|
317141
|
- |
|
andynorman
|
gnuserv
|
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a bu…
|
CWE-120
Classic Buffer Overflow
|
CVE-2001-0191
|
2024-02-15 02:25 |
2001-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317142
|
- |
|
awstats
canonical
debian
|
awstats
ubuntu_linux
debian_linux
|
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $u…
|
CWE-94
Code Injection
|
CVE-2005-1527
|
2024-02-15 01:58 |
2005-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317143
|
7.5 |
HIGH
Network
|
netsourcecommerce
|
productcart
|
EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2004-2172
|
2024-02-15 01:58 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317144
|
- |
|
cgiscript
|
csguestbook
|
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
|
CWE-94
Code Injection
|
CVE-2002-1750
|
2024-02-15 01:57 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317145
|
- |
|
cgiscript
|
cschat-r-box
|
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
|
CWE-94
Code Injection
|
CVE-2002-1752
|
2024-02-15 01:57 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317146
|
- |
|
cgiscript
|
csnews_professional
|
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
|
CWE-94
Code Injection
|
CVE-2002-1753
|
2024-02-15 01:56 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317147
|
5.5 |
MEDIUM
Local
|
daansystems
|
newsreactor
|
NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2002-1682
|
2024-02-15 01:55 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317148
|
7.8 |
HIGH
Local
|
mckesson
|
pathways_homecare
|
Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2001-1546
|
2024-02-15 01:55 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317149
|
9.8 |
CRITICAL
Network
|
arkeia
|
arkeia
|
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password g…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2001-0967
|
2024-02-15 01:55 |
2001-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317150
|
7.8 |
HIGH
Local
|
spectrumcu
|
cash_receipting_system
|
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a passw…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2005-4860
|
2024-02-15 01:54 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
