CVE-2000-0397

CVE-2000-0397 affects the EMURL web-based email account software. The vulnerability arises because session URLs encode predictable identifiers, enabling a remote attacker to access a user’s email account. The available documents do not specify affected product versions, root cause beyond predicta...

Mozilla Bugzilla 2.4/2.6/2.8/2.10 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1199/info Bugzilla is a web-based bug-tracking system based on Perl and MySQL. It allows people to submit bugs and catalogs them. Bugzilla is prone to a vulnerability which may allow remote users to execute arbitrary commands on the target webserver. When...

LinuxConf Detection

The remote host is running LinuxConf, a web-based administration tool for Linux. It is suggested to not allow anyone to connect to this service. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10135; scriptversion"1.23"; scriptcvsdate"Date: 2019/11/22";...

CVE-1999-0982

The Sun Web-Based Enterprise Management WBEM installation script stores a password in plaintext in a world readable file...

PT-1999-1502 · Sun · Sun Wbem

Name of the Vulnerable Software and Affected Versions: Sun Web-Based Enterprise Management WBEM affected versions not specified Description: The issue concerns the storage of a password in plaintext within a world-readable file by the Sun Web-Based Enterprise Management WBEM installation script...

Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service

Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service source: https://www.securityfocus.com/bid/820/info The Mdaemon mail server for Windows includes a small web server for web-based remote administration. This webserver is vulnerable due to an unchecked buffer that handles incoming GET...

Alt-N MDaemon 2.8.5 - WebConfig Overflow Denial of Service

source: https://www.securityfocus.com/bid/820/info The Mdaemon mail server for Windows includes a small web server for web-based remote administration. This webserver is vulnerable due to an unchecked buffer that handles incoming GET requests. An abnormally large URL sent to the WebConfig service...

Microsoft IIS 4 (Windows NT) - Remote Web-Based Administration

source: https://www.securityfocus.com/bid/189/info Web-based administration for IIS 4.0 is, by default, limited to the local loopback address, 127.0.0.1. In instances where IIS4.0 was installed as an upgrade to IIS 2.0 or 3.0, a legacy ISAPI DLL ISM.DLL is left in the /scripts/iisadmin directory...

Matt Wright FormMail 1.x - Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/2080/info FormMail is a widely-used web-based e-mail gateway, which allows form-based input to be emailed to a specified user. A web server can use a remote site's FormMail script without authorization, using remote system resources or exploiting other...

CVE-2024-33402

A SQL injection vulnerability in /model/approvepettycash.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33802

A SQL injection vulnerability in /model/getstudentsubject.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the index parameter...

CVE-2024-33799

A SQL injection vulnerability in /model/getteacher.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33803

A SQL injection vulnerability in /model/getexam.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

CVE-2024-33805

A SQL injection vulnerability in /model/getstudent.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...