· 6 years ago · Oct 24, 2019, 04:28 PM
1######################################################################################################################################
2===================================================================================================
3Hostname christianaction.org ISP SingleHop LLC
4Continent North America Flag
5US
6Country United States Country Code US
7Region Illinois Local time 24 Oct 2019 09:31 CDT
8City Chicago Postal Code 60661
9IP Address 37.60.233.207 Latitude 41.88
10===================================================================================================
11######################################################################################################################################
12> christianaction.org
13Server: 185.93.180.131
14Address: 185.93.180.131#53
15
16Non-authoritative answer:
17Name: christianaction.org
18Address: 37.60.233.207
19>
20#######################################################################################################################################
21Domain Name: CHRISTIANACTION.ORG
22Registry Domain ID: D4878049-LROR
23Registrar WHOIS Server: whois.networksolutions.com
24Registrar URL: http://www.networksolutions.com
25Updated Date: 2018-09-24T15:49:56Z
26Creation Date: 1999-04-01T05:00:00Z
27Registry Expiry Date: 2021-04-01T05:00:00Z
28Registrar Registration Expiration Date:
29Registrar: Network Solutions, LLC
30Registrar IANA ID: 2
31Registrar Abuse Contact Email: abuse@web.com
32Registrar Abuse Contact Phone: +1.8003337680
33Reseller:
34Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
35Registrant Organization: Christian Action Network
36Registrant State/Province: VA
37Registrant Country: US
38Name Server: NS7.WORLDNIC.COM
39Name Server: NS8.WORLDNIC.COM
40DNSSEC: unsigned
41######################################################################################################################################
42
43[+] Target : christianaction.org
44
45[+] IP Address : 37.60.233.207
46
47[+] Headers :
48
49[+] Server : nginx
50[+] Date : Thu, 24 Oct 2019 14:51:13 GMT
51[+] Content-Type : text/html
52[+] Content-Length : 88
53[+] Connection : keep-alive
54[+] Expires : Thu, 01 Jan 1970 00:00:01 GMT
55[+] Cache-Control : no-cache
56[+] alt-svc : quic=":443"; ma=86400; v="43,39"
57
58[+] SSL Certificate Information :
59
60[+] commonName : christianaction.org
61[+] countryName : US
62[+] organizationName : Let's Encrypt
63[+] commonName : Let's Encrypt Authority X3
64[+] Version : 3
65[+] Serial Number : 040370437AF68E4118C1EE47129E9ACE58D0
66[+] Not Before : Aug 27 08:27:46 2019 GMT
67[+] Not After : Nov 25 08:27:46 2019 GMT
68[+] OCSP : ('http://ocsp.int-x3.letsencrypt.org',)
69[+] subject Alt Name : (('DNS', 'christianaction.org'), ('DNS', 'www.christianaction.org'))
70[+] CA Issuers : ('http://cert.int-x3.letsencrypt.org/',)
71
72[+] Whois Lookup :
73
74[+] NIR : None
75[+] ASN Registry : ripencc
76[+] ASN : 32475
77[+] ASN CIDR : 37.60.233.0/24
78[+] ASN Country Code : BG
79[+] ASN Date : 2012-01-20
80[+] ASN Description : SINGLEHOP-LLC - SingleHop LLC, US
81[+] cidr : 37.60.233.0/24
82[+] name : SiteGround-13062015
83[+] handle : MDM-SG
84[+] range : 37.60.233.0 - 37.60.233.255
85[+] description : CHI-3
86[+] country : US
87[+] state : None
88[+] city : None
89[+] address : Racho Petkov Kazandjiata 8, Floor 3, SiteGround
90[+] postal_code : None
91[+] emails : None
92[+] created : 2015-08-27T12:05:53Z
93[+] updated : 2016-01-26T14:32:52Z
94
95[+] Crawling Target...
96
97[+] Looking for robots.txt........[ Found ]
98[+] Extracting robots Links.......[ 0 ]
99[+] Looking for sitemap.xml.......[ Found ]
100[+] Extracting sitemap Links......[ 0 ]
101[+] Extracting CSS Links..........[ 0 ]
102[+] Extracting Javascript Links...[ 0 ]
103[+] Extracting Internal Links.....[ 0 ]
104[+] Extracting External Links.....[ 0 ]
105[+] Extracting Images.............[ 0 ]
106
107[+] Total Links Extracted : 0
108
109[+] Completed!
110######################################################################################################################################
111[+] Starting At 2019-10-24 10:52:25.607212
112[+] Collecting Information On: https://christianaction.org/
113[#] Status: 200
114--------------------------------------------------
115[#] Web Server Detected: nginx
116[!] X-Frame-Options Headers not detect! target might be vulnerable Click Jacking
117- Server: nginx
118- Date: Thu, 24 Oct 2019 14:52:26 GMT
119- Content-Type: text/html
120- Content-Length: 88
121- Connection: keep-alive
122- Expires: Thu, 01 Jan 1970 00:00:01 GMT
123- Cache-Control: no-cache
124- alt-svc: quic=":443"; ma=86400; v="43,39"
125--------------------------------------------------
126[#] Finding Location..!
127[#] status: success
128[#] country: United States
129[#] countryCode: US
130[#] region: IL
131[#] regionName: Illinois
132[#] city: Chicago
133[#] zip: 60605
134[#] lat: 41.8695
135[#] lon: -87.6272
136[#] timezone: America/Chicago
137[#] isp: SiteGround
138[#] org:
139[#] as: AS32475 SingleHop LLC
140[#] query: 37.60.233.207
141--------------------------------------------------
142[x] Didn't Detect WAF Presence on: https://christianaction.org/
143--------------------------------------------------
144[#] Starting Reverse DNS
145[-] Failed ! Fail
146--------------------------------------------------
147[!] Scanning Open Port
148[#] 21/tcp open ftp
149[#] 53/tcp open domain
150[#] 80/tcp open http
151[#] 110/tcp open pop3
152[#] 143/tcp open imap
153[#] 443/tcp open https
154[#] 465/tcp open smtps
155[#] 587/tcp open submission
156[#] 993/tcp open imaps
157[#] 995/tcp open pop3s
158[#] 3306/tcp open mysql
159--------------------------------------------------
160[+] Collecting Information Disclosure!
161[#] Detecting sitemap.xml file
162[!] sitemap.xml File Found: https://christianaction.org//sitemap.xml
163[#] Detecting robots.txt file
164[!] robots.txt File Found: https://christianaction.org//robots.txt
165[#] Detecting GNU Mailman
166[-] GNU Mailman App Not Detected!?
167--------------------------------------------------
168[+] Crawling Url Parameter On: https://christianaction.org/
169--------------------------------------------------
170[#] Searching Html Form !
171[-] No Html Form Found!?
172--------------------------------------------------
173[-] No DOM Paramter Found!?
174--------------------------------------------------
175[-] No internal Dynamic Parameter Found!?
176--------------------------------------------------
177[-] No external Dynamic Paramter Found!?
178--------------------------------------------------
179[-] No Internal Link Found!?
180--------------------------------------------------
181[-] No External Link Found!?
182--------------------------------------------------
183[#] Mapping Subdomain..
184[!] Found 2 Subdomain
185- mail.christianaction.org
186- www.christianaction.org
187--------------------------------------------------
188[!] Done At 2019-10-24 10:52:58.330619
189#######################################################################################################################################
190[i] Scanning Site: https://christianaction.org
191
192
193
194B A S I C I N F O
195====================
196
197
198[+] Site Title:
199[+] IP address: 37.60.233.207
200[+] Web Server: nginx
201[+] CMS: Could Not Detect
202[+] Cloudflare: Not Detected
203[+] Robots File: Found
204
205-------------[ contents ]----------------
206<html><meta http-equiv="refresh" content="0;/.well-known/captcha/"></meta></head></html>
207-----------[end of contents]-------------
208
209
210
211W H O I S L O O K U P
212========================
213
214 Domain Name: CHRISTIANACTION.ORG
215Registry Domain ID: D4878049-LROR
216Registrar WHOIS Server: whois.networksolutions.com
217Registrar URL: http://www.networksolutions.com
218Updated Date: 2018-09-24T15:49:56Z
219Creation Date: 1999-04-01T05:00:00Z
220Registry Expiry Date: 2021-04-01T05:00:00Z
221Registrar Registration Expiration Date:
222Registrar: Network Solutions, LLC
223Registrar IANA ID: 2
224Registrar Abuse Contact Email: abuse@web.com
225Registrar Abuse Contact Phone: +1.8003337680
226Reseller:
227Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
228Registrant Organization: Christian Action Network
229Registrant State/Province: VA
230Registrant Country: US
231Name Server: NS7.WORLDNIC.COM
232Name Server: NS8.WORLDNIC.COM
233DNSSEC: unsigned
234URL of the ICANN Whois Inaccuracy Complaint Form https://www.icann.org/wicf/)
235>>> Last update of WHOIS database: 2019-10-24T14:50:06Z <<<
236
237For more information on Whois status codes, please visit https://icann.org/epp
238
239
240
241
242
243G E O I P L O O K U P
244=========================
245
246[i] IP Address: 37.60.233.207
247[i] Country: United States
248[i] State: Illinois
249[i] City: Chicago
250[i] Latitude: 41.8797
251[i] Longitude: -87.6435
252
253
254
255
256H T T P H E A D E R S
257=======================
258
259
260[i] HTTP/1.1 200 OK
261[i] Server: nginx
262[i] Date: Thu, 24 Oct 2019 14:51:08 GMT
263[i] Content-Type: text/html
264[i] Content-Length: 88
265[i] Connection: close
266[i] Expires: Thu, 01 Jan 1970 00:00:01 GMT
267[i] Cache-Control: no-cache
268[i] alt-svc: quic=":443"; ma=86400; v="43,39"
269
270
271
272
273D N S L O O K U P
274===================
275
276christianaction.org. 7199 IN NS ns7.worldnic.com.
277christianaction.org. 7199 IN A 37.60.233.207
278christianaction.org. 7199 IN SOA ns7.worldnic.com. namehost.worldnic.com. 119022805 10800 3600 604800 3600
279christianaction.org. 7199 IN MX 10 mail.christinaction.org.
280christianaction.org. 7199 IN NS ns8.worldnic.com.
281
282
283
284
285S U B N E T C A L C U L A T I O N
286====================================
287
288Address = 37.60.233.207
289Network = 37.60.233.207 / 32
290Netmask = 255.255.255.255
291Broadcast = not needed on Point-to-Point links
292Wildcard Mask = 0.0.0.0
293Hosts Bits = 0
294Max. Hosts = 1 (2^0 - 0)
295Host Range = { 37.60.233.207 - 37.60.233.207 }
296
297
298
299N M A P P O R T S C A N
300============================
301
302Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-24 14:51 UTC
303Nmap scan report for christianaction.org (37.60.233.207)
304Host is up (0.020s latency).
305rDNS record for 37.60.233.207: c59833.sgvps.net
306
307PORT STATE SERVICE
30821/tcp open ftp
30922/tcp filtered ssh
31023/tcp filtered telnet
31180/tcp open http
312110/tcp open pop3
313143/tcp open imap
314443/tcp open https
3153389/tcp filtered ms-wbt-server
316
317Nmap done: 1 IP address (1 host up) scanned in 1.45 seconds
318
319
320
321S U B - D O M A I N F I N D E R
322==================================
323
324
325[i] Total Subdomains Found : 1
326
327[+] Subdomain: www.christianaction.org
328[-] IP: 37.60.233.207
329######################################################################################################################################
330[*] Processing domain christianaction.org
331[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '192.168.0.1', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a']
332[+] Getting nameservers
333207.204.40.104 - ns7.worldnic.com
334207.204.21.104 - ns8.worldnic.com
335[-] Zone transfer failed
336
337[+] MX records found, added to target list
33810 mail.christinaction.org.
339
340[+] Wildcard domain found - 37.60.233.207
341[*] Scanning christianaction.org for A records
342#######################################################################################################################################
343 AVAILABLE PLUGINS
344 -----------------
345
346 OpenSslCcsInjectionPlugin
347 SessionResumptionPlugin
348 EarlyDataPlugin
349 CertificateInfoPlugin
350 SessionRenegotiationPlugin
351 HeartbleedPlugin
352 RobotPlugin
353 OpenSslCipherSuitesPlugin
354 CompressionPlugin
355 FallbackScsvPlugin
356 HttpHeadersPlugin
357
358
359
360 CHECKING HOST(S) AVAILABILITY
361 -----------------------------
362
363 37.60.233.207:443 => 37.60.233.207
364
365
366
367
368 SCAN RESULTS FOR 37.60.233.207:443 - 37.60.233.207
369 --------------------------------------------------
370
371 * Downgrade Attacks:
372 TLS_FALLBACK_SCSV: OK - Supported
373
374 * Deflate Compression:
375 OK - Compression disabled
376
377 * Session Renegotiation:
378 Client-initiated Renegotiation: OK - Rejected
379 Secure Renegotiation: OK - Supported
380
381 * OpenSSL CCS Injection:
382 OK - Not vulnerable to OpenSSL CCS injection
383
384 * TLS 1.2 Session Resumption Support:
385 With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
386 With TLS Tickets: OK - Supported
387
388 * SSLV2 Cipher Suites:
389 Server rejected all cipher suites.
390
391 * SSLV3 Cipher Suites:
392 Server rejected all cipher suites.
393
394 * TLSV1_3 Cipher Suites:
395 Forward Secrecy OK - Supported
396 RC4 OK - Not Supported
397
398 Preferred:
399 TLS_AES_256_GCM_SHA384 256 bits HTTP 200 OK
400 Accepted:
401 TLS_CHACHA20_POLY1305_SHA256 256 bits HTTP 200 OK
402 TLS_AES_256_GCM_SHA384 256 bits HTTP 200 OK
403 TLS_AES_128_GCM_SHA256 128 bits HTTP 200 OK
404
405 * OpenSSL Heartbleed:
406 OK - Not vulnerable to Heartbleed
407
408 * Certificate Information:
409 Content
410 SHA1 Fingerprint: 7af312b057acaaa2bb3fe4d2fd5fc6ad764c21ac
411 Common Name: 419fund.com
412 Issuer: Let's Encrypt Authority X3
413 Serial Number: 310971815661919402005359118405332449557264
414 Not Before: 2019-10-20 18:24:08
415 Not After: 2020-01-18 18:24:08
416 Signature Algorithm: sha256
417 Public Key Algorithm: RSA
418 Key Size: 2048
419 Exponent: 65537 (0x10001)
420 DNS Subject Alternative Names: ['419fund.com', 'www.419fund.com']
421
422 Trust
423 Hostname Validation: FAILED - Certificate does NOT match 37.60.233.207
424 Android CA Store (9.0.0_r9): OK - Certificate is trusted
425 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
426 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
427 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
428 Windows CA Store (2019-05-27): OK - Certificate is trusted
429 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
430 Received Chain: 419fund.com --> Let's Encrypt Authority X3
431 Verified Chain: 419fund.com --> Let's Encrypt Authority X3 --> DST Root CA X3
432 Received Chain Contains Anchor: OK - Anchor certificate not sent
433 Received Chain Order: OK - Order is valid
434 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
435
436 Extensions
437 OCSP Must-Staple: NOT SUPPORTED - Extension not found
438 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
439
440 OCSP Stapling
441 OCSP Response Status: successful
442 Validation w/ Mozilla Store: OK - Response is trusted
443 Responder Id: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
444 Cert Status: good
445 Cert Serial Number: 0391DD312A1488A0362614F59EFBC486FB10
446 This Update: Oct 23 19:00:00 2019 GMT
447 Next Update: Oct 30 19:00:00 2019 GMT
448
449 * TLSV1_1 Cipher Suites:
450 Forward Secrecy OK - Supported
451 RC4 OK - Not Supported
452
453 Preferred:
454 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
455 Accepted:
456 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
457 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
458 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
459 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
460 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
461 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
462 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
463 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
464 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
465 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
466
467 * TLSV1_2 Cipher Suites:
468 Forward Secrecy OK - Supported
469 RC4 OK - Not Supported
470
471 Preferred:
472 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
473 Accepted:
474 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 256 bits HTTP 200 OK
475 TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
476 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 128 bits HTTP 200 OK
477 TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
478 TLS_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
479 TLS_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
480 TLS_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
481 TLS_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
482 TLS_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
483 TLS_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
484 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 bits HTTP 200 OK
485 TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 256 bits HTTP 200 OK
486 TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 128 bits HTTP 200 OK
487 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
488 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 bits HTTP 200 OK
489 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
490 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
491 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
492 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
493 TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 bits HTTP 200 OK
494 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 256 bits HTTP 200 OK
495 TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 256 bits HTTP 200 OK
496 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 128 bits HTTP 200 OK
497 TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 128 bits HTTP 200 OK
498 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
499 TLS_DHE_RSA_WITH_AES_256_CCM 256 bits HTTP 200 OK
500 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 bits HTTP 200 OK
501 TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 bits HTTP 200 OK
502 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
503 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 bits HTTP 200 OK
504 TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
505 RSA_WITH_AES_256_CCM_8 256 bits HTTP 200 OK
506 RSA_WITH_AES_256_CCM 256 bits HTTP 200 OK
507 RSA_WITH_AES_128_CCM_8 128 bits HTTP 200 OK
508 RSA_WITH_AES_128_CCM 128 bits HTTP 200 OK
509 ECDHE-ARIA256-GCM-SHA384 256 bits HTTP 200 OK
510 ECDHE-ARIA128-GCM-SHA256 128 bits HTTP 200 OK
511 DHE_RSA_WITH_AES_256_CCM_8 256 bits HTTP 200 OK
512 DHE_RSA_WITH_AES_128_CCM_8 128 bits HTTP 200 OK
513 DHE_RSA_WITH_AES_128_CCM 128 bits HTTP 200 OK
514 DHE-RSA-ARIA256-GCM-SHA384 256 bits HTTP 200 OK
515 DHE-RSA-ARIA128-GCM-SHA256 128 bits HTTP 200 OK
516 ARIA256-GCM-SHA384 256 bits HTTP 200 OK
517 ARIA128-GCM-SHA256 128 bits HTTP 200 OK
518
519 * TLSV1 Cipher Suites:
520 Server rejected all cipher suites.
521
522 * ROBOT Attack:
523 OK - Not vulnerable
524
525
526 SCAN COMPLETED IN 25.84 S
527 -------------------------
528#######################################################################################################################################
529Domains still to check: 1
530 Checking if the hostname christianaction.org. given is in fact a domain...
531
532Analyzing domain: christianaction.org.
533 Checking NameServers using system default resolver...
534 IP: 207.204.40.104 (United States)
535 HostName: ns7.worldnic.com Type: NS
536 IP: 207.204.21.104 (United States)
537 HostName: ns8.worldnic.com Type: NS
538
539 Checking MailServers using system default resolver...
540 IP: 173.199.142.166 (United States)
541 HostName: mail.christinaction.org Type: MX
542 HostName: host.ywphost1.com Type: PTR
543 WARNING!! This domain has wildcards activated for hostnames resolution. We are checking "www" anyway, but perhaps it doesn't exists!
544
545 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
546 No zone transfer found on nameserver 207.204.40.104
547 No zone transfer found on nameserver 207.204.21.104
548
549 Checking SPF record...
550 No SPF record
551
552 Checking 1 most common hostnames using system default resolver...
553 IP: 37.60.233.207 (United States)
554 HostName: www.christianaction.org. Type: A
555
556 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
557 Checking netblock 207.204.40.0
558 Checking netblock 37.60.233.0
559 Checking netblock 207.204.21.0
560 Checking netblock 173.199.142.0
561
562 Searching for christianaction.org. emails in Google
563 markhayes@christianaction.org.
564 info@christianaction.org.
565
566 Checking 4 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
567 Host 207.204.40.104 is up (reset ttl 64)
568 Host 37.60.233.207 is up (reset ttl 64)
569 Host 207.204.21.104 is up (reset ttl 64)
570 Host 173.199.142.166 is up (reset ttl 64)
571
572 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
573 Scanning ip 207.204.40.104 (ns7.worldnic.com):
574 53/tcp open domain? syn-ack ttl 121
575 | fingerprint-strings:
576 | DNSVersionBindReqTCP:
577 | version
578 |_ bind
579 Scanning ip 37.60.233.207 (www.christianaction.org.):
580 21/tcp open ftp? syn-ack ttl 57
581 | fingerprint-strings:
582 | GetRequest:
583 | 220-#########################################################
584 | 220-Please upload your web files to the public_html directory.
585 | 220-Note that letters are case sensitive.
586 | 220-#########################################################
587 | This is a private system - No anonymous login
588 | HTTP command: [get]
589 | Kerberos, RPCCheck, giop:
590 | 220-#########################################################
591 | 220-Please upload your web files to the public_html directory.
592 | 220-Note that letters are case sensitive.
593 | 220-#########################################################
594 | This is a private system - No anonymous login
595 | NULL, SMBProgNeg, SSLSessionReq, TerminalServerCookie:
596 |_ 421 Too many connections (8) from this IP
597 53/tcp open domain syn-ack ttl 57 ISC BIND 9.10.6
598 | dns-nsid:
599 |_ bind.version: 9.10.6
600 80/tcp open http syn-ack ttl 57 nginx
601 110/tcp open pop3 syn-ack ttl 57 Dovecot pop3d
602 |_pop3-capabilities: STLS RESP-CODES SASL(PLAIN LOGIN) USER TOP CAPA PIPELINING AUTH-RESP-CODE UIDL
603 |_ssl-date: 2019-10-24T15:01:01+00:00; 0s from scanner time.
604 143/tcp open imap syn-ack ttl 57 Dovecot imapd
605 |_imap-capabilities: capabilities Pre-login SASL-IR listed LOGIN-REFERRALS ENABLE IDLE AUTH=LOGINA0001 have more STARTTLS OK post-login LITERAL+ NAMESPACE IMAP4rev1 ID AUTH=PLAIN
606 |_ssl-date: 2019-10-24T15:00:59+00:00; 0s from scanner time.
607 443/tcp open ssl/http syn-ack ttl 57 nginx
608 |_http-title: 400 The plain HTTP request was sent to HTTPS port
609 | ssl-cert: Subject: commonName=419fund.com
610 | Subject Alternative Name: DNS:419fund.com, DNS:www.419fund.com
611 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
612 | Public Key type: rsa
613 | Public Key bits: 2048
614 | Signature Algorithm: sha256WithRSAEncryption
615 | Not valid before: 2019-10-20T18:24:08
616 | Not valid after: 2020-01-18T18:24:08
617 | MD5: 5005 62a7 3b72 81c2 76c5 407f 8d3d 06fb
618 |_SHA-1: 7af3 12b0 57ac aaa2 bb3f e4d2 fd5f c6ad 764c 21ac
619 |_ssl-date: TLS randomness does not represent time
620 | tls-alpn:
621 | h2
622 |_ http/1.1
623 | tls-nextprotoneg:
624 | h2
625 |_ http/1.1
626 465/tcp open ssl/smtp syn-ack ttl 57 Exim smtpd 4.90devstart-1178-b07e68e5-XX
627 |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
628 | ssl-cert: Subject: commonName=*.sgvps.net
629 | Subject Alternative Name: DNS:*.sgvps.net, DNS:sgvps.net
630 | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
631 | Public Key type: rsa
632 | Public Key bits: 2048
633 | Signature Algorithm: sha256WithRSAEncryption
634 | Not valid before: 2018-10-23T09:52:14
635 | Not valid after: 2019-12-22T11:21:46
636 | MD5: 6bc6 e08d d783 e619 5b1b b0c8 60c4 b515
637 |_SHA-1: c1d6 eb78 55e6 ba8d f25b a346 ba29 7356 7052 7490
638 |_ssl-date: 2019-10-24T15:00:58+00:00; -1s from scanner time.
639 587/tcp open smtp syn-ack ttl 57 Exim smtpd 4.90devstart-1178-b07e68e5-XX
640 | smtp-commands: c59833.sgvps.net Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, DSN, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
641 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
642 | ssl-cert: Subject: commonName=*.sgvps.net
643 | Subject Alternative Name: DNS:*.sgvps.net, DNS:sgvps.net
644 | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
645 | Public Key type: rsa
646 | Public Key bits: 2048
647 | Signature Algorithm: sha256WithRSAEncryption
648 | Not valid before: 2018-10-23T09:52:14
649 | Not valid after: 2019-12-22T11:21:46
650 | MD5: 6bc6 e08d d783 e619 5b1b b0c8 60c4 b515
651 |_SHA-1: c1d6 eb78 55e6 ba8d f25b a346 ba29 7356 7052 7490
652 |_ssl-date: 2019-10-24T15:01:01+00:00; 0s from scanner time.
653 993/tcp open ssl/imaps? syn-ack ttl 57
654 |_ssl-date: 2019-10-24T15:00:58+00:00; -1s from scanner time.
655 995/tcp open ssl/pop3s? syn-ack ttl 57
656 |_ssl-date: 2019-10-24T15:00:58+00:00; -1s from scanner time.
657 3306/tcp open mysql syn-ack ttl 57 MySQL (unauthorized)
658 OS Info: Service Info: Host: c59833.sgvps.net
659 Scanning ip 207.204.21.104 (ns8.worldnic.com):
660 53/tcp open domain? syn-ack ttl 56
661 | fingerprint-strings:
662 | DNSVersionBindReqTCP:
663 | version
664 |_ bind
665 Scanning ip 173.199.142.166 (host.ywphost1.com (PTR)):
666 21/tcp open ftp syn-ack ttl 55 Pure-FTPd
667 | ssl-cert: Subject: commonName=host.ywphost1.com
668 | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
669 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
670 | Public Key type: rsa
671 | Public Key bits: 2048
672 | Signature Algorithm: sha256WithRSAEncryption
673 | Not valid before: 2019-02-26T00:00:00
674 | Not valid after: 2020-02-26T23:59:59
675 | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
676 |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
677 |_ssl-date: TLS randomness does not represent time
678 22/tcp open ssh syn-ack ttl 56 OpenSSH 7.4 (protocol 2.0)
679 | ssh-hostkey:
680 | 2048 fa:8c:ec:fe:22:b3:0f:a7:14:98:3c:a9:a1:16:cb:8e (RSA)
681 | 256 0e:c5:a7:18:ee:c9:d1:dd:bc:1a:81:ac:4b:53:16:57 (ECDSA)
682 |_ 256 cf:e3:bc:33:f5:86:a6:9e:e9:54:7f:70:b5:7c:33:b0 (ED25519)
683 26/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
684 | smtp-commands: host.ywphost1.com Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
685 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
686 | ssl-cert: Subject: commonName=host.ywphost1.com
687 | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
688 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
689 | Public Key type: rsa
690 | Public Key bits: 2048
691 | Signature Algorithm: sha256WithRSAEncryption
692 | Not valid before: 2019-02-26T00:00:00
693 | Not valid after: 2020-02-26T23:59:59
694 | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
695 |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
696 |_ssl-date: TLS randomness does not represent time
697 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
698 | dns-nsid:
699 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
700 80/tcp open http syn-ack ttl 55 Apache httpd
701 | http-methods:
702 |_ Supported Methods: OPTIONS HEAD GET POST
703 |_http-server-header: Apache
704 |_http-title: Site doesn't have a title (text/html).
705 110/tcp open pop3 syn-ack ttl 55 Dovecot pop3d
706 |_pop3-capabilities: UIDL USER PIPELINING CAPA AUTH-RESP-CODE STLS SASL(PLAIN LOGIN) TOP RESP-CODES
707 |_ssl-date: TLS randomness does not represent time
708 143/tcp open imap syn-ack ttl 56 Dovecot imapd
709 |_imap-capabilities: AUTH=PLAIN OK Pre-login ID LOGIN-REFERRALS STARTTLS NAMESPACE LITERAL+ capabilities listed ENABLE AUTH=LOGINA0001 more have post-login IDLE IMAP4rev1 SASL-IR
710 |_ssl-date: TLS randomness does not represent time
711 443/tcp open ssl/http syn-ack ttl 55 Apache httpd (PHP 7.0.33)
712 |_hnap-info: ERROR: Script execution failed (use -d to debug)
713 |_http-cookie-flags: ERROR: Script execution failed (use -d to debug)
714 |_http-favicon: ERROR: Script execution failed (use -d to debug)
715 |_http-generator: ERROR: Script execution failed (use -d to debug)
716 |_http-git: ERROR: Script execution failed (use -d to debug)
717 |_http-ls: ERROR: Script execution failed (use -d to debug)
718 | http-methods:
719 |_ Supported Methods: GET HEAD POST OPTIONS
720 |_http-ntlm-info: ERROR: Script execution failed (use -d to debug)
721 | http-robots.txt: 1 disallowed entry
722 |_/wp-admin/
723 |_http-server-header: Apache
724 |_http-trane-info: ERROR: Script execution failed (use -d to debug)
725 | ssl-cert: Subject: commonName=affordablemovingonline.com
726 | Subject Alternative Name: DNS:affordablemovingonline.com, DNS:affordablemovingonline.net, DNS:autodiscover.affordablemovingonline.com, DNS:cpanel.affordablemovingonline.com, DNS:mail.affordablemovingonline.com, DNS:mail.affordablemovingonline.net, DNS:webdisk.affordablemovingonline.com, DNS:webmail.affordablemovingonline.com, DNS:www.affordablemovingonline.com, DNS:www.affordablemovingonline.net
727 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
728 | Public Key type: rsa
729 | Public Key bits: 2048
730 | Signature Algorithm: sha256WithRSAEncryption
731 | Not valid before: 2019-09-29T00:00:00
732 | Not valid after: 2019-12-28T23:59:59
733 | MD5: a7c6 3ba8 3796 7f02 d2c4 29ec f6f6 8c05
734 |_SHA-1: ed3c 7933 abbe 9add 6aac 9124 b6ee 50f1 fdd5 5e2c
735 |_ssl-date: TLS randomness does not represent time
736 | tls-alpn:
737 | h2
738 |_ http/1.1
739 465/tcp open ssl/smtp syn-ack ttl 55 Exim smtpd 4.92
740 | smtp-commands: host.ywphost1.com Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
741 |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
742 | ssl-cert: Subject: commonName=host.ywphost1.com
743 | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
744 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
745 | Public Key type: rsa
746 | Public Key bits: 2048
747 | Signature Algorithm: sha256WithRSAEncryption
748 | Not valid before: 2019-02-26T00:00:00
749 | Not valid after: 2020-02-26T23:59:59
750 | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
751 |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
752 |_ssl-date: TLS randomness does not represent time
753 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
754 | smtp-commands: host.ywphost1.com Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
755 |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
756 | ssl-cert: Subject: commonName=host.ywphost1.com
757 | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
758 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
759 | Public Key type: rsa
760 | Public Key bits: 2048
761 | Signature Algorithm: sha256WithRSAEncryption
762 | Not valid before: 2019-02-26T00:00:00
763 | Not valid after: 2020-02-26T23:59:59
764 | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
765 |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
766 |_ssl-date: TLS randomness does not represent time
767 993/tcp open ssl/imaps? syn-ack ttl 55
768 |_ssl-date: TLS randomness does not represent time
769 995/tcp open ssl/pop3s? syn-ack ttl 56
770 |_ssl-date: TLS randomness does not represent time
771 Device type: general purpose|WAP|broadband router
772 Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (92%), FreeBSD 6.X (86%), Asus embedded (85%)
773 OS Info: Service Info: Host: host.ywphost1.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
774 WebCrawling domain's web servers... up to 50 max links.
775
776 + URL to crawl: http://www.christianaction.org.
777 + Date: 2019-10-24
778
779 + Crawling URL: http://www.christianaction.org.:
780 + Links:
781 + Crawling http://www.christianaction.org.
782 + Searching for directories...
783 + Searching open folders...
784
785
786 + URL to crawl: https://www.christianaction.org.
787 + Date: 2019-10-24
788
789 + Crawling URL: https://www.christianaction.org.:
790 + Links:
791 + Crawling https://www.christianaction.org.
792 + Searching for directories...
793 + Searching open folders...
794
795
796 + URL to crawl: http://mail.christinaction.org
797 + Date: 2019-10-24
798
799 + Crawling URL: http://mail.christinaction.org:
800 + Links:
801 + Crawling http://mail.christinaction.org
802 + Crawling http://mail.christinaction.org/fonts.googleapis.com (404 Not Found)
803 + Crawling http://mail.christinaction.org/s.w.org (404 Not Found)
804 + Searching for directories...
805 + Searching open folders...
806 + Crawl finished successfully.
807----------------------------------------------------------------------
808Summary of http://http://mail.christinaction.org
809----------------------------------------------------------------------
810+ Links crawled:
811 - http://mail.christinaction.org
812 - http://mail.christinaction.org/fonts.googleapis.com (404 Not Found)
813 - http://mail.christinaction.org/s.w.org (404 Not Found)
814 Total links crawled: 3
815
816+ Links to files found:
817 Total links to files: 0
818
819+ Externals links found:
820 - http://806-765-8831
821 - http://christinaction.org
822 - http://christinaction.org/
823 - http://christinaction.org/comments/feed/
824 - http://christinaction.org/connect/
825 - http://christinaction.org/feed/
826 - http://christinaction.org/gatherings/
827 - http://christinaction.org/giving/
828 - http://christinaction.org/international/
829 - http://christinaction.org/lubbock-international-college-students/
830 - http://christinaction.org/pray/
831 - http://christinaction.org/who-we-are-lubbock-college-student-ministry/
832 - http://christinaction.org/who-we-are/
833 - http://christinaction.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
834 - http://christinaction.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
835 - http://christinaction.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.9.0
836 - http://christinaction.org/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=5.7
837 - http://christinaction.org/wp-content/plugins/js_composer_salient/assets/css/vc_lte_ie9.min.css
838 - http://christinaction.org/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=5.7
839 - http://christinaction.org/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=5.7
840 - http://christinaction.org/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
841 - http://christinaction.org/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
842 - http://christinaction.org/wp-content/plugins/salient-social/css/style.css?ver=1.0
843 - http://christinaction.org/wp-content/plugins/salient-social/js/salient-social.js?ver=1.0
844 - http://christinaction.org/wp-content/themes/salient/css/elements/element-testimonial.css?ver=10.5.3
845 - http://christinaction.org/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
846 - http://christinaction.org/wp-content/themes/salient/css/fonts/svg/font/arrows_styles.css?ver=5.2.4
847 - http://christinaction.org/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
848 - http://christinaction.org/wp-content/themes/salient/css/responsive.css?ver=10.5.3
849 - http://christinaction.org/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=33281
850 - http://christinaction.org/wp-content/themes/salient/css/skin-material.css?ver=10.5.3
851 - http://christinaction.org/wp-content/themes/salient/css/style.css?ver=10.5.3
852 - http://christinaction.org/wp-content/themes/salient/js/elements/nectar-testimonial-slider.js?ver=10.5.3
853 - http://christinaction.org/wp-content/themes/salient/js/init.js?ver=10.5.3
854 - http://christinaction.org/wp-content/themes/salient/js/priority.js?ver=10.5.3
855 - http://christinaction.org/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
856 - http://christinaction.org/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
857 - http://christinaction.org/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
858 - http://christinaction.org/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
859 - http://christinaction.org/wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2
860 - http://christinaction.org/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
861 - http://christinaction.org/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
862 - http://christinaction.org/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
863 - http://christinaction.org/wp-content/uploads/2019/07/CA-Logo-Full_1@3x.png
864 - http://christinaction.org/wp-content/uploads/2019/07/CA-White@3x.png
865 - http://christinaction.org/wp-content/uploads/2019/08/small.png
866 - http://christinaction.org/wp-content/uploads/2019/09/HomeHeader41m.mp4
867 - http://christinaction.org/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
868 - http://christinaction.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
869 - http://christinaction.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
870 - http://christinaction.org/wp-includes/js/wp-embed.min.js?ver=5.2.4
871 - http://christinaction.org/wp-includes/wlwmanifest.xml
872 - http://christinaction.org/wp-json/
873 - http://christinaction.org/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fchristinaction.org%2F
874 - http://christinaction.org/wp-json/oembed/1.0/embed?url=http%3A%2F%2Fchristinaction.org%2F&
875 - http://christinaction.org/xmlrpc.php?rsd
876 - http://fonts.googleapis.com/css?family=Poppins%3A700%2C500%7CLora%3A400%2C700&
877 - https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&
878 - https://www.facebook.com/CAStudentminis3/?epa=SEARCH_BOX
879 - https://www.google.com/search?q=christ+in+action+lubbck+adress&oq=christ+in+action+lubbck+adress&aqs=chrome..69i57j33.4686j0j7&sourceid=chrome&ie=UTF-8
880 Total external links: 60
881
882+ Email addresses found:
883 Total email address found: 0
884
885+ Directories found:
886 Total directories: 0
887
888+ Directory indexing found:
889 Total directories with indexing: 0
890
891----------------------------------------------------------------------
892
893
894 + URL to crawl: https://mail.christinaction.org
895 + Date: 2019-10-24
896
897 + Crawling URL: https://mail.christinaction.org:
898 + Links:
899 + Crawling https://mail.christinaction.org
900 + Crawling https://mail.christinaction.org/fonts.googleapis.com (404 Not Found)
901 + Crawling https://mail.christinaction.org/s.w.org (404 Not Found)
902 + Searching for directories...
903 + Searching open folders...
904 + Crawl finished successfully.
905----------------------------------------------------------------------
906Summary of https://https://mail.christinaction.org
907----------------------------------------------------------------------
908+ Links crawled:
909 - https://mail.christinaction.org
910 - https://mail.christinaction.org/fonts.googleapis.com (404 Not Found)
911 - https://mail.christinaction.org/s.w.org (404 Not Found)
912 Total links crawled: 3
913
914+ Links to files found:
915 Total links to files: 0
916
917+ Externals links found:
918 - http://806-765-8831
919 - http://christinaction.org/connect/
920 - http://christinaction.org/gatherings/
921 - http://christinaction.org/giving/
922 - http://christinaction.org/international/
923 - http://christinaction.org/pray/
924 - http://christinaction.org/who-we-are/
925 - http://christinaction.org/wp-content/uploads/2019/08/small.png
926 - http://christinaction.org/wp-content/uploads/2019/09/HomeHeader41m.mp4
927 - https://christinaction.org
928 - https://christinaction.org/
929 - https://christinaction.org/comments/feed/
930 - https://christinaction.org/connect/
931 - https://christinaction.org/feed/
932 - https://christinaction.org/gatherings/
933 - https://christinaction.org/giving/
934 - https://christinaction.org/lubbock-international-college-students/
935 - https://christinaction.org/pray/
936 - https://christinaction.org/who-we-are-lubbock-college-student-ministry/
937 - https://christinaction.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
938 - https://christinaction.org/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
939 - https://christinaction.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.9.0
940 - https://christinaction.org/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=5.7
941 - https://christinaction.org/wp-content/plugins/js_composer_salient/assets/css/vc_lte_ie9.min.css
942 - https://christinaction.org/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=5.7
943 - https://christinaction.org/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=5.7
944 - https://christinaction.org/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
945 - https://christinaction.org/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
946 - https://christinaction.org/wp-content/plugins/salient-social/css/style.css?ver=1.0
947 - https://christinaction.org/wp-content/plugins/salient-social/js/salient-social.js?ver=1.0
948 - https://christinaction.org/wp-content/themes/salient/css/elements/element-testimonial.css?ver=10.5.3
949 - https://christinaction.org/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
950 - https://christinaction.org/wp-content/themes/salient/css/fonts/svg/font/arrows_styles.css?ver=5.2.4
951 - https://christinaction.org/wp-content/themes/salient/css/plugins/jquery.fancybox.css?ver=3.3.1
952 - https://christinaction.org/wp-content/themes/salient/css/responsive.css?ver=10.5.3
953 - https://christinaction.org/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=33281
954 - https://christinaction.org/wp-content/themes/salient/css/skin-material.css?ver=10.5.3
955 - https://christinaction.org/wp-content/themes/salient/css/style.css?ver=10.5.3
956 - https://christinaction.org/wp-content/themes/salient/js/elements/nectar-testimonial-slider.js?ver=10.5.3
957 - https://christinaction.org/wp-content/themes/salient/js/init.js?ver=10.5.3
958 - https://christinaction.org/wp-content/themes/salient/js/priority.js?ver=10.5.3
959 - https://christinaction.org/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
960 - https://christinaction.org/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
961 - https://christinaction.org/wp-content/themes/salient/js/third-party/jquery.fancybox.min.js?ver=3.3.1
962 - https://christinaction.org/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
963 - https://christinaction.org/wp-content/themes/salient/js/third-party/modernizr.js?ver=2.6.2
964 - https://christinaction.org/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
965 - https://christinaction.org/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
966 - https://christinaction.org/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
967 - https://christinaction.org/wp-content/uploads/2019/07/CA-Logo-Full_1@3x.png
968 - https://christinaction.org/wp-content/uploads/2019/07/CA-White@3x.png
969 - https://christinaction.org/wp-includes/css/dist/block-library/style.min.css?ver=5.2.4
970 - https://christinaction.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
971 - https://christinaction.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
972 - https://christinaction.org/wp-includes/js/wp-embed.min.js?ver=5.2.4
973 - https://christinaction.org/wp-includes/wlwmanifest.xml
974 - https://christinaction.org/wp-json/
975 - https://christinaction.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fchristinaction.org%2F
976 - https://christinaction.org/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fchristinaction.org%2F&
977 - https://christinaction.org/xmlrpc.php?rsd
978 - https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&
979 - https://fonts.googleapis.com/css?family=Poppins%3A700%2C500%7CLora%3A400%2C700&
980 - https://www.facebook.com/CAStudentminis3/?epa=SEARCH_BOX
981 - https://www.google.com/search?q=christ+in+action+lubbck+adress&oq=christ+in+action+lubbck+adress&aqs=chrome..69i57j33.4686j0j7&sourceid=chrome&ie=UTF-8
982 Total external links: 64
983
984+ Email addresses found:
985 Total email address found: 0
986
987+ Directories found:
988 Total directories: 0
989
990+ Directory indexing found:
991 Total directories with indexing: 0
992
993----------------------------------------------------------------------
994
995--Finished--
996Summary information for domain christianaction.org.
997-----------------------------------------
998 Domain Specific Information:
999 Email: markhayes@christianaction.org.
1000 Email: info@christianaction.org.
1001
1002 Domain Ips Information:
1003 IP: 207.204.40.104
1004 HostName: ns7.worldnic.com Type: NS
1005 Country: United States
1006 Is Active: True (reset ttl 64)
1007 Port: 53/tcp open domain? syn-ack ttl 121
1008 Script Info: | fingerprint-strings:
1009 Script Info: | DNSVersionBindReqTCP:
1010 Script Info: | version
1011 Script Info: |_ bind
1012 IP: 37.60.233.207
1013 HostName: www.christianaction.org. Type: A
1014 Country: United States
1015 Is Active: True (reset ttl 64)
1016 Port: 21/tcp open ftp? syn-ack ttl 57
1017 Script Info: | fingerprint-strings:
1018 Script Info: | GetRequest:
1019 Script Info: | 220-#########################################################
1020 Script Info: | 220-Please upload your web files to the public_html directory.
1021 Script Info: | 220-Note that letters are case sensitive.
1022 Script Info: | 220-#########################################################
1023 Script Info: | This is a private system - No anonymous login
1024 Script Info: | HTTP command: [get]
1025 Script Info: | Kerberos, RPCCheck, giop:
1026 Script Info: | 220-#########################################################
1027 Script Info: | 220-Please upload your web files to the public_html directory.
1028 Script Info: | 220-Note that letters are case sensitive.
1029 Script Info: | 220-#########################################################
1030 Script Info: | This is a private system - No anonymous login
1031 Script Info: | NULL, SMBProgNeg, SSLSessionReq, TerminalServerCookie:
1032 Script Info: |_ 421 Too many connections (8) from this IP
1033 Port: 53/tcp open domain syn-ack ttl 57 ISC BIND 9.10.6
1034 Script Info: | dns-nsid:
1035 Script Info: |_ bind.version: 9.10.6
1036 Port: 80/tcp open http syn-ack ttl 57 nginx
1037 Port: 110/tcp open pop3 syn-ack ttl 57 Dovecot pop3d
1038 Script Info: |_pop3-capabilities: STLS RESP-CODES SASL(PLAIN LOGIN) USER TOP CAPA PIPELINING AUTH-RESP-CODE UIDL
1039 Script Info: |_ssl-date: 2019-10-24T15:01:01+00:00; 0s from scanner time.
1040 Port: 143/tcp open imap syn-ack ttl 57 Dovecot imapd
1041 Script Info: |_imap-capabilities: capabilities Pre-login SASL-IR listed LOGIN-REFERRALS ENABLE IDLE AUTH=LOGINA0001 have more STARTTLS OK post-login LITERAL+ NAMESPACE IMAP4rev1 ID AUTH=PLAIN
1042 Script Info: |_ssl-date: 2019-10-24T15:00:59+00:00; 0s from scanner time.
1043 Port: 443/tcp open ssl/http syn-ack ttl 57 nginx
1044 Script Info: |_http-title: 400 The plain HTTP request was sent to HTTPS port
1045 Script Info: | ssl-cert: Subject: commonName=419fund.com
1046 Script Info: | Subject Alternative Name: DNS:419fund.com, DNS:www.419fund.com
1047 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
1048 Script Info: | Public Key type: rsa
1049 Script Info: | Public Key bits: 2048
1050 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1051 Script Info: | Not valid before: 2019-10-20T18:24:08
1052 Script Info: | Not valid after: 2020-01-18T18:24:08
1053 Script Info: | MD5: 5005 62a7 3b72 81c2 76c5 407f 8d3d 06fb
1054 Script Info: |_SHA-1: 7af3 12b0 57ac aaa2 bb3f e4d2 fd5f c6ad 764c 21ac
1055 Script Info: |_ssl-date: TLS randomness does not represent time
1056 Script Info: | tls-alpn:
1057 Script Info: | h2
1058 Script Info: |_ http/1.1
1059 Script Info: | tls-nextprotoneg:
1060 Script Info: | h2
1061 Script Info: |_ http/1.1
1062 Port: 465/tcp open ssl/smtp syn-ack ttl 57 Exim smtpd 4.90devstart-1178-b07e68e5-XX
1063 Script Info: |_smtp-commands: SMTP EHLO nmap.scanme.org: failed to receive data: failed to receive data
1064 Script Info: | ssl-cert: Subject: commonName=*.sgvps.net
1065 Script Info: | Subject Alternative Name: DNS:*.sgvps.net, DNS:sgvps.net
1066 Script Info: | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1067 Script Info: | Public Key type: rsa
1068 Script Info: | Public Key bits: 2048
1069 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1070 Script Info: | Not valid before: 2018-10-23T09:52:14
1071 Script Info: | Not valid after: 2019-12-22T11:21:46
1072 Script Info: | MD5: 6bc6 e08d d783 e619 5b1b b0c8 60c4 b515
1073 Script Info: |_SHA-1: c1d6 eb78 55e6 ba8d f25b a346 ba29 7356 7052 7490
1074 Script Info: |_ssl-date: 2019-10-24T15:00:58+00:00; -1s from scanner time.
1075 Port: 587/tcp open smtp syn-ack ttl 57 Exim smtpd 4.90devstart-1178-b07e68e5-XX
1076 Script Info: | smtp-commands: c59833.sgvps.net Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, DSN, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1077 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1078 Script Info: | ssl-cert: Subject: commonName=*.sgvps.net
1079 Script Info: | Subject Alternative Name: DNS:*.sgvps.net, DNS:sgvps.net
1080 Script Info: | Issuer: commonName=AlphaSSL CA - SHA256 - G2/organizationName=GlobalSign nv-sa/countryName=BE
1081 Script Info: | Public Key type: rsa
1082 Script Info: | Public Key bits: 2048
1083 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1084 Script Info: | Not valid before: 2018-10-23T09:52:14
1085 Script Info: | Not valid after: 2019-12-22T11:21:46
1086 Script Info: | MD5: 6bc6 e08d d783 e619 5b1b b0c8 60c4 b515
1087 Script Info: |_SHA-1: c1d6 eb78 55e6 ba8d f25b a346 ba29 7356 7052 7490
1088 Script Info: |_ssl-date: 2019-10-24T15:01:01+00:00; 0s from scanner time.
1089 Port: 993/tcp open ssl/imaps? syn-ack ttl 57
1090 Script Info: |_ssl-date: 2019-10-24T15:00:58+00:00; -1s from scanner time.
1091 Port: 995/tcp open ssl/pop3s? syn-ack ttl 57
1092 Script Info: |_ssl-date: 2019-10-24T15:00:58+00:00; -1s from scanner time.
1093 Port: 3306/tcp open mysql syn-ack ttl 57 MySQL (unauthorized)
1094 Os Info: Host: c59833.sgvps.net
1095 IP: 207.204.21.104
1096 HostName: ns8.worldnic.com Type: NS
1097 Country: United States
1098 Is Active: True (reset ttl 64)
1099 Port: 53/tcp open domain? syn-ack ttl 56
1100 Script Info: | fingerprint-strings:
1101 Script Info: | DNSVersionBindReqTCP:
1102 Script Info: | version
1103 Script Info: |_ bind
1104 IP: 173.199.142.166
1105 HostName: mail.christinaction.org Type: MX
1106 HostName: host.ywphost1.com Type: PTR
1107 Country: United States
1108 Is Active: True (reset ttl 64)
1109 Port: 21/tcp open ftp syn-ack ttl 55 Pure-FTPd
1110 Script Info: | ssl-cert: Subject: commonName=host.ywphost1.com
1111 Script Info: | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
1112 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1113 Script Info: | Public Key type: rsa
1114 Script Info: | Public Key bits: 2048
1115 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1116 Script Info: | Not valid before: 2019-02-26T00:00:00
1117 Script Info: | Not valid after: 2020-02-26T23:59:59
1118 Script Info: | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
1119 Script Info: |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
1120 Script Info: |_ssl-date: TLS randomness does not represent time
1121 Port: 22/tcp open ssh syn-ack ttl 56 OpenSSH 7.4 (protocol 2.0)
1122 Script Info: | ssh-hostkey:
1123 Script Info: | 2048 fa:8c:ec:fe:22:b3:0f:a7:14:98:3c:a9:a1:16:cb:8e (RSA)
1124 Script Info: | 256 0e:c5:a7:18:ee:c9:d1:dd:bc:1a:81:ac:4b:53:16:57 (ECDSA)
1125 Script Info: |_ 256 cf:e3:bc:33:f5:86:a6:9e:e9:54:7f:70:b5:7c:33:b0 (ED25519)
1126 Port: 26/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
1127 Script Info: | smtp-commands: host.ywphost1.com Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1128 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1129 Script Info: | ssl-cert: Subject: commonName=host.ywphost1.com
1130 Script Info: | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
1131 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1132 Script Info: | Public Key type: rsa
1133 Script Info: | Public Key bits: 2048
1134 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1135 Script Info: | Not valid before: 2019-02-26T00:00:00
1136 Script Info: | Not valid after: 2020-02-26T23:59:59
1137 Script Info: | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
1138 Script Info: |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
1139 Script Info: |_ssl-date: TLS randomness does not represent time
1140 Port: 53/tcp open domain syn-ack ttl 56 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1141 Script Info: | dns-nsid:
1142 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1143 Port: 80/tcp open http syn-ack ttl 55 Apache httpd
1144 Script Info: | http-methods:
1145 Script Info: |_ Supported Methods: OPTIONS HEAD GET POST
1146 Script Info: |_http-server-header: Apache
1147 Script Info: |_http-title: Site doesn't have a title (text/html).
1148 Port: 110/tcp open pop3 syn-ack ttl 55 Dovecot pop3d
1149 Script Info: |_pop3-capabilities: UIDL USER PIPELINING CAPA AUTH-RESP-CODE STLS SASL(PLAIN LOGIN) TOP RESP-CODES
1150 Script Info: |_ssl-date: TLS randomness does not represent time
1151 Port: 143/tcp open imap syn-ack ttl 56 Dovecot imapd
1152 Script Info: |_imap-capabilities: AUTH=PLAIN OK Pre-login ID LOGIN-REFERRALS STARTTLS NAMESPACE LITERAL+ capabilities listed ENABLE AUTH=LOGINA0001 more have post-login IDLE IMAP4rev1 SASL-IR
1153 Script Info: |_ssl-date: TLS randomness does not represent time
1154 Port: 443/tcp open ssl/http syn-ack ttl 55 Apache httpd (PHP 7.0.33)
1155 Script Info: |_hnap-info: ERROR: Script execution failed (use -d to debug)
1156 Script Info: |_http-cookie-flags: ERROR: Script execution failed (use -d to debug)
1157 Script Info: |_http-favicon: ERROR: Script execution failed (use -d to debug)
1158 Script Info: |_http-generator: ERROR: Script execution failed (use -d to debug)
1159 Script Info: |_http-git: ERROR: Script execution failed (use -d to debug)
1160 Script Info: |_http-ls: ERROR: Script execution failed (use -d to debug)
1161 Script Info: | http-methods:
1162 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
1163 Script Info: |_http-ntlm-info: ERROR: Script execution failed (use -d to debug)
1164 Script Info: | http-robots.txt: 1 disallowed entry
1165 Script Info: |_/wp-admin/
1166 Script Info: |_http-server-header: Apache
1167 Script Info: |_http-trane-info: ERROR: Script execution failed (use -d to debug)
1168 Script Info: | ssl-cert: Subject: commonName=affordablemovingonline.com
1169 Script Info: | Subject Alternative Name: DNS:affordablemovingonline.com, DNS:affordablemovingonline.net, DNS:autodiscover.affordablemovingonline.com, DNS:cpanel.affordablemovingonline.com, DNS:mail.affordablemovingonline.com, DNS:mail.affordablemovingonline.net, DNS:webdisk.affordablemovingonline.com, DNS:webmail.affordablemovingonline.com, DNS:www.affordablemovingonline.com, DNS:www.affordablemovingonline.net
1170 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1171 Script Info: | Public Key type: rsa
1172 Script Info: | Public Key bits: 2048
1173 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1174 Script Info: | Not valid before: 2019-09-29T00:00:00
1175 Script Info: | Not valid after: 2019-12-28T23:59:59
1176 Script Info: | MD5: a7c6 3ba8 3796 7f02 d2c4 29ec f6f6 8c05
1177 Script Info: |_SHA-1: ed3c 7933 abbe 9add 6aac 9124 b6ee 50f1 fdd5 5e2c
1178 Script Info: |_ssl-date: TLS randomness does not represent time
1179 Script Info: | tls-alpn:
1180 Script Info: | h2
1181 Script Info: |_ http/1.1
1182 Port: 465/tcp open ssl/smtp syn-ack ttl 55 Exim smtpd 4.92
1183 Script Info: | smtp-commands: host.ywphost1.com Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, HELP,
1184 Script Info: |_ Commands supported: AUTH HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1185 Script Info: | ssl-cert: Subject: commonName=host.ywphost1.com
1186 Script Info: | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
1187 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1188 Script Info: | Public Key type: rsa
1189 Script Info: | Public Key bits: 2048
1190 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1191 Script Info: | Not valid before: 2019-02-26T00:00:00
1192 Script Info: | Not valid after: 2020-02-26T23:59:59
1193 Script Info: | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
1194 Script Info: |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
1195 Script Info: |_ssl-date: TLS randomness does not represent time
1196 Port: 587/tcp open smtp syn-ack ttl 56 Exim smtpd 4.92
1197 Script Info: | smtp-commands: host.ywphost1.com Hello nmap.scanme.org [45.131.5.28], SIZE 52428800, 8BITMIME, PIPELINING, AUTH PLAIN LOGIN, STARTTLS, HELP,
1198 Script Info: |_ Commands supported: AUTH STARTTLS HELO EHLO MAIL RCPT DATA BDAT NOOP QUIT RSET HELP
1199 Script Info: | ssl-cert: Subject: commonName=host.ywphost1.com
1200 Script Info: | Subject Alternative Name: DNS:host.ywphost1.com, DNS:www.host.ywphost1.com
1201 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1202 Script Info: | Public Key type: rsa
1203 Script Info: | Public Key bits: 2048
1204 Script Info: | Signature Algorithm: sha256WithRSAEncryption
1205 Script Info: | Not valid before: 2019-02-26T00:00:00
1206 Script Info: | Not valid after: 2020-02-26T23:59:59
1207 Script Info: | MD5: e8a8 8dbc d9c3 9c1c 914f 0dc0 c0ce 7d32
1208 Script Info: |_SHA-1: e6d9 f2cd e9cb 382a c7ca 974a 145a 4046 05ee d438
1209 Script Info: |_ssl-date: TLS randomness does not represent time
1210 Port: 993/tcp open ssl/imaps? syn-ack ttl 55
1211 Script Info: |_ssl-date: TLS randomness does not represent time
1212 Port: 995/tcp open ssl/pop3s? syn-ack ttl 56
1213 Script Info: |_ssl-date: TLS randomness does not represent time
1214 Script Info: Device type: general purpose|WAP|broadband router
1215 Script Info: Running (JUST GUESSING): Linux 2.6.X|2.4.X|3.X (92%), FreeBSD 6.X (86%), Asus embedded (85%)
1216 Os Info: Host: host.ywphost1.com; OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1217######################################################################################################################################
1218Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 10:54 EDT
1219Nmap scan report for c59833.sgvps.net (37.60.233.207)
1220Host is up (0.29s latency).
1221Not shown: 979 filtered ports, 10 closed ports
1222Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
1223PORT STATE SERVICE
122421/tcp open ftp
122553/tcp open domain
122680/tcp open http
1227110/tcp open pop3
1228143/tcp open imap
1229443/tcp open https
1230465/tcp open smtps
1231587/tcp open submission
1232993/tcp open imaps
1233995/tcp open pop3s
12343306/tcp open mysql
1235
1236Nmap done: 1 IP address (1 host up) scanned in 25.72 seconds
1237#########################################################################################################################################
1238Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 10:55 EDT
1239Nmap scan report for c59833.sgvps.net (37.60.233.207)
1240Host is up (0.15s latency).
1241Not shown: 2 filtered ports
1242PORT STATE SERVICE
124353/udp open domain
124467/udp open|filtered dhcps
124568/udp open|filtered dhcpc
124669/udp open|filtered tftp
124788/udp open|filtered kerberos-sec
1248123/udp open|filtered ntp
1249139/udp open|filtered netbios-ssn
1250161/udp open|filtered snmp
1251162/udp open|filtered snmptrap
1252389/udp open|filtered ldap
1253500/udp open|filtered isakmp
1254520/udp open|filtered route
12552049/udp open|filtered nfs
1256
1257Nmap done: 1 IP address (1 host up) scanned in 2.63 seconds
1258######################################################################################################################################
1259Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 10:55 EDT
1260NSE: [ftp-brute] usernames: Time limit 10m00s exceeded.
1261NSE: [ftp-brute] usernames: Time limit 10m00s exceeded.
1262NSE: [ftp-brute] passwords: Time limit 10m00s exceeded.
1263Nmap scan report for c59833.sgvps.net (37.60.233.207)
1264Host is up (0.26s latency).
1265
1266PORT STATE SERVICE VERSION
126721/tcp open ftp Pure-FTPd
1268| ftp-brute:
1269| Accounts: No valid accounts found
1270|_ Statistics: Performed 10401 guesses in 615 seconds, average tps: 17.1
1271| vulscan: VulDB - https://vuldb.com:
1272| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
1273| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
1274| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
1275|
1276| MITRE CVE - https://cve.mitre.org:
1277| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
1278|
1279| SecurityFocus - https://www.securityfocus.com/bid/:
1280| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
1281|
1282| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1283| No findings
1284|
1285| Exploit-DB - https://www.exploit-db.com:
1286| No findings
1287|
1288| OpenVAS (Nessus) - http://www.openvas.org:
1289| No findings
1290|
1291| SecurityTracker - https://www.securitytracker.com:
1292| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
1293| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
1294| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
1295| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
1296|
1297| OSVDB - http://www.osvdb.org:
1298| No findings
1299|_
1300Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1301Device type: general purpose
1302Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
1303OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
1304Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (91%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
1305No exact OS matches for host (test conditions non-ideal).
1306Network Distance: 17 hops
1307
1308TRACEROUTE (using port 21/tcp)
1309HOP RTT ADDRESS
13101 300.23 ms 10.231.204.1
13112 300.28 ms 45.131.5.3
13123 300.30 ms 109.236.95.228
13134 300.35 ms bb1-fra1.worldstream.nl (109.236.95.221)
13145 300.34 ms zayo.fra.ecix.net (62.69.146.139)
13156 400.33 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
13167 400.39 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
13178 400.41 ms ae2.cs1.ams17.nl.eth.zayo.com (64.125.29.59)
13189 400.42 ms ae0.cs1.ams10.nl.eth.zayo.com (64.125.29.80)
131910 201.12 ms ae2.cs1.lhr15.uk.eth.zayo.com (64.125.29.17)
132011 297.62 ms ae0.cs1.lhr11.uk.eth.zayo.com (64.125.29.118)
132112 296.52 ms ae5.cs1.lga5.us.eth.zayo.com (64.125.29.126)
132213 ...
132314 296.43 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
132415 296.37 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
132516 296.44 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
132617 246.12 ms c59833.sgvps.net (37.60.233.207)
1327######################################################################################################################################
1328Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:07 EDT
1329Nmap scan report for c59833.sgvps.net (37.60.233.207)
1330Host is up (0.26s latency).
