Lucene search
K

93 matches found

Zero Day Initiative
Zero Day Initiative
added 2012/06/08 12:0 a.m.33 views

Symantec Web Gateway upload_file Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while...

7.5CVSS5.7AI score0.64061EPSS
Exploits5References1
Exploit DB
Exploit DB
added 2012/04/09 12:0 a.m.19 views

CitrusDB 2.4.1 - Local File Inclusion / SQL Injection

source: https://www.securityfocus.com/bid/52946/info CitrusDB is prone to a local file-include vulnerability and an SQL-injection vulnerability. An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, an...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/03/14 12:0 a.m.16 views

Maxs Guestbook 1.0 - Multiple Remote Vulnerabilities

Maxs Guestbook 1.0 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/52471/info Max's Guestbook is prone to multiple remote vulnerabilities. Exploiting these issues could allow an attacker to execute arbitrary HTML and script code in the context of the affected browser,...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2011/11/30 12:0 a.m.11 views

Manx Multiple Cross Site Scripting and Directory Traversal Vulnerabilities

Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user- supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

6.8AI score
Exploits0References4
Exploit DB
Exploit DB
added 2011/11/28 12:0 a.m.21 views

Manx 1.0.1 - '/admin/admin_blocks.php?Filename' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/50839/info Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/28 12:0 a.m.17 views

Manx 1.0.1 - '/admin/tiny_mce/plugins/ajaxfilemanager_OLD/ajax_get_file_listing.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50839/info Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/28 12:0 a.m.18 views

Manx 1.0.1 - '/admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/50839/info Manx is prone to multiple cross-site scripting and directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/22 12:0 a.m.18 views

TA.CMS (TeachArabia) - 'lang' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/50773/info TA.CMS is prone to multiple local file-include and SQL-injection vulnerabilities. An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/11/22 12:0 a.m.17 views

TA.CMS (TeachArabia) - 'index.php?id' SQL Injection

source: https://www.securityfocus.com/bid/50773/info TA.CMS is prone to multiple local file-include and SQL-injection vulnerabilities. An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2011/10/25 12:0 a.m.10 views

RuubikCMS 'f' Parameter Information Disclosure Vulnerability

RuubikCMS is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download local files in the context of the webserver process. This may allow the attacker to obtain sensitive information; other attack...

6.9AI score
Exploits0References2
exploitpack
exploitpack
added 2011/08/31 12:0 a.m.12 views

TinyWebGallery 1.8.4 - Local File Inclusion SQL Injection

TinyWebGallery 1.8.4 - Local File Inclusion SQL Injection source: https://www.securityfocus.com/bid/49393/info TinyWebGallery is prone to multiple local file-include and SQL-injection vulnerabilities. An attacker can exploit these issues to compromise the application, access or modify data, explo...

8.6AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/21 12:0 a.m.25 views

Calibre 0.7.34 - Cross-Site Scripting / Directory Traversal

source: https://www.securityfocus.com/bid/45532/info Calibre is prone to a cross-site scripting vulnerability and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in t...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2010/07/05 12:0 a.m.14 views

Splunk Cross Site Scripting and Directory Traversal Vulnerabilities

Splunk is prone to multiple cross-site scripting vulnerabilities and multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user i...

7AI score
Exploits0References3
exploitpack
exploitpack
added 2010/05/28 12:0 a.m.11 views

Core FTP Server 1.0.343 - Directory Traversal

Core FTP Server 1.0.343 - Directory Traversal source: https://www.securityfocus.com/bid/40422/info Core FTP Server is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/04/12 12:0 a.m.21 views

Blog System 1.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection, and cross-site-scripting issues. Exploiting these...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/02/10 12:0 a.m.19 views

Accellion Secure File Transfer Appliance - Multiple Command Restriction Privilege Escalations

Accellion Secure File Transfer Appliance - Multiple Command Restriction Privilege Escalations source: https://www.securityfocus.com/bid/38176/info Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, including: - Multiple privilege-escalation issues - A directory-travers...

1.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/09/21 12:0 a.m.24 views

Check Point Connectra R62 - '/Login/Login' Arbitrary Script Injection

source: https://www.securityfocus.com/bid/36466/info Check Point Connectra is prone to an arbitrary-script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary script code in the context of the webserver...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/13 12:0 a.m.20 views

phpCommunity2 Multiple Vulnerabilities (Mar 2009) - Active Check

phpCommunity2 is prone to multiple input validation vulnerabilities, including multiple directory traversal issues and SQL-injection issues, and a cross-site scripting issue. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

6.8CVSS6AI score0.01099EPSS
Exploits0References1
exploitpack
exploitpack
added 2009/01/15 12:0 a.m.10 views

MKPortal 1.2.1 - modulesblogindex.php Home Template Textarea SQL Injection

MKPortal 1.2.1 - modulesblogindex.php Home Template Textarea SQL Injection source: https://www.securityfocus.com/bid/33300/info MKPortal is prone to multiple security vulnerabilities, including SQL-injection, HTML-injection, cross-site scripting, arbitrary-file-upload, and...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2008/02/15 12:0 a.m.9 views

Dokeos 1.8.4 - whoisonline.php?id SQL Injection

Dokeos 1.8.4 - whoisonline.php?id SQL Injection source: https://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue...

8.6AI score
Exploits0
Rows per page
Query Builder