Lucene search
K

7576 matches found

exploitpack
exploitpack
added 2002/07/02 12:0 a.m.13 views

phpAuction 12 - Unauthorized Administrative Access

phpAuction 12 - Unauthorized Administrative Access source: https://www.securityfocus.com/bid/5141/info PhpAuction is a freely available web-based auction system. It is written using PHP scripting language on a MySQL database engine. A flaw in /admin/login.php has been reported in PHPAuction, whic...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2002/06/27 12:0 a.m.32 views

Noguska Nola 1.1.1 [ Intranet Business Management Software ]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Noguska Nola 1.1.1 Intranet Business Management Software .: Software Desciption :. - -- compied from their site -- Redefining the scope of Enterprise Software The NOLA web based software package allows your business to effortlessly reach further than...

Exploits0
exploitpack
exploitpack
added 2002/04/20 12:0 a.m.15 views

Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting

Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting source: https://www.securityfocus.com/bid/4565/info Faq-O-Matic 2.711 and 2.712 is a web-based Frequently Asked Question FAQ management system. It is vulnerable to a cross site scripting issue arising from a failure to filter HTML or script from a...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2002/04/20 12:0 a.m.39 views

Jon Howell Faq-O-Matic 2.7 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/4565/info Faq-O-Matic 2.711 and 2.712 is a web-based Frequently Asked Question FAQ management system. It is vulnerable to a cross site scripting issue arising from a failure to filter HTML or script from a malformed query, returning the submitted script a...

7AI score
Exploits0
CVE
CVE
added 2002/02/02 5:0 a.m.37 views

CVE-2001-1065

CVE-2001-1065 affects Cisco 600-series routers running CBOS 2.0.1–2.4.2ap, where the web-based configuration utility binds to port 80 even when web configuration services are disabled. This could leave the device accessible to an attacker via the web interface. Root cause: the process binds port ...

5CVSS6.8AI score0.01081EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2001/11/19 12:0 a.m.11 views

bharat Mediratta Gallery 1.11.2 - Directory Traversal

bharat Mediratta Gallery 1.11.2 - Directory Traversal source: https://www.securityfocus.com/bid/3554/info Bharat Mediratta Gallery is a free, open source web-based photo album which may be used as an add-on for the PHPNuke web portal. Due to insufficient validation of user-supplied input, it is b...

7.4AI score
Exploits0
NVD
NVD
added 2001/10/30 5:0 a.m.27 views

CVE-2001-0665

Internet Explorer 6 and earlier allows remote attackers to cause certain HTTP requests to be automatically executed and appear to come from the user, which could allow attackers to gain privileges or execute operations within web-based services, aka the "HTTP Request Encoding vulnerability."...

7.5CVSS7.2AI score0.12094EPSS
Exploits0References4
CERT
CERT
added 2001/09/18 12:0 a.m.90 views

Microsoft Windows 2000 Internet Information Server (IIS) and Exchange 2000 vulnerable to DoS via malformed URL (MS01-014)

Overview A vulnerability that affects Microsoft IIS 5.0 and Exchange 2000 allows an intruder to disrupt IIS web services and web-based mail services served via an Exchange server. Description Microsoft IIS 5.0 contains a vulnerability that allows an intruder to cause a memory allocation error by...

5CVSS6.3AI score0.37058EPSS
Exploits0References3
Cisco
Cisco
added 2001/08/23 4:0 a.m.15 views

CBOS Web-based Configuration Utility Vulnerability

...

1.9AI score
Exploits0References1
exploitpack
exploitpack
added 2001/07/24 12:0 a.m.10 views

Proxomitron Naoko-4 - Cross-Site Scripting

Proxomitron Naoko-4 - Cross-Site Scripting source: https://www.securityfocus.com/bid/3087/info Proxomitron is a free web proxy server. Proxomitron is vulnerable to a cross site scripting attack. The condition is present because of the way URLS are displayed in error messages. It is possible for...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2001/06/14 12:0 a.m.35 views

ScreamingMedia SITEWare source code disclosure vulnerability

FS Advisory ID: FS-061201-18-SMSW Release Date: June 11, 2001 Product: ScreamingMedia SITEWare Vendor: ScreamingMedia Inc. http://www.screamingmedia.com Vendor Advisory: http://www.screamingmedia.com/security/sms1001.php Type: Source code disclosure vulnerability Severity: High Author: Mike Shema...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/03 12:0 a.m.25 views

WebTrends Enterprise Reporting Server 3.1 c/3.5 - Source Code Disclosure

source: https://www.securityfocus.com/bid/2812/info WebTrends Live is a web-based reporting service which provides interactive tracking of usage statistics and E-commerce revenue. It is possible to view the source code of arbitrary scripts on the WebTrends Live webserver. This is accomplished by...

7AI score
Exploits0
securityvulns
securityvulns
added 2001/05/04 12:0 a.m.71 views

How to remove .printer mapping (WAS RE: Permanently remove IIS printer mapping)

This is from another list I receive. It explains this scenario rather well. Keith --------------------------------------------------- All IIS Administrators Please Read this Immediately --------------------------------------------------- I wanted to get this out right away. More info to follow. O...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2001/02/10 12:0 a.m.44 views

Internet Explorer Vulnerability to Web Mail-based Spoofing Attacks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VERSIONS AFFECTED Internet Explorer 5.0 on the Macintosh and 4.0 on Windows both have the problem. IE 5 on Windows did not seem vulnerable, however it also didn't display the test image correctly, so there may still be issues. SUMMARY First. Internet...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2001/01/17 12:0 a.m.37 views

iXsecurity.20001120.compaq-authbo.a

iXsecurity Security Vulnerability Report No: iXsecurity.20001120.compaq-authbo.a ======================================= Vulnerability Summary --------------------- Problem: The authentication of Compaq Web-Based Management contains a remotely exploitable buffer overflow Threat: Anyone that has...

8AI score
Exploits0
exploitpack
exploitpack
added 2001/01/07 12:0 a.m.23 views

eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution

eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2000/11/14 12:0 a.m.27 views

iXsecurity.20001107.compaq-wbm.a

iXsecurity Security Vulnerability Report No: iXsecurity.20001107.compaq-wbm.a ==================================== Vulnerability Summary --------------------- Problem: The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files Threat: Anyone that ha...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/14 12:0 a.m.35 views

DCForum 1-6 - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/1951/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. The script improperly validates user-supplied input, which allows the remote viewing of arbitrary files on the host which are...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/11/08 12:0 a.m.32 views

iXsecurity.20001107.compaq-wbm.a

iXsecurity Security Vulnerability Report No: iXsecurity.20001107.compaq-wbm.a ==================================== Vulnerability Summary --------------------- Problem: The default installation of Compaq Web-Based Management on a Netware server reveals sensitive system files Threat: Anyone that ha...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2000/10/07 12:0 a.m.41 views

phpix 1.0 - Directory Traversal

source: https://www.securityfocus.com/bid/1773/info PHPix is a web-based photo-album system written in PHP. It is vulnerable to an attack that allows a malicious remote user to view arbitrary files on the target webserver with the privileges of the webserver. The problem is that "../" character...

7.4AI score
Exploits0
Rows per page
Query Builder