1331
1332PORT STATE SERVICE VERSION
133353/tcp open domain ISC BIND 9.10.6
1334|_dns-fuzz: Server didn't response to our probe, can't fuzz
1335| dns-nsec-enum:
1336|_ No NSEC records found
1337| dns-nsec3-enum:
1338|_ DNSSEC NSEC3 not supported
1339| dns-nsid:
1340|_ bind.version: 9.10.6
1341| vulners:
1342| cpe:/a:isc:bind:9.10.6:
1343| CVE-2018-5740 5.0 https://vulners.com/cve/CVE-2018-5740
1344| CVE-2018-5734 5.0 https://vulners.com/cve/CVE-2018-5734
1345| CVE-2017-3145 5.0 https://vulners.com/cve/CVE-2017-3145
1346|_ CVE-2018-5741 4.0 https://vulners.com/cve/CVE-2018-5741
1347| vulscan: VulDB - https://vuldb.com:
1348| [129816] ISC BIND up to 9.10.6-S2 badcache.c Malformed Packet Assertion unknown vulnerability
1349| [88752] ISC BIND up to 9.10.4-P1 UPDATE Message Crash denial of service
1350| [88751] ISC BIND up to 9.10.4-P1 IXFR Response Crash denial of service
1351| [88750] ISC BIND up to 9.10.4-P1 AXFR Response Crash denial of service
1352| [81317] ISC BIND up to 9.10.3-P3 named resolver.c Cookie Option denial of service
1353| [80355] ISC BIND up to 9.10.3-P2 Debug Logging Crash denial of service
1354| [69191] ISC BIND up to 9.10.2 Trust Anchor Management Crash denial of service
1355| [68356] ISC BIND 9.10.0 Delegation Crash denial of service
1356| [68355] ISC BIND 9.10.0/9.10.1 GeoIP Crash denial of service
1357| [13581] ISC BIND 9.10.0 EDNS Option denial of service
1358| [13180] ISC BIND 9.10.0 Prefetch denial of service
1359|
1360| MITRE CVE - https://cve.mitre.org:
1361| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
1362| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
1363|
1364| SecurityFocus - https://www.securityfocus.com/bid/:
1365| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
1366| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
1367| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
1368| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
1369| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
1370| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
1371| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
1372| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
1373| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
1374| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
1375| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
1376| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
1377| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
1378| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
1379| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
1380| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
1381| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
1382| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
1383| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
1384| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
1385| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
1386| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
1387| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
1388| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
1389| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
1390| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
1391| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
1392| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
1393| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
1394| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
1395| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
1396| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
1397| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
1398| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
1399| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
1400| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
1401| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
1402| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
1403| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
1404| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
1405| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
1406| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
1407| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
1408| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
1409| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
1410| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
1411| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
1412| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
1413| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
1414| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
1415| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
1416| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
1417| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
1418| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
1419| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
1420| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
1421| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
1422| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
1423| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
1424| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
1425| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
1426| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
1427| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
1428| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
1429| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
1430| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
1431| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
1432| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
1433| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
1434| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
1435| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
1436| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
1437| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
1438| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
1439|
1440| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1441| [85799] Cisco Unified IP Phones 9900 Series directory traversal
1442| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
1443| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
1444| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
1445| [9250] BIND 9 dns_message_findtype() denial of service
1446| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
1447| [539] Microsoft Windows 95 and Internet Explorer password disclosure
1448| [86004] ISC BIND RDATA denial of service
1449| [84767] ISC BIND denial of service
1450| [83066] ISC BIND denial of service
1451| [81504] ISC BIND AAAA denial of service
1452| [80510] ISC BIND DNS64 denial of service
1453| [79121] ISC BIND queries denial of service
1454| [78479] ISC BIND RDATA denial of service
1455| [77185] ISC BIND TCP queries denial of service
1456| [77184] ISC BIND bad cache denial of service
1457| [76034] ISC BIND rdata denial of service
1458| [73053] ISC BIND cache update policy security bypass
1459| [71332] ISC BIND recursive queries denial of service
1460| [68375] ISC BIND UPDATE denial of service
1461| [68374] ISC BIND Response Policy Zones denial of service
1462| [67665] ISC BIND RRSIG Rrsets denial of service
1463| [67297] ISC BIND RRSIG denial of service
1464| [65554] ISC BIND IXFR transfer denial of service
1465| [63602] ISC BIND allow-query security bypass
1466| [63596] ISC BIND zone data security bypass
1467| [63595] ISC BIND RRSIG denial of service
1468| [62072] ISC BIND DNSSEC query denial of service
1469| [62071] ISC BIND ACL security bypass
1470| [61871] ISC BIND anchors denial of service
1471| [60421] ISC BIND RRSIG denial of service
1472| [56049] ISC BIND out-of-bailiwick weak security
1473| [55937] ISC Bind unspecified cache poisoning
1474| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
1475| [54416] ISC BIND DNSSEC cache poisoning
1476| [52073] ISC BIND dns_db_findrdataset() denial of service
1477| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
1478| [45234] ISC BIND UDP denial of service
1479| [39670] ISC BIND inet_network buffer overflow
1480| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
1481| [37128] RHSA update for ISC BIND RRset denial of service not installed
1482| [37127] RHSA update for ISC BIND named service denial of service not installed
1483| [36275] ISC BIND DNS query spoofing
1484| [35575] ISC BIND query ID cache poisoning
1485| [35571] ISC BIND ACL security bypass
1486| [31838] ISC BIND RRset denial of service
1487| [31799] ISC BIND named service denial of service
1488| [29876] HP Tru64 ypbind core dump information disclosure
1489| [28745] ISC BIND DNSSEC RRset denial of service
1490| [28744] ISC BIND recursive INSIST denial of service
1491| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
1492| [18836] BIND hostname disclosure
1493| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
1494| [10333] ISC BIND SIG null pointer dereference denial of service
1495| [10332] ISC BIND OPT resource record (RR) denial of service
1496| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
1497| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
1498| [5814] ISC BIND "
1499| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
1500| [5462] ISC BIND AXFR host command remote buffer overflow
1501|
1502| Exploit-DB - https://www.exploit-db.com:
1503| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
1504|
1505| OpenVAS (Nessus) - http://www.openvas.org:
1506| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
1507| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
1508| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
1509| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
1510| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
1511| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
1512| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
1513| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
1514| [11226] Oracle 9iAS default error information disclosure
1515|
1516| SecurityTracker - https://www.securitytracker.com:
1517| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
1518| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
1519| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
1520| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
1521| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
1522| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1523| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1524| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1525| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1526| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1527| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1528| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1529| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1530| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
1531| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
1532| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
1533| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
1534| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
1535| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
1536| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
1537| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
1538| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
1539| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
1540| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
1541| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
1542| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
1543|
1544| OSVDB - http://www.osvdb.org:
1545| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
1546| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
1547| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
1548| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
1549| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
1550| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
1551| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
1552| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
1553| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
1554| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
1555| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
1556| [18217] Oracle 9iAS echo Sample Application Information Disclosure
1557| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
1558| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
1559| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
1560| [3108] Microsoft Office 98 Macintosh Information Disclosure
1561| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
1562| [665] Microsoft Windows 95 Online Registration Information Disclosure
1563| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
1564| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
1565| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
1566| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
1567| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
1568| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
1569| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
1570| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
1571| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
1572| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
1573| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
1574| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
1575| [77159] ISC BIND Recursive Query Parsing Remote DoS
1576| [73605] ISC BIND UPDATE Request Parsing Remote DoS
1577| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
1578| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
1579| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
1580| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
1581| [69568] ISC BIND named allow-query ACL Restriction Bypass
1582| [69559] ISC BIND named Key Algorithm Rollover Weakness
1583| [69558] ISC BIND named RRSIG Negative Caching DoS
1584| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
1585| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
1586| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
1587| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
1588| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
1589| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
1590| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
1591| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
1592| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
1593| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
1594| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
1595| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
1596| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
1597| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
1598| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
1599| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
1600| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
1601| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
1602| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
1603| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
1604| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
1605| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
1606| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
1607| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
1608| [34752] ISC BIND so_linger Remote DoS
1609| [34751] ISC BIND Malformed SIG Record Remote DoS
1610| [34750] ISC BIND Malformed NAPTR Record Local DoS
1611| [34749] ISC BIND named maxdname DoS
1612| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
1613| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
1614| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
1615| [28558] ISC BIND Recursive Query Saturation DoS
1616| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
1617| [25895] ISC BIND Cached Recursive Query DoS
1618| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
1619| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
1620| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
1621| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
1622| [14795] ISC BIND TSIG Handling Code Remote Overflow
1623| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
1624| [13752] ISC BIND host Command AXFR Response Remote Overflow
1625| [13176] ISC BIND q_usedns Array Remote Overflow DoS
1626| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
1627| [9736] ISC BIND fdmax File Descriptor Consumption DoS
1628| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
1629| [9734] ISC BIND CNAME Record Zone Transfer DoS
1630| [9733] ISC BIND Malformed DNS Message DoS
1631| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
1632| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
1633| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
1634| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
1635| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
1636| [5828] ISC BIND named SRV Remote DoS
1637| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
1638| [2866] ISC BIND Negative Record Cache Poisoning
1639| [1751] ISC BIND Environment Variable Information Disclosure
1640| [1747] ISC BIND 4 nslookupComplain() Remote Format String
1641| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
1642| [913] ISC BIND Inverse-Query Remote Overflow
1643| [869] ISC BIND named SIG Resource Server Response RR Overflow
1644| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
1645| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
1646| [24] ISC BIND NXT Record Overflow
1647|_
1648Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1649Device type: general purpose
1650Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
1651OS CPE: cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6
1652Aggressive OS guesses: Linux 4.4 (91%), Linux 3.10 - 3.12 (89%), Linux 4.9 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.16 (86%), Linux 4.0 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.16 (85%), Linux 3.18 (85%)
1653No exact OS matches for host (test conditions non-ideal).
1654Network Distance: 17 hops
1655
1656Host script results:
1657| dns-brute:
1658| DNS Brute-force hostnames:
1659| alerts.sgvps.net - 69.175.62.50
1660| ns.sgvps.net - 181.224.128.6
1661| ns1.sgvps.net - 181.224.128.6
1662| dns1.sgvps.net - 146.66.127.1
1663| ns2.sgvps.net - 198.20.77.76
1664| dns2.sgvps.net - 146.66.127.2
1665| voip.sgvps.net - 77.104.191.2
1666| ntp.sgvps.net - 181.224.128.4
1667| ntp.sgvps.net - 181.224.128.5
1668| ntp.sgvps.net - 198.20.77.74
1669| ntp.sgvps.net - 96.127.165.202
1670| web.sgvps.net - 181.224.128.6
1671| backup.sgvps.net - 181.224.128.254
1672| mail.sgvps.net - 198.143.151.98
1673| www.sgvps.net - 181.224.128.6
1674| chat.sgvps.net - 216.104.36.122
1675| ftp.sgvps.net - 181.224.128.6
1676| git.sgvps.net - 181.224.128.254
1677|_ sql.sgvps.net - 174.133.189.68
1678
1679TRACEROUTE (using port 53/tcp)
1680HOP RTT ADDRESS
16811 110.58 ms 10.231.204.1
16822 659.59 ms 45.131.5.2
16833 110.64 ms 109.236.95.224
16844 156.65 ms bb1-fra1.worldstream.nl (109.236.95.221)
16855 156.62 ms zayo.fra.ecix.net (62.69.146.139)
16866 258.71 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
16877 258.73 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
16888 258.72 ms ae2.cs1.ams17.nl.eth.zayo.com (64.125.29.59)
16899 258.72 ms ae0.cs1.ams10.nl.eth.zayo.com (64.125.29.80)
169010 258.73 ms ae2.cs1.lhr15.uk.eth.zayo.com (64.125.29.17)
169111 347.40 ms ae0.cs1.lhr11.uk.eth.zayo.com (64.125.29.118)
169212 356.44 ms ae5.cs1.lga5.us.eth.zayo.com (64.125.29.126)
169313 ...
169414 296.74 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
169515 296.25 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
169616 396.78 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
169717 296.17 ms c59833.sgvps.net (37.60.233.207)
1698###################################################################################################
1699HTTP/1.1 200 OK
1700Server: nginx
1701Date: Thu, 24 Oct 2019 15:07:38 GMT
1702Content-Type: text/html
1703Content-Length: 88
1704Connection: keep-alive
1705Expires: Thu, 01 Jan 1970 00:00:01 GMT
1706Cache-Control: no-cache
1707alt-svc: quic=":443"; ma=86400; v="43,39"
1708###################################################################################################
1709Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:09 EDT
1710NSE: Loaded 163 scripts for scanning.
1711NSE: Script Pre-scanning.
1712Initiating NSE at 11:09
1713Completed NSE at 11:09, 0.00s elapsed
1714Initiating NSE at 11:09
1715Completed NSE at 11:09, 0.00s elapsed
1716Initiating Parallel DNS resolution of 1 host. at 11:09
1717Completed Parallel DNS resolution of 1 host. at 11:09, 0.02s elapsed
1718Initiating SYN Stealth Scan at 11:09
1719Scanning c59833.sgvps.net (37.60.233.207) [1 port]
1720Discovered open port 80/tcp on 37.60.233.207
1721Completed SYN Stealth Scan at 11:09, 0.39s elapsed (1 total ports)
1722Initiating Service scan at 11:09
1723Scanning 1 service on c59833.sgvps.net (37.60.233.207)
1724Completed Service scan at 11:09, 6.50s elapsed (1 service on 1 host)
1725Initiating OS detection (try #1) against c59833.sgvps.net (37.60.233.207)
1726Retrying OS detection (try #2) against c59833.sgvps.net (37.60.233.207)
1727Initiating Traceroute at 11:09
1728Completed Traceroute at 11:09, 3.30s elapsed
1729Initiating Parallel DNS resolution of 16 hosts. at 11:09
1730Completed Parallel DNS resolution of 16 hosts. at 11:09, 0.31s elapsed
1731NSE: Script scanning 37.60.233.207.
1732Initiating NSE at 11:09
1733NSE: [http-wordpress-enum 37.60.233.207:80] got no answers from pipelined queries
1734Stats: 0:06:05 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
1735NSE: Active NSE Script Threads: 1 (0 waiting)
1736NSE Timing: About 99.67% done; ETC: 11:15 (0:00:01 remaining)
1737Completed NSE at 11:15, 357.56s elapsed
1738Initiating NSE at 11:15
1739Completed NSE at 11:15, 1.68s elapsed
1740Nmap scan report for c59833.sgvps.net (37.60.233.207)
1741Host is up (0.27s latency).
1742
1743PORT STATE SERVICE VERSION
174480/tcp open http nginx
1745|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
1746| http-brute:
1747|_ Path "/" does not require authentication
1748|_http-chrono: Request times for /; avg: 9202.55ms; min: 9086.10ms; max: 9268.58ms
1749|_http-csrf: Couldn't find any CSRF vulnerabilities.
1750|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
1751|_http-dombased-xss: Couldn't find any DOM based XSS.
1752|_http-errors: ERROR: Script execution failed (use -d to debug)
1753|_http-feed: Couldn't find any feeds.
1754|_http-fetch: Please enter the complete path of the directory to save data in.
1755|_http-jsonp-detection: Couldn't find any JSONP endpoints.
1756|_http-mobileversion-checker: No mobile version detected.
1757|_http-security-headers:
1758| http-sitemap-generator:
1759| Directory structure:
1760| Longest directory structure:
1761| Depth: 0
1762| Dir: /
1763| Total files found (by extension):
1764|_
1765|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
1766|_http-traceroute: ERROR: Script execution failed (use -d to debug)
1767| http-vhosts:
1768|_127 names had status ERROR
1769|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
1770|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
1771|_http-xssed: No previously reported XSS vuln.
1772| vulscan: VulDB - https://vuldb.com:
1773| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
1774| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
1775| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
1776| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
1777| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
1778| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
1779| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
1780| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
1781| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
1782| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
1783| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
1784| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
1785| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
1786| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
1787| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
1788| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
1789| [67677] nginx up to 1.7.3 SSL weak authentication
1790| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
1791| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
1792| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
1793| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
1794| [65364] nginx up to 1.1.13 Default Configuration information disclosure
1795| [8671] nginx up to 1.4 proxy_pass denial of service
1796| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
1797| [7247] nginx 1.2.6 Proxy Function spoofing
1798| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
1799| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
1800| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
1801| [59645] nginx up to 0.8.9 Heap-based memory corruption
1802| [53592] nginx 0.8.36 memory corruption
1803| [53590] nginx up to 0.8.9 unknown vulnerability
1804| [51533] nginx 0.7.64 Terminal privilege escalation
1805| [50905] nginx up to 0.8.9 directory traversal
1806| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
1807| [50043] nginx up to 0.8.10 memory corruption
1808|
1809| MITRE CVE - https://cve.mitre.org:
1810| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
1811| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
1812| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
1813| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
1814| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
1815| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
1816| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
1817| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
1818| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
1819| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
1820| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
1821| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
1822| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
1823|
1824| SecurityFocus - https://www.securityfocus.com/bid/:
1825| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
1826| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
1827| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
1828| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
1829| [82230] nginx Multiple Denial of Service Vulnerabilities
1830| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
1831| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
1832| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
1833| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
1834| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
1835| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
1836| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
1837| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
1838| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
1839| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
1840| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
1841| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
1842| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
1843| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
1844| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
1845| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
1846| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
1847| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
1848| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
1849| [40420] nginx Directory Traversal Vulnerability
1850| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
1851| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
1852| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
1853| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
1854| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
1855|
1856| IBM X-Force - https://exchange.xforce.ibmcloud.com:
1857| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
1858| [84172] nginx denial of service
1859| [84048] nginx buffer overflow
1860| [83923] nginx ngx_http_close_connection() integer overflow
1861| [83688] nginx null byte code execution
1862| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
1863| [82319] nginx access.log information disclosure
1864| [80952] nginx SSL spoofing
1865| [77244] nginx and Microsoft Windows request security bypass
1866| [76778] Naxsi module for Nginx nx_extract.py directory traversal
1867| [74831] nginx ngx_http_mp4_module.c buffer overflow
1868| [74191] nginx ngx_cpystrn() information disclosure
1869| [74045] nginx header response information disclosure
1870| [71355] nginx ngx_resolver_copy() buffer overflow
1871| [59370] nginx characters denial of service
1872| [59369] nginx DATA source code disclosure
1873| [59047] nginx space source code disclosure
1874| [58966] nginx unspecified directory traversal
1875| [54025] nginx ngx_http_parse.c denial of service
1876| [53431] nginx WebDAV component directory traversal
1877| [53328] Nginx CRC-32 cached domain name spoofing
1878| [53250] Nginx ngx_http_parse_complex_uri() function code execution
1879|
1880| Exploit-DB - https://www.exploit-db.com:
1881| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
1882| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
1883| [25499] nginx 1.3.9-1.4.0 DoS PoC
1884| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
1885| [14830] nginx 0.6.38 - Heap Corruption Exploit
1886| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
1887| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
1888| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
1889| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
1890| [9829] nginx 0.7.61 WebDAV directory traversal
1891|
1892| OpenVAS (Nessus) - http://www.openvas.org:
1893| [864418] Fedora Update for nginx FEDORA-2012-3846
1894| [864310] Fedora Update for nginx FEDORA-2012-6238
1895| [864209] Fedora Update for nginx FEDORA-2012-6411
1896| [864204] Fedora Update for nginx FEDORA-2012-6371
1897| [864121] Fedora Update for nginx FEDORA-2012-4006
1898| [864115] Fedora Update for nginx FEDORA-2012-3991
1899| [864065] Fedora Update for nginx FEDORA-2011-16075
1900| [863654] Fedora Update for nginx FEDORA-2011-16110
1901| [861232] Fedora Update for nginx FEDORA-2007-1158
1902| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
1903| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
1904| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
1905| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
1906| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
1907| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
1908| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
1909| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
1910| [100659] nginx Directory Traversal Vulnerability
1911| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
1912| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
1913| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
1914| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
1915| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
1916| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
1917| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
1918| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
1919| [71297] FreeBSD Ports: nginx
1920| [71276] FreeBSD Ports: nginx
1921| [71239] Debian Security Advisory DSA 2434-1 (nginx)
1922| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
1923| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
1924| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
1925| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
1926| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
1927| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
1928| [64894] FreeBSD Ports: nginx
1929| [64869] Debian Security Advisory DSA 1884-1 (nginx)
1930|
1931| SecurityTracker - https://www.securitytracker.com:
1932| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
1933| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
1934| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
1935| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
1936|
1937| OSVDB - http://www.osvdb.org:
1938| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
1939| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
1940| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
1941| [92796] nginx ngx_http_close_connection Function Crafted r->
1942| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
1943| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
1944| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
1945| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
1946| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
1947| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
1948| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
1949| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
1950| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
1951| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
1952| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
1953| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
1954| [62617] nginx Internal DNS Cache Poisoning Weakness
1955| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
1956| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
1957| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
1958| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
1959| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
1960| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
1961| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
1962| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
1963| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
1964| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
1965|_
1966Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
1967Device type: general purpose
1968Running (JUST GUESSING): Linux 2.6.X|4.X (86%)
1969OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:4.4
1970Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (86%), Linux 4.4 (85%)
1971No exact OS matches for host (test conditions non-ideal).
1972Uptime guess: 17.105 days (since Mon Oct 7 08:44:01 2019)
1973Network Distance: 17 hops
1974TCP Sequence Prediction: Difficulty=254 (Good luck!)
1975IP ID Sequence Generation: All zeros
1976
1977TRACEROUTE (using port 80/tcp)
1978HOP RTT ADDRESS
19791 284.42 ms 10.231.204.1
19802 284.48 ms 45.131.5.3
19813 284.47 ms 109.236.95.226
19824 284.54 ms bb1-fra1.worldstream.nl (109.236.95.221)
19835 284.53 ms zayo.fra.ecix.net (62.69.146.139)
19846 384.45 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
19857 384.52 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
19868 384.51 ms ae2.cs1.ams17.nl.eth.zayo.com (64.125.29.59)
19879 384.50 ms ae0.cs1.ams10.nl.eth.zayo.com (64.125.29.80)
198810 384.49 ms ae2.cs1.lhr15.uk.eth.zayo.com (64.125.29.17)
198911 398.79 ms ae0.cs1.lhr11.uk.eth.zayo.com (64.125.29.118)
199012 398.71 ms ae5.cs1.lga5.us.eth.zayo.com (64.125.29.126)
199113 ...
199214 398.74 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
199315 398.61 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
199416 307.53 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
199517 307.38 ms c59833.sgvps.net (37.60.233.207)
1996
1997NSE: Script Post-scanning.
1998Initiating NSE at 11:15
1999Completed NSE at 11:15, 0.00s elapsed
2000Initiating NSE at 11:15
2001Completed NSE at 11:15, 0.00s elapsed
2002###################################################################################################
2003Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:15 EDT
2004NSE: [pop3-brute] usernames: Time limit 10m00s exceeded.
2005NSE: [pop3-brute] usernames: Time limit 10m00s exceeded.
2006NSE: [pop3-brute] passwords: Time limit 10m00s exceeded.
2007Nmap scan report for c59833.sgvps.net (37.60.233.207)
2008Host is up (0.32s latency).
2009
2010PORT STATE SERVICE VERSION
2011110/tcp open pop3 Dovecot pop3d
2012| pop3-brute:
2013| Accounts: No valid accounts found
2014|_ Statistics: Performed 685 guesses in 602 seconds, average tps: 1.1
2015|_pop3-capabilities: CAPA TOP RESP-CODES UIDL STLS PIPELINING AUTH-RESP-CODE SASL(PLAIN LOGIN) USER
2016| vulscan: VulDB - https://vuldb.com:
2017| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
2018| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
2019| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
2020| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
2021| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
2022| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
2023| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
2024| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
2025| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
2026| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
2027| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
2028| [69835] Dovecot 2.2.0/2.2.1 denial of service
2029| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
2030| [65684] Dovecot up to 2.2.6 unknown vulnerability
2031| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
2032| [63692] Dovecot up to 2.0.15 spoofing
2033| [7062] Dovecot 2.1.10 mail-search.c denial of service
2034| [57517] Dovecot up to 2.0.12 Login directory traversal
2035| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
2036| [57515] Dovecot up to 2.0.12 Crash denial of service
2037| [54944] Dovecot up to 1.2.14 denial of service
2038| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
2039| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
2040| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
2041| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
2042| [53277] Dovecot up to 1.2.10 denial of service
2043| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
2044| [45256] Dovecot up to 1.1.5 directory traversal
2045| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
2046| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
2047| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
2048| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
2049| [40356] Dovecot 1.0.9 Cache unknown vulnerability
2050| [38222] Dovecot 1.0.2 directory traversal
2051| [36376] Dovecot up to 1.0.x directory traversal
2052| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
2053|
2054| MITRE CVE - https://cve.mitre.org:
2055| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
2056| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
2057| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
2058| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
2059| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
2060| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
2061| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
2062| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
2063| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
2064| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
2065| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
2066| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
2067| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
2068| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
2069| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
2070| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
2071| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
2072| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
2073| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
2074| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
2075| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
2076| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
2077| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
2078| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
2079| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
2080| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
2081| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
2082| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
2083| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
2084| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
2085| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
2086| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
2087| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
2088| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
2089| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
2090| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
2091| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
2092|
2093| SecurityFocus - https://www.securityfocus.com/bid/:
2094| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
2095| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
2096| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
2097| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
2098| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
2099| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
2100| [67306] Dovecot Denial of Service Vulnerability
2101| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
2102| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
2103| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
2104| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
2105| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
2106| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
2107| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
2108| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
2109| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
2110| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
2111| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
2112| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
2113| [39838] tpop3d Remote Denial of Service Vulnerability
2114| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
2115| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
2116| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
2117| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
2118| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
2119| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
2120| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
2121| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
2122| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
2123| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
2124| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
2125| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
2126| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
2127| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
2128| [17961] Dovecot Remote Information Disclosure Vulnerability
2129| [16672] Dovecot Double Free Denial of Service Vulnerability
2130| [8495] akpop3d User Name SQL Injection Vulnerability
2131| [8473] Vpop3d Remote Denial Of Service Vulnerability
2132| [3990] ZPop3D Bad Login Logging Failure Vulnerability
2133| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
2134|
2135| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2136| [86382] Dovecot POP3 Service denial of service
2137| [84396] Dovecot IMAP APPEND denial of service
2138| [80453] Dovecot mail-search.c denial of service
2139| [71354] Dovecot SSL Common Name (CN) weak security
2140| [67675] Dovecot script-login security bypass
2141| [67674] Dovecot script-login directory traversal
2142| [67589] Dovecot header name denial of service
2143| [63267] Apple Mac OS X Dovecot information disclosure
2144| [62340] Dovecot mailbox security bypass
2145| [62339] Dovecot IMAP or POP3 denial of service
2146| [62256] Dovecot mailbox security bypass
2147| [62255] Dovecot ACL entry security bypass
2148| [60639] Dovecot ACL plugin weak security
2149| [57267] Apple Mac OS X Dovecot Kerberos security bypass
2150| [56763] Dovecot header denial of service
2151| [54363] Dovecot base_dir privilege escalation
2152| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
2153| [46323] Dovecot dovecot.conf information disclosure
2154| [46227] Dovecot message parsing denial of service
2155| [45669] Dovecot ACL mailbox security bypass
2156| [45667] Dovecot ACL plugin rights security bypass
2157| [41085] Dovecot TAB characters authentication bypass
2158| [41009] Dovecot mail_extra_groups option unauthorized access
2159| [39342] Dovecot LDAP auth cache configuration security bypass
2160| [35767] Dovecot ACL plugin security bypass
2161| [34082] Dovecot mbox-storage.c directory traversal
2162| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
2163| [26578] Cyrus IMAP pop3d buffer overflow
2164| [26536] Dovecot IMAP LIST information disclosure
2165| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
2166| [24709] Dovecot APPEND command denial of service
2167| [13018] akpop3d authentication code SQL injection
2168| [7345] Slackware Linux imapd and ipop3d core dump
2169| [6269] imap, ipop2d and ipop3d buffer overflows
2170| [5923] Linuxconf vpop3d symbolic link
2171| [4918] IPOP3D, Buffer overflow attack
2172| [1560] IPOP3D, user login successful
2173| [1559] IPOP3D user login to remote host successful
2174| [1525] IPOP3D, user logout
2175| [1524] IPOP3D, user auto-logout
2176| [1523] IPOP3D, user login failure
2177| [1522] IPOP3D, brute force attack
2178| [1521] IPOP3D, user kiss of death logout
2179| [418] pop3d mktemp creates insecure temporary files
2180|
2181| Exploit-DB - https://www.exploit-db.com:
2182| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
2183| [23053] Vpop3d Remote Denial of Service Vulnerability
2184| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
2185| [11893] tPop3d 1.5.3 DoS
2186| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
2187| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
2188| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
2189| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
2190|
2191| OpenVAS (Nessus) - http://www.openvas.org:
2192| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
2193| [901025] Dovecot Version Detection
2194| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
2195| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
2196| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
2197| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
2198| [870607] RedHat Update for dovecot RHSA-2011:0600-01
2199| [870471] RedHat Update for dovecot RHSA-2011:1187-01
2200| [870153] RedHat Update for dovecot RHSA-2008:0297-02
2201| [863272] Fedora Update for dovecot FEDORA-2011-7612
2202| [863115] Fedora Update for dovecot FEDORA-2011-7258
2203| [861525] Fedora Update for dovecot FEDORA-2007-664
2204| [861394] Fedora Update for dovecot FEDORA-2007-493
2205| [861333] Fedora Update for dovecot FEDORA-2007-1485
2206| [860845] Fedora Update for dovecot FEDORA-2008-9202
2207| [860663] Fedora Update for dovecot FEDORA-2008-2475
2208| [860169] Fedora Update for dovecot FEDORA-2008-2464
2209| [860089] Fedora Update for dovecot FEDORA-2008-9232
2210| [840950] Ubuntu Update for dovecot USN-1295-1
2211| [840668] Ubuntu Update for dovecot USN-1143-1
2212| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
2213| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
2214| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
2215| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
2216| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
2217| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
2218| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
2219| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
2220| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
2221| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
2222| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
2223| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
2224| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
2225| [70259] FreeBSD Ports: dovecot
2226| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
2227| [66522] FreeBSD Ports: dovecot
2228| [65010] Ubuntu USN-838-1 (dovecot)
2229| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
2230| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
2231| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
2232| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
2233| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
2234| [62854] FreeBSD Ports: dovecot-managesieve
2235| [61916] FreeBSD Ports: dovecot
2236| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
2237| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
2238| [60528] FreeBSD Ports: dovecot
2239| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
2240| [60089] FreeBSD Ports: dovecot
2241| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
2242| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
2243|
2244| SecurityTracker - https://www.securitytracker.com:
2245| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
2246| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
2247| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
2248|
2249| OSVDB - http://www.osvdb.org:
2250| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
2251| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
2252| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
2253| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
2254| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
2255| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
2256| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
2257| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
2258| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
2259| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
2260| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
2261| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
2262| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
2263| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
2264| [66113] Dovecot Mail Root Directory Creation Permission Weakness
2265| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
2266| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
2267| [66110] Dovecot Multiple Unspecified Buffer Overflows
2268| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
2269| [64783] Dovecot E-mail Message Header Unspecified DoS
2270| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
2271| [62796] Dovecot mbox Format Email Header Handling DoS
2272| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
2273| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
2274| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
2275| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
2276| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
2277| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
2278| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
2279| [43137] Dovecot mail_extra_groups Symlink File Manipulation
2280| [42979] Dovecot passdbs Argument Injection Authentication Bypass
2281| [39876] Dovecot LDAP Auth Cache Security Bypass
2282| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
2283| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
2284| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
2285| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
2286| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
2287| [23281] Dovecot imap/pop3-login dovecot-auth DoS
2288| [23280] Dovecot Malformed APPEND Command DoS
2289| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
2290| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
2291| [5857] Linux pop3d Arbitrary Mail File Access
2292| [2471] akpop3d username SQL Injection
2293|_
2294Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2295Device type: general purpose
2296Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
2297OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
2298Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.16 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
2299No exact OS matches for host (test conditions non-ideal).
