Show filters
92 Total Results
Displaying 81-90 of 92
Sort by:
Attacker Value
Unknown

CVE-2009-4552

Disclosure Date: January 04, 2010 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php.
0
0
Attacker Value
Unknown

CVE-2009-4551

Disclosure Date: January 04, 2010 (last updated October 04, 2023)
SQL injection vulnerability in the Survey Pro module for Miniweb 2.0 allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a results action to index.php.
0
0
Attacker Value
Unknown

CVE-2009-3419

Disclosure Date: September 25, 2009 (last updated October 04, 2023)
SQL injection vulnerability in index.php in the Publisher module 2.0 for Miniweb allows remote attackers to execute arbitrary SQL commands via the historymonth parameter.
0
0
Attacker Value
Unknown

CVE-2009-3420

Disclosure Date: September 25, 2009 (last updated October 04, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the Publisher module 2.0 for Miniweb allow remote attackers to inject arbitrary web script or HTML via the (1) begin parameter and the (2) PATH_INFO.
0
0
Attacker Value
Unknown

CVE-2008-1136

Disclosure Date: March 04, 2008 (last updated October 04, 2023)
The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679.
0
0
Attacker Value
Unknown

CVE-2007-6703

Disclosure Date: March 04, 2008 (last updated October 04, 2023)
Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2007-6200

Disclosure Date: December 01, 2007 (last updated October 04, 2023)
Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
0
0
Attacker Value
Unknown

CVE-2007-6199

Disclosure Date: December 01, 2007 (last updated October 04, 2023)
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
0
0
Attacker Value
Unknown

CVE-2007-4978

Disclosure Date: September 19, 2007 (last updated October 04, 2023)
Multiple PHP remote file inclusion vulnerabilities in phpSyncML 0.1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_dir parameter to (1) Decoder.php and (2) Encoder.php in WBXML/.
0
0
Attacker Value
Unknown

CVE-2007-4091

Disclosure Date: August 16, 2007 (last updated October 04, 2023)
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
0
0
View More Topics  < Previous  Next >