CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

exploitpack•added 2006/02/20 12:0 a.m.•15 views

TTS Software Time Tracking Software 3.0 - edituser.php Access Validation

TTS Software Time Tracking Software 3.0 - edituser.php Access Validation source: https://www.securityfocus.com/bid/16731/info Time Tracking Software is prone to an access-validation vulnerability. This issue is due the application's failure to limit access to administrative sections of the...

Exploit DB•added 2006/02/20 12:0 a.m.•23 views

TTS Software Time Tracking Software 3.0 - 'edituser.php' Access Validation

source: https://www.securityfocus.com/bid/16731/info Time Tracking Software is prone to an access-validation vulnerability. This issue is due the application's failure to limit access to administrative sections of the application. An attacker can exploit this vulnerability to modify user data in...

exploitpack•added 2005/12/08 12:0 a.m.•17 views

Microsoft Excel 95972000200220032004 - Malformed Range Memory Corruption

Microsoft Excel 95972000200220032004 - Malformed Range Memory Corruption source: https://www.securityfocus.com/bid/15780/info Microsoft Excel is susceptible to a remote code-execution vulnerability. This issue was originally disclosed through an eBay auction that has since been terminated. This...

0.1AI score

OpenVAS•added 2005/11/03 12:0 a.m.•25 views

FlexWATCH Authentication Bypassing

There is a vulnerability in the current version of FlexWATCH that allows an attacker to access administrative sections without being required to authenticate. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

10CVSS6.6AI score0.06936EPSS

Exploits1References2

OSV•added 2005/10/06 10:2 a.m.•1 views

DEBIAN-CVE-2005-3165

Multiple cross-site scripting XSS vulnerabilities in MediaWiki before 1.4.9 allow remote attackers to inject arbitrary web script or HTML via 1 tags or 2 Extension or sections that "bypass HTML style attribute restrictions" that are intended to protect against XSS vulnerabilities in Internet...

4.3CVSS5.5AI score0.00268EPSS

Exploits0References1

Cvelist•added 2005/10/06 4:0 a.m.•20 views

CVE-2005-3165

5.3AI score0.00268EPSS

Exploits0References3

RedHat Linux•added 2005/10/05 11:56 a.m.•3 views

security flaw

Integer overflow in the Binary File Descriptor BFD library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer...

4.6CVSS8.2AI score0.00222EPSS

Exploits0References4

CVE•added 2005/03/12 5:0 a.m.•54 views

CVE-2005-0725

CVE-2005-0725 describes an SQL injection in the WF-Sections (wfsections) 1.07 module. The vulnerability exists in the getAllbyArticle function of wfsfiles.php and allows remote attackers to inject arbitrary SQL through the articleid parameter to article.php. Multiple connected records corroborate...

7.5CVSS8.4AI score0.0033EPSS

Exploits0References2Affected Software1

Cvelist•added 2005/03/12 5:0 a.m.•19 views

CVE-2005-0725

SQL injection vulnerability in the getAllbyArticle function in wfsfiles.php for WF-Sections wfsections 1.07 allows remote attackers to execute arbitrary SQL commands via the articleid parameter to article.php...

8.4AI score0.0033EPSS

NVD•added 2005/03/08 5:0 a.m.•11 views

CVE-2005-0725

7.5CVSS8.4AI score0.0033EPSS

Exploit DB•added 2004/09/01 12:0 a.m.•27 views

IBM DB2 - Universal Database Information Disclosure

source: https://www.securityfocus.com/bid/11402/info An information disclosure vulnerability has been reported in IBM DB2. This vulnerability only exists when DB2 is installed on Microsoft Windows operating systems. This is due to a Windows permissions issue related to shared memory sections,...

Exploit DB•added 2004/08/18 12:0 a.m.•34 views

IPD (Integrity Protection Driver) - Denial of Service

/ ipd-dos.c Copyright c 2002-2004 By Next Generation Security S.L. All rights reserved Compiles with: cl ipd-dos.c Madrid, August 2004 / include define MYNULL 0x01 typedef DWORD zwopensectionTYPEDWORD Handle, DWORD mask, DWORD oa; int mainint argc, char argv HINSTANCE dll; zwopensectionTYPE...

Cvelist•added 2000/04/25 4:0 a.m.•20 views

CVE-2000-0050

The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs...

6.3AI score0.00069EPSS

NVD•added 2000/01/04 5:0 a.m.•11 views

CVE-2000-0050

The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs...

4.6CVSS6.3AI score0.00069EPSS