2300Network Distance: 17 hops
2301
2302TRACEROUTE (using port 110/tcp)
2303HOP RTT ADDRESS
23041 199.63 ms 10.231.204.1
23052 299.24 ms 45.131.5.2
23063 299.20 ms 109.236.95.228
23074 299.30 ms 109.236.95.103
23085 299.32 ms zayo.fra.ecix.net (62.69.146.139)
23096 403.19 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
23107 403.23 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
23118 403.24 ms ae2.cs1.ams17.nl.eth.zayo.com (64.125.29.59)
23129 403.25 ms ae0.cs1.ams10.nl.eth.zayo.com (64.125.29.80)
231310 299.39 ms ae2.cs1.lhr15.uk.eth.zayo.com (64.125.29.17)
231411 300.49 ms ae0.cs1.lhr11.uk.eth.zayo.com (64.125.29.118)
231512 303.43 ms ae5.cs1.lga5.us.eth.zayo.com (64.125.29.126)
231613 ...
231714 303.32 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
231815 303.37 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
231916 403.11 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
232017 302.20 ms c59833.sgvps.net (37.60.233.207)
2321####################################################################################################
2322Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:26 EDT
2323NSE: Loaded 163 scripts for scanning.
2324NSE: Script Pre-scanning.
2325Initiating NSE at 11:26
2326Completed NSE at 11:26, 0.00s elapsed
2327Initiating NSE at 11:26
2328Completed NSE at 11:26, 0.00s elapsed
2329Initiating Parallel DNS resolution of 1 host. at 11:26
2330Completed Parallel DNS resolution of 1 host. at 11:26, 0.02s elapsed
2331Initiating SYN Stealth Scan at 11:26
2332Scanning c59833.sgvps.net (37.60.233.207) [1 port]
2333Discovered open port 443/tcp on 37.60.233.207
2334Completed SYN Stealth Scan at 11:26, 0.24s elapsed (1 total ports)
2335Initiating Service scan at 11:26
2336Scanning 1 service on c59833.sgvps.net (37.60.233.207)
2337Completed Service scan at 11:26, 13.98s elapsed (1 service on 1 host)
2338Initiating OS detection (try #1) against c59833.sgvps.net (37.60.233.207)
2339Retrying OS detection (try #2) against c59833.sgvps.net (37.60.233.207)
2340Initiating Traceroute at 11:26
2341Completed Traceroute at 11:26, 3.31s elapsed
2342Initiating Parallel DNS resolution of 16 hosts. at 11:26
2343Completed Parallel DNS resolution of 16 hosts. at 11:26, 0.39s elapsed
2344NSE: Script scanning 37.60.233.207.
2345Initiating NSE at 11:26
2346Completed NSE at 11:30, 232.84s elapsed
2347Initiating NSE at 11:30
2348Completed NSE at 11:30, 3.17s elapsed
2349Nmap scan report for c59833.sgvps.net (37.60.233.207)
2350Host is up (0.33s latency).
2351
2352PORT STATE SERVICE VERSION
2353443/tcp open ssl/http nginx
2354| http-brute:
2355|_ Path "/" does not require authentication
2356|_http-chrono: Request times for /; avg: 2859.79ms; min: 2565.09ms; max: 2987.41ms
2357|_http-csrf: Couldn't find any CSRF vulnerabilities.
2358|_http-date: Thu, 24 Oct 2019 15:27:00 GMT; 0s from local time.
2359|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
2360|_http-dombased-xss: Couldn't find any DOM based XSS.
2361|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
2362| http-errors:
2363| Spidering limited to: maxpagecount=40; withinhost=c59833.sgvps.net
2364| Found the following error pages:
2365|
2366| Error Code: 400
2367|_ http://c59833.sgvps.net:443/
2368|_http-feed: Couldn't find any feeds.
2369|_http-fetch: Please enter the complete path of the directory to save data in.
2370| http-headers:
2371| Server: nginx
2372| Date: Thu, 24 Oct 2019 15:27:13 GMT
2373| Content-Type: text/html
2374| Content-Length: 248
2375| Connection: close
2376|
2377|_ (Request type: GET)
2378|_http-jsonp-detection: Couldn't find any JSONP endpoints.
2379|_http-mobileversion-checker: No mobile version detected.
2380| http-security-headers:
2381| Strict_Transport_Security:
2382|_ HSTS not configured in HTTPS Server
2383| http-sitemap-generator:
2384| Directory structure:
2385| Longest directory structure:
2386| Depth: 0
2387| Dir: /
2388| Total files found (by extension):
2389|_
2390|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
2391|_http-title: 400 The plain HTTP request was sent to HTTPS port
2392| http-vhosts:
2393|_127 names had status 400
2394|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
2395|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
2396|_http-xssed: No previously reported XSS vuln.
2397| vulscan: VulDB - https://vuldb.com:
2398| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
2399| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
2400| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
2401| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
2402| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
2403| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
2404| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
2405| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
2406| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
2407| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
2408| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
2409| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
2410| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
2411| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
2412| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
2413| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
2414| [67677] nginx up to 1.7.3 SSL weak authentication
2415| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
2416| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
2417| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
2418| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
2419| [65364] nginx up to 1.1.13 Default Configuration information disclosure
2420| [8671] nginx up to 1.4 proxy_pass denial of service
2421| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
2422| [7247] nginx 1.2.6 Proxy Function spoofing
2423| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
2424| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
2425| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
2426| [59645] nginx up to 0.8.9 Heap-based memory corruption
2427| [53592] nginx 0.8.36 memory corruption
2428| [53590] nginx up to 0.8.9 unknown vulnerability
2429| [51533] nginx 0.7.64 Terminal privilege escalation
2430| [50905] nginx up to 0.8.9 directory traversal
2431| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
2432| [50043] nginx up to 0.8.10 memory corruption
2433|
2434| MITRE CVE - https://cve.mitre.org:
2435| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
2436| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
2437| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
2438| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
2439| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
2440| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
2441| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
2442| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
2443| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
2444| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
2445| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
2446| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
2447| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
2448|
2449| SecurityFocus - https://www.securityfocus.com/bid/:
2450| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
2451| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
2452| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
2453| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
2454| [82230] nginx Multiple Denial of Service Vulnerabilities
2455| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
2456| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
2457| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
2458| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
2459| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
2460| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
2461| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
2462| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
2463| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
2464| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
2465| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
2466| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
2467| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
2468| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
2469| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2470| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2471| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2472| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2473| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
2474| [40420] nginx Directory Traversal Vulnerability
2475| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2476| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2477| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2478| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2479| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
2480|
2481| IBM X-Force - https://exchange.xforce.ibmcloud.com:
2482| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
2483| [84172] nginx denial of service
2484| [84048] nginx buffer overflow
2485| [83923] nginx ngx_http_close_connection() integer overflow
2486| [83688] nginx null byte code execution
2487| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
2488| [82319] nginx access.log information disclosure
2489| [80952] nginx SSL spoofing
2490| [77244] nginx and Microsoft Windows request security bypass
2491| [76778] Naxsi module for Nginx nx_extract.py directory traversal
2492| [74831] nginx ngx_http_mp4_module.c buffer overflow
2493| [74191] nginx ngx_cpystrn() information disclosure
2494| [74045] nginx header response information disclosure
2495| [71355] nginx ngx_resolver_copy() buffer overflow
2496| [59370] nginx characters denial of service
2497| [59369] nginx DATA source code disclosure
2498| [59047] nginx space source code disclosure
2499| [58966] nginx unspecified directory traversal
2500| [54025] nginx ngx_http_parse.c denial of service
2501| [53431] nginx WebDAV component directory traversal
2502| [53328] Nginx CRC-32 cached domain name spoofing
2503| [53250] Nginx ngx_http_parse_complex_uri() function code execution
2504|
2505| Exploit-DB - https://www.exploit-db.com:
2506| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
2507| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
2508| [25499] nginx 1.3.9-1.4.0 DoS PoC
2509| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
2510| [14830] nginx 0.6.38 - Heap Corruption Exploit
2511| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
2512| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
2513| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
2514| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
2515| [9829] nginx 0.7.61 WebDAV directory traversal
2516|
2517| OpenVAS (Nessus) - http://www.openvas.org:
2518| [864418] Fedora Update for nginx FEDORA-2012-3846
2519| [864310] Fedora Update for nginx FEDORA-2012-6238
2520| [864209] Fedora Update for nginx FEDORA-2012-6411
2521| [864204] Fedora Update for nginx FEDORA-2012-6371
2522| [864121] Fedora Update for nginx FEDORA-2012-4006
2523| [864115] Fedora Update for nginx FEDORA-2012-3991
2524| [864065] Fedora Update for nginx FEDORA-2011-16075
2525| [863654] Fedora Update for nginx FEDORA-2011-16110
2526| [861232] Fedora Update for nginx FEDORA-2007-1158
2527| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
2528| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
2529| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
2530| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
2531| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
2532| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
2533| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
2534| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
2535| [100659] nginx Directory Traversal Vulnerability
2536| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
2537| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
2538| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
2539| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
2540| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
2541| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
2542| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
2543| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
2544| [71297] FreeBSD Ports: nginx
2545| [71276] FreeBSD Ports: nginx
2546| [71239] Debian Security Advisory DSA 2434-1 (nginx)
2547| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
2548| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
2549| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
2550| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
2551| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
2552| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
2553| [64894] FreeBSD Ports: nginx
2554| [64869] Debian Security Advisory DSA 1884-1 (nginx)
2555|
2556| SecurityTracker - https://www.securitytracker.com:
2557| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
2558| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
2559| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
2560| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
2561|
2562| OSVDB - http://www.osvdb.org:
2563| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
2564| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
2565| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
2566| [92796] nginx ngx_http_close_connection Function Crafted r->
2567| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
2568| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
2569| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
2570| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
2571| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
2572| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
2573| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
2574| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
2575| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
2576| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
2577| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
2578| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2579| [62617] nginx Internal DNS Cache Poisoning Weakness
2580| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
2581| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
2582| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
2583| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
2584| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
2585| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
2586| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
2587| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
2588| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
2589| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
2590|_
2591Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
2592Device type: general purpose
2593Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
2594OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
2595Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.16 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
2596No exact OS matches for host (test conditions non-ideal).
2597Uptime guess: 17.116 days (since Mon Oct 7 08:44:01 2019)
2598Network Distance: 17 hops
2599TCP Sequence Prediction: Difficulty=262 (Good luck!)
2600IP ID Sequence Generation: All zeros
2601
2602TRACEROUTE (using port 443/tcp)
2603HOP RTT ADDRESS
26041 200.59 ms 10.231.204.1
26052 801.73 ms 45.131.5.2
26063 300.31 ms 109.236.95.224
26074 300.41 ms 109.236.95.103
26085 300.40 ms zayo.fra.ecix.net (62.69.146.139)
26096 400.56 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
26107 400.59 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
26118 400.56 ms ae0.cs1.fra9.de.eth.zayo.com (64.125.29.55)
26129 400.60 ms ae2.cs1.cdg11.fr.eth.zayo.com (64.125.29.67)
261310 300.48 ms ae0.cs1.cdg12.fr.eth.zayo.com (64.125.29.84)
261411 298.13 ms ae2.cs1.lhr11.uk.eth.zayo.com (64.125.29.25)
261512 304.48 ms ae5.cs1.lga5.us.eth.zayo.com (64.125.29.126)
261613 ...
261714 296.90 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
261815 296.85 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
261916 295.29 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
262017 295.14 ms c59833.sgvps.net (37.60.233.207)
2621
2622NSE: Script Post-scanning.
2623Initiating NSE at 11:30
2624Completed NSE at 11:30, 0.00s elapsed
2625Initiating NSE at 11:30
2626Completed NSE at 11:30, 0.00s elapsed
2627Read data files from: /usr/bin/../share/nmap
2628OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
2629Nmap done: 1 IP address (1 host up) scanned in 263.87 seconds
2630###################################################################################################
2631Version: 1.11.13-static
2632OpenSSL 1.0.2-chacha (1.0.2g-dev)
2633
2634Connected to 37.60.233.207
2635
2636Testing SSL server 37.60.233.207 on port 443 using SNI name 37.60.233.207
2637
2638 TLS Fallback SCSV:
2639Server supports TLS Fallback SCSV
2640
2641 TLS renegotiation:
2642Session renegotiation not supported
2643
2644 TLS Compression:
2645Compression disabled
2646
2647 Heartbleed:
2648TLS 1.2 not vulnerable to heartbleed
2649TLS 1.1 not vulnerable to heartbleed
2650TLS 1.0 not vulnerable to heartbleed
2651
2652 Supported Server Cipher(s):
2653Preferred TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-384 DHE 384
2654Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-384 DHE 384
2655Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-384 DHE 384
2656Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-384 DHE 384
2657Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
2658Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
2659Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2660Accepted TLSv1.2 128 bits AES128-SHA
2661Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
2662Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
2663Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
2664Accepted TLSv1.2 256 bits ECDHE-RSA-CAMELLIA256-SHA384 Curve P-384 DHE 384
2665Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA256 DHE 2048 bits
2666Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
2667Accepted TLSv1.2 128 bits ECDHE-RSA-CAMELLIA128-SHA256 Curve P-384 DHE 384
2668Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA256 DHE 2048 bits
2669Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2670Accepted TLSv1.2 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2671Accepted TLSv1.2 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2672Accepted TLSv1.2 256 bits AES256-GCM-SHA384
2673Accepted TLSv1.2 128 bits AES128-GCM-SHA256
2674Accepted TLSv1.2 256 bits AES256-SHA256
2675Accepted TLSv1.2 256 bits CAMELLIA256-SHA256
2676Accepted TLSv1.2 128 bits AES128-SHA256
2677Accepted TLSv1.2 128 bits CAMELLIA128-SHA256
2678Accepted TLSv1.2 256 bits AES256-SHA
2679Accepted TLSv1.2 256 bits CAMELLIA256-SHA
2680Accepted TLSv1.2 128 bits CAMELLIA128-SHA
2681Preferred TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-384 DHE 384
2682Accepted TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-384 DHE 384
2683Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
2684Accepted TLSv1.1 128 bits AES128-SHA
2685Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
2686Accepted TLSv1.1 256 bits DHE-RSA-CAMELLIA256-SHA DHE 2048 bits
2687Accepted TLSv1.1 128 bits DHE-RSA-CAMELLIA128-SHA DHE 2048 bits
2688Accepted TLSv1.1 256 bits AES256-SHA
2689Accepted TLSv1.1 256 bits CAMELLIA256-SHA
2690Accepted TLSv1.1 128 bits CAMELLIA128-SHA
2691
2692 SSL Certificate:
2693Signature Algorithm: sha256WithRSAEncryption
2694RSA Key Strength: 2048
2695
2696Subject: 419fund.com
2697Altnames: DNS:419fund.com, DNS:www.419fund.com
2698Issuer: Let's Encrypt Authority X3
2699
2700Not valid before: Oct 20 18:24:08 2019 GMT
2701Not valid after: Jan 18 18:24:08 2020 GMT
2702###################################################################################################
2703Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:31 EDT
2704NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
2705NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
2706NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
2707Nmap scan report for c59833.sgvps.net (37.60.233.207)
2708Host is up (0.33s latency).
2709
2710PORT STATE SERVICE VERSION
27113306/tcp open mysql MySQL (unauthorized)
2712| mysql-brute:
2713| Accounts: No valid accounts found
2714|_ Statistics: Performed 17750 guesses in 600 seconds, average tps: 29.4
2715|_mysql-empty-password: Host '45.131.5.28' is not allowed to connect to this MySQL server
2716| mysql-enum:
2717| Accounts: No valid accounts found
2718|_ Statistics: Performed 10 guesses in 2 seconds, average tps: 5.0
2719|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
2720| vulscan: VulDB - https://vuldb.com:
2721| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
2722| [140101] Yandex ClickHouse MySQL Client information disclosure
2723| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
2724| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
2725| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
2726| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
2727| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
2728| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
2729| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
2730| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
2731| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
2732| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
2733| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
2734| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
2735| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
2736| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
2737| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
2738| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2739| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2740| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2741| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2742| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2743| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2744| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2745| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
2746| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
2747| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
2748| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
2749| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
2750| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
2751| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
2752| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
2753| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
2754| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
2755| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
2756| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
2757| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
2758| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
2759| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
2760| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
2761| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
2762| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
2763| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
2764| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2765| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
2766| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
2767| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
2768| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
2769| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
2770| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
2771| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
2772| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
2773| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
2774| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
2775| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
2776| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
2777| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
2778| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2779| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2780| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2781| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2782| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2783| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2784| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2785| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2786| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
2787| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
2788| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
2789| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
2790| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
2791| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
2792| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
2793| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2794| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2795| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
2796| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
2797| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
2798| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
2799| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
2800| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
2801| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
2802| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
2803| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
2804| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
2805| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
2806| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
2807| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
2808| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
2809| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
2810| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
2811| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
2812| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
2813| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
2814| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
2815| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
2816| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
2817| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
2818| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
2819| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
2820| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
2821| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
2822| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
2823| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
2824| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
2825| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
2826| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
2827| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
2828| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
2829| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
2830| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
2831| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
2832| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
2833| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
2834| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
2835| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
2836| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
2837| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
2838| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
2839| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
2840| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
2841| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
2842| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
2843| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
2844| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
2845| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
2846| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
2847| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
2848| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
2849| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
2850| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
2851| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
2852| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
2853| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
2854| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
2855| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
2856| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
2857| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
2858| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
2859| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
2860| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
2861| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
2862| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
2863| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
2864| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
2865| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
2866| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
2867| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
2868| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
2869| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
2870| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
2871| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
2872| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
2873| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
2874| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
2875| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
2876| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
2877| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
2878| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
2879| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
2880| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
2881| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
2882| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
2883| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
2884| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
2885| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
2886| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
2887| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
2888| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
2889| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
2890| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
2891| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
2892| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
2893| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
2894| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
2895| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
2896| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
2897| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
2898| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
2899| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
2900| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
2901| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
2902| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
2903| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
2904| [118340] mysqljs on Node.js Backdoor privilege escalation
2905| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
2906| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
2907| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
2908| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
2909| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
2910| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
2911| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
2912| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
2913| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
2914| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
2915| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
2916| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
2917| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
2918| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
2919| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
2920| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
2921| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
2922| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
2923| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
2924| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
2925| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
2926| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
2927| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
2928| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
2929| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
2930| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
2931| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
2932| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
2933| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
2934| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
2935| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
2936| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
2937| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
2938| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
2939| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
2940| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
2941| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
2942| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
2943| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
2944| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
2945| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
2946| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
2947| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
2948| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
2949| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
2950| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
2951| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
2952| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
2953| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
2954| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
2955| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
2956| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
2957| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
2958| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
2959| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
2960| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
2961| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
2962| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
2963| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
2964| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
2965| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
2966| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
2967| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
2968| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
2969| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
2970| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
2971| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
2972| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
2973| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
2974| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
2975| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
2976| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
2977| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
2978| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
2979| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
2980| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
2981| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
2982| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
2983| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
2984| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
2985| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
2986| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
2987| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
2988| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
2989| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
2990| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
2991| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
2992| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
2993| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
2994| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
2995| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
2996| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
2997| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
2998| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
2999| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
3000| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
3001| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
3002| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
3003| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
3004| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
3005| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
3006| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
3007| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
3008| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
3009| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
3010| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
3011| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
3012| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
3013| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
3014| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
3015| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
3016| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
3017| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
3018| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
3019| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
3020| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
3021| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
3022| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
3023| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
3024| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
3025| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
3026| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
3027| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
3028| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
3029| [103578] MySQL Dumper 1.24 Stored cross site scripting
3030| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
3031| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
3032| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
3033| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
3034| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
3035| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
3036| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
3037| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
3038| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
3039| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
3040| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
3041| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
3042| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
3043| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
3044| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
3045| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
3046| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
3047| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
3048| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
3049| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
3050| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
3051| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
3052| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
3053| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
3054| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
3055| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
3056| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
3057| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
3058| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
3059| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
3060| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
3061| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
3062| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
3063| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
3064| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
3065| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
3066| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
3067| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
3068| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
3069| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
3070| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
3071| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
3072| [97041] MySQL DBD::mysql up to 4.38 denial of service
3073| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
3074| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
3075| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
3076| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
3077| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
3078| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
3079| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
3080| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
3081| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
3082| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
3083| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
3084| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
3085| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
3086| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
3087| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
3088| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
3089| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
3090| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
3091| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
3092| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
3093| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
3094| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
3095| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
3096| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
3097| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
3098| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
3099| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
3100| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
3101| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
3102| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
3103| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
3104| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
3105| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
3106| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
3107| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3108| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
3109| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
3110| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
3111| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
3112| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
3113| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
3114| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
3115| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
3116| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
3117| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
3118| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
3119| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
3120| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3121| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
3122| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
3123| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3124| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3125| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3126| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3127| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
3128| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
3129| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
3130| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
3131| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
3132| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
3133| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
3134| [90877] DBD::mysql up to 4.033 my_login memory corruption
3135| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
3136| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
3137| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
3138| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
3139| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
3140| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
3141| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
3142| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
3143| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
3144| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
3145| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
3146| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
3147| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
3148| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
3149| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
3150| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
3151| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
3152| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
3153| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
3154| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
3155| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
3156| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
3157| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
3158| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
3159| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
3160| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
3161| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
3162| [80604] Oracle MySQL Server up to 5.6.26 denial of service
3163| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
3164| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
3165| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
3166| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
3167| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
3168| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
3169| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
3170| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
3171| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
3172| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
3173| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
3174| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
3175| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
3176| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
3177| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
3178| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
3179| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
3180| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
3181| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
3182| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
3183| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
3184| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
3185| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
3186| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
3187| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
3188| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
3189| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
3190| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
3191| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
3192| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
3193| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
3194| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
3195| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
3196| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
3197| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
3198| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
3199| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
3200| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
3201| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
3202| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
3203| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
3204| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
3205| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
3206| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
3207| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
3208| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
3209| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
3210| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
3211| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
3212| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
3213| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
3214| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
3215| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
3216| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
3217| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
3218| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
3219| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
3220| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
3221| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
3222| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
3223| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
3224| [76628] Oracle MySQL Server up to 5.6.24 denial of service
3225| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
3226| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
3227| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
3228| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
3229| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
3230| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
3231| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
3232| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
3233| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
3234| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
3235| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
3236| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
3237| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
3238| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
3239| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
3240| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
3241| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
3242| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
3243| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
3244| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
3245| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
3246| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
3247| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
3248| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
3249| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
3250| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
3251| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
3252| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
3253| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
3254| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
3255| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
3256| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
3257| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
3258| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
3259| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
3260| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
3261| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
3262| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
3263| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
3264| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
3265| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
3266| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
3267| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
3268| [67987] Oracle MySQL Server up to 5.6.19 denial of service
3269| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
3270| [67985] Oracle MySQL Server up to 5.6.19 denial of service
3271| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
3272| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
3273| [67982] Oracle MySQL Server up to 5.5.38 denial of service
3274| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
3275| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
3276| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
3277| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
3278| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
3279| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
3280| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
3281| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
3282| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
3283| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
3284| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
3285| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
3286| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
3287| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
3288| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
3289| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
3290| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
3291| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
3292| [67165] Oracle MySQL Server up to 5.6.17 denial of service
3293| [67163] Oracle MySQL Server up to 5.6.17 denial of service
3294| [67162] Oracle MySQL Server up to 5.5.37 denial of service
3295| [67161] Oracle MySQL Server up to 5.6.17 denial of service
3296| [67160] Oracle MySQL Server up to 5.5.37 denial of service
3297| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
3298| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
3299| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
3300| [13065] Django up to 1.7 MySQL Typecast privilege escalation
3301| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
3302| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
3303| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
3304| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
3305| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
3306| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
3307| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
3308| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
3309| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
3310| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
3311| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
3312| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
3313| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
3314| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
3315| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
3316| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
3317| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
3318| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
3319| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
3320| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
3321| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
3322| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
3323| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
3324| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
3325| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
3326| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
3327| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
3328| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
3329| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
3330| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
3331| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
3332| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
3333| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
3334| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
3335| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
3336| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
3337| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
3338| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
3339| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
3340| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
3341| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
3342| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
3343| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
3344| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
3345| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
3346| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
3347| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
3348| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
3349| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
3350| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
3351| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
3352| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
3353| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
3354| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
3355| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
3356| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
3357| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
3358| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
3359| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
3360| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
3361| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
3362| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
3363| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
3364| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
3365| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
3366| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
3367| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
3368| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
3369| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
3370| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
3371| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
3372| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
3373| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
3374| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
3375| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
3376| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
3377| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
3378| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
3379| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
3380| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
3381| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
3382| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
3383| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
3384| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
3385| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
3386| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
3387| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
3388| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
3389| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
3390| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
3391| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
3392| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
3393| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
3394| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
3395| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
3396| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
3397| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
3398| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
3399| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
3400| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
3401| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
3402| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
3403| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
3404| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
3405| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
3406| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
3407| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
3408| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
3409| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
3410| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
3411| [63111] Oracle MySQL 5.5.19 Installation denial of service
3412| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
3413| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
3414| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
3415| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
3416| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
3417| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
3418| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
3419| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
3420| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
3421| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
3422| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
3423| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
3424| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
3425| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
3426| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
3427| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
3428| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
3429| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
3430| [61672] MySQL unknown vulnerability
3431| [61567] MySQLDumper 1.24.4 Error Message information disclosure
3432| [61566] MySQLDumper 1.24.4 Restore information disclosure
3433| [61565] MySQLDumper 1.24.4 directory traversal
3434| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
3435| [61563] MySQLDumper 1.24.4 index.php cross site scripting
3436| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
3437| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
3438| [5781] Oracle MySQL Server up to 5.5.23 denial of service
3439| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
3440| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
3441| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
3442| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
3443| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
3444| [5168] Oracle MySQL Server Optimizer denial of service
3445| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
3446| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
3447| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
3448| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
3449| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
3450| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
3451| [5072] Oracle MySQL Server up to 5.5.21 denial of service
3452| [4627] Oracle MySQL up to 5.5.20 memory corruption
3453| [60055] WordPress up to 1.2 MySQL Database denial of service
3454| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
3455| [5235] Oracle MySQL Server 5.5.x denial of service
3456| [5233] Oracle MySQL Server 5.5.x denial of service
3457| [5232] Oracle MySQL Server 5.5.x denial of service
3458| [5231] Oracle MySQL Server 5.5.x denial of service
3459| [5230] Oracle MySQL Server 5.5.x denial of service
3460| [5229] Oracle MySQL Server 5.5.x denial of service
3461| [5228] Oracle MySQL Server 5.5.x denial of service
3462| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
3463| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
3464| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
3465| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3466| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3467| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3468| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3469| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3470| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3471| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3472| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
3473| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
3474| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
3475| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
3476| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
3477| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
3478| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
3479| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
3480| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
3481| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
3482| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
3483| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
3484| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
3485| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
3486| [56083] MySQL Crash denial of service
3487| [56082] MySQL Use-After-Free denial of service
3488| [56081] MySQL Optimizer Crash denial of service
3489| [56080] MySQL up to 5.1.25 Stored denial of service
3490| [56079] MySQL Crash denial of service
3491| [56078] MySQL Create Table Crash denial of service
3492| [56025] MySQL up to 5.1.25 Crash denial of service
3493| [56024] MySQL up to 5.1.25 store denial of service
3494| [56023] MySQL up to 5.1.25 Crash denial of service
3495| [56022] MySQL up to 5.1.25 Crash denial of service
3496| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
3497| [56020] MySQL up to 5.1.25 Crash denial of service
3498| [56019] MySQL up to 5.1.25 Crash denial of service
3499| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
3500| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
3501| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
3502| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
3503| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
3504| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
3505| [54026] MySQL up to 5.1.25 Crash denial of service
3506| [53483] MySQL up to 5.0.0.0 memory corruption
3507| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
3508| [53481] MySQL up to 5.0.0.0 directory traversal
3509| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
3510| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
3511| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
3512| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
3513| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
3514| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
3515| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
3516| [50961] mysql GeomFromWKB denial of service
3517| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
3518| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
3519| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
3520| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
3521| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
3522| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
3523| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
3524| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
3525| [46636] MyBlog MySQL Database Cleartext information disclosure
3526| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
3527| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
3528| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
3529| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
3530| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
3531| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
3532| [44358] MySQL up to 5.0.67 cross site scripting
3533| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
3534| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
3535| [44131] NooMS 1.1 MySQL db.php information disclosure
3536| [44076] MySQL Create Table Symlink privilege escalation
3537| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
3538| [43987] MySQL Crash denial of service
3539| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
3540| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
3541| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
3542| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
3543| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
3544| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
3545| [42868] BlognPlus 2.5.4 MySQL sql injection
3546| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
3547| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
3548| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
3549| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
3550| [39993] MySQL denial of service
3551| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
3552| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
3553| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
3554| [39991] MySQL up to 6.0.4 denial of service
3555| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
3556| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
3557| [38781] PHP 5.2.4 MySQL memory corruption
3558| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
3559| [85747] InterWorx SiteWorx mysql.php cross site scripting
3560| [85735] InterWorx NodeWorx mysql.php cross site scripting
3561| [37818] MySQL Community Server up to 5.0.40 denial of service
3562| [39994] MySQL Federated Crash denial of service
3563| [37641] MySQLDumper htaccess privilege escalation
3564| [86077] NetClassifieds Mysql_db.php information disclosure
3565| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
3566| [36814] MySQL up to 5.1.17 information disclosure
3567| [36669] MySQL 4.0.1 unknown vulnerability
3568| [36813] mysql up to 5.1.17 thd::db_access denial of service
3569| [36812] MySQL up to 5.1.17 unknown vulnerability
3570| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
3571| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
3572| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
3573| [35917] Advanced Website Creator MySQL sql injection
3574| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
3575| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
3576| [85480] Fantastico includes/mysqlconfig.php directory traversal
3577| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
3578| [85212] WGS-PPC config/mysql_config.php privilege escalation
3579| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
3580| [34576] MyODBC MySQL Database denial of service
3581| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
3582| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
3583| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
3584| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
3585| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
3586| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
3587| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
3588|
3589| MITRE CVE - https://cve.mitre.org:
3590| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
3591| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
3592| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
3593| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
3594| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
3595| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
3596| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
3597| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
3598| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3599| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
3600| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
3601| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
3602| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3603| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3604| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
3605| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3606| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
3607| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
3608| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
3609| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
