Rubriques des inscrits

---

---

  

---

Syndication

National Vulnerability Database :: RSS most recent fully analyzed CVE cyber vulnerabilities published within the National Vulnerability Database.

< Février > L M M J V S D 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

Ce jour : 21571 informations libres : [1-20] [21-40] [41-60] [61-80] [81-100] [101-120] [121-140] [141-160] [161-180] [181-200] [201-220] [221-240] [241-260] [261-280] [281-300] [301-320] [321-340] [341-360] [361-380] [381-400] [401-420] [421-440] [441-460] [461-480] [481-500] [501-520] [521-540] [541-560] [561-580] [581-600] [601-620] [621-640] [641-660] [661-680] [681-700] [701-720] [721-740] [741-760] [761-780] [781-800] [801-820] [821-840] [841-860] [861-880] [881-900] [901-920] [921-940] [941-960] [961-980] [981-1000]

CVE-2007-1839 (CodeBB) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Multiple PHP remote file inclusion vulnerabilities in CodeBB 1.1b3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter to (1) pass_code.php or (2) lang_select. (Lire la suite) nvd@nist.gov

CVE-2007-1838 (FriendFinder Module) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

SQL injection vulnerability in view.php in the Friendfinder 3.3 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter. (Lire la suite) nvd@nist.gov

CVE-2007-1837 (MangoBery CMS) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Multiple PHP remote file inclusion vulnerabilities in MangoBery CMS 0.5.5 allow remote attackers to execute arbitrary PHP code via a URL in the Site_Path parameter to (1) boxes/quotes.php or (2) templates/mangobery/footer.sample.php. (Lire la suite) nvd@nist.gov

CVE-2007-1835 (PHP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path (session.save_path), uses the TMPDIR default after checking the restrictions, which allows local users to bypass open_basedir restrictions. (Lire la suite) nvd@nist.gov

CVE-2007-1834 (Unified CallManager, Unified Presence Server) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID (...) (Lire la suite) nvd@nist.gov

CVE-2007-1833 (Unified CallManager) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (...) (Lire la suite) nvd@nist.gov

CVE-2007-1832 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to upload certain files (1) via a crafted filename or (2) by "using percent encoding in forms." (Lire la suite) nvd@nist.gov

CVE-2007-1831 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERY_STRING. (Lire la suite) nvd@nist.gov

CVE-2007-1830 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to (...) (Lire la suite) nvd@nist.gov

CVE-2007-1829 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Multiple unspecified vulnerabilities in web-app.net WebAPP have unknown impact and attack vectors, described as "[having] other [security] issues too, not as bad as letting users take over your admin account, but bad too." (Lire la suite) nvd@nist.gov

CVE-2007-1828 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Multiple cross-site scripting (XSS) vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the QUERY_STRING corresponding to drop downs or (2) various (...) (Lire la suite) nvd@nist.gov

CVE-2007-1827 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Multiple unspecified vulnerabilities in form input validation in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to corrupt data files, gain access to private files, and execute arbitrary code via "certain (...) (Lire la suite) nvd@nist.gov

CVE-2006-7191 (LDAP Account Manager) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program. (Lire la suite) nvd@nist.gov

CVE-2006-7190 (Web-APP.net) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Cross-site scripting (XSS) vulnerability in cgi-bin/user-lib/topics.pl in web-app.net WebAPP before 20060515 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the viewnews function, related to use of doubbctopic instead of (...) (Lire la suite) nvd@nist.gov

CVE-2006-7189 (Web-APP.net) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Cross-site scripting (XSS) vulnerability in cgi-bin/admin/logs.cgi in web-app.net WebAPP before 20060403 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the Statistics Log Viewer. (Lire la suite) nvd@nist.gov

CVE-2006-7188 (Web-APP.net) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to read internal forum posts via certain requests, possibly related to the $info'forum' variable. (Lire la suite) nvd@nist.gov

CVE-2006-7187 (WebAPP) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

Cross-site scripting (XSS) vulnerability in the show_recent_searches function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to inject arbitrary web script or HTML via the srch variable. (Lire la suite) nvd@nist.gov

CVE-2007-1840 (LDAP Account Manager) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

lib/modules.inc in LDAP Account Manager (LAM) before 1.3.0 does not escape HTML special characters in LDAP data, which allows remote attackers to have an unknown impact, probably cross-site scripting (XSS). (Lire la suite) nvd@nist.gov

CVE-2007-1836 (Data Domain OS) par nvd@nist.gov Lundi 2 Avril 2007 :: National Vulnerability Database :: RSS

The command line administration interface in Data Domain OS before 4.0.3.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in certain arguments to various commands, as demonstrated by the interface argument to the (1) ifconfig and (2) ping (...) (Lire la suite) nvd@nist.gov

CVE-2007-1790 (Kaqoo Auction Software) par nvd@nist.gov Samedi 31 Mars 2007 :: National Vulnerability Database :: RSS

Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the install_root parameter to (1) support.inc.php, (2) function.inc.php, (3) rdal_object.inc.php, (4) rdal_editor.inc.php. (5) (...) (Lire la suite) nvd@nist.gov

[1-20] [21-40] [41-60] [61-80] [81-100] [101-120] [121-140] [141-160] [161-180] [181-200] [201-220] [221-240] [241-260] [261-280] [281-300] [301-320] [321-340] [341-360] [361-380] [381-400] [401-420] [421-440] [441-460] [461-480] [481-500] [501-520] [521-540] [541-560] [561-580] [581-600] [601-620] [621-640] [641-660] [661-680] [681-700] [701-720] [721-740] [741-760] [761-780] [781-800] [801-820] [821-840] [841-860] [861-880] [881-900] [901-920] [921-940] [941-960] [961-980] [981-1000]