CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

309 matches found

Tenable Nessus•added 2003/03/09 12:0 a.m.•67 views

MS00-035: MS SQL7.0 Service Pack may leave passwords on system (263968)

The installation process of the remote MS SQL server left a file named 'sqlsp.log' on the remote host. This file contains the password assigned to the 'sa' account of the remote database. An attacker may use this flaw to gain administrative access to the database server. C Tenable Network Securit...

2.1CVSS5.7AI score0.78483EPSS

Exploits7References2

exploitpack•added 2002/06/06 12:0 a.m.•21 views

Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities

Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities source: https://www.securityfocus.com/bid/4957/info It has been reported that multiple vulnerabilities exist in CBMS. Reportedly, it is possible to inject both JavaScript and SQL code into the system. It may be possible to execute...

0.1AI score

Exploits0

CVE•added 2002/02/02 5:0 a.m.•39 views

CVE-2001-1025

CVE-2001-1025 concerns PHP-Nuke 5.x. The vulnerability allows remote attackers to perform arbitrary SQL operations by modifying the prefix variable in scripts that do not define it (for example, by including mainfile.php), such as article.php. The mechanism is an injection flaw arising from unsaf...

10CVSS7.3AI score0.00073EPSS

Exploits1References2Affected Software1

securityvulns•added 2001/09/05 12:0 a.m.•62 views

[ Hackerslab bug_paper ] Informix-SQL application vulnerability

============================================================================== Hackerslab bugpaper Informix-SQL application vulnerability ============================================================================== File : Informix-SQL application SYSTEM : Systems running Informix INFO : There i...

1.2AI score

Exploits0

securityvulns•added 2001/07/16 12:0 a.m.•33 views

AdCycle SQL Command Insertion Vulnerability - qDefense Advisory Number QDAV-2001-7-2

AdCycle SQL Command Insertion Vulnerability qDefense Advisory Number QDAV-2001-7-2 Product: AdCycle Vendor: AdCyle http://adcycle.com Severity: Remote; Attacker may gain AdCycle administrator status Versions Affected: Versions up to and including 1.15 Vendor Status: Vendor contacted; has released...

0.7AI score

Exploits0

securityvulns•added 2000/08/11 12:0 a.m.•72 views

Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability

I've recently discovered the following vulnerability: Product: Tumbleweed Messaging Management System MMS Formerly Worldtalk Worldsecure http://www.tumbleweed.com/solutions/products/mmsproducts Version: 4.3 - 4.5 all builds Description: Product uses Microsoft's MSDE Database engine which is a...

7.8AI score

Exploits0

exploitpack•added 1999/10/28 12:0 a.m.•19 views

Hughes Technologies Mini SQL (mSQL) 2.0.11 - w3-msql Remote Buffer Overflow

Hughes Technologies Mini SQL mSQL 2.0.11 - w3-msql Remote Buffer Overflow // source: https://www.securityfocus.com/bid/898/info w3-msql is a cgi-program shipped with Mini-SQL which acts as a web interface for msql. There are a number of buffer overflow vulnerabilities in it with one proven to be...

0.7AI score

Exploits0

Tenable Nessus•added 1999/07/28 12:0 a.m.•30 views

Oracle Webserver PL/SQL Stored Procedure GET Request DoS

It was possible to make the remote web server crash by supplying a too long argument to the cgi /ews-bin/fnord. An attacker may use this flaw to prevent your customers to access your website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc...

5CVSS5.5AI score0.00443EPSS

Exploits0References1