3610| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3611| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
3612| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3613| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
3614| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
3615| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
3616| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
3617| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
3618| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
3619| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
3620| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3621| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
3622| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
3623| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
3624| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3625| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
3626| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
3627| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
3628| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
3629| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
3630| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
3631| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3632| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
3633| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
3634| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
3635| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3636| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
3637| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
3638| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
3639| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
3640| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
3641| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
3642| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3643| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
3644| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
3645| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
3646| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
3647| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
3648| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
3649| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
3650| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
3651| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
3652| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
3653| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
3654| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
3655| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
3656| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
3657| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
3658| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
3659| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
3660| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
3661| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
3662| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3663| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
3664| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
3665| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
3666| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3667| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
3668| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
3669| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
3670| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
3671| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3672| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
3673| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
3674| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
3675| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
3676| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
3677| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
3678| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
3679| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3680| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
3681| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3682| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3683| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3684| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3685| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
3686| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
3687| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3688| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3689| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3690| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
3691| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
3692| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
3693| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
3694| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
3695| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
3696| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
3697| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
3698| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
3699| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
3700| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
3701| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
3702| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
3703| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
3704| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
3705| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
3706| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3707| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3708| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3709| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3710| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
3711| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
3712| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
3713| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
3714| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
3715| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
3716| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
3717| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
3718| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
3719| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
3720| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
3721| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
3722| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
3723| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
3724| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
3725| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
3726| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
3727| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
3728| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
3729| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
3730| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
3731| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
3732| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
3733| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
3734| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
3735| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
3736| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
3737| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
3738| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
3739| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
3740| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
3741| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
3742| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
3743| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
3744| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
3745| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
3746| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
3747| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
3748| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
3749| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
3750| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
3751| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
3752| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
3753| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
3754| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
3755| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
3756| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
3757| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
3758| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
3759| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
3760| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
3761| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
3762| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
3763| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
3764| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
3765| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
3766| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
3767| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
3768| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
3769| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
3770| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
3771| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
3772| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
3773| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
3774| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
3775| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
3776| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
3777| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
3778| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
3779| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
3780| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
3781| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
3782| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
3783| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
3784| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
3785| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
3786| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
3787| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
3788| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
3789| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
3790| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
3791| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
3792| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
3793| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
3794| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
3795| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
3796| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
3797| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
3798| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
3799| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
3800| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
3801| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
3802| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
3803| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
3804| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
3805| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
3806| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
3807| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
3808| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
3809| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
3810| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
3811| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
3812| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
3813| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
3814| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
3815| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
3816| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
3817| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
3818| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
3819| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
3820| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
3821| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
3822| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
3823| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
3824| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
3825| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
3826| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
3827| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
3828| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
3829| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
3830| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
3831| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
3832| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
3833| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
3834| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
3835| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
3836| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
3837| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
3838| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
3839| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
3840| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
3841| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
3842| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
3843| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
3844| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
3845| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
3846| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
3847| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
3848| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
3849| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
3850| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
3851| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
3852| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
3853| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
3854| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
3855| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
3856| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
3857| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
3858| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
3859| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
3860| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
3861| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
3862| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
3863| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
3864| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
3865| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
3866| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
3867| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
3868| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
3869| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
3870| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
3871| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
3872| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
3873| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
3874| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
3875| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
3876| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
3877| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
3878| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
3879| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
3880| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
3881| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
3882| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
3883| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
3884| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
3885| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
3886| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
3887| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
3888| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
3889| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
3890| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
3891| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
3892| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
3893| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
3894| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
3895| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
3896| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
3897| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
3898| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
3899| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
3900| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
3901| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
3902| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
3903| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
3904| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
3905| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
3906| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
3907| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
3908| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
3909| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
3910| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
3911| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
3912| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
3913| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
3914| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
3915| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
3916| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
3917| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
3918| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
3919| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
3920| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
3921| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
3922| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
3923| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
3924| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
3925| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
3926| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
3927| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
3928| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
3929| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
3930| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
3931| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
3932| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
3933| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
3934| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
3935| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
3936| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
3937| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
3938| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
3939| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
3940| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
3941| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
3942| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
3943| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
3944| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
3945| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
3946| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
3947| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
3948| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
3949| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
3950| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
3951| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
3952| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
3953| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
3954| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
3955| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
3956| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
3957| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
3958| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
3959| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
3960| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
3961| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
3962| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
3963| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
3964| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
3965| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
3966| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
3967| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
3968| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
3969| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
3970| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
3971| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
3972| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
3973| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
3974| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
3975| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
3976| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
3977| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
3978| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
3979| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
3980| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
3981| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
3982| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
3983| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
3984| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
3985| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
3986| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
3987| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
3988| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
3989| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
3990| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
3991| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
3992| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
3993| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
3994| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
3995| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
3996| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
3997| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
3998| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
3999| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
4000| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
4001| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
4002| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
4003| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
4004| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
4005| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
4006| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
4007| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
4008| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
4009| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
4010| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
4011|
4012| SecurityFocus - https://www.securityfocus.com/bid/:
4013| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
4014| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
4015| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
4016| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
4017| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
4018| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
4019| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
4020| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
4021| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
4022| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
4023| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
4024| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
4025| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
4026| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
4027| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
4028| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
4029| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
4030| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
4031| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
4032| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
4033| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
4034| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
4035| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
4036| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
4037| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
4038| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
4039| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
4040| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
4041| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
4042| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
4043| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
4044| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
4045| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
4046| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
4047| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
4048| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
4049| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
4050| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
4051| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
4052| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
4053| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
4054| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
4055| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
4056| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
4057| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
4058| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
4059| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
4060| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
4061| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
4062| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
4063| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
4064| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
4065| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
4066| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
4067| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
4068| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
4069| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
4070| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
4071| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
4072| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
4073| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
4074| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
4075| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
4076| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
4077| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
4078| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
4079| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
4080| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
4081| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
4082| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
4083| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
4084| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
4085| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
4086| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
4087| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
4088| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
4089| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
4090| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
4091| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
4092| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
4093| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
4094| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
4095| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
4096| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
4097| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
4098| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
4099| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
4100| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
4101| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
4102| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
4103| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
4104| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
4105| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
4106| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
4107| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
4108| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
4109| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
4110| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
4111| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
4112| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
4113| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
4114| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
4115| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
4116| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
4117| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
4118| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
4119| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
4120| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
4121| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
4122| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
4123| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
4124| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
4125| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
4126| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
4127| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
4128| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
4129| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
4130| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
4131| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
4132| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
4133| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
4134| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
4135| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
4136| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
4137| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
4138| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
4139| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
4140| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
4141| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
4142| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
4143| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
4144| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
4145| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
4146| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
4147| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
4148| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
4149| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
4150| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
4151| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
4152| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
4153| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
4154| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
4155| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
4156| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
4157| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
4158| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
4159| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
4160| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
4161| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
4162| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
4163| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
4164| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
4165| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
4166| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
4167| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
4168| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
4169| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
4170| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
4171| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
4172| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
4173| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
4174| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
4175| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
4176| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
4177| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
4178| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
4179| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
4180| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
4181| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
4182| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
4183| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
4184| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
4185| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
4186| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
4187| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
4188| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
4189| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
4190| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
4191| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
4192| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
4193| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
4194| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
4195| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
4196| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
4197| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
4198| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
4199| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
4200| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
4201| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
4202| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
4203| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
4204| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
4205| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
4206| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
4207| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
4208| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
4209| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
4210| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
4211| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
4212| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
4213| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
4214| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
4215| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
4216| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
4217| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
4218| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
4219| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
4220| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
4221| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
4222| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
4223| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
4224| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
4225| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
4226| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
4227| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
4228| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
4229| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
4230| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
4231| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
4232| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
4233| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
4234| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
4235| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
4236| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
4237| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
4238| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
4239| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
4240| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
4241| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
4242| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
4243| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
4244| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
4245| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
4246| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
4247| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
4248| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
4249| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
4250| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
4251| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
4252| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
4253| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
4254| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
4255| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
4256| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
4257| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
4258| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
4259| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
4260| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
4261| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
4262| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
4263| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
4264| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
4265| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
4266| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
4267| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
4268| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
4269| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
4270| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
4271| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
4272| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
4273| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
4274| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
4275| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
4276| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
4277| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
4278| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
4279| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
4280| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
4281| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
4282| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
4283| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
4284| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
4285| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
4286| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
4287| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
4288| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
4289| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
4290| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
4291| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
4292| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
4293| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
4294| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
4295| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
4296| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
4297| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
4298| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
4299| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
4300| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
4301| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
4302| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
4303| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
4304| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
4305| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
4306| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
4307| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
4308| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
4309| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
4310| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
4311| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
4312| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
4313| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
4314| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
4315| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
4316| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
4317| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
4318| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
4319| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
4320| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
4321| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
4322| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
4323| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
4324| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
4325| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
4326| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
4327| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
4328| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
4329| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
4330| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
4331| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
4332| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
4333| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
4334| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
4335| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
4336| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
4337| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
4338| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
4339| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
4340| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
4341| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
4342| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
4343| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
4344| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
4345| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
4346| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
4347| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
4348| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
4349| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
4350| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
4351| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
4352| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
4353| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
4354| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
4355| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
4356| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
4357| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
4358| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
4359| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
4360| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
4361| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
4362| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
4363| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
4364| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
4365| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
4366| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
4367| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
4368| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
4369| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
4370| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
4371| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
4372| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
4373| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
4374| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
4375| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
4376| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
4377| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
4378| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
4379| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
4380| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
4381| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
4382| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
4383| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
4384| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
4385| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
4386| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
4387| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
4388| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
4389| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
4390| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
4391| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
4392| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
4393| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
4394| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
4395| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
4396| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
4397| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
4398| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
4399| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
4400| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
4401| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
4402| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
4403| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
4404| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
4405| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
4406| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
4407| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
4408| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
4409| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
4410| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
4411| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
4412| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
4413| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
4414| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
4415| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
4416| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
4417| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
4418| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
4419| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
4420| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
4421| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
4422| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
4423| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
4424| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
4425| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
4426| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
4427| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
4428| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
4429| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
4430| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
4431| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
4432| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
4433| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
4434| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
4435| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
4436| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
4437| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
4438| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
4439| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
4440| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
4441| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
4442| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
4443| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
4444| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
4445| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
4446| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
4447| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
4448| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
4449| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
4450| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
4451| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
4452| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
4453| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
4454| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
4455| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
4456| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
4457| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
4458| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
4459| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
4460| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
4461| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
4462| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
4463| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
4464| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
4465| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
4466| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
4467| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
4468| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
4469| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
4470| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
4471| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
4472| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
4473| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
4474| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
4475| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
4476| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
4477| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
4478| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
4479| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
4480| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
4481| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
4482| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
4483| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
4484| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
4485| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
4486| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
4487| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
4488| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
4489| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
4490| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
4491| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
4492| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
4493| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
4494| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
4495| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
4496| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
4497| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
4498| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
4499| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
4500| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
4501| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
4502| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
4503| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
4504| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
4505| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
4506| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
4507| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
4508| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
4509| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
4510| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
4511| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
4512| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
4513| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
4514| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
4515| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
4516| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
4517| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
4518| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
4519| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
4520| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
4521| [56791] Oracle MySQL Remote Code Execution Vulnerability
4522| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
4523| [56772] Oracle MySQL Remote Code Execution Vulnerability
4524| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
4525| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
4526| [56768] Oracle MySQL Server Heap Overflow Vulnerability
4527| [56766] Oracle MySQL Server Username Enumeration Weakness
4528| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
4529| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
4530| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
4531| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
4532| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
4533| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
4534| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
4535| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
4536| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
4537| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
4538| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
4539| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
4540| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
4541| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
4542| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
4543| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
4544| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
4545| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
4546| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
4547| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
4548| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
4549| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
4550| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
4551| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
4552| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
4553| [53306] MySQLDumper Multiple Security Vulnerabilities
4554| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
4555| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
4556| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
4557| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
4558| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
4559| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
4560| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
4561| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
4562| [51925] MySQL Unspecified Remote Code Execution Vulnerability
4563| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
4564| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
4565| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
4566| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
4567| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
4568| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
4569| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
4570| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
4571| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
4572| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
4573| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
4574| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
4575| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
4576| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
4577| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
4578| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
4579| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
4580| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
4581| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
4582| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
4583| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
4584| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
4585| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
4586| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
4587| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
4588| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
4589| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
4590| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
4591| [48466] MySQLDriverCS SQL Injection Vulnerability
4592| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
4593| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
4594| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
4595| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
4596| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
4597| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
4598| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
4599| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
4600| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
4601| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
4602| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
4603| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
4604| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
4605| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
4606| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
4607| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
4608| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
4609| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
4610| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
4611| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
4612| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
4613| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
4614| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
4615| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
4616| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
4617| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
4618| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
4619| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
4620| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
4621| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
4622| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
4623| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
4624| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
4625| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
4626| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
4627| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
4628| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
4629| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
4630| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
4631| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
4632| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
4633| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
4634| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
4635| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
4636| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
4637| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
4638| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
4639| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
4640| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
4641| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
4642| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
4643| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
4644| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
4645| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
4646| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
4647| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
4648| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
4649| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
4650| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
4651| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
4652| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
4653| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
4654| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
4655| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
4656| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
4657| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
4658| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
4659| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
4660| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
4661| [26156] Bacula MySQL Password Information Disclosure Vulnerability
4662| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
4663| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
4664| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
4665| [24016] MySQL Rename Table Function Access Validation Vulnerability
4666| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
4667| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
4668| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
4669| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
4670| [22941] MySQL Commander Remote File Include Vulnerability
4671| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
4672| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
4673| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
4674| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
4675| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
4676| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
4677| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
4678| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
4679| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
4680| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
4681| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
4682| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
4683| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
4684| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
4685| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
4686| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
4687| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
4688| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
4689| [16850] MySQL Query Logging Bypass Vulnerability
4690| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
4691| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
4692| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
4693| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
4694| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
4695| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
4696| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
4697| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
4698| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
4699| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
4700| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
4701| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
4702| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
4703| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
4704| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
4705| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
4706| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
4707| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
4708| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
4709| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
4710| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
4711| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
4712| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
4713| [11357] MySQL Multiple Local Vulnerabilities
4714| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
4715| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
4716| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
4717| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
4718| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
4719| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
4720| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
4721| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
4722| [10654] MySQL Authentication Bypass Vulnerability
4723| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
4724| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
4725| [8796] MySQL Multiple Vulnerabilities
4726| [8590] MySQL Password Handler Buffer Overflow Vulnerability
4727| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
4728| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
4729| [7500] MySQL Weak Password Encryption Vulnerability
4730| [7052] MySQL mysqld Privilege Escalation Vulnerability
4731| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
4732| [6718] MySQL Double Free Heap Corruption Vulnerability
4733| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
4734| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
4735| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
4736| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
4737| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
4738| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
4739| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
4740| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
4741| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
4742| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
4743| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
4744| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
4745| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
4746| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
4747| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
4748| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
4749| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
4750| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
4751| [2262] Mysql Local Buffer Overflow Vulnerability
4752| [1850] pam_mysql Authentication Input Validation Vulnerability
4753| [1826] MySQL Authentication Algorithm Vulnerability
4754| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
4755| [975] MySQL Unauthenticated Remote Access Vulnerability
4756| [926] MySQL GRANT Global Password Changing Vulnerability
4757|
4758| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4759| [85724] Oracle MySQL Server XA Transactions denial of service
4760| [85723] Oracle MySQL Server Server Replication denial of service
4761| [85722] Oracle MySQL Server InnoDB denial of service
4762| [85721] Oracle MySQL Server Server Privileges unspecified
4763| [85720] Oracle MySQL Server Server Partition denial of service
4764| [85719] Oracle MySQL Server Server Parser denial of service
4765| [85718] Oracle MySQL Server Server Options denial of service
4766| [85717] Oracle MySQL Server Server Options denial of service
4767| [85716] Oracle MySQL Server Server Optimizer denial of service
4768| [85715] Oracle MySQL Server Server Optimizer denial of service
4769| [85714] Oracle MySQL Server Prepared Statements denial of service
4770| [85713] Oracle MySQL Server InnoDB denial of service
4771| [85712] Oracle MySQL Server Full Text Search denial of service
4772| [85711] Oracle MySQL Server Data Manipulation Language denial of service
4773| [85710] Oracle MySQL Server Data Manipulation Language denial of service
4774| [85709] Oracle MySQL Server Audit Log unspecified
4775| [85708] Oracle MySQL Server MemCached unspecified
4776| [84846] Debian mysql-server package information disclosure
4777| [84375] Wireshark MySQL dissector denial of service
4778| [83554] Oracle MySQL Server Server Partition denial of service
4779| [83553] Oracle MySQL Server Server Locking denial of service
4780| [83552] Oracle MySQL Server Server Install unspecified
4781| [83551] Oracle MySQL Server Server Types denial of service
4782| [83550] Oracle MySQL Server Server Privileges unspecified
4783| [83549] Oracle MySQL Server InnoDB denial of service
4784| [83548] Oracle MySQL Server InnoDB denial of service
4785| [83547] Oracle MySQL Server Data Manipulation Language denial of service
4786| [83546] Oracle MySQL Server Stored Procedure denial of service
4787| [83545] Oracle MySQL Server Server Replication denial of service
4788| [83544] Oracle MySQL Server Server Partition denial of service
4789| [83543] Oracle MySQL Server Server Optimizer denial of service
4790| [83542] Oracle MySQL Server InnoDB denial of service
4791| [83541] Oracle MySQL Server Information Schema denial of service
4792| [83540] Oracle MySQL Server Data Manipulation Language denial of service
4793| [83539] Oracle MySQL Server Data Manipulation Language denial of service
4794| [83538] Oracle MySQL Server Server Optimizer unspecified
4795| [83537] Oracle MySQL Server MemCached denial of service
4796| [83536] Oracle MySQL Server Server Privileges unspecified
4797| [83535] Oracle MySQL Server Server Privileges unspecified
4798| [83534] Oracle MySQL Server Server unspecified
4799| [83533] Oracle MySQL Server Information Schema unspecified
4800| [83532] Oracle MySQL Server Server Locking unspecified
4801| [83531] Oracle MySQL Server Data Manipulation Language denial of service
4802| [83388] MySQL administrative login attempt detected
4803| [82963] Mambo MySQL database information disclosure
4804| [82946] Oracle MySQL buffer overflow
4805| [82945] Oracle MySQL buffer overflow
4806| [82895] Oracle MySQL and MariaDB geometry queries denial of service
4807| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
4808| [81325] Oracle MySQL Server Server Privileges denial of service
4809| [81324] Oracle MySQL Server Server Partition denial of service
4810| [81323] Oracle MySQL Server Server Optimizer denial of service
4811| [81322] Oracle MySQL Server Server Optimizer denial of service
4812| [81321] Oracle MySQL Server Server denial of service
4813| [81320] Oracle MySQL Server MyISAM denial of service
4814| [81319] Oracle MySQL Server InnoDB denial of service
4815| [81318] Oracle MySQL Server InnoDB denial of service
4816| [81317] Oracle MySQL Server Server Locking denial of service
4817| [81316] Oracle MySQL Server Server denial of service
4818| [81315] Oracle MySQL Server Server Replication unspecified
4819| [81314] Oracle MySQL Server Server Replication unspecified
4820| [81313] Oracle MySQL Server Stored Procedure denial of service
4821| [81312] Oracle MySQL Server Server Optimizer denial of service
4822| [81311] Oracle MySQL Server Information Schema denial of service
4823| [81310] Oracle MySQL Server GIS Extension denial of service
4824| [80790] Oracle MySQL yaSSL buffer overflow
4825| [80553] Oracle MySQL and MariaDB salt security bypass
4826| [80443] Oracle MySQL Server unspecified code execution
4827| [80442] Oracle MySQL Server acl_get() buffer overflow
4828| [80440] Oracle MySQL Server table buffer overflow
4829| [80435] Oracle MySQL Server database privilege escalation
4830| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
4831| [80433] Oracle MySQL Server Stuxnet privilege escalation
4832| [80432] Oracle MySQL Server authentication information disclosure
4833| [79394] Oracle MySQL Server Server Installation information disclosure
4834| [79393] Oracle MySQL Server Server Replication denial of service
4835| [79392] Oracle MySQL Server Server Full Text Search denial of service
4836| [79391] Oracle MySQL Server Server denial of service
4837| [79390] Oracle MySQL Server Client information disclosure
4838| [79389] Oracle MySQL Server Server Optimizer denial of service
4839| [79388] Oracle MySQL Server Server Optimizer denial of service
4840| [79387] Oracle MySQL Server Server denial of service
4841| [79386] Oracle MySQL Server InnoDB Plugin denial of service
4842| [79385] Oracle MySQL Server InnoDB denial of service
4843| [79384] Oracle MySQL Server Client unspecified
4844| [79383] Oracle MySQL Server Server denial of service
4845| [79382] Oracle MySQL Server Protocol unspecified
4846| [79381] Oracle MySQL Server Information Schema unspecified
4847| [78954] SilverStripe MySQLDatabase.php information disclosure
