CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9085 matches found

seebug.org•added 2008/10/23 12:0 a.m.•26 views

Symantec Veritas File System qiomkfile本地信息泄露漏洞

BUGTRAQ ID: 31678 CVECAN ID: CVE-2008-3248 VERITAS File System（VxFS）是Symantec Storage Foundation套件中的文件系统组件。 VxFS的set-uid root程序qiomkfile用于管理帮助提供事件处理效率的特殊文件，qiomkfile将未初始化的数据写入到点文件。如果在命令行通过-s和-h标记向qiomkfile传送了各种数字值的话，就会导致向点文件写入文件系统内存的块。 Symantec Veritas File System 5.x Symantec Veritas File System...

4.6CVSS6.4AI score0.00064EPSS

Exploits1

Positive Technologies•added 2008/10/23 12:0 a.m.•3 views

PT-2008-5939 · Hummingbird · Hummingbird Deployment Wizard

Name of the Vulnerable Software and Affected Versions: Hummingbird Deployment Wizard 2008 version 10.0.0.44 Description: The issue concerns insecure methods in the DeployRun.DeploymentSetup.1 ActiveX control, allowing remote attackers to execute arbitrary programs via the Run and PerformUpdateAsy...

9.3CVSS7.7AI score0.24525EPSS

Exploits2References11

Prion•added 2008/09/30 5:22 p.m.•11 views

Authentication flaw

PHP infoBoard V.7 Plus allows remote attackers to bypass authentication and gain administrative access by setting the infouser cookie to 1...

7.5CVSS7.8AI score0.01521EPSS

Exploits0References2Affected Software1

securityvulns•added 2008/09/29 12:0 a.m.•23 views

Internet Information Service remote set password

""""""""""""""""""""""""""""""""""""""""""""""""""""""""""" """ :::::: :: :: :: :: :: :::: """ """ :: :: :: :: :::::: .. :::: :: """ """ ::::: ::: ::::: :: :: :: :: :: :::: """ """ :: :: :: :: : :: :: :: :: :: :: """ """ :::::: :: :: ::::: :: :::::: :: :: :::: rs.ir """ """ :: """ """ """...

2.4AI score

Exploits0

exploitpack•added 2008/09/21 12:0 a.m.•26 views

PHP iCalendar 2.24 - cookie_language Local File Inclusion Arbitrary File Upload

PHP iCalendar 2.24 - cookielanguage Local File Inclusion Arbitrary File Upload '.$lang'lcalfile'.' '.$filenumber.': '.$lang'lactionsuccess'.''; 84. el...

Exploits0

Tenable Nessus•added 2008/09/08 12:0 a.m.•22 views

GLSA-200809-05 : Courier Authentication Library: SQL injection vulnerability

The remote host is affected by the vulnerability described in GLSA-200809-05 Courier Authentication Library: SQL injection vulnerability It has been discovered that some input e.g. the username passed to the library are not properly sanitised before being used in SQL queries. Impact : A remote...

5.1CVSS6.2AI score0.01583EPSS

Exploits0References2

Packet Storm•added 2008/09/05 12:0 a.m.•15 views

microtik-poc.txt

/ -------------------------------------------------------------------------- c ShadOS 2008 | || || | | |/ / | || | | / - | | ' SNMP Service General Information Summary ... RouterOS supports only Get, which means that you can use this implementation only for network monitoring. The MikroTik Router...

7.4AI score

Exploits0

Exploit DB•added 2008/09/05 12:0 a.m.•53 views

MikroTik RouterOS 3.13 - SNMP write (Set request)

7.4AI score

Exploits0

0day.today•added 2008/08/06 12:0 a.m.•16 views

LoveCMS 1.6.2 Final Update Settings Remote Exploit

Exploit for unknown platform in category web applications ================================================== LoveCMS 1.6.2 Final Update Settings Remote Exploit ================================================== !/usr/bin/ruby Exploit by PoMdaPiMp! --------------------- LoveCMS Exploit Series...

7.1AI score

Exploits0

Tenable Nessus•added 2008/08/01 12:0 a.m.•30 views

SuSE 10 Security Update : net-snmp (ZYPP Patch Number 5422)

This security update of net-snmp fixes a denial of service vulnerability CVE-2008-2292, an authentication bypass CVE-2008-0960 and several memory leaks. In addition net-snmp was patched to allow customization of the agent address set. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

10CVSS6.4AI score0.23493EPSS

Exploits14References4

OSV•added 2008/07/16 6:41 p.m.•6 views

CVE-2008-3197

Cross-site request forgery CSRF vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to 1 the db parameter in the "Creating a Database" functionality dbcreate.php, and 2 the convcharset and collationconnection parameters related...

6.6AI score

Exploits0References16

UbuntuCve•added 2008/07/16 6:41 p.m.•18 views

CVE-2008-3197

3.5CVSS5.9AI score0.00466EPSS

Exploits1References1

NVD•added 2008/07/16 6:41 p.m.•16 views

CVE-2008-3197

3.5CVSS5.6AI score0.00466EPSS

Exploits1References16

Prion•added 2008/07/16 6:41 p.m.•16 views

Cross site request forgery (csrf)

3.5CVSS6.9AI score0.00466EPSS

Exploits1References16Affected Software1

Debian CVE•added 2008/07/16 6:0 p.m.•22 views

CVE-2008-3197

3.5CVSS6.3AI score0.00466EPSS

Exploits1

myhack58•added 2008/07/11 12:0 a.m.•191 views

php escapeshellcmd multibyte encoding vulnerability analysis and extension-a vulnerability warning-the black bar safety net

漏洞公告在 http://www.sektioneins.de/advisories/SE-2008-03.txt PHP 5 = 5.2.5 PHP 4 = 4.4.8 Some allow as GBK, EUC-KR, SJIS, etc. wide byte character set systems may be affected by this impact, the impact is still very large, the domestic virtual host should be the pass to kill, in testing this...

7.9AI score

Exploits0

Prion•added 2008/07/07 11:41 p.m.•25 views

Sql injection

SQL injection vulnerability in the Courier Authentication Library aka courier-authlib before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified...

5.1CVSS8.5AI score0.01583EPSS

Exploits0References9Affected Software1

NVD•added 2008/07/07 11:41 p.m.•10 views

CVE-2008-2667

5.1CVSS8.1AI score0.01583EPSS

Exploits0References9