Lucene search
K

416 matches found

securityvulns
securityvulns
added 2006/05/09 12:0 a.m.80 views

Multiple Vulnerabilities In IdealBB ASP Bulletin Board

======================================================================== = CodeScan Advisory, codescan.com [email protected] = = Multiple Vulnerabilities In IdealBB ASP Bulletin Board = = Vendor Website: = http://www.idealscience.com = = Affected Version: = Version 1.5.4a And Earlier = =...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2006/03/23 11:0 a.m.28 views

CVE-2006-1363

images.php in Justin White aka YTZ Free Web Publishing System FreeWPS 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file...

7.5AI score0.02793EPSS
Exploits0References4
Cvelist
Cvelist
added 2006/03/12 9:0 p.m.22 views

CVE-2006-1160

Cross-site scripting XSS vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote attackers to inject arbitrary web script or HTML via the Description field in creating a folder or uploading a file...

5.6AI score0.01299EPSS
Exploits0References6
exploitpack
exploitpack
added 2006/02/11 12:0 a.m.11 views

ImageVue 0.16.1 - readfolder.php?path Arbitrary Directory Listing

ImageVue 0.16.1 - readfolder.php?path Arbitrary Directory Listing source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2006/02/11 12:0 a.m.12 views

ImageVue 0.16.1 - index.php?bgcol Cross-Site Scripting

ImageVue 0.16.1 - index.php?bgcol Cross-Site Scripting source: https://www.securityfocus.com/bid/16594/info ImageVue is prone to multiple vulnerabilities, including unauthorized uploading of files with arbitrary extensions, authentication bypass, information disclosure, and content injection...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2006/01/31 11:0 a.m.25 views

CVE-2006-0478

CRE Loaded 6.15 allows remote attackers to perform privileged actions, including uploading and creating arbitrary files, via a direct request to files.php. NOTE: the vendor states "The initial announcement of this risk was made on our website... and it included a patch which will close the...

6.7AI score0.03076EPSS
Exploits0References6
NVD
NVD
added 2005/12/31 5:0 a.m.13 views

CVE-2005-3057

The FTP component in FortiGate 2.8 running FortiOS 2.8MR10 and v3beta, and other versions before 3.0 MR1, allows remote attackers to bypass the Fortinet FTP anti-virus engine by sending a STOR command and uploading a file before the FTP server response has been sent, as demonstrated using LFTP...

10CVSS6.8AI score0.02718EPSS
Exploits0References6
myhack58
myhack58
added 2005/12/23 12:0 a.m.28 views

Talent network a common problem-a vulnerability warning-the black bar safety net

Today empty down in the visiting talent network. In a matter of habit...so on the fly detection. The program is php,itself due to a PHP injection also not very hanging. So it is looking for a few point of the actuator on the try. Also seems to be no big flower head. On another page it at. Continu...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2005/11/26 12:0 a.m.57 views

Fantastic News "category" SQL inj.

Fantastic News "category" SQL inj. Vuln. dicovered by : r0t Date: 25 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/fantastic-news-category-sql-inj.html Vendor:www.fscripts.com Product link:http://fscripts.com/free.php?id=1 affected version: 2.1.1 and prior Product description:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2005/11/04 12:0 a.m.41 views

CuteNews 1.4.1 remote code execution

CuteNews 1.4.1 Arbitrary file inclusion / remote code execution exploit software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading,...

0.4AI score
Exploits0
CVE
CVE
added 2005/05/03 4:0 a.m.48 views

CVE-2005-1450

Technical details are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.

7.5CVSS7AI score0.01317EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/04/14 4:0 a.m.20 views

CVE-2004-0534

Cross-site scripting XSS vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document...

5.7AI score0.01177EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2005/03/14 5:0 a.m.26 views

CVE-2005-0259

phpBB 2.0.11, and possibly other versions, with remote avatars and avatar uploading enabled, allows local users to read arbitrary files by providing both a local and remote location for an avatar, then modifying the "Upload Avatar from a URL:" field to reference the target file...

6.4CVSS6.1AI score0.02043EPSS
Exploits0References1
CVE
CVE
added 2005/03/13 5:0 a.m.45 views

CVE-2005-0743

The CVE describes an arbitrary PHP file upload flaw in XOOPS 2.0.9.2 and earlier, exploitable via the uploader.php feature because file extensions are not filtered. This allows remote attackers to upload and potentially execute PHP scripts, with impact on confidentiality, integrity, and availabil...

7.5CVSS7.4AI score0.01549EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2004/03/25 12:0 a.m.31 views

Multiple HP WebJet Admin bugs

Directory traversal, file uploading and execution...

2.6AI score
Exploits0References1Affected Software1
CVE
CVE
added 2003/11/18 5:0 a.m.43 views

CVE-2003-0950

CVE-2003-0950 affects PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x. The issue allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the directory name (based on system time) used to store the file, and directly requesting that file. The underlyi...

7.5CVSS8AI score0.02057EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder