18 matches found
EUVD-2021-14203
Malware in sbrugna...
EUVD-2004-2095
Malware in sbrugna...
EUVD-2019-4923
Malware in sbrugna...
EUVD-2023-58232
Malicious code in bioql PyPI...
CVE-2020-10038
A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the device's web server might be able to execute administrative commands without authentication...
PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities
PHPLinks 2.1.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11329/info PHPLinks is reported prone to multiple input validation vulnerabilities. A file include vulnerability is reported to affect the 'index.php' script. This may allow an attacker to include...
Open WebMail 1.x2.x - Remote Command Execution Variant
Open WebMail 1.x2.x - Remote Command Execution Variant source: https://www.securityfocus.com/bid/10316/info A vulnerability has been reported in Open WebMail that allows a remote attacker to execute arbitrary commands on a vulnerable host. The problem is due to insufficient sanitization of shell...
Oracle HTTP Server 8.1.79.0.19.2 - isqlplus Cross-Site Scripting
Oracle HTTP Server 8.1.79.0.19.2 - isqlplus Cross-Site Scripting source: https://www.securityfocus.com/bid/9484/info Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML...
atomicboard 0.6.2 - Directory Traversal
atomicboard 0.6.2 - Directory Traversal source: https://www.securityfocus.com/bid/8236/info It has been reported that attackers may be able to modify the 'location' variable passed to the index.php file to cause the Web server to return arbitrary files. This script is prone to a directory travers...
PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion
PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion source: https://www.securityfocus.com/bid/8158/info phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of...
QuadComm Q-Shop 2.5 - Failure To Validate Credentials
source: https://www.securityfocus.com/bid/8153/info Zone-H has reported that the Q-Shop ASP shopping cart software contains a vulnerability that may allow remote attackers to upload arbitrary files. Once uploaded, the attacker may be able to have the script executed in the security context of the...
BLNews 2.1.3 - Remote File Inclusion
BLNews 2.1.3 - Remote File Inclusion source: https://www.securityfocus.com/bid/7677/info It has been reported that BLNews is prone to a remote file include vulnerability. This is due to the incorrection initilization of some PHP headers within the application. As a result, an attacker may be...
ttCMS 2.2 / ttForum 1.1 - 'install.php?installdir' Remote File Inclusion
source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for a remote attacker to include a...
cPanel 5.0 - Guestbook.cgi Remote Command Execution (3)
cPanel 5.0 - Guestbook.cgi Remote Command Execution 3 source: https://www.securityfocus.com/bid/6882/info A remote command execution vulnerability has been discovered in the cPanel CGI Application. This issue occurs due to insufficient sanitization of externally supplied data to the 'guestbook.cg...
Mollensoft Software Enceladus Server Suite 2.6.1/3.9 - Directory Traversal
source: https://www.securityfocus.com/bid/6338/info It has been reported that Enceladus fails to properly sanitize web requests. By sending a malicious web request to the vulnerable server, using directory traversal sequences, it is possible for a remote attacker to view and download sensitive...
CSSearch 2.3 - Remote Command Execution
source: https://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to execute Perl code with the privileges of the...
Working Resources BadBlue 1.5/1.6 - Directory Traversal
source: https://www.securityfocus.com/bid/4179/info Working Resources BadBlue is a webserver intended to share various resources and is developed for Microsoft Windows environments. BadBlue is prone to directory traversal attacks. It is possible for a remote attacker to submit a malicious web...
NCSA httpd-campas 1.2 - sample script
source: https://www.securityfocus.com/bid/1975/info Campas is a sample CGI script shipped with some older versions of NCSA HTTPd, an obsolete web server package. The versions that included the script could not be determined as the server is no longer maintained, but version 1.2 of the script itse...