4848| [78948] MySQL MyISAM table symlink
4849| [77865] MySQL unknown vuln
4850| [77864] MySQL sort order denial of service
4851| [77768] MySQLDumper refresh_dblist.php information disclosure
4852| [77177] MySQL Squid Access Report unspecified cross-site scripting
4853| [77065] Oracle MySQL Server Optimizer denial of service
4854| [77064] Oracle MySQL Server Optimizer denial of service
4855| [77063] Oracle MySQL Server denial of service
4856| [77062] Oracle MySQL InnoDB denial of service
4857| [77061] Oracle MySQL GIS Extension denial of service
4858| [77060] Oracle MySQL Server Optimizer denial of service
4859| [76189] MySQL unspecified error
4860| [76188] MySQL attempts security bypass
4861| [75287] MySQLDumper restore.php information disclosure
4862| [75286] MySQLDumper filemanagement.php directory traversal
4863| [75285] MySQLDumper main.php cross-site request forgery
4864| [75284] MySQLDumper install.php cross-site scripting
4865| [75283] MySQLDumper install.php file include
4866| [75282] MySQLDumper menu.php code execution
4867| [75022] Oracle MySQL Server Server Optimizer denial of service
4868| [75021] Oracle MySQL Server Server Optimizer denial of service
4869| [75020] Oracle MySQL Server Server DML denial of service
4870| [75019] Oracle MySQL Server Partition denial of service
4871| [75018] Oracle MySQL Server MyISAM denial of service
4872| [75017] Oracle MySQL Server Server Optimizer denial of service
4873| [74672] Oracle MySQL Server multiple unspecified
4874| [73092] MySQL unspecified code execution
4875| [72540] Oracle MySQL Server denial of service
4876| [72539] Oracle MySQL Server unspecified
4877| [72538] Oracle MySQL Server denial of service
4878| [72537] Oracle MySQL Server denial of service
4879| [72536] Oracle MySQL Server unspecified
4880| [72535] Oracle MySQL Server denial of service
4881| [72534] Oracle MySQL Server denial of service
4882| [72533] Oracle MySQL Server denial of service
4883| [72532] Oracle MySQL Server denial of service
4884| [72531] Oracle MySQL Server denial of service
4885| [72530] Oracle MySQL Server denial of service
4886| [72529] Oracle MySQL Server denial of service
4887| [72528] Oracle MySQL Server denial of service
4888| [72527] Oracle MySQL Server denial of service
4889| [72526] Oracle MySQL Server denial of service
4890| [72525] Oracle MySQL Server information disclosure
4891| [72524] Oracle MySQL Server denial of service
4892| [72523] Oracle MySQL Server denial of service
4893| [72522] Oracle MySQL Server denial of service
4894| [72521] Oracle MySQL Server denial of service
4895| [72520] Oracle MySQL Server denial of service
4896| [72519] Oracle MySQL Server denial of service
4897| [72518] Oracle MySQL Server unspecified
4898| [72517] Oracle MySQL Server unspecified
4899| [72516] Oracle MySQL Server unspecified
4900| [72515] Oracle MySQL Server denial of service
4901| [72514] Oracle MySQL Server unspecified
4902| [71965] MySQL port denial of service
4903| [70680] DBD::mysqlPP unspecified SQL injection
4904| [70370] TaskFreak! multi-mysql unspecified path disclosure
4905| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
4906| [68294] MySQLDriverCS statement.cs sql injection
4907| [68175] Prosody MySQL denial of service
4908| [67539] Zend Framework MySQL PDO security bypass
4909| [67254] DirectAdmin MySQL information disclosure
4910| [66567] Xoops mysql.sql information disclosure
4911| [65871] PyWebDAV MySQLAuthHandler class SQL injection
4912| [65543] MySQL Select Arbitrary data into a File
4913| [65529] MySQL Eventum full_name field cross-site scripting
4914| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
4915| [65379] Oracle MySQL Eventum list.php cross-site scripting
4916| [65266] Accellion File Transfer Appliance MySQL default password
4917| [64878] MySQL Geometry denial of service
4918| [64877] MySQL EXPLAIN EXTENDED denial of service
4919| [64876] MySQL prepared statement denial of service
4920| [64845] MySQL extreme-value denial of service
4921| [64844] MySQL Gis_line_string::init_from_wkb denial of service
4922| [64843] MySQL user-variable denial of service
4923| [64842] MySQL view preparation denial of service
4924| [64841] MySQL prepared statement denial of service
4925| [64840] MySQL LONGBLOB denial of service
4926| [64839] MySQL invocations denial of service
4927| [64838] MySQL Gis_line_string::init_from_wkb denial of service
4928| [64689] MySQL dict0crea.c denial of service
4929| [64688] MySQL SET column denial of service
4930| [64687] MySQL BINLOG command denial of service
4931| [64686] MySQL InnoDB denial of service
4932| [64685] MySQL HANDLER interface denial of service
4933| [64684] MySQL Item_singlerow_subselect::store denial of service
4934| [64683] MySQL OK packet denial of service
4935| [63518] MySQL Query Browser GUI Tools information disclosure
4936| [63517] MySQL Administrator GUI Tools information disclosure
4937| [62272] MySQL PolyFromWKB() denial of service
4938| [62269] MySQL LIKE predicates denial of service
4939| [62268] MySQL joins denial of service
4940| [62267] MySQL GREATEST() or LEAST() denial of service
4941| [62266] MySQL GROUP_CONCAT() denial of service
4942| [62265] MySQL expression values denial of service
4943| [62264] MySQL temporary table denial of service
4944| [62263] MySQL LEAST() or GREATEST() denial of service
4945| [62262] MySQL replication privilege escalation
4946| [61739] MySQL WITH ROLLUP denial of service
4947| [61343] MySQL LOAD DATA INFILE denial of service
4948| [61342] MySQL EXPLAIN denial of service
4949| [61341] MySQL HANDLER denial of service
4950| [61340] MySQL BINLOG denial of service
4951| [61339] MySQL IN() or CASE denial of service
4952| [61338] MySQL SET denial of service
4953| [61337] MySQL DDL denial of service
4954| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
4955| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
4956| [61316] PHP php_mysqlnd_auth_write buffer overflow
4957| [61274] MySQL TEMPORARY InnoDB denial of service
4958| [59905] MySQL ALTER DATABASE denial of service
4959| [59841] CMySQLite updateUser.php cross-site request forgery
4960| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
4961| [59075] PHP php_mysqlnd_auth_write() buffer overflow
4962| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
4963| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
4964| [59072] PHP php_mysqlnd_ok_read() information disclosure
4965| [58842] MySQL DROP TABLE file deletion
4966| [58676] Template Shares MySQL information disclosure
4967| [58531] MySQL COM_FIELD_LIST buffer overflow
4968| [58530] MySQL packet denial of service
4969| [58529] MySQL COM_FIELD_LIST security bypass
4970| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
4971| [57925] MySQL UNINSTALL PLUGIN security bypass
4972| [57006] Quicksilver Forums mysqldump information disclosure
4973| [56800] Employee Timeclock Software mysqldump information disclosure
4974| [56200] Flex MySQL Connector ActionScript SQL injection
4975| [55877] MySQL yaSSL buffer overflow
4976| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
4977| [55416] MySQL unspecified buffer overflow
4978| [55382] Ublog UblogMySQL.sql information disclosure
4979| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
4980| [54597] MySQL sql_table.cc security bypass
4981| [54596] MySQL mysqld denial of service
4982| [54365] MySQL OpenSSL security bypass
4983| [54364] MySQL MyISAM table symlink
4984| [53950] The mysql-ocaml mysql_real_escape_string weak security
4985| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
4986| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
4987| [52660] iScouter PHP Web Portal MySQL Password Retrieval
4988| [52220] aa33code mysql.inc information disclosure
4989| [52122] MySQL Connector/J unicode SQL injection
4990| [51614] MySQL dispatch_command() denial of service
4991| [51406] MySQL Connector/NET SSL spoofing
4992| [49202] MySQL UDF command execution
4993| [49050] MySQL XPath denial of service
4994| [48919] Cisco Application Networking Manager MySQL default account password
4995| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
4996| [47544] MySQL Calendar index.php SQL injection
4997| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
4998| [45649] MySQL MyISAM symlink security bypass
4999| [45648] MySQL MyISAM symlinks security bypass
5000| [45607] MySQL Quick Admin actions.php file include
5001| [45606] MySQL Quick Admin index.php file include
5002| [45590] MySQL command-line client cross-site scripting
5003| [45436] PromoteWeb MySQL go.php SQL injection
5004| [45042] MySQL empty bit-string literal denial of service
5005| [44662] mysql-lists unspecified cross-site scripting
5006| [42267] MySQL MyISAM security bypass
5007| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
5008| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
5009| [40920] MySQL sql_select.cc denial of service
5010| [40734] MySQL Server BINLOG privilege escalation
5011| [40350] MySQL password information disclosure
5012| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
5013| [39402] PHP LOCAL INFILE and MySQL extension security bypass
5014| [38999] aurora framework db_mysql.lib SQL injection
5015| [38990] MySQL federated engine denial of service
5016| [38989] MySQL DEFINER value privilege escalation
5017| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
5018| [38964] MySQL RENAME TABLE symlink
5019| [38733] ManageEngine EventLog Analyzer MySQL default password
5020| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
5021| [38189] MySQL default root password
5022| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
5023| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
5024| [36555] PHP MySQL extension multiple functions security bypass
5025| [35960] MySQL view privilege escalation
5026| [35959] MySQL CREATE TABLE LIKE information disclosure
5027| [35958] MySQL connection protocol denial of service
5028| [35291] MySQLDumper main.php security bypass
5029| [34811] MySQL udf_init and mysql_create_function command execution
5030| [34809] MySQL mysql_update privilege escalation
5031| [34349] MySQL ALTER information disclosure
5032| [34348] MySQL mysql_change_db privilege escalation
5033| [34347] MySQL RENAME TABLE weak security
5034| [34232] MySQL IF clause denial of service
5035| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
5036| [33285] Eve-Nuke mysql.php file include
5037| [32957] MySQL Commander dbopen.php file include
5038| [32933] cPanel load_language.php and mysqlconfig.php file include
5039| [32911] MySQL filesort function denial of service
5040| [32462] cPanel passwdmysql cross-site scripting
5041| [32288] RHSA-2006:0544 updates for mysql not installed
5042| [32266] MySQLNewsEngine affichearticles.php3 file include
5043| [31244] The Address Book MySQL export.php password information disclosure
5044| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
5045| [30760] BTSaveMySql URL file disclosure
5046| [30191] StoryStream mysql.php and mysqli.php file include
5047| [30085] MySQL MS-DOS device name denial of service
5048| [30031] Agora MysqlfinderAdmin.php file include
5049| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
5050| [29179] paBugs class.mysql.php file include
5051| [29120] ZoomStats MySQL file include
5052| [28448] MySQL case sensitive database name privilege escalation
5053| [28442] MySQL GRANT EXECUTE privilege escalation
5054| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
5055| [28202] MySQL multiupdate subselect query denial of service
5056| [28180] MySQL MERGE table security bypass
5057| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
5058| [27995] Opsware Network Automation System MySQL plaintext password
5059| [27904] MySQL date_format() format string
5060| [27635] MySQL Instance Manager denial of service
5061| [27212] MySQL SELECT str_to_date denial of service
5062| [26875] MySQL ASCII escaping SQL injection
5063| [26420] Apple Mac OS X MySQL Manager blank password
5064| [26236] MySQL login packet information disclosure
5065| [26232] MySQL COM_TABLE_DUMP buffer overflow
5066| [26228] MySQL sql_parce.cc information disclosure
5067| [26042] MySQL running
5068| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
5069| [24966] MySQL mysql_real_query logging bypass
5070| [24653] PAM-MySQL logging function denial of service
5071| [24652] PAM-MySQL authentication double free code execution
5072| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
5073| [24095] PHP ext/mysqli exception handling format string
5074| [23990] PHP mysql_connect() buffer overflow
5075| [23596] MySQL Auction search module could allow cross-site scripting
5076| [22642] RHSA-2005:334 updates for mysql not installed
5077| [21757] MySQL UDF library functions command execution
5078| [21756] MySQL LoadLibraryEx function denial of service
5079| [21738] MySQL UDF mysql_create_function function directory traversal
5080| [21737] MySQL user defined function buffer overflow
5081| [21640] MySQL Eventum multiple class SQL injection
5082| [21638] MySQL Eventum multiple scripts cross-site scripting
5083| [20984] xmysqladmin temporary file symlink
5084| [20656] MySQL mysql_install_db script symlink
5085| [20333] Plans MySQL password information disclosure
5086| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
5087| [19658] MySQL udf_init function gain access
5088| [19576] auraCMS mysql_fetch_row function path disclosure
5089| [18922] MySQL mysqlaccess script symlink attack
5090| [18824] MySQL UDF root privileges
5091| [18464] mysql_auth unspecified vulnerability
5092| [18449] Sugar Sales plaintext MySQL password
5093| [17783] MySQL underscore allows elevated privileges
5094| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
5095| [17667] MySQL UNION change denial of service
5096| [17666] MySQL ALTER TABLE RENAME bypass restriction
5097| [17493] MySQL libmysqlclient bulk inserts buffer overflow
5098| [17462] MySQLGuest AWSguest.php script cross-site scripting
5099| [17047] MySQL mysql_real_connect buffer overflow
5100| [17030] MySQL mysqlhotcopy insecure temporary file
5101| [16612] MySQL my_rnd buffer overflow
5102| [16604] MySQL check_scramble_323 function allows unauthorized access
5103| [15883] MySQL mysqld_multi script symlink attack
5104| [15617] MySQL mysqlbug script symlink attack
5105| [15417] Confixx db_mysql_loeschen2.php SQL injection
5106| [15280] Proofpoint Protection Server MySQL allows unauthorized access
5107| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
5108| [13153] MySQL long password buffer overflow
5109| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
5110| [12540] Teapop PostSQL and MySQL modules SQL injection
5111| [12337] MySQL mysql_real_connect function buffer overflow
5112| [11510] MySQL datadir/my.cnf modification could allow root privileges
5113| [11493] mysqlcc configuration and connection files are world writable
5114| [11340] SuckBot mod_mysql_logger denial of service
5115| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
5116| [10850] MySQL libmysql client read_one_row buffer overflow
5117| [10849] MySQL libmysql client read_rows buffer overflow
5118| [10848] MySQL COM_CHANGE_USER password buffer overflow
5119| [10847] MySQL COM_CHANGE_USER command password authentication bypass
5120| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
5121| [10483] Bugzilla stores passwords in plain text in the MySQL database
5122| [10455] gBook MySQL could allow administrative access
5123| [10243] MySQL my.ini "
5124| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
5125| [9909] MySQL logging disabled by default on Windows
5126| [9908] MySQL binding to the loopback adapter is disabled
5127| [9902] MySQL default root password could allow unauthorized access
5128| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
5129| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
5130| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
5131| [7206] WinMySQLadmin stores MySQL password in plain text
5132| [6617] MySQL "
5133| [6419] MySQL drop database command buffer overflow
5134| [6418] MySQL libmysqlclient.so buffer overflow
5135| [5969] MySQL select buffer overflow
5136| [5447] pam_mysql authentication input
5137| [5409] MySQL authentication algorithm obtain password hash
5138| [5057] PCCS MySQL Database Admin Tool could reveal username and password
5139| [4228] MySQL unauthenticated remote access
5140| [3849] MySQL default test account could allow any user to connect to the database
5141| [1568] MySQL creates readable log files
5142|
5143| Exploit-DB - https://www.exploit-db.com:
5144| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
5145| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
5146| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
5147| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
5148| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
5149| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
5150| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
5151| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
5152| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
5153| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
5154| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
5155| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
5156| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
5157| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
5158| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
5159| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
5160| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
5161| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
5162| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
5163| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
5164| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
5165| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
5166| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
5167| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
5168| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
5169| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
5170| [23179] Oracle MySQL for Microsoft Windows MOF Execution
5171| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
5172| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
5173| [23081] MySQL Remote Preauth User Enumeration Zeroday
5174| [23078] MySQL Denial of Service Zeroday PoC
5175| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
5176| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
5177| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
5178| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
5179| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
5180| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
5181| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
5182| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
5183| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
5184| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
5185| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
5186| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
5187| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
5188| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
5189| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
5190| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
5191| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
5192| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
5193| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
5194| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
5195| [19092] MySQL Remote Root Authentication Bypass
5196| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
5197| [16957] Oracle MySQL for Microsoft Windows Payload Execution
5198| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
5199| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
5200| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
5201| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
5202| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
5203| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
5204| [14096] CMSQlite & CMySQLite CSRF Vulnerability
5205| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
5206| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
5207| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
5208| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
5209| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
5210| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
5211| [7856] MySQL 4/5/6 UDF for Command Execution
5212| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
5213| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
5214| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
5215| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
5216| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
5217| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
5218| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
5219| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
5220| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
5221| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
5222| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
5223| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
5224| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
5225| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
5226| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
5227| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
5228| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
5229| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
5230| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
5231| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
5232| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
5233| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
5234| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
5235| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
5236| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
5237| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
5238| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
5239| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
5240| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
5241| [98] MySQL 3.23.x/4.0.x Remote Exploit
5242|
5243| OpenVAS (Nessus) - http://www.openvas.org:
5244| [902675] MySQLDumper Multiple Vulnerabilities
5245| [881549] CentOS Update for mysql CESA-2012:1551 centos6
5246| [881538] CentOS Update for mysql CESA-2012:1462 centos6
5247| [881225] CentOS Update for mysql CESA-2012:0105 centos6
5248| [881185] CentOS Update for mysql CESA-2012:0127 centos5
5249| [881061] CentOS Update for mysql CESA-2012:0874 centos6
5250| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
5251| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
5252| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
5253| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
5254| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
5255| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
5256| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
5257| [870870] RedHat Update for mysql RHSA-2012:1551-01
5258| [870861] RedHat Update for mysql RHSA-2012:1462-01
5259| [870778] RedHat Update for mysql RHSA-2012:0874-04
5260| [870736] RedHat Update for mysql RHSA-2011:0164-01
5261| [870647] RedHat Update for mysql RHSA-2012:0105-01
5262| [870547] RedHat Update for mysql RHSA-2012:0127-01
5263| [870357] RedHat Update for mysql RHSA-2010:0824-01
5264| [870356] RedHat Update for mysql RHSA-2010:0825-01
5265| [870272] RedHat Update for mysql RHSA-2010:0442-01
5266| [870218] RedHat Update for mysql RHSA-2010:0110-01
5267| [870216] RedHat Update for mysql RHSA-2010:0109-01
5268| [870195] RedHat Update for mysql RHSA-2007:1155-01
5269| [870069] RedHat Update for mysql RHSA-2008:0364-01
5270| [870033] RedHat Update for mysql RHSA-2008:0768-01
5271| [864951] Fedora Update for mysql FEDORA-2012-19823
5272| [864945] Fedora Update for mysql FEDORA-2012-19833
5273| [864504] Fedora Update for mysql FEDORA-2012-9324
5274| [864474] Fedora Update for mysql FEDORA-2012-9308
5275| [863910] Fedora Update for mysql FEDORA-2012-0972
5276| [863725] Fedora Update for mysql FEDORA-2012-0987
5277| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
5278| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
5279| [862676] Fedora Update for mysql FEDORA-2010-15147
5280| [862444] Fedora Update for mysql FEDORA-2010-15166
5281| [862300] Fedora Update for mysql FEDORA-2010-11126
5282| [862290] Fedora Update for mysql FEDORA-2010-11135
5283| [862149] Fedora Update for mysql FEDORA-2010-9053
5284| [862148] Fedora Update for mysql FEDORA-2010-9061
5285| [862136] Fedora Update for mysql FEDORA-2010-9016
5286| [861948] Fedora Update for mysql FEDORA-2010-7355
5287| [861936] Fedora Update for mysql FEDORA-2010-7414
5288| [861707] Fedora Update for mysql FEDORA-2010-1300
5289| [861651] Fedora Update for mysql FEDORA-2010-1348
5290| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
5291| [861392] Fedora Update for mysql FEDORA-2007-4471
5292| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
5293| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
5294| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
5295| [861033] Fedora Update for mysql FEDORA-2007-4465
5296| [855481] Solaris Update for mysql 120292-02
5297| [855333] Solaris Update for mysql 120293-02
5298| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
5299| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
5300| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
5301| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
5302| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
5303| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
5304| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
5305| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
5306| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
5307| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
5308| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
5309| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
5310| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
5311| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
5312| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
5313| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
5314| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
5315| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
5316| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
5317| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
5318| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
5319| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
5320| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
5321| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
5322| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
5323| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
5324| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
5325| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
5326| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
5327| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
5328| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
5329| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
5330| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
5331| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
5332| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
5333| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
5334| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
5335| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
5336| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
5337| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
5338| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
5339| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
5340| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
5341| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
5342| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
5343| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
5344| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
5345| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
5346| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
5347| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
5348| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
5349| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
5350| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
5351| [70586] FreeBSD Ports: proftpd, proftpd-mysql
5352| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
5353| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
5354| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
5355| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
5356| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
5357| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
5358| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
5359| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
5360| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
5361| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
5362| [65937] SLES10: Security update for MySQL
5363| [65884] SLES10: Security update for MySQL
5364| [65827] SLES10: Security update for MySQL
5365| [65710] SLES11: Security update for MySQL
5366| [65610] SLES9: Security update for MySQL
5367| [65566] SLES9: Security update for MySQL
5368| [65507] SLES9: Security update for MySQL
5369| [65502] SLES9: Security update for mysql
5370| [65426] SLES9: Security update for MySQL
5371| [65385] SLES9: Security update for mysql
5372| [65341] SLES9: Security update for MySQL
5373| [65181] SLES9: Security update for MySQL
5374| [65176] SLES9: Security update for MySQL
5375| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
5376| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
5377| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
5378| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
5379| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
5380| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
5381| [63630] FreeBSD Ports: proftpd, proftpd-mysql
5382| [63171] FreeBSD Ports: mysql-server
5383| [63170] FreeBSD Ports: mysql-server
5384| [63169] FreeBSD Ports: mysql-server
5385| [63168] FreeBSD Ports: mysql-server
5386| [63095] FreeBSD Ports: mysql-server
5387| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
5388| [61699] FreeBSD Ports: mysql-client
5389| [61656] FreeBSD Ports: proftpd, proftpd-mysql
5390| [61618] FreeBSD Ports: mysql-server
5391| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
5392| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
5393| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
5394| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
5395| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
5396| [60017] Slackware Advisory SSA:2007-348-01 mysql
5397| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
5398| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
5399| [58863] FreeBSD Ports: freeradius, freeradius-mysql
5400| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
5401| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
5402| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
5403| [57725] FreeBSD Ports: proftpd, proftpd-mysql
5404| [57576] FreeBSD Ports: proftpd, proftpd-mysql
5405| [57527] FreeBSD Ports: mysql-server
5406| [57526] FreeBSD Ports: mysql-server
5407| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
5408| [57257] FreeBSD Ports: mysql-server
5409| [57167] Slackware Advisory SSA:2006-211-01 mysql
5410| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
5411| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
5412| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
5413| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
5414| [56861] Slackware Advisory SSA:2006-155-01 mysql
5415| [56850] FreeBSD Ports: mysql-server
5416| [56849] FreeBSD Ports: mysql-server
5417| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
5418| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
5419| [56788] Debian Security Advisory DSA 1071-1 (mysql)
5420| [56730] Slackware Advisory SSA:2006-129-02 mysql
5421| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
5422| [56714] FreeBSD Ports: mysql-server
5423| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
5424| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
5425| [55493] Debian Security Advisory DSA 829-1 (mysql)
5426| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
5427| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
5428| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
5429| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
5430| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
5431| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
5432| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
5433| [54483] FreeBSD Ports: proftpd, proftpd-mysql
5434| [54201] FreeBSD Ports: mysql-server
5435| [53776] Debian Security Advisory DSA 013-1 (mysql)
5436| [53755] Debian Security Advisory DSA 483-1 (mysql)
5437| [53750] Debian Security Advisory DSA 707-1 (mysql)
5438| [53666] Debian Security Advisory DSA 381-1 (mysql)
5439| [53595] Debian Security Advisory DSA 303-1 (mysql)
5440| [53585] Debian Security Advisory DSA 212-1 (mysql)
5441| [53481] Debian Security Advisory DSA 647-1 (mysql)
5442| [53251] Debian Security Advisory DSA 562-1 (mysql)
5443| [53230] Debian Security Advisory DSA 540-1 (mysql)
5444| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
5445| [52459] FreeBSD Ports: mysql-client
5446| [52419] FreeBSD Ports: mysql-scripts
5447| [52406] FreeBSD Ports: mysql-server
5448| [52375] FreeBSD Ports: mysql-server, mysql-client
5449| [52274] FreeBSD Ports: mysql-server
5450| [52273] FreeBSD Ports: mysql-server
5451| [52272] FreeBSD Ports: mysql-server
5452| [52271] FreeBSD Ports: mysql-server
5453| [52270] FreeBSD Ports: mysql-server
5454| [52233] FreeBSD Ports: mysql-scripts
5455| [52158] FreeBSD Ports: mysql-server
5456| [16093] MySQL Eventum Multiple flaws
5457| [12639] MySQL Authentication bypass through a zero-length password
5458| [10783] PCCS-Mysql User/Password Exposure
5459|
5460| SecurityTracker - https://www.securitytracker.com:
5461| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
5462| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
5463| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
5464| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
5465| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
5466| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
5467| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
5468| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
5469| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
5470| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
5471| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
5472| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
5473| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
5474| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
5475| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
5476| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
5477| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
5478| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
5479| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
5480| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
5481| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
5482| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
5483| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
5484| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
5485| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
5486| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
5487| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
5488| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
5489| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
5490| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
5491| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
5492| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
5493| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
5494| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
5495| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
5496| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
5497| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
5498| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
5499| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
5500| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
5501| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
5502| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
5503| [1016790] MySQL Replication Error Lets Local Users Deny Service
5504| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
5505| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
5506| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
5507| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
5508| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
5509| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
5510| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
5511| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
5512| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
5513| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
5514| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
5515| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
5516| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
5517| [1014172] xMySQLadmin Lets Local Users Delete Files
5518| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
5519| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
5520| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
5521| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
5522| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
5523| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
5524| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
5525| [1012500] mysql_auth Memory Leak Has Unspecified Impact
5526| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
5527| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
5528| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
5529| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
5530| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
5531| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
5532| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
5533| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
5534| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
5535| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
5536| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
5537| [1007518] DWebPro Discloses MySQL Database Password to Local Users
5538| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
5539| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
5540| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
5541| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
5542| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
5543| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
5544| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
5545| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
5546| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
5547| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
5548| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
5549| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
5550| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
5551|
5552| OSVDB - http://www.osvdb.org:
5553| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
5554| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
5555| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
5556| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
5557| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
5558| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
5559| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
5560| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
5561| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
5562| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
5563| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
5564| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
5565| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
5566| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
5567| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
5568| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
5569| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
5570| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
5571| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
5572| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
5573| [93174] MySQL Crafted Derived Table Handling DoS
5574| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
5575| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
5576| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
5577| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
5578| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
5579| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
5580| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
5581| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
5582| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
5583| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
5584| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
5585| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
5586| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
5587| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
5588| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
5589| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
5590| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
5591| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
5592| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
5593| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
5594| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
5595| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
5596| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
5597| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
5598| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
5599| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
5600| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
5601| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
5602| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
5603| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
5604| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
5605| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
5606| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
5607| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
5608| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
5609| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
5610| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
5611| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
5612| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
5613| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
5614| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
5615| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
5616| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
5617| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
5618| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
5619| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
5620| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
5621| [89042] ViciBox Server MySQL cron Service Default Credentials
5622| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
5623| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
5624| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
5625| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
5626| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
5627| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
5628| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
5629| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
5630| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
5631| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
5632| [87480] MySQL Malformed XML Comment Handling DoS
5633| [87466] MySQL SSL Certificate Revocation Weakness
5634| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
5635| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
5636| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
5637| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
5638| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
5639| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
5640| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
5641| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
5642| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
5643| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
5644| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
5645| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
5646| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
5647| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
5648| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
5649| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
5650| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
5651| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
5652| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
5653| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
5654| [84719] MySQLDumper index.php page Parameter XSS
5655| [84680] MySQL Squid Access Report access.log File Path XSS
5656| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
5657| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
5658| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
5659| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
5660| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
5661| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
5662| [83661] Oracle MySQL Unspecified Issue (59533)
5663| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
5664| [82803] Oracle MySQL Unspecified Issue (59387)
5665| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
5666| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
5667| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
5668| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
5669| [81614] MySQLDumper File Upload PHP Code Execution
5670| [81613] MySQLDumper main.php Multiple Function CSRF
5671| [81612] MySQLDumper restore.php filename Parameter XSS
5672| [81611] MySQLDumper sql.php Multiple Parameter XSS
5673| [81610] MySQLDumper install.php Multiple Parameter XSS
5674| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
5675| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
5676| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
5677| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
5678| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
5679| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
5680| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
5681| [81059] Oracle MySQL Server Multiple Unspecified Issues
5682| [79038] Webmin Process Listing MySQL Password Local Disclosure
5683| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
5684| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
5685| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
5686| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
5687| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
5688| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
5689| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
5690| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
5691| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
5692| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
5693| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
5694| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
5695| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
5696| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
5697| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
5698| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
5699| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
5700| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
5701| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
5702| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
5703| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
5704| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
5705| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
5706| [78375] Oracle MySQL Server Unspecified Local DoS
5707| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
5708| [78373] Oracle MySQL Server Unspecified Local Issue
5709| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
5710| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
5711| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
5712| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
5713| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
5714| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
5715| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
5716| [77040] DBD::mysqlPP Unspecified SQL Injection
5717| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
5718| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
5719| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
5720| [73387] Zend Framework PDO_MySql Character Set Security Bypass
5721| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
5722| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
5723| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
5724| [71368] Accellion File Transfer Appliance Weak MySQL root Password
5725| [70967] MySQL Eventum Admin User Creation CSRF
5726| [70966] MySQL Eventum preferences.php full_name Parameter XSS
5727| [70961] MySQL Eventum list.php Multiple Parameter XSS
5728| [70960] MySQL Eventum forgot_password.php URI XSS
5729| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
5730| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
5731| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
5732| [69395] MySQL Derived Table Grouping DoS
5733| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
5734| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
5735| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
5736| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
5737| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
5738| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
5739| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
5740| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
5741| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
5742| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
5743| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
5744| [68996] MySQL EXPLAIN EXTENDED Statement DoS
5745| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
5746| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
5747| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
5748| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
5749| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
5750| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
5751| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
5752| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
5753| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
5754| [67381] MySQL InnoDB Temporary Table Handling DoS
5755| [67380] MySQL BINLOG Statement Unspecified Argument DoS
5756| [67379] MySQL Multiple Operation NULL Argument Handling DoS
5757| [67378] MySQL Unique SET Column Join Statement Remote DoS
5758| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
5759| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
5760| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
5761| [66731] PHP Bundled MySQL Library Unspecified Issue
5762| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
5763| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
5764| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
5765| [65085] MySQL Enterprise Monitor Unspecified CSRF
5766| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
5767| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
5768| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
5769| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
5770| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
5771| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
5772| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
5773| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
5774| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
5775| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
5776| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
5777| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
5778| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
5779| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
5780| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
5781| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
5782| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
5783| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
5784| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
5785| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
5786| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
5787| [59907] MySQL on Windows bind-address Remote Connection Weakness
5788| [59906] MySQL on Windows Default Configuration Logging Weakness
5789| [59616] MySQL Hashed Password Weakness
5790| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
5791| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
5792| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
5793| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
5794| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
5795| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
5796| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
5797| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
5798| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
5799| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
5800| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
5801| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
5802| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
5803| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
5804| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
5805| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
5806| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
5807| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
5808| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
5809| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
5810| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
5811| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
5812| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
5813| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
5814| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
5815| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
5816| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
5817| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
5818| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
5819| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
5820| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
5821| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
5822| [52464] MySQL charset Column Truncation Weakness
5823| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
5824| [52378] Cisco ANM MySQL root Account Default Password
5825| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
5826| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
5827| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
5828| [50892] MySQL Calendar index.php username Parameter SQL Injection
5829| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
5830| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
5831| [48710] MySQL Command Line Client HTML Output XSS
5832| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
5833| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
5834| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
5835| [47789] mysql-lists Unspecified XSS
5836| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
5837| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
5838| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
5839| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
5840| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
5841| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
5842| [43179] MySQL Server BINLOG Statement Rights Checking Failure
5843| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
5844| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
5845| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
5846| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
5847| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
5848| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
5849| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
5850| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
5851| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
5852| [39279] PHP mysql_error() Function XSS
5853| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
5854| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
5855| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
5856| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
5857| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
5858| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
5859| [37782] MySQL Community Server External Table View Privilege Escalation
5860| [37781] MySQL ALTER TABLE Information Disclosure
5861| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
5862| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
5863| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
5864| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
5865| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
5866| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
5867| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
5868| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
5869| [36251] Associated Press (AP) Newspower Default MySQL root Password
5870| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
5871| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
5872| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
5873| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
5874| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
5875| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
5876| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
5877| [33974] MySQL information_schema Table Subselect Single-Row DoS
5878| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
5879| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
5880| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
5881| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
5882| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
5883| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
5884| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
5885| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
5886| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
5887| [32056] BTSaveMySql Direct Request Config File Disclosure
5888| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
5889| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
5890| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
5891| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
5892| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
5893| [29696] MySQLDumper sql.php db Parameter XSS
5894| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
5895| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
5896| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
5897| [28288] MySQL Instance_options::complete_initialization Function Overflow
5898| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
5899| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
5900| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
5901| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
5902| [28012] MySQL Case Sensitivity Unauthorized Database Creation
5903| [27919] MySQL VIEW Access information_schema.views Information Disclosure
5904| [27703] MySQL MERGE Table Privilege Persistence
5905| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
5906| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
5907| [27416] MySQL Server time.cc date_format Function Format String
5908| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
5909| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
5910| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
5911| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
5912| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
5913| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
5914| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
5915| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
5916| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
5917| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
5918| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
5919| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
5920| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
5921| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
5922| [25595] Apple Mac OS X MySQL Manager Blank root Password
5923| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
5924| [25227] MySQL COM_TABLE_DUMP Packet Overflow
5925| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
5926| [24245] Cholod Mysql Based Message Board Unspecified XSS
5927| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
5928| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
5929| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
5930| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
5931| [23526] MySQL Query NULL Charcter Logging Bypass
5932| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
5933| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
5934| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
5935| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
5936| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
5937| [22479] PHP mysqli Extension Error Message Format String
5938| [22232] PHP Pipe Variable mysql_connect() Function Overflow
5939| [21685] MySQL Auction Search Module keyword XSS
5940| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
5941| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
5942| [19457] aMember Pro mysql.inc.php Remote File Inclusion
5943| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
5944| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
5945| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
5946| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
5947| [18896] MySQL User-Defined Function init_syms() Function Overflow
5948| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
5949| [18894] MySQL drop database Request Remote Overflow
5950| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
5951| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
5952| [18406] MySQL Eventum releases.php SQL Injection
5953| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
5954| [18404] MySQL Eventum custom_fields.php SQL Injection
5955| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
5956| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
5957| [18401] MySQL Eventum list.php release Parameter XSS
5958| [18400] MySQL Eventum view.php id Parameter XSS
5959| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
5960| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
5961| [17223] xMySQLadmin Symlink Arbitrary File Deletion
5962| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
5963| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
5964| [16056] Plans Unspecified mySQL Remote Password Disclosure
5965| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
5966| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
5967| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
5968| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
5969| [14748] MySQL MS-DOS Device Names Request DoS
5970| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
5971| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
5972| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
5973| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
5974| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
5975| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
5976| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
5977| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
5978| [12919] MySQL MaxDB WebAgent websql Remote Overflow
5979| [12779] MySQL User Defined Function Privilege Escalation
5980| [12609] MySQL Eventum projects.php Multiple Parameter XSS
5981| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
5982| [12607] MySQL Eventum forgot_password.php email Parameter XSS
5983| [12606] MySQL Eventum index.php email Parameter XSS
5984| [12605] MySQL Eventum Default Vendor Account
5985| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
5986| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
5987| [11689] Roxen Web Server MySQL Socket Permission Weakness
5988| [10985] MySQL MATCH..AGAINST Query DoS
5989| [10959] MySQL GRANT ALL ON Privilege Escalation
5990| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
5991| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
5992| [10658] MySQL mysql_real_connect() Function Remote Overflow
5993| [10532] MySQL MaxDB webdbm Server Field DoS
5994| [10491] AWS MySQLguest AWSguest.php Script Insertion
5995| [10244] MySQL libmysqlclient Prepared Statements API Overflow
5996| [10226] MySQLGuest AWSguest.php Multiple Field XSS
5997| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
5998| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
5999| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
6000| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
6001| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
6002| [9907] MySQL SELECT Statement String Handling Overflow
6003| [9906] MySQL GRANT Privilege Arbitrary Password Modification
6004| [9509] teapop MySQL Authentication Module SQL Injection
6005| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
6006| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
6007| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
6008| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
6009| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
6010| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
6011| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
6012| [8886] MySQL libmysqlclient Library read_one_row Overflow
6013| [8885] MySQL libmysqlclient Library read_rows Overflow
6014| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
6015| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
6016| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
6017| [7128] MySQL show database Database Name Exposure
6018| [6716] MySQL Database Engine Weak Authentication Information Disclosure
6019| [6605] MySQL mysqld Readable Log File Information Disclosure
6020| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
6021| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
6022| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
6023| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
6024| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
6025| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
6026| [520] MySQL Database Name Traversal Arbitrary File Modification
6027| [380] MySQL Server on Windows Default Null Root Password
6028| [261] MySQL Short Check String Authentication Bypass
6029|_
6030Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
6031Device type: general purpose
6032Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
6033OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
6034Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (91%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 (86%), Linux 3.10 - 3.16 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
6035No exact OS matches for host (test conditions non-ideal).
6036Network Distance: 17 hops
6037
6038TRACEROUTE (using port 3306/tcp)
6039HOP RTT ADDRESS
60401 305.24 ms 10.231.204.1
60412 305.30 ms 45.131.5.3
60423 305.30 ms 109.236.95.230
60434 305.35 ms bb1-fra1.worldstream.nl (109.236.95.221)
60445 305.35 ms zayo.fra.ecix.net (62.69.146.139)
60456 442.81 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
60467 442.90 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
60478 442.89 ms ae0.cs1.fra9.de.eth.zayo.com (64.125.29.55)
60489 442.89 ms ae2.cs1.cdg11.fr.eth.zayo.com (64.125.29.67)
604910 205.70 ms ae0.cs1.cdg12.fr.eth.zayo.com (64.125.29.84)
605011 330.49 ms ae2.cs1.lhr11.uk.eth.zayo.com (64.125.29.25)
605112 329.45 ms ae5.cs1.lga5.us.eth.zayo.com (64.125.29.126)
605213 329.41 ms ae3.cs3.ord2.us.eth.zayo.com (64.125.29.209)
605314 329.37 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
605415 329.31 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
605516 329.38 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
605617 399.38 ms c59833.sgvps.net (37.60.233.207)
6057######################################################################################################################################
6058Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:42 EDT
6059NSE: Loaded 47 scripts for scanning.
6060NSE: Script Pre-scanning.
6061Initiating NSE at 11:42
6062Completed NSE at 11:42, 0.00s elapsed
6063Initiating NSE at 11:42
6064Completed NSE at 11:42, 0.00s elapsed
6065Initiating Ping Scan at 11:42
6066Scanning 37.60.233.207 [4 ports]
6067Completed Ping Scan at 11:42, 0.34s elapsed (1 total hosts)
6068Initiating Parallel DNS resolution of 1 host. at 11:42
6069Completed Parallel DNS resolution of 1 host. at 11:42, 0.02s elapsed
6070Initiating SYN Stealth Scan at 11:42
6071Scanning c59833.sgvps.net (37.60.233.207) [65535 ports]
6072Discovered open port 443/tcp on 37.60.233.207
6073Discovered open port 3306/tcp on 37.60.233.207
6074Discovered open port 993/tcp on 37.60.233.207
6075Discovered open port 587/tcp on 37.60.233.207
6076Discovered open port 21/tcp on 37.60.233.207
6077Discovered open port 80/tcp on 37.60.233.207
6078Discovered open port 110/tcp on 37.60.233.207
6079Discovered open port 53/tcp on 37.60.233.207
6080Discovered open port 995/tcp on 37.60.233.207
6081Discovered open port 143/tcp on 37.60.233.207
6082SYN Stealth Scan Timing: About 4.11% done; ETC: 11:55 (0:12:03 remaining)
6083SYN Stealth Scan Timing: About 6.41% done; ETC: 11:58 (0:14:50 remaining)
6084SYN Stealth Scan Timing: About 10.72% done; ETC: 11:56 (0:12:38 remaining)
6085SYN Stealth Scan Timing: About 15.52% done; ETC: 11:55 (0:10:59 remaining)
6086SYN Stealth Scan Timing: About 20.65% done; ETC: 11:55 (0:09:40 remaining)
6087Discovered open port 2096/tcp on 37.60.233.207
6088SYN Stealth Scan Timing: About 25.97% done; ETC: 11:54 (0:08:36 remaining)
6089SYN Stealth Scan Timing: About 31.19% done; ETC: 11:54 (0:07:46 remaining)
6090SYN Stealth Scan Timing: About 36.25% done; ETC: 11:53 (0:07:04 remaining)
6091SYN Stealth Scan Timing: About 42.78% done; ETC: 11:54 (0:06:27 remaining)
6092Discovered open port 2083/tcp on 37.60.233.207
6093SYN Stealth Scan Timing: About 48.28% done; ETC: 11:53 (0:05:42 remaining)
6094SYN Stealth Scan Timing: About 53.40% done; ETC: 11:53 (0:05:07 remaining)
6095Discovered open port 2095/tcp on 37.60.233.207
6096SYN Stealth Scan Timing: About 60.30% done; ETC: 11:54 (0:04:33 remaining)
6097SYN Stealth Scan Timing: About 66.02% done; ETC: 11:54 (0:03:57 remaining)
6098SYN Stealth Scan Timing: About 71.88% done; ETC: 11:54 (0:03:12 remaining)
6099Discovered open port 465/tcp on 37.60.233.207
6100SYN Stealth Scan Timing: About 78.59% done; ETC: 11:53 (0:02:22 remaining)
6101Discovered open port 2086/tcp on 37.60.233.207
6102Discovered open port 18765/tcp on 37.60.233.207
6103Discovered open port 2078/tcp on 37.60.233.207
6104Discovered open port 2082/tcp on 37.60.233.207
6105SYN Stealth Scan Timing: About 85.69% done; ETC: 11:53 (0:01:32 remaining)
6106SYN Stealth Scan Timing: About 92.10% done; ETC: 11:53 (0:00:50 remaining)
6107Discovered open port 2077/tcp on 37.60.233.207
6108Discovered open port 2087/tcp on 37.60.233.207
6109Completed SYN Stealth Scan at 11:53, 629.65s elapsed (65535 total ports)
6110Initiating Service scan at 11:53
6111Scanning 20 services on c59833.sgvps.net (37.60.233.207)
6112Service scan Timing: About 70.00% done; ETC: 11:57 (0:01:08 remaining)
6113Completed Service scan at 11:56, 173.05s elapsed (20 services on 1 host)
6114Initiating OS detection (try #1) against c59833.sgvps.net (37.60.233.207)
6115Retrying OS detection (try #2) against c59833.sgvps.net (37.60.233.207)
6116Initiating Traceroute at 11:56
6117Completed Traceroute at 11:56, 3.31s elapsed
6118Initiating Parallel DNS resolution of 15 hosts. at 11:56
6119Completed Parallel DNS resolution of 15 hosts. at 11:56, 0.38s elapsed
6120NSE: Script scanning 37.60.233.207.
