176 matches found
CVE-2024-48326
Portabilis i-Educar is affected (versions 2.8.0 and 2.9.0 referenced in connected sources). The vulnerability is a stored XSS in the nm_religiao parameter of the /intranet/educar_religiao_cad.php POST and /intranet/educar_religiao_lst.php?busca=S&nm_religiao= GET endpoints. An unauthenticated att...
CVE-2021-26121
CVE-2021-26121 affects CSCart (CS-Cart Multivendor) via the templates.manage Server-Side Template Injection, enabling remote code execution. The root cause is lack of sandboxing in Smarty templates, allowing a shop admin (with at least Files privileges) to inject and execute code on the server. E...
CVE-2023-39024
Harman Media Suite Portal Settings). An exploit/POC exists (C20FE0B5-806A-56; POC for CVE-2023-39024 and CVE-2023-39025) showing the vulnerability context. Note: whether other extensions like SSRF (CVE-2023-39025) are separately exploitable is indicated by the PoC, but the core CVE-2023-39024 de...
CVE-2024-37010
CVE-2024-37010 is an OwnCloud external-storage IDOR vulnerability where an authenticated user can modify another user’s external storage configuration without proper rights verification. The exploit description demonstrates that updating the target's external storage can change the storage’s name...
CVE-2024-42587
CVE-2024-42587 is linked to SSTI in Jinja2 affecting promptify v2.0.3, per PT-2024-30049/PT-2024-30050 entries. The connected docs identify the issue type (SSTI) and component/version but do not provide further technical details, root cause specifics, exploitability, or remediation guidance. No e...
CVE-2024-42588
CVE-2024-42588 affects promptify 2.0.3 with a remote code execution (RCE) issue labeled in PT-2024-30049/30050 entries as “RCE” associated with eval. The connected docs do not provide exploit details, affected vectors beyond the component/version, or remediation steps. No explicit root cause desc...
CVE-2024-41312
CVE-2024-41312 corresponds to a Stored XSS in InstantCMS, evidenced by a public exploit referencing InstantCMS 2.16.3. The vulnerability occurs via image metadata during the photos upload flow (e.g., embedding payload in the Camera Model Name field) and is triggered when accessing a crafted URL l...
CAN-2005-1921
CVE-2005-1921 is tied to PHPXMLRPC (XML-RPC for PHP), with a remote code execution flaw in the PHPXMLRPC library. Affected product/version: PHPXMLRPC
CAN-2005-2095
CAN-2005-2095 affects SquirrelMail (PHP4)
CAN-2005-2265
Technical details for CVE-2005-2265 are not publicly available in the provided documents. Monitor for updates from trusted sources.
CAN-2002-0662
CVE-2002-0662 affects ScrollKeeper, specifically versions 0.3 to 0.3.11, where scrollkeeper-get-cl creates temporary files insecurely in /tmp. This enables local users to fabricate or overwrite files via a symlink attack on the scrollkeeper-tempfile.x files, as described in Debian advisory DSA-16...
CAN-2003-0108
CVE-2003-0108 corresponds to isakmp_sub_print in tcpdump versions 3.6 through 3.7.1, where a remote attacker can cause a denial of service (CPU consumption) by sending a malformed ISAKMP packet to UDP port 500, potentially triggering an infinite loop. The connected advisories confirm tcpdump as a...
CAN-2003-0085
CVE-2003-0085 is a Samba nttrans buffer overflow affecting Samba 2.2.2–2.2.6 where a bug in the length checking of encrypted password change requests enabled an unauthenticated remote attacker to potentially execute code with root privileges. Public exploit material exists (e.g., Metasploit modul...
CAN-2003-0127
Technical details for CVE-2003-0127 are not publicly provided in the supplied documents. No affected products, root cause, or fixes are described here; monitor for future updates.
CAN-2003-0201
Samba
CAN-2003-0001
CVE-2003-0001 is referenced across multiple connected documents as an Etherleak-related memory disclosure related to Juniper Networks Junos OS and associated PTX/QFX platforms. The Juniper JSA69720 advisory cites two vulnerabilities: Etherleak due to insufficient Ethernet frame padding in NIC dri...
CAN-2003-0213
PoPToP PPTP server vulnerable to a remote buffer overflow (CVE-2003-0213) via ctrlpacket.c. A length field of 0 or 1 feeds a negative value into the read, causing potential buffer overflow and remote code execution or denial of service. Affected versions are PoPToP PPTP server prior to 1.1.4-b3. ...
CAN-2003-0150
CAN-2003-0150 (MySQL) describes a vulnerability in MySQL versions up to and including 3.23.55 where a malicious user could cause the server to run as root by injecting a crafted configuration file. The root cause is the server loading configuration data from files that could be written by or writ...
CAN-2003-0536
CVE-2003-0536 is evidenced in connected docs as a directory traversal flaw in phpSysInfo (and related packages) up to version 2.4 and earlier, enabling remote file inclusion via .. sequences in sensor_program or _SERVER[HTTP_ACCEPT_LANGUAGE], potentially allowing reading of arbitrary files and, i...
CAN-2003-0705
CVE-2003-0705 affects mah-jong (1.5.6 and earlier). The flaw is a buffer overflow that could be triggered remotely to execute arbitrary code with the privileges of the mah-jong server/user process. Public sources in the provided documents confirm the vulnerability and its remote-execution impact,...