Lucene search
K

106 matches found

Packet Storm
Packet Storm
added 2011/04/11 12:0 a.m.19 views

WordPress Spellchecker Local File Inclusion / Remote File Inclusion

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ======++++++ RFI & LFI Wordpress Spellchecker Plugin Vulnerability ++++++====== +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++...

Exploits0
UbuntuCve
UbuntuCve
added 2010/09/22 7:0 p.m.29 views

CVE-2010-3313

phpgwapi/js/fckeditor/editor/dialog/fckspellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary commands v...

7.5CVSS6.2AI score0.08663EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/03/15 12:0 a.m.34 views

Debian DSA-2013-1 : egroupware - several vulnerabilities

Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based groupware suite: Missing input sanitising in the spellchecker integration may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. %NASLMINLEVEL 70300 C...

7.5CVSS5.2AI score0.08663EPSS
Exploits1References4
OSV
OSV
added 2010/03/11 12:0 a.m.27 views

DSA-2013-1 egroupware - several vulnerabilities

Bulletin has no description...

7.5CVSS6AI score0.08663EPSS
Exploits1
Ubuntu
Ubuntu
added 2009/06/24 8:0 p.m.109 views

USN-791-1: Moodle vulnerabilities

Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. CVE-2007-3215 Nigel McNie discovered that fetching https URLs di...

10CVSS8.3AI score0.54003EPSS
Exploits23
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.12 views

MDVA-2008:106-1 : openoffice.org-voikko

openoffice.org-voikko provides Finnish spellchecker and hyphenator component for OpenOffice.org. The package is being updated for the new OpenOffice.org version. Update: Due to a build error, the previous update for i586 architecture was built against the old OpenOffice.org. This update fixes tha...

6.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.13 views

MDVA-2008:106 : openoffice.org-voikko

openoffice.org-voikko provides Finnish spellchecker and hyphenator component for OpenOffice.org. The package is being updated for the new OpenOffice.org version. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on...

6.9AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.12 views

Mandriva Update for openoffice.org-voikko MDVA-2008:106-1 (openoffice.org-voikko)

Check for the Version of openoffice.org-voikko OpenVAS Vulnerability Test Mandriva Update for openoffice.org-voikko MDVA-2008:106-1 openoffice.org-voikko Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

0.1AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.10 views

Mandriva Update for openoffice.org-voikko MDVA-2008:106-1 (openoffice.org-voikko)

Check for the Version of openoffice.org-voikko OpenVAS Vulnerability Test Mandriva Update for openoffice.org-voikko MDVA-2008:106-1 openoffice.org-voikko Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

0.1AI score
Exploits0References2
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.11 views

Mandriva Update for openoffice.org-voikko MDVA-2008:106 (openoffice.org-voikko)

Check for the Version of openoffice.org-voikko OpenVAS Vulnerability Test Mandriva Update for openoffice.org-voikko MDVA-2008:106 openoffice.org-voikko Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you...

0.1AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2007/07/27 12:0 a.m.34 views

FreeBSD : dokuwiki -- XSS vulnerability in spellchecker backend (cddde37a-39b5-11dc-b3da-001921ab2fa4)

DokuWiki reports : The spellchecker tests the UTF-8 capabilities of the used browser by sending an UTF-8 string to the backend, which will send it back unfiltered. By comparing string length the spellchecker can work around broken implementations. An attacker could construct a form to let users...

4.3CVSS5.5AI score0.19242EPSS
Exploits0References3
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.128 views

DokuWiki suffers XSS

COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: DokuWiki Vendor: DokuWiki Project Subject: Cross-site scripting - XSS Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler [email protected] Date: July 19th 2007 Introduction: ------------- Compass Security discovered...

6.8AI score
Exploits0
FreeBSD
FreeBSD
added 2007/06/26 12:0 a.m.29 views

dokuwiki -- XSS vulnerability in spellchecker backend

DokuWiki reports: The spellchecker tests the UTF-8 capabilities of the used browser by sending an UTF-8 string to the backend, which will send it back unfiltered. By comparing string length the spellchecker can work around broken implementations. An attacker could construct a form to let users se...

4.3CVSS6.3AI score0.19242EPSS
Exploits0References1
Prion
Prion
added 2006/06/07 12:2 a.m.23 views

Code injection

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.5CVSS7.5AI score0.13925EPSS
Exploits1References12Affected Software1
NVD
NVD
added 2006/06/07 12:2 a.m.25 views

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.5CVSS7.3AI score0.13925EPSS
Exploits1References12
UbuntuCve
UbuntuCve
added 2006/06/07 12:2 a.m.27 views

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.5CVSS6.2AI score0.13925EPSS
Exploits1References1
OSV
OSV
added 2006/06/07 12:2 a.m.6 views

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.2AI score
Exploits0References14
Debian CVE
Debian CVE
added 2006/06/07 12:0 a.m.65 views

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.5CVSS7.2AI score0.13925EPSS
Exploits1
Cvelist
Cvelist
added 2006/06/07 12:0 a.m.29 views

CVE-2006-2878

The spellchecker spellcheck.php in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expression that is processed by pregreplace with the /e executable modifier...

7.2AI score0.13925EPSS
Exploits1References12
CVE
CVE
added 2006/06/07 12:0 a.m.215 views

CVE-2006-2878

CVE-2006-2878 affects DokuWiki (spellcheck.php) where unsanitized PHP code can be injected through the PHP/complex curly syntax in a preg_replace with the /e modifier. A remote unauthenticated attacker could execute arbitrary PHP commands on the webserver running DokuWiki, as described in multipl...

7.5CVSS7.2AI score0.13925EPSS
Exploits1References12Affected Software1
Rows per page
Query Builder