11 matches found
EUVD-2004-1218
Malware in sbrugna...
LAquis SCADA LGX Report TextFile OpenWithoutMemory Path Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...
Authentication Bypass
ezsystems/ezpublish-legacy is vulnerable to Authentication Bypass. The vulnerability is due the standard login handler failing to verify passwords correctly in rare cases when using the legacy LDAP login handler or the TextFile login handler in combination with the standard legacy login handler...
PT-2024-40396 · Ez Systems · Ez Publish Legacy
Name of the Vulnerable Software and Affected Versions: eZ Publish Legacy affected versions not specified Description: The issue concerns a failure of the standard login handler to verify passwords correctly in certain configurations, potentially allowing unauthorized access. This can occur in...
PT-2022-37257 · Git +1 · Bluez
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN READ. The crash state involves functions such as write key, textfile put, and is located in the fuzz...
CVE-2021-36123
An issue was discovered in Echo ShareCare 8.15.5. The TextReader feature in General/TextReader/TextReader.cfm is susceptible to a local file inclusion vulnerability when processing remote input in the textFile parameter from an authenticated user, leading to the ability to read arbitrary files on...
Intel Corporation Shiva Access Manager 5.0 Solaris World Readable LDAP Password
No description provided by source. source: http://www.securityfocus.com/bid/1329/info The Shiva Access Manager is a solution for centralized remote access authentication, authorization, and accounting offered by Intel. It runs on Solaris and Windows NT. Shiva Access Manager is vulnerable to a...
MS Internet Explorer URL Injection in History List (MS04-004)
No description provided by source. // Andreas Sandblad, 2004-02-03, patched by MS04-004 // Name: payload // Purpose: Run payload code called from Local Machine zone. // The code may be arbitrary such as executing shell commands...
Simple GuestBook Bug
.:. Simple one-file guestbook 1.0 .:. Date: ----- August 08, 2006 Vendor: ------- http://www.xeroxer.com/index.php?page=3 Description: ------------ This is my simple one-file guestbook. It's made of one .php file the script and one .txt file the entrystorage file. It uses no database just a flat...
PT-2006-2218 · Textfilebb · Textfilebb
Name of the Vulnerable Software and Affected Versions: textfileBB versions 1.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML via the mess and user parameters in "messanger.php", possibly requiring a URL encoded value. Recommendations: For...
CVE-2004-1221
Directory traversal vulnerability in weblibs.pl in WebLibs 1.0 allows remote attackers to read arbitrary files via .. sequences in the TextFile parameter...