Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7574 matches found

OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.19 views

OfficeScan configuration file disclosure

Trend Micro OfficeScan Corporate Edition Japanese version: Virus Buster Corporate Edition web-based management console let anybody access /officescan/hotdownload without authentication. Reading the configuration file /officescan/hotdownload/ofcscan.ini will reveal information on your system. More...

5CVSS0.2AI score0.02414EPSS
Exploits0
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.21 views

vBulletin Init.PHP unspecified vulnerability

The remote host is running vBulletin, a web based bulletin board system written in PHP. The remote version of this software is vulnerable to an unspecified issue. It is reported that versions 3.0.0 through to 3.0.4 are prone to a security flaw in 'includes/init.php'. Successful exploitation...

0.2AI score
Exploits0References1
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.34 views

Compaq Web-based Management Default Credentials (HTTP)

Checks the administrator account on Compaq Web-based Management / HP System Management agents for the default or predictable passwords. SPDX-FileCopyrightText: 2004 SensePost Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.4AI score
Exploits0
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.15 views

File Disclosure in OWL's Workshop

OWL SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only From: Subject: ZH2004-08SA security advisory: OWLS 1.0 Remote arbitrary files retrieving...

5CVSS6.6AI score0.03424EPSS
Exploits2References1
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.20 views

CVSTrac filediff vulnerability

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version of filediff has a flaw in the input sanitation which, when exploited, can lead to a remote attacker executing arbitrary commands on the system. OpenVAS has determined the vulnerability...

7.5CVSS0.2AI score0.13991EPSS
Exploits1References1
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.10 views

CVSTrac history.c history_update function overflow

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the historyupdate function in history.c that may allow an attacker to cause a buffer overflow and execute arbitrary code on the remote system...

8.5AI score
Exploits0References1
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.17 views

CVSTrac filediff vulnerability

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version of filediff has a flaw in the input sanitation which, when exploited, can lead to a remote attacker executing arbitrary commands on the system. SPDX-FileCopyrightText: 2004 David...

7.5CVSS7AI score0.13991EPSS
Exploits1References2
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.27 views

FuseTalk forum XSS

The remote host is using FuseTalk, a web based discussion forum. A vulnerability exists in the script SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

4.3CVSS6.8AI score0.0127EPSS
Exploits1References2
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.25 views

CVSTrac cgi.c multiple overflows

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains multiple flaws in the mprintf, vmprintf, and vxprintf functions in cgi.c. A remote attacker, exploiting this flaw, would be able to execute arbitrary code on the remote system...

8.3AI score
Exploits0References2
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.160 views

YaPiG Multiple Flaws

The remote web server contains a PHP application that is affected by multiple flaws. Description : The remote host is running YaPiG, a web-based image gallery written in PHP. The installed version of YaPiG is vulnerable to multiple flaws: - Remote and local file inclusion. - Cross-site scripting...

7.5CVSS6.5AI score0.03429EPSS
Exploits6References13
OpenVAS
OpenVASadded 2005/11/03 12:0 a.m.14 views

CVSTrac chdir() chroot jail escape

The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to the chdir function that may allow an attacker to escape the chroot jail. An attacker, exploiting this flaw, would be able to access files outside of the web...

7.3AI score
Exploits0References1
Gentoo Linux
Gentoo Linuxadded 2005/10/28 12:0 a.m.20 views

TikiWiki: XSS vulnerability

Background TikiWiki is a web-based groupware and content management system CMS, using PHP, ADOdb and Smarty. Description Due to improper input validation, TikiWiki can be exploited to perform cross-site scripting attacks. Impact A remote attacker could exploit this to inject and execute malicious...

4.3CVSS6.4AI score0.0185EPSS
Exploits0
Symantec
Symantecadded 2005/10/11 12:0 a.m.19 views

Microsoft DirectX DirectShow AVI Processing Buffer Overflow Vulnerability

Description A buffer overflow vulnerability exists in the Microsoft Windows DirectX component. This issue is related to processing of .AVI Audio Visual Interleave media files. The specific vulnerability exists in DirectShow and could be exposed through applications that employ DirectShow to proce...

8.2AI score
Exploits0References3Affected Software7
Packet Storm
Packet Stormadded 2005/09/29 12:0 a.m.24 views

mantis-poc.txt

--------------------------------------------------------------------------- Mantis Bugtracker - Remote Database Scanner and XSS Vulnerabilities --------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2005 Location: Basque Country...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2005/09/22 12:0 a.m.27 views

dscribe14.txt

Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution software: site: http://www.digital-scribe.org/ description: "Teachers have full control through a web-based interface. Designed for easy installation and even easier use, the Digital Scribe has been used in thousands of...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2005/09/15 12:0 a.m.44 views

Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution

Digital Scribe v1.4 Login Bypass / SQL injection / remote code execution software: site: http://www.digital-scribe.org/ description: "Teachers have full control through a web-based interface. Designed for easy installation and even easier use, the Digital Scribe has been used in thousands of...

1.3AI score
Exploits0
Packet Storm
Packet Stormadded 2005/09/15 12:0 a.m.29 views

atutor-151.txt

ATUTOR 1.5.1 possibly prior versions SQL INJECTION / ADMIN & USERS CREDENTIALS DISCLOSURE / INFORMATION DISCLOSURE / USER IMPERSONATION / REMOTE CODE EXECUTION software: site: http://www.atutor.ca/ description: "ATutor is an Open Source Web-based Learning Content Management System LCMS designed...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2005/09/14 12:0 a.m.32 views

ATutor 1.5.1 SQL Injection / Admin credentials disclosure / remote code execution

ATUTOR 1.5.1 possibly prior versions SQL INJECTION / ADMIN & USERS CREDENTIALS DISCLOSURE / INFORMATION DISCLOSURE / USER IMPERSONATION / REMOTE CODE EXECUTION software: site: http://www.atutor.ca/ description: "ATutor is an Open Source Web-based Learning Content Management System LCMS designed...

Exploits0
Tenable Nessus
Tenable Nessusadded 2005/09/12 12:0 a.m.14 views

punBB < 1.2.7 Multiple SQL Injection Vulnerabilities

Binary data 3220.prm...

4.3CVSS7.3AI score0.02429EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2005/09/07 12:0 a.m.21 views

Land Down Under < 802 events.php SQL Injection

Binary data 3209.prm...

7.5CVSS7.3AI score0.02411EPSS
Exploits6References13
Rows per page
Query Builder