6121Initiating NSE at 11:56
6122Completed NSE at 11:56, 33.63s elapsed
6123Initiating NSE at 11:56
6124Completed NSE at 11:57, 3.01s elapsed
6125Nmap scan report for c59833.sgvps.net (37.60.233.207)
6126Host is up (0.27s latency).
6127Not shown: 65284 filtered ports, 231 closed ports
6128PORT STATE SERVICE VERSION
612921/tcp open ftp Pure-FTPd
6130| vulscan: VulDB - https://vuldb.com:
6131| [102925] Foscam C1 Indoor HD Camera 2.52.2.37 Web Management Interface pureftpd.passwd HTTP Request privilege escalation
6132| [57510] Pureftpd Pure-FTPd up to 0.x Memory Consumption denial of service
6133| [57504] Pureftpd Pure-FTPd up to 0.x ftp_parser.c Cleartext unknown vulnerability
6134|
6135| MITRE CVE - https://cve.mitre.org:
6136| [CVE-2004-0656] The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
6137|
6138| SecurityFocus - https://www.securityfocus.com/bid/:
6139| [10664] PureFTPd Accept_Client Remote Denial of Service Vulnerability
6140|
6141| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6142| No findings
6143|
6144| Exploit-DB - https://www.exploit-db.com:
6145| No findings
6146|
6147| OpenVAS (Nessus) - http://www.openvas.org:
6148| No findings
6149|
6150| SecurityTracker - https://www.securitytracker.com:
6151| [1010701] PureFTPd Logic Bug in accept_client() Lets Remote Users Crash the FTP Daemon
6152| [1008135] (Claim is Retracted) PureFTPd Buffer Overflow in displayrate() Lets Remote Users Crash the Service
6153| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
6154| [1001126] PureFTPd May Allow Remote Users to Deny Service on the Server
6155|
6156| OSVDB - http://www.osvdb.org:
6157| No findings
6158|_
615953/tcp open domain ISC BIND 9.10.6
6160| vulners:
6161| cpe:/a:isc:bind:9.10.6:
6162| CVE-2018-5740 5.0 https://vulners.com/cve/CVE-2018-5740
6163| CVE-2018-5734 5.0 https://vulners.com/cve/CVE-2018-5734
6164| CVE-2017-3145 5.0 https://vulners.com/cve/CVE-2017-3145
6165|_ CVE-2018-5741 4.0 https://vulners.com/cve/CVE-2018-5741
6166| vulscan: VulDB - https://vuldb.com:
6167| [129816] ISC BIND up to 9.10.6-S2 badcache.c Malformed Packet Assertion unknown vulnerability
6168| [88752] ISC BIND up to 9.10.4-P1 UPDATE Message Crash denial of service
6169| [88751] ISC BIND up to 9.10.4-P1 IXFR Response Crash denial of service
6170| [88750] ISC BIND up to 9.10.4-P1 AXFR Response Crash denial of service
6171| [81317] ISC BIND up to 9.10.3-P3 named resolver.c Cookie Option denial of service
6172| [80355] ISC BIND up to 9.10.3-P2 Debug Logging Crash denial of service
6173| [69191] ISC BIND up to 9.10.2 Trust Anchor Management Crash denial of service
6174| [68356] ISC BIND 9.10.0 Delegation Crash denial of service
6175| [68355] ISC BIND 9.10.0/9.10.1 GeoIP Crash denial of service
6176| [13581] ISC BIND 9.10.0 EDNS Option denial of service
6177| [13180] ISC BIND 9.10.0 Prefetch denial of service
6178|
6179| MITRE CVE - https://cve.mitre.org:
6180| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
6181| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
6182|
6183| SecurityFocus - https://www.securityfocus.com/bid/:
6184| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
6185| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
6186| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
6187| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
6188| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
6189| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
6190| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
6191| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
6192| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
6193| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
6194| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
6195| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
6196| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
6197| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
6198| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
6199| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
6200| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
6201| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
6202| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
6203| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
6204| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
6205| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
6206| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
6207| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
6208| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
6209| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
6210| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
6211| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
6212| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
6213| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
6214| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
6215| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
6216| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
6217| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
6218| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
6219| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
6220| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
6221| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
6222| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
6223| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
6224| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
6225| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
6226| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
6227| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
6228| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
6229| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
6230| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
6231| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
6232| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
6233| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
6234| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
6235| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
6236| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
6237| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
6238| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
6239| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
6240| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
6241| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
6242| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
6243| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
6244| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
6245| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
6246| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
6247| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
6248| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
6249| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
6250| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
6251| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
6252| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
6253| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
6254| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
6255| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
6256| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
6257| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
6258|
6259| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6260| [85799] Cisco Unified IP Phones 9900 Series directory traversal
6261| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
6262| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
6263| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
6264| [9250] BIND 9 dns_message_findtype() denial of service
6265| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
6266| [539] Microsoft Windows 95 and Internet Explorer password disclosure
6267| [86004] ISC BIND RDATA denial of service
6268| [84767] ISC BIND denial of service
6269| [83066] ISC BIND denial of service
6270| [81504] ISC BIND AAAA denial of service
6271| [80510] ISC BIND DNS64 denial of service
6272| [79121] ISC BIND queries denial of service
6273| [78479] ISC BIND RDATA denial of service
6274| [77185] ISC BIND TCP queries denial of service
6275| [77184] ISC BIND bad cache denial of service
6276| [76034] ISC BIND rdata denial of service
6277| [73053] ISC BIND cache update policy security bypass
6278| [71332] ISC BIND recursive queries denial of service
6279| [68375] ISC BIND UPDATE denial of service
6280| [68374] ISC BIND Response Policy Zones denial of service
6281| [67665] ISC BIND RRSIG Rrsets denial of service
6282| [67297] ISC BIND RRSIG denial of service
6283| [65554] ISC BIND IXFR transfer denial of service
6284| [63602] ISC BIND allow-query security bypass
6285| [63596] ISC BIND zone data security bypass
6286| [63595] ISC BIND RRSIG denial of service
6287| [62072] ISC BIND DNSSEC query denial of service
6288| [62071] ISC BIND ACL security bypass
6289| [61871] ISC BIND anchors denial of service
6290| [60421] ISC BIND RRSIG denial of service
6291| [56049] ISC BIND out-of-bailiwick weak security
6292| [55937] ISC Bind unspecified cache poisoning
6293| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
6294| [54416] ISC BIND DNSSEC cache poisoning
6295| [52073] ISC BIND dns_db_findrdataset() denial of service
6296| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
6297| [45234] ISC BIND UDP denial of service
6298| [39670] ISC BIND inet_network buffer overflow
6299| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
6300| [37128] RHSA update for ISC BIND RRset denial of service not installed
6301| [37127] RHSA update for ISC BIND named service denial of service not installed
6302| [36275] ISC BIND DNS query spoofing
6303| [35575] ISC BIND query ID cache poisoning
6304| [35571] ISC BIND ACL security bypass
6305| [31838] ISC BIND RRset denial of service
6306| [31799] ISC BIND named service denial of service
6307| [29876] HP Tru64 ypbind core dump information disclosure
6308| [28745] ISC BIND DNSSEC RRset denial of service
6309| [28744] ISC BIND recursive INSIST denial of service
6310| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
6311| [18836] BIND hostname disclosure
6312| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
6313| [10333] ISC BIND SIG null pointer dereference denial of service
6314| [10332] ISC BIND OPT resource record (RR) denial of service
6315| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
6316| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
6317| [5814] ISC BIND "
6318| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
6319| [5462] ISC BIND AXFR host command remote buffer overflow
6320|
6321| Exploit-DB - https://www.exploit-db.com:
6322| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
6323|
6324| OpenVAS (Nessus) - http://www.openvas.org:
6325| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
6326| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
6327| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
6328| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
6329| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
6330| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
6331| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
6332| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
6333| [11226] Oracle 9iAS default error information disclosure
6334|
6335| SecurityTracker - https://www.securitytracker.com:
6336| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
6337| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
6338| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
6339| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
6340| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
6341| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6342| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6343| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6344| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6345| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6346| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6347| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6348| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6349| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
6350| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
6351| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
6352| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
6353| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
6354| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
6355| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
6356| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
6357| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
6358| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
6359| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
6360| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
6361| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
6362|
6363| OSVDB - http://www.osvdb.org:
6364| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
6365| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
6366| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
6367| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
6368| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
6369| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
6370| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
6371| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
6372| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
6373| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
6374| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
6375| [18217] Oracle 9iAS echo Sample Application Information Disclosure
6376| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
6377| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
6378| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
6379| [3108] Microsoft Office 98 Macintosh Information Disclosure
6380| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
6381| [665] Microsoft Windows 95 Online Registration Information Disclosure
6382| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
6383| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
6384| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
6385| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
6386| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
6387| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
6388| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
6389| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
6390| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
6391| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
6392| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
6393| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
6394| [77159] ISC BIND Recursive Query Parsing Remote DoS
6395| [73605] ISC BIND UPDATE Request Parsing Remote DoS
6396| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
6397| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
6398| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
6399| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
6400| [69568] ISC BIND named allow-query ACL Restriction Bypass
6401| [69559] ISC BIND named Key Algorithm Rollover Weakness
6402| [69558] ISC BIND named RRSIG Negative Caching DoS
6403| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
6404| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
6405| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
6406| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
6407| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
6408| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
6409| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
6410| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
6411| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
6412| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
6413| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
6414| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
6415| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
6416| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
6417| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
6418| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
6419| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
6420| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
6421| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
6422| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
6423| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
6424| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
6425| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
6426| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
6427| [34752] ISC BIND so_linger Remote DoS
6428| [34751] ISC BIND Malformed SIG Record Remote DoS
6429| [34750] ISC BIND Malformed NAPTR Record Local DoS
6430| [34749] ISC BIND named maxdname DoS
6431| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
6432| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
6433| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
6434| [28558] ISC BIND Recursive Query Saturation DoS
6435| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
6436| [25895] ISC BIND Cached Recursive Query DoS
6437| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
6438| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
6439| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
6440| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
6441| [14795] ISC BIND TSIG Handling Code Remote Overflow
6442| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
6443| [13752] ISC BIND host Command AXFR Response Remote Overflow
6444| [13176] ISC BIND q_usedns Array Remote Overflow DoS
6445| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
6446| [9736] ISC BIND fdmax File Descriptor Consumption DoS
6447| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
6448| [9734] ISC BIND CNAME Record Zone Transfer DoS
6449| [9733] ISC BIND Malformed DNS Message DoS
6450| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
6451| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
6452| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
6453| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
6454| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
6455| [5828] ISC BIND named SRV Remote DoS
6456| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
6457| [2866] ISC BIND Negative Record Cache Poisoning
6458| [1751] ISC BIND Environment Variable Information Disclosure
6459| [1747] ISC BIND 4 nslookupComplain() Remote Format String
6460| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
6461| [913] ISC BIND Inverse-Query Remote Overflow
6462| [869] ISC BIND named SIG Resource Server Response RR Overflow
6463| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
6464| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
6465| [24] ISC BIND NXT Record Overflow
6466|_
646780/tcp open http nginx
6468| vulscan: VulDB - https://vuldb.com:
6469| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
6470| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
6471| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
6472| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
6473| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
6474| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
6475| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
6476| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
6477| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
6478| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
6479| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
6480| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
6481| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
6482| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
6483| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
6484| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
6485| [67677] nginx up to 1.7.3 SSL weak authentication
6486| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
6487| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
6488| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
6489| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
6490| [65364] nginx up to 1.1.13 Default Configuration information disclosure
6491| [8671] nginx up to 1.4 proxy_pass denial of service
6492| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
6493| [7247] nginx 1.2.6 Proxy Function spoofing
6494| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
6495| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
6496| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
6497| [59645] nginx up to 0.8.9 Heap-based memory corruption
6498| [53592] nginx 0.8.36 memory corruption
6499| [53590] nginx up to 0.8.9 unknown vulnerability
6500| [51533] nginx 0.7.64 Terminal privilege escalation
6501| [50905] nginx up to 0.8.9 directory traversal
6502| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
6503| [50043] nginx up to 0.8.10 memory corruption
6504|
6505| MITRE CVE - https://cve.mitre.org:
6506| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
6507| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
6508| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
6509| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
6510| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
6511| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
6512| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
6513| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
6514| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
6515| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
6516| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
6517| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
6518| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
6519|
6520| SecurityFocus - https://www.securityfocus.com/bid/:
6521| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
6522| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
6523| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
6524| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
6525| [82230] nginx Multiple Denial of Service Vulnerabilities
6526| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
6527| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
6528| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
6529| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
6530| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
6531| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
6532| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
6533| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
6534| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
6535| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
6536| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
6537| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
6538| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
6539| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
6540| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
6541| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
6542| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
6543| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
6544| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
6545| [40420] nginx Directory Traversal Vulnerability
6546| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
6547| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
6548| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6549| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
6550| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
6551|
6552| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6553| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
6554| [84172] nginx denial of service
6555| [84048] nginx buffer overflow
6556| [83923] nginx ngx_http_close_connection() integer overflow
6557| [83688] nginx null byte code execution
6558| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
6559| [82319] nginx access.log information disclosure
6560| [80952] nginx SSL spoofing
6561| [77244] nginx and Microsoft Windows request security bypass
6562| [76778] Naxsi module for Nginx nx_extract.py directory traversal
6563| [74831] nginx ngx_http_mp4_module.c buffer overflow
6564| [74191] nginx ngx_cpystrn() information disclosure
6565| [74045] nginx header response information disclosure
6566| [71355] nginx ngx_resolver_copy() buffer overflow
6567| [59370] nginx characters denial of service
6568| [59369] nginx DATA source code disclosure
6569| [59047] nginx space source code disclosure
6570| [58966] nginx unspecified directory traversal
6571| [54025] nginx ngx_http_parse.c denial of service
6572| [53431] nginx WebDAV component directory traversal
6573| [53328] Nginx CRC-32 cached domain name spoofing
6574| [53250] Nginx ngx_http_parse_complex_uri() function code execution
6575|
6576| Exploit-DB - https://www.exploit-db.com:
6577| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
6578| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
6579| [25499] nginx 1.3.9-1.4.0 DoS PoC
6580| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
6581| [14830] nginx 0.6.38 - Heap Corruption Exploit
6582| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
6583| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
6584| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
6585| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
6586| [9829] nginx 0.7.61 WebDAV directory traversal
6587|
6588| OpenVAS (Nessus) - http://www.openvas.org:
6589| [864418] Fedora Update for nginx FEDORA-2012-3846
6590| [864310] Fedora Update for nginx FEDORA-2012-6238
6591| [864209] Fedora Update for nginx FEDORA-2012-6411
6592| [864204] Fedora Update for nginx FEDORA-2012-6371
6593| [864121] Fedora Update for nginx FEDORA-2012-4006
6594| [864115] Fedora Update for nginx FEDORA-2012-3991
6595| [864065] Fedora Update for nginx FEDORA-2011-16075
6596| [863654] Fedora Update for nginx FEDORA-2011-16110
6597| [861232] Fedora Update for nginx FEDORA-2007-1158
6598| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
6599| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
6600| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
6601| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
6602| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
6603| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
6604| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
6605| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
6606| [100659] nginx Directory Traversal Vulnerability
6607| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
6608| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
6609| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
6610| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
6611| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
6612| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
6613| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
6614| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
6615| [71297] FreeBSD Ports: nginx
6616| [71276] FreeBSD Ports: nginx
6617| [71239] Debian Security Advisory DSA 2434-1 (nginx)
6618| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
6619| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
6620| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
6621| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
6622| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
6623| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
6624| [64894] FreeBSD Ports: nginx
6625| [64869] Debian Security Advisory DSA 1884-1 (nginx)
6626|
6627| SecurityTracker - https://www.securitytracker.com:
6628| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
6629| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
6630| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
6631| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
6632|
6633| OSVDB - http://www.osvdb.org:
6634| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
6635| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
6636| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
6637| [92796] nginx ngx_http_close_connection Function Crafted r->
6638| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
6639| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
6640| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
6641| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
6642| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
6643| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
6644| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
6645| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
6646| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
6647| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
6648| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
6649| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
6650| [62617] nginx Internal DNS Cache Poisoning Weakness
6651| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
6652| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
6653| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
6654| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
6655| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
6656| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
6657| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
6658| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
6659| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
6660| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
6661|_
6662110/tcp open pop3 Dovecot pop3d
6663| vulscan: VulDB - https://vuldb.com:
6664| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6665| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6666| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6667| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6668| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6669| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6670| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6671| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6672| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6673| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6674| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6675| [69835] Dovecot 2.2.0/2.2.1 denial of service
6676| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6677| [65684] Dovecot up to 2.2.6 unknown vulnerability
6678| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6679| [63692] Dovecot up to 2.0.15 spoofing
6680| [7062] Dovecot 2.1.10 mail-search.c denial of service
6681| [57517] Dovecot up to 2.0.12 Login directory traversal
6682| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6683| [57515] Dovecot up to 2.0.12 Crash denial of service
6684| [54944] Dovecot up to 1.2.14 denial of service
6685| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6686| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6687| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6688| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6689| [53277] Dovecot up to 1.2.10 denial of service
6690| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6691| [45256] Dovecot up to 1.1.5 directory traversal
6692| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6693| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6694| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6695| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6696| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6697| [38222] Dovecot 1.0.2 directory traversal
6698| [36376] Dovecot up to 1.0.x directory traversal
6699| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6700|
6701| MITRE CVE - https://cve.mitre.org:
6702| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6703| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6704| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6705| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6706| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6707| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6708| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6709| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6710| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6711| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6712| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6713| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6714| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
6715| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
6716| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
6717| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6718| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
6719| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
6720| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
6721| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
6722| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
6723| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
6724| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
6725| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
6726| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
6727| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
6728| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
6729| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
6730| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
6731| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
6732| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
6733| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
6734| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
6735| [CVE-2002-0925] Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.
6736| [CVE-2001-0143] vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack.
6737| [CVE-2000-1197] POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
6738| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
6739|
6740| SecurityFocus - https://www.securityfocus.com/bid/:
6741| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
6742| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
6743| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
6744| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
6745| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
6746| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
6747| [67306] Dovecot Denial of Service Vulnerability
6748| [67219] akpop3d 'pszQuery' Remote Memory Corruption Vulnerability
6749| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
6750| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
6751| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
6752| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
6753| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
6754| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
6755| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
6756| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
6757| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
6758| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
6759| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
6760| [39838] tpop3d Remote Denial of Service Vulnerability
6761| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
6762| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
6763| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
6764| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
6765| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
6766| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
6767| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
6768| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
6769| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
6770| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
6771| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
6772| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
6773| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
6774| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
6775| [17961] Dovecot Remote Information Disclosure Vulnerability
6776| [16672] Dovecot Double Free Denial of Service Vulnerability
6777| [8495] akpop3d User Name SQL Injection Vulnerability
6778| [8473] Vpop3d Remote Denial Of Service Vulnerability
6779| [3990] ZPop3D Bad Login Logging Failure Vulnerability
6780| [2781] DynFX MailServer POP3d Denial of Service Vulnerability
6781|
6782| IBM X-Force - https://exchange.xforce.ibmcloud.com:
6783| [86382] Dovecot POP3 Service denial of service
6784| [84396] Dovecot IMAP APPEND denial of service
6785| [80453] Dovecot mail-search.c denial of service
6786| [71354] Dovecot SSL Common Name (CN) weak security
6787| [67675] Dovecot script-login security bypass
6788| [67674] Dovecot script-login directory traversal
6789| [67589] Dovecot header name denial of service
6790| [63267] Apple Mac OS X Dovecot information disclosure
6791| [62340] Dovecot mailbox security bypass
6792| [62339] Dovecot IMAP or POP3 denial of service
6793| [62256] Dovecot mailbox security bypass
6794| [62255] Dovecot ACL entry security bypass
6795| [60639] Dovecot ACL plugin weak security
6796| [57267] Apple Mac OS X Dovecot Kerberos security bypass
6797| [56763] Dovecot header denial of service
6798| [54363] Dovecot base_dir privilege escalation
6799| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
6800| [46323] Dovecot dovecot.conf information disclosure
6801| [46227] Dovecot message parsing denial of service
6802| [45669] Dovecot ACL mailbox security bypass
6803| [45667] Dovecot ACL plugin rights security bypass
6804| [41085] Dovecot TAB characters authentication bypass
6805| [41009] Dovecot mail_extra_groups option unauthorized access
6806| [39342] Dovecot LDAP auth cache configuration security bypass
6807| [35767] Dovecot ACL plugin security bypass
6808| [34082] Dovecot mbox-storage.c directory traversal
6809| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
6810| [26578] Cyrus IMAP pop3d buffer overflow
6811| [26536] Dovecot IMAP LIST information disclosure
6812| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
6813| [24709] Dovecot APPEND command denial of service
6814| [13018] akpop3d authentication code SQL injection
6815| [7345] Slackware Linux imapd and ipop3d core dump
6816| [6269] imap, ipop2d and ipop3d buffer overflows
6817| [5923] Linuxconf vpop3d symbolic link
6818| [4918] IPOP3D, Buffer overflow attack
6819| [1560] IPOP3D, user login successful
6820| [1559] IPOP3D user login to remote host successful
6821| [1525] IPOP3D, user logout
6822| [1524] IPOP3D, user auto-logout
6823| [1523] IPOP3D, user login failure
6824| [1522] IPOP3D, brute force attack
6825| [1521] IPOP3D, user kiss of death logout
6826| [418] pop3d mktemp creates insecure temporary files
6827|
6828| Exploit-DB - https://www.exploit-db.com:
6829| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
6830| [23053] Vpop3d Remote Denial of Service Vulnerability
6831| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
6832| [11893] tPop3d 1.5.3 DoS
6833| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
6834| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
6835| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
6836| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
6837|
6838| OpenVAS (Nessus) - http://www.openvas.org:
6839| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
6840| [901025] Dovecot Version Detection
6841| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
6842| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
6843| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
6844| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
6845| [870607] RedHat Update for dovecot RHSA-2011:0600-01
6846| [870471] RedHat Update for dovecot RHSA-2011:1187-01
6847| [870153] RedHat Update for dovecot RHSA-2008:0297-02
6848| [863272] Fedora Update for dovecot FEDORA-2011-7612
6849| [863115] Fedora Update for dovecot FEDORA-2011-7258
6850| [861525] Fedora Update for dovecot FEDORA-2007-664
6851| [861394] Fedora Update for dovecot FEDORA-2007-493
6852| [861333] Fedora Update for dovecot FEDORA-2007-1485
6853| [860845] Fedora Update for dovecot FEDORA-2008-9202
6854| [860663] Fedora Update for dovecot FEDORA-2008-2475
6855| [860169] Fedora Update for dovecot FEDORA-2008-2464
6856| [860089] Fedora Update for dovecot FEDORA-2008-9232
6857| [840950] Ubuntu Update for dovecot USN-1295-1
6858| [840668] Ubuntu Update for dovecot USN-1143-1
6859| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
6860| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
6861| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
6862| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
6863| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
6864| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
6865| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
6866| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
6867| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
6868| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
6869| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
6870| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
6871| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
6872| [70259] FreeBSD Ports: dovecot
6873| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
6874| [66522] FreeBSD Ports: dovecot
6875| [65010] Ubuntu USN-838-1 (dovecot)
6876| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
6877| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
6878| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
6879| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
6880| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
6881| [62854] FreeBSD Ports: dovecot-managesieve
6882| [61916] FreeBSD Ports: dovecot
6883| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
6884| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
6885| [60528] FreeBSD Ports: dovecot
6886| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
6887| [60089] FreeBSD Ports: dovecot
6888| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
6889| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
6890|
6891| SecurityTracker - https://www.securitytracker.com:
6892| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
6893| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
6894| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
6895|
6896| OSVDB - http://www.osvdb.org:
6897| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
6898| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
6899| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
6900| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
6901| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
6902| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
6903| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
6904| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
6905| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
6906| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
6907| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
6908| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
6909| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
6910| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
6911| [66113] Dovecot Mail Root Directory Creation Permission Weakness
6912| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
6913| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
6914| [66110] Dovecot Multiple Unspecified Buffer Overflows
6915| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
6916| [64783] Dovecot E-mail Message Header Unspecified DoS
6917| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
6918| [62796] Dovecot mbox Format Email Header Handling DoS
6919| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
6920| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
6921| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
6922| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
6923| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
6924| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
6925| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
6926| [43137] Dovecot mail_extra_groups Symlink File Manipulation
6927| [42979] Dovecot passdbs Argument Injection Authentication Bypass
6928| [39876] Dovecot LDAP Auth Cache Security Bypass
6929| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
6930| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
6931| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
6932| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
6933| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
6934| [23281] Dovecot imap/pop3-login dovecot-auth DoS
6935| [23280] Dovecot Malformed APPEND Command DoS
6936| [14459] mmmail mmpop3d USER Command mmsyslog Function Format String
6937| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
6938| [5857] Linux pop3d Arbitrary Mail File Access
6939| [2471] akpop3d username SQL Injection
6940|_
6941143/tcp open imap Dovecot imapd
6942| vulscan: VulDB - https://vuldb.com:
6943| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
6944| [134480] Dovecot up to 2.3.5.2 Submission-Login Crash denial of service
6945| [134479] Dovecot up to 2.3.5.2 IMAP Server Crash denial of service
6946| [134024] Dovecot up to 2.3.5.1 JSON Encoder Username Crash denial of service
6947| [132543] Dovecot up to 2.2.36.0/2.3.4.0 Certificate Impersonation weak authentication
6948| [119762] Dovecot up to 2.2.28 dict Authentication var_expand() denial of service
6949| [114012] Dovecot up to 2.2.33 TLS SNI Restart denial of service
6950| [114009] Dovecot SMTP Delivery Email Message Out-of-Bounds memory corruption
6951| [112447] Dovecot up to 2.2.33/2.3.0 SASL Auth Memory Leak denial of service
6952| [106837] Dovecot up to 2.2.16 ssl-proxy-openssl.c ssl-proxy-opensslc denial of service
6953| [97052] Dovecot up to 2.2.26 auth-policy Unset Crash denial of service
6954| [69835] Dovecot 2.2.0/2.2.1 denial of service
6955| [13348] Dovecot up to 1.2.15/2.1.15 IMAP4/POP3 SSL/TLS Handshake denial of service
6956| [65684] Dovecot up to 2.2.6 unknown vulnerability
6957| [9807] Dovecot up to 1.2.7 on Exim Input Sanitizer privilege escalation
6958| [63692] Dovecot up to 2.0.15 spoofing
6959| [7062] Dovecot 2.1.10 mail-search.c denial of service
6960| [59792] Cyrus IMAPd 2.4.11 weak authentication
6961| [57517] Dovecot up to 2.0.12 Login directory traversal
6962| [57516] Dovecot up to 2.0.12 Access Restriction directory traversal
6963| [57515] Dovecot up to 2.0.12 Crash denial of service
6964| [54944] Dovecot up to 1.2.14 denial of service
6965| [54943] Dovecot up to 1.2.14 Access Restriction Symlink privilege escalation
6966| [54942] Dovecot up to 2.0.4 Access Restriction denial of service
6967| [54941] Dovecot up to 2.0.4 Access Restriction unknown vulnerability
6968| [54840] Dovecot up to 1.2.12 AGate unknown vulnerability
6969| [53277] Dovecot up to 1.2.10 denial of service
6970| [50082] Dovecot up to 1.1.6 Stack-based memory corruption
6971| [45256] Dovecot up to 1.1.5 directory traversal
6972| [44846] Dovecot 1.1.4/1.1.5 IMAP Client Crash denial of service
6973| [44546] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6974| [44545] Dovecot up to 1.0.x Access Restriction unknown vulnerability
6975| [41430] Dovecot 1.0.12/1.1 Locking unknown vulnerability
6976| [40356] Dovecot 1.0.9 Cache unknown vulnerability
6977| [38222] Dovecot 1.0.2 directory traversal
6978| [37927] Ipswitch Ipswitch Collaboration Suite up to 2006.1 IMAP Service imapd32.exe memory corruption
6979| [36376] Dovecot up to 1.0.x directory traversal
6980| [35759] Atrium MERCUR IMAPD IMAP4 mcrimap4.exe memory corruption
6981| [33332] Timo Sirainen Dovecot up to 1.0test53 Off-By-One memory corruption
6982|
6983| MITRE CVE - https://cve.mitre.org:
6984| [CVE-2009-2632] Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error.
6985| [CVE-2011-4318] Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.
6986| [CVE-2011-3481] The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message.
6987| [CVE-2011-3372] imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
6988| [CVE-2011-2167] script-login in Dovecot 2.0.x before 2.0.13 does not follow the chroot configuration setting, which might allow remote authenticated users to conduct directory traversal attacks by leveraging a script.
6989| [CVE-2011-2166] script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script.
6990| [CVE-2011-1929] lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message.
6991| [CVE-2010-4011] Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue."
6992| [CVE-2010-3780] Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
6993| [CVE-2010-3779] Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox.
6994| [CVE-2010-3707] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6995| [CVE-2010-3706] plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox.
6996| [CVE-2010-3304] The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
6997| [CVE-2010-0745] Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial of service (CPU consumption) via long headers in an e-mail message.
6998| [CVE-2010-0535] Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
6999| [CVE-2010-0433] The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via SSL cipher negotiation, as demonstrated by a chroot installation of Dovecot or stunnel without Kerberos configuration files inside the chroot.
7000| [CVE-2009-3897] Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.
7001| [CVE-2009-3235] Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
7002| [CVE-2008-5301] Directory traversal vulnerability in the ManageSieve implementation in Dovecot 1.0.15, 1.1, and 1.2 allows remote attackers to read and modify arbitrary .sieve files via a ".." (dot dot) in a script name.
7003| [CVE-2008-4907] The message parsing feature in Dovecot 1.1.4 and 1.1.5, when using the FETCH ENVELOPE command in the IMAP client, allows remote attackers to cause a denial of service (persistent crash) via an email with a malformed From address, which triggers an assertion error, aka "invalid message address parsing bug."
