Lucene search
+L

131 matches found

Exploit DB
Exploit DB
added 2004/12/10 12:0 a.m.50 views

NapShare 1.2 - Remote Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/11967/info It is reported that NapShare is susceptible to a remote buffer overflow vulnerability. This is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed-size memory buffer. Attackers runni...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/10/05 12:0 a.m.16 views

PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities

PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11329/info PHPLinks is reported prone to multiple input validation vulnerabilities. A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2004/05/10 12:0 a.m.19 views

Open WebMail 1.x2.x - Remote Command Execution Variant

Open WebMail 1.x2.x - Remote Command Execution Variant source: https://www.securityfocus.com/bid/10316/info A vulnerability has been reported in Open WebMail that allows a remote attacker to execute arbitrary commands on a vulnerable host. The problem is due to insufficient sanitization of shell...

0.6AI score
Exploits0
NVD
NVD
added 2004/04/26 4:0 a.m.21 views

CVE-2004-1077

Citrix Program Neighborhood Agent for Win32 8.00.24737 and earlier and MetaFrame Presentation Server client for WinCE before 8.33 allows remote servers to create arbitrary shortcuts on the client via a full UNC path in the AppInStartmenu directive...

5CVSS6.7AI score0.01165EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2004/04/14 12:0 a.m.55 views

neon format string vulnerabilities

Greuff reports that the neon WebDAV client library contains several format string bugs within error reporting code. A malicious server may exploit these bugs by sending specially crafted PROPFIND or PROPPATCH responses. Although several applications include neon, such as cadaver and subversion, t...

6.8CVSS6.5AI score0.11056EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/02/05 12:0 a.m.26 views

BEA WebLogic config.xml Operator/Admin Password Disclosure

The remote web server is running WebLogic. BEA WebLogic Server and WebLogic Express are reportedly may allow disclosure of Operator or Admin passwords. An attacker who has interactive access to the affected managed server may potentially exploit this issue in a timed attack to harvest credentials...

4.6CVSS5.6AI score0.00422EPSS
Exploits0References1
exploitpack
exploitpack
added 2004/01/24 12:0 a.m.18 views

Oracle HTTP Server 8.1.79.0.19.2 - isqlplus Cross-Site Scripting

Oracle HTTP Server 8.1.79.0.19.2 - isqlplus Cross-Site Scripting source: https://www.securityfocus.com/bid/9484/info Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/10 12:0 a.m.32 views

MySQL 3.23.x/4.0.x - Password Handler Buffer Overflow

source: https://www.securityfocus.com/bid/8590/info MySQL server has been reported prone to a buffer overflow vulnerability when handling user passwords of excessive size. The issue presents itself, due to a lack of sufficient bounds checking performed when processing MySQL user passwords. A...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/07/21 12:0 a.m.15 views

atomicboard 0.6.2 - Directory Traversal

atomicboard 0.6.2 - Directory Traversal source: https://www.securityfocus.com/bid/8236/info It has been reported that attackers may be able to modify the 'location' variable passed to the index.php file to cause the Web server to return arbitrary files. This script is prone to a directory travers...

Exploits0
exploitpack
exploitpack
added 2003/07/10 12:0 a.m.26 views

PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion

PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion source: https://www.securityfocus.com/bid/8158/info phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of...

Exploits0
Exploit DB
Exploit DB
added 2003/07/09 12:0 a.m.36 views

QuadComm Q-Shop 2.5 - Failure To Validate Credentials

source: https://www.securityfocus.com/bid/8153/info Zone-H has reported that the Q-Shop ASP shopping cart software contains a vulnerability that may allow remote attackers to upload arbitrary files. Once uploaded, the attacker may be able to have the script executed in the security context of the...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/04 12:0 a.m.35 views

Xpressions Interactive - Multiple SQL Injections

source: https://www.securityfocus.com/bid/7804/info Several software products maintained by Xpressions Interactive are prone to SQL injection attacks. The vulnerability exists in the login.asp page. Specifically, user-supplied input is not sufficiently sanitized of malicious SQL queries. An...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/05/24 12:0 a.m.12 views

BLNews 2.1.3 - Remote File Inclusion

BLNews 2.1.3 - Remote File Inclusion source: https://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/05/09 12:0 a.m.23 views

ttCMS 2.2 / ttForum 1.1 - 'install.php?installdir' Remote File Inclusion

source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for a remote attacker to include a...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/02/27 12:0 a.m.18 views

Invision Board 1.1.1 - ipchat.php Remote File Inclusion

Invision Board 1.1.1 - ipchat.php Remote File Inclusion source: https://www.securityfocus.com/bid/6976/info Invision Board is prone to an issue that may allow remote attackers to include files located on attacker-controlled servers. This vulnerability is as a result of insufficient sanitization...

Exploits0
exploitpack
exploitpack
added 2003/02/19 12:0 a.m.55 views

cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)

cPanel 5.0 - Guestbook.cgi Remote Command Execution 3 source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cg...

Exploits0
Cvelist
Cvelist
added 2002/12/11 5:0 a.m.26 views

CVE-2002-1344

Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing 1 /absolute/path or 2 .. dot dot sequences...

6.2AI score0.04249EPSS
Exploits0References17
exploitpack
exploitpack
added 2002/11/25 12:0 a.m.12 views

acFTP 1.4 - Invalid Password Weak Authentication

acFTP 1.4 - Invalid Password Weak Authentication source: https://www.securityfocus.com/bid/6235/info A vulnerability has been reported for acFTP. Reportedly, acFTP allows users to authenticate without a valid password. An attacker can exploit this vulnerability and log on to the vulnerable FTP...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2002/11/09 12:0 a.m.23 views

Mollensoft Software Enceladus Server Suite 2.6.1/3.9 - Directory Traversal

source: https://www.securityfocus.com/bid/6338/info It has been reported that Enceladus fails to properly sanitize web requests. By sending a malicious web request to the vulnerable server, using directory traversal sequences, it is possible for a remote attacker to view and download sensitive...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/24 12:0 a.m.43 views

CodeBlue 5.1 - SMTP Response Buffer Overflow

// source: https://www.securityfocus.com/bid/5300/info CodeBlue is an Apache httpd log scanning utility that attempts to contact the administrators of hosts infected with worms. A buffer overflow vulnerability has been reported in CodeBlue. The condition occurs when processing responses from SMTP...

7AI score
Exploits0
Rows per page
Query Builder