Lucene search
+L

767 matches found

OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.18 views

Debian Security Advisory DSA 1404-1 (gallery2)

The remote host is missing an update to gallery2 announced via advisory DSA 1404-1. OpenVAS Vulnerability Test $Id: deb14041.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1404-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

6.4CVSS0.1AI score0.01695EPSS
Exploits0
Atlassian
Atlassian
added 2007/12/07 2:32 p.m.20 views

XSS vulnerability in recently updated and configure RSS feed actions

Our eSecurity team has identified a Cross Site Scripting issue with the confluence server as follows: Arbirtatry javascript can be injected in the following cases which can lead to escalated or invalid privileges being granted to an unauthorized user: 1...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/12/07 2:32 p.m.23 views

XSS vulnerability in recently updated and configure RSS feed actions

Our eSecurity team has identified a Cross Site Scripting issue with the confluence server as follows: Arbirtatry javascript can be injected in the following cases which can lead to escalated or invalid privileges being granted to an unauthorized user: 1...

0.7AI score
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/11/09 12:0 a.m.22 views

Debian DSA-1404-1 : gallery2 - programming error

Nicklous Roberts discovered that the Reupload module of Gallery 2, a web-based photo management application, allowed unauthorized users to edit Gallery's data file. The oldstable distribution sarge does not contain a gallery2 package. The previous gallery package is not affected by this...

6.4CVSS5.3AI score0.01695EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2007/10/22 12:0 a.m.25 views

vanilla-sql.txt

= 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's loop count default 300000\n"; echo "-...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/10/20 12:0 a.m.12 views

Vanilla 1.1.3 - Blind SQL Injection

Vanilla 1.1.3 - Blind SQL Injection = 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's...

0.7AI score
Exploits0
Cvelist
Cvelist
added 2007/09/04 10:0 p.m.22 views

CVE-2007-4669

The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log firebird.log, aka CORE-1148...

6.1AI score0.01198EPSS
Exploits0References7
securityvulns
securityvulns
added 2007/02/13 12:0 a.m.74 views

Jportal 2.3.1 CSRF vulnerability

Type: CSRF Attack / Input Validation Error Remote: Yes Version: 2.3.1 very possible, that older versions are vulnerable too Problem is in admin/admin.adm.php: function addadmin global $name, $mail, $nick, $action, $usertbl, $access; global $nick, $PHPSELF, $pass, $pass, $acce, $op, $goto;...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2006/11/07 12:0 a.m.25 views

efsStream.txt

/ ========================================================================== 0-day Alternative File Stream Exploit for EFS Easy Address Book Web Server =========================================================================== EFS' Easy Address Book Web Server is vulnerable to file stream exploi...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/05/31 12:0 a.m.11 views

PHPMyDesktopArcade 1.0 - index.php Local File Inclusion

PHPMyDesktopArcade 1.0 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/18185/info phpMyDesktop|arcade is prone to a local file-include vulnerability. This may allow unauthorized users to view files and to execute local scripts. An attacker may also be able to execute...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/05/31 12:0 a.m.24 views

PHPMyDesktop/Arcade 1.0 - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/18185/info phpMyDesktop|arcade is prone to a local file-include vulnerability. This may allow unauthorized users to view files and to execute local scripts. An attacker may also be able to execute arbitrary code by way of uploaded images...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.18 views

Invision Power Board Calendar SQL Injection Vulnerability

The remote host is running Invision Power Board - a CGI suite designed to set up a bulletin board system on the remote web server. A vulnerability has been discovered in the sources/calendar.php file that allows unauthorized users to inject SQL commands. SPDX-FileCopyrightText: 2003 Noam Rathaus...

7.5CVSS6.7AI score0.01422EPSS
Exploits1References2
securityvulns
securityvulns
added 2005/05/14 12:0 a.m.68 views

OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.7 UnixWare 7.1.4 UnixWare 7.1.3 : Hyper-Threading information leakage Advisory number: SCOSA-2005.24 Issue date: 2005 May 13 Cross reference: sr893223 fz531468 erg712804 sr893224 fz531469 erg712805...

7.2CVSS0.00505EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/03/18 12:0 a.m.18 views

HP-UX PHSS_23096 : HPSBUX0102-142 Sec. Vulnerability in OV OmniBack (rev.1)

s700800 11.00 OV OB3.10 patch - CORE packet : Security vulnerability with HP OpenView OmniBack Clients, where unauthorized remote users can start a shell as System Administrator. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extract...

5.5AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2004/09/09 12:0 a.m.34 views

Samba: Remote printing non-vulnerability

Background Samba is a freely available SMB/CIFS implementation which allows seamless interoperability of file and print services to other SMB/CIFS clients. Description Due to a bug in the printernotifyinfo function, authorized users could potentially crash their smbd process by sending improperly...

5CVSS6.3AI score0.03907EPSS
Exploits0
exploitpack
exploitpack
added 2004/09/01 12:0 a.m.17 views

IBM DB2 Semaphore Signaling - Denial of Service

IBM DB2 Semaphore Signaling - Denial of Service source: https://www.securityfocus.com/bid/11403/info A denial of service vulnerability has been reported in IBM DB2. This vulnerability is reported to only exist when DB2 is installed on Microsoft Windows operating systems. This issue is due to a...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/01 12:0 a.m.28 views

IBM DB2 Semaphore Signaling - Denial of Service

source: https://www.securityfocus.com/bid/11403/info A denial of service vulnerability has been reported in IBM DB2. This vulnerability is reported to only exist when DB2 is installed on Microsoft Windows operating systems. This issue is due to a failure of the application to properly ensure that...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.21 views

GLSA-200407-09 : MoinMoin: Group ACL bypass

The remote host is affected by the vulnerability described in GLSA-200407-09 MoinMoin: Group ACL bypass MoinMoin contains a bug in the code handling administrative group ACLs. A user created with the same name as an administrative group gains the privileges of the administrative group. Impact : I...

7.5CVSS5.7AI score0.01752EPSS
Exploits0References3
CERT
CERT
added 2004/08/13 12:0 a.m.23 views

JetboxOne may allow unauthorized users to execute arbitrary code

Overview Lack of input validation in JetboxOne version 2.0.8 allows an user to upload arbitrary files to the vulnerable system. This could lead to the execution of arbitrary code. Description JetboxOne, an open-source content management system, could allow an attacker with "AUTHOR" privileges to...

7.9AI score
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2004/07/11 12:0 a.m.65 views

MoinMoin: Group ACL bypass

Background MoinMoin is a Python clone of WikiWiki, based on PikiPiki. Description MoinMoin contains a bug in the code handling administrative group ACLs. A user created with the same name as an administrative group gains the privileges of the administrative group. Impact If an administrative grou...

7.5CVSS6.6AI score0.01752EPSS
Exploits0
Rows per page
Query Builder