier versions , contain a vulnerability wich gives you full add/del/change access in the user-account directories and you can change the files in the main...

7.4AI score
Exploits0
Rows per page
Query Builder