7004| [CVE-2008-4870] dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable permissions for dovecot.conf, which allows local users to obtain the ssl_key_password parameter value.
7005| [CVE-2008-4578] The ACL plugin in Dovecot before 1.1.4 allows attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes.
7006| [CVE-2008-4577] The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
7007| [CVE-2008-1218] Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skip_password_check field to be specified.
7008| [CVE-2008-1199] Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
7009| [CVE-2007-6598] Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.
7010| [CVE-2007-5794] Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
7011| [CVE-2007-5740] The format string protection mechanism in IMAPD for Perdition Mail Retrieval Proxy 1.17 and earlier allows remote attackers to execute arbitrary code via an IMAP tag with a null byte followed by a format string specifier, which is not counted by the mechanism.
7012| [CVE-2007-5018] Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211.
7013| [CVE-2007-4211] The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a (1) COPY or (2) APPEND command.
7014| [CVE-2007-3925] Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
7015| [CVE-2007-2231] Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
7016| [CVE-2007-2173] Eval injection vulnerability in (1) courier-imapd.indirect and (2) courier-pop3d.indirect in Courier-IMAP before 4.0.6-r2, and 4.1.x before 4.1.2-r1, on Gentoo Linux allows remote attackers to execute arbitrary commands via the XMAILDIR variable, related to the LOGINRUN variable.
7017| [CVE-2007-1579] Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command.
7018| [CVE-2007-1578] Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow.
7019| [CVE-2007-0618] Unspecified vulnerability in (1) pop3d, (2) pop3ds, (3) imapd, and (4) imapds in IBM AIX 5.3.0 has unspecified impact and attack vectors, involving an "authentication vulnerability."
7020| [CVE-2006-6762] The IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to cause a denial of service via an APPEND command with a single "(" (parenthesis) in the argument.
7021| [CVE-2006-6761] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
7022| [CVE-2006-6425] Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
7023| [CVE-2006-6424] Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow
7024| [CVE-2006-5973] Off-by-one buffer overflow in Dovecot 1.0test53 through 1.0.rc14, and possibly other versions, when index files are used and mmap_disable is set to "yes," allows remote authenticated IMAP or POP3 users to cause a denial of service (crash) via unspecified vectors involving the cache file.
7025| [CVE-2006-2502] Stack-based buffer overflow in pop3d in Cyrus IMAPD (cyrus-imapd) 2.3.2, when the popsubfolders option is enabled, allows remote attackers to execute arbitrary code via a long USER command.
7026| [CVE-2006-2414] Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command.
7027| [CVE-2006-0730] Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability.
7028| [CVE-2005-2278] Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
7029| [CVE-2005-1256] Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
7030| [CVE-2005-1249] The IMAP daemon (IMAPD32.EXE) in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of service (CPU consumption) via an LSUB command with a large number of null characters, which causes an infinite loop.
7031| [CVE-2005-1015] Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
7032| [CVE-2005-0546] Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow in fetchnews, or (4) a stack-based buffer overflow in imapd.
7033| [CVE-2003-1322] Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.
7034| [CVE-2002-1782] The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a system that does not allow shell access, allows a local user with a valid IMAP account to read arbitrary files as that user.
7035| [CVE-2002-1604] Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
7036| [CVE-2002-0997] Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
7037| [CVE-2002-0379] Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
7038| [CVE-2001-0691] Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
7039| [CVE-2000-0284] Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.
7040| [CVE-1999-1557] Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password.
7041| [CVE-1999-1445] Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and PASS commands that do not provide valid usernames or passwords.
7042| [CVE-1999-1224] IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information.
7043|
7044| SecurityFocus - https://www.securityfocus.com/bid/:
7045| [103201] Dovecot CVE-2017-14461 Out-Of-Bounds Read Information Disclosure Vulnerability
7046| [97536] Dovecot CVE-2017-2669 Denial of Service Vulnerability
7047| [94639] Dovecot Auth Component CVE-2016-8652 Denial of Service Vulnerability
7048| [91175] Dovecot CVE-2016-4982 Local Information Disclosure Vulnerability
7049| [84736] Dovecot CVE-2008-4870 Local Security Vulnerability
7050| [84478] imapd CVE-1999-1224 Denial-Of-Service Vulnerability
7051| [74335] Dovecot 'ssl-proxy-openssl.c' Remote Denial of Service Vulnerability
7052| [67306] Dovecot Denial of Service Vulnerability
7053| [65650] Eudora WorldMail imapd 'UID' Command Buffer Overflow Vulnerability
7054| [63367] Dovecot Checkpassword Authentication Protocol Local Authentication Bypass Vulnerability
7055| [61763] RETIRED: Dovecot 'LIST' Command Denial of Service Vulnerability
7056| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
7057| [60052] Dovecot 'APPEND' Parameter Denial of Service Vulnerability
7058| [56759] RETIRED: Dovecot 'mail-search.c' Denial of Service Vulnerability
7059| [51403] Eudora WorldMail imapd 'LIST' Command Buffer Overflow Vulnerability
7060| [50709] Dovecot SSL Certificate 'Common Name' Field Validation Security Bypass Vulnerability
7061| [49949] Cyrus IMAPd NTTP Logic Error Authentication Bypass Vulnerability
7062| [48003] Dovecot 'script-login' Multiple Security Bypass Vulnerabilities
7063| [47930] Dovecot Header Name NULL Character Denial of Service Vulnerability
7064| [44874] Apple Mac OS X Dovecot (CVE-2010-4011) Memory Corruption Vulnerability
7065| [43690] Dovecot Access Control List (ACL) Multiple Remote Vulnerabilities
7066| [41964] Dovecot Access Control List (ACL) Plugin Security Bypass Weakness
7067| [39258] Dovecot Service Control Access List Security Bypass Vulnerability
7068| [37084] Dovecot Insecure 'base_dir' Permissions Local Privilege Escalation Vulnerability
7069| [36377] Dovecot Sieve Plugin Multiple Unspecified Buffer Overflow Vulnerabilities
7070| [32582] Dovecot ManageSieve Service '.sieve' Files Directory Traversal Vulnerability
7071| [31997] Dovecot Invalid Message Address Parsing Denial of Service Vulnerability
7072| [31587] Dovecot ACL Plugin Multiple Security Bypass Vulnerabilities
7073| [28181] Dovecot 'Tab' Character Password Check Security Bypass Vulnerability
7074| [28092] Dovecot 'mail_extra_groups' Insecure Settings Local Unauthorized Access Vulnerability
7075| [27093] Dovecot Authentication Cache Security Bypass Vulnerability
7076| [26270] Perdition IMAPD __STR_VWRITE Remote Format String Vulnerability
7077| [25733] Mercury/32 IMAPD SEARCH Command Remote Stack Buffer Overflow Vulnerability
7078| [25182] Dovecot ACL Plugin Security Bypass Vulnerability
7079| [23552] Dovecot Zlib Plugin Remote Information Disclosure Vulnerability
7080| [23058] Atrium Mercur IMapD NTLM Buffer Overflow Vulnerability
7081| [22262] IBM AIX Pop3D/Pop3DS/IMapD/IMapDS Authentication Bypass Vulnerability
7082| [21183] Dovecot IMAP Server Mapped Pages Off-By-One Buffer Overflow Vulnerability
7083| [18056] Cyrus IMAPD POP3D Remote Buffer Overflow Vulnerability
7084| [17961] Dovecot Remote Information Disclosure Vulnerability
7085| [16672] Dovecot Double Free Denial of Service Vulnerability
7086| [15980] Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
7087| [15753] Ipswitch Collaboration Suite and IMail Server IMAPD LIST Command Denial Of Service Vulnerability
7088| [12636] Cyrus IMAPD Multiple Remote Buffer Overflow Vulnerabilities
7089| [11738] Cyrus IMAPD Multiple Remote Unspecified Vulnerabilities
7090| [11729] Cyrus IMAPD Multiple Remote Vulnerabilities
7091| [6298] Cyrus IMAPD Pre-Login Heap Corruption Vulnerability
7092| [4713] Wu-imapd Partial Mailbox Attribute Remote Buffer Overflow Vulnerability
7093| [2856] Imapd 'Local' Buffer Overflow Vulnerabilities
7094| [1110] Univ. Of Washington imapd Buffer Overflow Vulnerabilities
7095| [502] NT IMail Imapd Buffer Overflow DoS Vulnerability
7096| [130] imapd Buffer Overflow Vulnerability
7097|
7098| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7099| [86382] Dovecot POP3 Service denial of service
7100| [84396] Dovecot IMAP APPEND denial of service
7101| [80453] Dovecot mail-search.c denial of service
7102| [71354] Dovecot SSL Common Name (CN) weak security
7103| [70325] Cyrus IMAPd NNTP security bypass
7104| [67675] Dovecot script-login security bypass
7105| [67674] Dovecot script-login directory traversal
7106| [67589] Dovecot header name denial of service
7107| [63267] Apple Mac OS X Dovecot information disclosure
7108| [62340] Dovecot mailbox security bypass
7109| [62339] Dovecot IMAP or POP3 denial of service
7110| [62256] Dovecot mailbox security bypass
7111| [62255] Dovecot ACL entry security bypass
7112| [60639] Dovecot ACL plugin weak security
7113| [57267] Apple Mac OS X Dovecot Kerberos security bypass
7114| [56763] Dovecot header denial of service
7115| [54363] Dovecot base_dir privilege escalation
7116| [53248] CMU Sieve plugin for Dovecot unspecified buffer overflow
7117| [47526] UW-imapd rfc822_output_char() denial of service
7118| [46323] Dovecot dovecot.conf information disclosure
7119| [46227] Dovecot message parsing denial of service
7120| [45669] Dovecot ACL mailbox security bypass
7121| [45667] Dovecot ACL plugin rights security bypass
7122| [41085] Dovecot TAB characters authentication bypass
7123| [41009] Dovecot mail_extra_groups option unauthorized access
7124| [39342] Dovecot LDAP auth cache configuration security bypass
7125| [35767] Dovecot ACL plugin security bypass
7126| [34082] Dovecot mbox-storage.c directory traversal
7127| [30433] Dovecot IMAP/POP3 server dovecot.index.cache buffer overflow
7128| [26536] Dovecot IMAP LIST information disclosure
7129| [24710] Dovecot dovecot-auth and imap/pop3-login denial of service
7130| [24709] Dovecot APPEND command denial of service
7131| [22629] RHSA-2005:408 updates for cyrus-imapd not installed
7132| [19460] Cyrus IMAP imapd buffer overflow
7133| [19455] Cyrus IMAP imapd extension off-by-one buffer overflow
7134| [18492] Novell NetMail IMAPD 101_mEna buffer overflow
7135| [10803] UW IMAP (wu-imapd) authenticated user buffer overflow
7136| [9238] UW IMAP (wu-imapd) could allow a remote attacker to access arbitrary files
7137| [9055] UW IMAP (wu-imapd) partial mailbox attributes to request buffer overflow
7138| [7345] Slackware Linux imapd and ipop3d core dump
7139| [573] Imapd denial of service
7140|
7141| Exploit-DB - https://www.exploit-db.com:
7142| [30724] Perdition 1.17 IMAPD __STR_VWRITE Remote Format String Vulnerability
7143| [25297] Dovecot with Exim sender_address Parameter - Remote Command Execution
7144| [22061] Cyrus IMAPD 1.4/1.5.19/2.0.12/2.0.16/2.1.9/2.1.10 Pre-Login Heap Corruption Vulnerability
7145| [21443] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (2)
7146| [21442] Wu-imapd 2000/2001 Partial Mailbox Attribute Remote Buffer Overflow Vulnerability (1)
7147| [19849] UoW imapd 10.234/12.264 COPY Buffer Overflow (meta)
7148| [19848] UoW imapd 10.234/12.264 LSUB Buffer Overflow (meta)
7149| [19847] UoW imapd 10.234/12.264 Buffer Overflow Vulnerabilities
7150| [19377] Ipswitch IMail 5.0 Imapd Buffer Overflow DoS Vulnerability
7151| [19107] Netscape Messaging Server 3.55,University of Washington imapd 10.234 Buffer Overflow Vulnerability
7152| [18354] WorldMail imapd 3.0 SEH overflow (egg hunter)
7153| [16836] Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
7154| [16485] MailEnable IMAPD 1.54 - STATUS Request Buffer Overflow
7155| [16482] MDaemon 9.6.4 IMAPD FETCH Buffer Overflow
7156| [16480] MailEnable IMAPD W3C Logging Buffer Overflow
7157| [16477] Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
7158| [16475] MailEnable IMAPD (2.35) Login Request Buffer Overflow
7159| [16474] Qualcomm WorldMail 3.0 IMAPD LIST Buffer Overflow
7160| [5257] Dovecot IMAP 1.0.10 <= 1.1rc2 - Remote Email Disclosure Exploit
7161| [4429] Mercury/32 4.52 IMAPD SEARCH command Post-Auth Overflow Exploit
7162| [3627] IPSwitch IMail Server <= 8.20 IMAPD Remote Buffer Overflow Exploit
7163| [3527] Mercur IMAPD 5.00.14 Remote Denial of Service Exploit (win32)
7164| [2185] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (3)
7165| [2053] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit (2)
7166| [1813] Cyrus IMAPD 2.3.2 (pop3d) Remote Buffer Overflow Exploit
7167| [1380] Eudora Qualcomm WorldMail 3.0 (IMAPd) Remote Overflow Exploit
7168| [1332] MailEnable 1.54 Pro Universal IMAPD W3C Logging BoF Exploit
7169| [1327] FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
7170| [1151] MDaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow Exploit
7171| [1124] IPSwitch IMail Server <= 8.15 IMAPD Remote Root Exploit
7172| [915] MailEnable Enterprise 1.x Imapd Remote Exploit
7173| [903] Cyrus imapd 2.2.4 - 2.2.8 (imapmagicplus) Remote Exploit
7174| [340] Linux imapd Remote Overflow File Retrieve Exploit
7175|
7176| OpenVAS (Nessus) - http://www.openvas.org:
7177| [901026] Dovecot Sieve Plugin Multiple Buffer Overflow Vulnerabilities
7178| [901025] Dovecot Version Detection
7179| [881425] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 x86_64
7180| [881403] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 x86_64
7181| [881402] CentOS Update for dovecot CESA-2011:1187 centos5 x86_64
7182| [881397] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 x86_64
7183| [881370] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 x86_64
7184| [881358] CentOS Update for dovecot CESA-2011:1187 centos4 x86_64
7185| [881318] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 x86_64
7186| [881255] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 x86_64
7187| [881050] CentOS Update for cyrus-imapd CESA-2011:1508 centos5 i386
7188| [881049] CentOS Update for cyrus-imapd CESA-2011:1508 centos4 i386
7189| [881007] CentOS Update for cyrus-imapd CESA-2011:1317 centos5 i386
7190| [880980] CentOS Update for dovecot CESA-2011:1187 centos5 i386
7191| [880978] CentOS Update for cyrus-imapd CESA-2011:1317 centos4 i386
7192| [880967] CentOS Update for dovecot CESA-2011:1187 centos4 i386
7193| [880958] CentOS Update for cyrus-imapd CESA-2011:0859 centos4 i386
7194| [880905] CentOS Update for cyrus-imapd CESA-2009:1459 centos4 i386
7195| [880864] CentOS Update for cyrus-imapd CESA-2009:1459 centos5 i386
7196| [880826] CentOS Update for cyrus-imapd CESA-2009:1116 centos5 i386
7197| [880536] CentOS Update for cyrus-imapd CESA-2011:0859 centos5 i386
7198| [870607] RedHat Update for dovecot RHSA-2011:0600-01
7199| [870520] RedHat Update for cyrus-imapd RHSA-2011:1508-01
7200| [870489] RedHat Update for cyrus-imapd RHSA-2011:1317-01
7201| [870471] RedHat Update for dovecot RHSA-2011:1187-01
7202| [870443] RedHat Update for cyrus-imapd RHSA-2011:0859-01
7203| [870153] RedHat Update for dovecot RHSA-2008:0297-02
7204| [864075] Fedora Update for cyrus-imapd FEDORA-2011-13832
7205| [863585] Fedora Update for cyrus-imapd FEDORA-2011-13869
7206| [863579] Fedora Update for cyrus-imapd FEDORA-2011-13860
7207| [863281] Fedora Update for cyrus-imapd FEDORA-2011-7193
7208| [863273] Fedora Update for cyrus-imapd FEDORA-2011-7217
7209| [863272] Fedora Update for dovecot FEDORA-2011-7612
7210| [863115] Fedora Update for dovecot FEDORA-2011-7258
7211| [861525] Fedora Update for dovecot FEDORA-2007-664
7212| [861394] Fedora Update for dovecot FEDORA-2007-493
7213| [861333] Fedora Update for dovecot FEDORA-2007-1485
7214| [860845] Fedora Update for dovecot FEDORA-2008-9202
7215| [860663] Fedora Update for dovecot FEDORA-2008-2475
7216| [860169] Fedora Update for dovecot FEDORA-2008-2464
7217| [860089] Fedora Update for dovecot FEDORA-2008-9232
7218| [840950] Ubuntu Update for dovecot USN-1295-1
7219| [840668] Ubuntu Update for dovecot USN-1143-1
7220| [840583] Ubuntu Update for dovecot vulnerabilities USN-1059-1
7221| [840335] Ubuntu Update for dovecot vulnerabilities USN-593-1
7222| [840290] Ubuntu Update for dovecot vulnerability USN-567-1
7223| [840234] Ubuntu Update for dovecot vulnerability USN-666-1
7224| [840072] Ubuntu Update for dovecot vulnerability USN-487-1
7225| [831590] Mandriva Update for cyrus-imapd MDVSA-2012:037 (cyrus-imapd)
7226| [831468] Mandriva Update for cyrus-imapd MDVSA-2011:149 (cyrus-imapd)
7227| [831410] Mandriva Update for cyrus-imapd MDVSA-2011:100 (cyrus-imapd)
7228| [831405] Mandriva Update for dovecot MDVSA-2011:101 (dovecot)
7229| [831230] Mandriva Update for dovecot MDVSA-2010:217 (dovecot)
7230| [831207] Mandriva Update for cyrus-imapd MDVA-2010:208 (cyrus-imapd)
7231| [831197] Mandriva Update for dovecot MDVSA-2010:196 (dovecot)
7232| [831054] Mandriva Update for dovecot MDVSA-2010:104 (dovecot)
7233| [830496] Mandriva Update for dovecot MDVSA-2008:232 (dovecot)
7234| [801055] Dovecot 'base_dir' Insecure Permissions Security Bypass Vulnerability
7235| [800149] UW-imapd tmail and dmail BOF Vulnerabilities (Linux)
7236| [800030] Dovecot ACL Plugin Security Bypass Vulnerabilities
7237| [70767] Gentoo Security Advisory GLSA 201110-04 (Dovecot)
7238| [70696] Debian Security Advisory DSA 2377-1 (cyrus-imapd-2.2)
7239| [70407] Debian Security Advisory DSA 2318-1 (cyrus-imapd-2.2)
7240| [70259] FreeBSD Ports: dovecot
7241| [69965] Debian Security Advisory DSA 2258-1 (kolab-cyrus-imapd)
7242| [69959] Debian Security Advisory DSA 2252-1 (dovecot)
7243| [69740] Debian Security Advisory DSA 2242-1 (cyrus-imapd-2.2)
7244| [66522] FreeBSD Ports: dovecot
7245| [66416] Mandriva Security Advisory MDVSA-2009:229-1 (cyrus-imapd)
7246| [66233] SLES10: Security update for Cyrus IMAPD
7247| [66226] SLES11: Security update for Cyrus IMAPD
7248| [66222] SLES9: Security update for Cyrus IMAPD
7249| [65938] SLES10: Security update for Cyrus IMAPD
7250| [65723] SLES11: Security update for Cyrus IMAPD
7251| [65523] SLES9: Security update for Cyrus IMAPD
7252| [65479] SLES9: Security update for cyrus-imapd
7253| [65094] SLES9: Security update for cyrus-imapd
7254| [65010] Ubuntu USN-838-1 (dovecot)
7255| [64989] CentOS Security Advisory CESA-2009:1459 (cyrus-imapd)
7256| [64978] Debian Security Advisory DSA 1892-1 (dovecot)
7257| [64977] Debian Security Advisory DSA 1893-1 (cyrus-imapd-2.2 kolab-cyrus-imapd)
7258| [64965] Fedora Core 11 FEDORA-2009-9901 (cyrus-imapd)
7259| [64963] Fedora Core 10 FEDORA-2009-9869 (cyrus-imapd)
7260| [64953] Mandrake Security Advisory MDVSA-2009:242-1 (dovecot)
7261| [64952] Mandrake Security Advisory MDVSA-2009:242 (dovecot)
7262| [64898] FreeBSD Ports: cyrus-imapd
7263| [64864] Debian Security Advisory DSA 1881-1 (cyrus-imapd-2.2)
7264| [64861] Fedora Core 10 FEDORA-2009-9559 (dovecot)
7265| [64847] Fedora Core 10 FEDORA-2009-9428 (cyrus-imapd)
7266| [64846] Fedora Core 11 FEDORA-2009-9417 (cyrus-imapd)
7267| [64838] Mandrake Security Advisory MDVSA-2009:229 (cyrus-imapd)
7268| [64271] CentOS Security Advisory CESA-2009:1116 (cyrus-imapd)
7269| [62965] Gentoo Security Advisory GLSA 200812-16 (dovecot)
7270| [62854] FreeBSD Ports: dovecot-managesieve
7271| [61916] FreeBSD Ports: dovecot
7272| [60588] Gentoo Security Advisory GLSA 200803-25 (dovecot)
7273| [60568] Debian Security Advisory DSA 1516-1 (dovecot)
7274| [60528] FreeBSD Ports: dovecot
7275| [60134] Debian Security Advisory DSA 1457-1 (dovecot)
7276| [60089] FreeBSD Ports: dovecot
7277| [58578] Debian Security Advisory DSA 1359-1 (dovecot)
7278| [56834] Debian Security Advisory DSA 1080-1 (dovecot)
7279| [55807] Slackware Advisory SSA:2005-310-06 imapd
7280| [54861] Gentoo Security Advisory GLSA 200502-29 (cyrus-imapd)
7281| [54755] Gentoo Security Advisory GLSA 200411-34 (cyrus-imapd)
7282| [53739] Debian Security Advisory DSA 215-1 (cyrus-imapd)
7283| [53288] Debian Security Advisory DSA 597-1 (cyrus-imapd)
7284| [52297] FreeBSD Ports: cyrus-imapd
7285| [52296] FreeBSD Ports: cyrus-imapd
7286| [52295] FreeBSD Ports: cyrus-imapd
7287| [52294] FreeBSD Ports: cyrus-imapd
7288| [52172] FreeBSD Ports: cyrus-imapd
7289|
7290| SecurityTracker - https://www.securitytracker.com:
7291| [1028585] Dovecot APPEND Parameter Processing Flaw Lets Remote Authenticated Users Deny Service
7292| [1024740] Mac OS X Server Dovecot Memory Aliasing Bug May Cause Mail to Be Delivered to the Wrong User
7293| [1017288] Dovecot POP3/IMAP Cache File Buffer Overflow May Let Remote Users Execute Arbitrary Code
7294| [1013278] Cyrus IMAPd Buffer Overflows in Annotate Extension, Cached Header, and Fetchnews May Let Remote Users Execute Arbitrary Code
7295|
7296| OSVDB - http://www.osvdb.org:
7297| [96172] Dovecot POP3 Service Terminated LIST Command Remote DoS
7298| [93525] Dovecot IMAP APPEND Command Malformed Parameter Parsing Remote DoS
7299| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
7300| [88058] Dovecot lib-storage/mail-search.c Multiple Keyword Search Handling Remote DoS
7301| [78304] Eudora WorldMail imapd SEH LIST Command Parsing Remote Overflow
7302| [77185] Dovecot SSL Certificate Common Name Field MitM Spoofing Weakness
7303| [75445] Cyrus IMAP Server imapd index.c index_get_ids Function References Header NULL Dereference Remote DoS
7304| [74515] Dovecot script-login chroot Configuration Setting Traversal Arbitrary File Access
7305| [74514] Dovecot script-login User / Group Configuration Settings Remote Access Restriction Bypass
7306| [72495] Dovecot lib-mail/message-header-parser.c Mail Header Name NULL Character Handling Remote DoS
7307| [69260] Apple Mac OS X Server Dovecot Memory Aliasing Mail Delivery Issue
7308| [68516] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition User Private Namespace Mailbox Access Restriction Remote Bypass
7309| [68515] Dovecot plugins/acl/acl-backend-vfile.c ACL Permission Addition Specific Entry Order Mailbox Access Restriction Remote Bypass
7310| [68513] Dovecot Non-public Namespace Mailbox ACL Manipulation Access Restriction Remote Bypass
7311| [68512] Dovecot IMAP / POP3 Session Disconnect Master Process Outage Remote DoS
7312| [66625] Dovecot ACL Plugin INBOX ACL Copying Weakness Restriction Bypass
7313| [66113] Dovecot Mail Root Directory Creation Permission Weakness
7314| [66112] Dovecot Installation base_dir Parent Directory Permission Weakness
7315| [66111] Dovecot SEARCH Functionality str_find_init() Function Overflow
7316| [66110] Dovecot Multiple Unspecified Buffer Overflows
7317| [66108] Dovecot Malformed Message Body Processing Unspecified Functions Remote DoS
7318| [64783] Dovecot E-mail Message Header Unspecified DoS
7319| [63372] Apple Mac OS X Dovecot Kerberos Authentication SACL Restriction Bypass
7320| [62796] Dovecot mbox Format Email Header Handling DoS
7321| [60316] Dovecot base_dir Directory Permission Weakness Local Privilege Escalation
7322| [58103] Dovecot CMU Sieve Plugin Script Handling Multiple Overflows
7323| [57843] Cyrus IMAP Server (cyrus-imapd) SIEVE Script Component (sieve/script.c) Crafted Script Handling Overflow
7324| [57681] UoW imap Server (uw-imapd) Arbitrary Remote File Access
7325| [52906] UW-imapd c-client Initial Request Remote Format String
7326| [52905] UW-imapd c-client Library RFC822BUFFER Routines rfc822_output_char Function Off-by-one
7327| [52456] UW-imapd on Debian Linux LOGIN Command Remote DoS
7328| [50253] Dovecot dovecot.conf Permission Weakness Local ssl_key_password Parameter Disclosure
7329| [49918] Dovecot ManageSieve Script Name Handling Traversal Arbitrary File Manipulation
7330| [49485] UW-imapd dmail Utility Mailbox Name Handling Overflow
7331| [49484] UW-imapd tmail Utility Mailbox Name Handling Overflow
7332| [49429] Dovecot Message Parsing Feature Crafted Email Header Handling Remote DoS
7333| [49099] Dovecot ACL Plugin k Right Mailbox Creation Restriction Bypass
7334| [49098] Dovecot ACL Plugin Negative Access Rights Bypass
7335| [43137] Dovecot mail_extra_groups Symlink File Manipulation
7336| [42979] Dovecot passdbs Argument Injection Authentication Bypass
7337| [42004] Perdition Mail Retrieval Proxy IMAPD IMAP Tag Remote Format String Arbitrary Code Execution
7338| [39876] Dovecot LDAP Auth Cache Security Bypass
7339| [39670] Mercury Mail Transport System IMAPD SEARCH Command Remote Overflow
7340| [39386] Dovecot ACL Plugin Insert Right APPEND / COPY Command Unauthorized Flag Manipulation
7341| [35489] Dovecot index/mbox/mbox-storage.c Traversal Arbitrary Gzip File Access
7342| [31362] Novell NetMail IMAP Daemon (IMAPD) APPEND Command Remote Overflow
7343| [31361] Novell NetMail IMAP Daemon (IMAPD) APPEND Command DoS
7344| [31360] Novell NetMail IMAP Daemon (IMAPD) SUBSCRIBE Command Remote Overflow
7345| [30524] Dovecot IMAP/POP3 Server dovecot.index.cache Handling Overflow
7346| [25853] Cyrus IMAPD pop3d USER Command Remote Overflow
7347| [25727] Dovecot Multiple Command Traversal Arbitrary Directory Listing
7348| [23281] Dovecot imap/pop3-login dovecot-auth DoS
7349| [23280] Dovecot Malformed APPEND Command DoS
7350| [18179] HP Tru64 UNIX imapd NLSPATH Environment Variable Local Overflow
7351| [13242] UW-imapd CRAM-MD5 Authentication Bypass
7352| [12385] Novell NetMail IMAPD 101_mEna Script Remote Overflow
7353| [12042] UoW imapd Multiple Unspecified Overflows
7354| [12037] UoW imapd (UW-IMAP) Multiple Command Remote Overflows
7355| [12033] Slackware Linux imapd/ipop3d Malformed USER/PASS Sequence DoS
7356| [911] UoW imapd AUTHENTICATE Command Remote Overflow
7357| [790] UoW imap Server (uw-imapd) BODY Request Remote Overflow
7358| [519] UoW imapd SIGABRT Signal Forced Crash Information Disclosure
7359|_
7360443/tcp open ssl/http nginx
7361| vulscan: VulDB - https://vuldb.com:
7362| [133852] Sangfor Sundray WLAN Controller up to 3.7.4.2 Cookie Header nginx_webconsole.php Code Execution
7363| [132132] SoftNAS Cloud 4.2.0/4.2.1 Nginx privilege escalation
7364| [131858] Puppet Discovery up to 1.3.x Nginx Container weak authentication
7365| [130644] Nginx Unit up to 1.7.0 Router Process Request Heap-based memory corruption
7366| [127759] VeryNginx 0.3.3 Web Application Firewall privilege escalation
7367| [126525] nginx up to 1.14.0/1.15.5 ngx_http_mp4_module Loop denial of service
7368| [126524] nginx up to 1.14.0/1.15.5 HTTP2 CPU Exhaustion denial of service
7369| [126523] nginx up to 1.14.0/1.15.5 HTTP2 Memory Consumption denial of service
7370| [119845] Pivotal Operations Manager up to 2.0.13/2.1.5 Nginx privilege escalation
7371| [114368] SuSE Portus 2.3 Nginx Certificate weak authentication
7372| [103517] nginx up to 1.13.2 Range Filter Request Integer Overflow memory corruption
7373| [89849] nginx RFC 3875 Namespace Conflict Environment Variable Open Redirect
7374| [87719] nginx up to 1.11.0 ngx_files.c ngx_chain_to_iovec denial of service
7375| [80760] nginx 0.6.18/1.9.9 DNS CNAME Record Crash denial of service
7376| [80759] nginx 0.6.18/1.9.9 DNS CNAME Record Use-After-Free denial of service
7377| [80758] nginx 0.6.18/1.9.9 DNS UDP Packet Crash denial of service
7378| [67677] nginx up to 1.7.3 SSL weak authentication
7379| [67296] nginx up to 1.7.3 SMTP Proxy ngx_mail_smtp_starttls privilege escalation
7380| [12822] nginx up to 1.5.11 SPDY SPDY Request Heap-based memory corruption
7381| [12824] nginx 1.5.10 on 32-bit SPDY memory corruption
7382| [11237] nginx up to 1.5.6 URI String Bypass privilege escalation
7383| [65364] nginx up to 1.1.13 Default Configuration information disclosure
7384| [8671] nginx up to 1.4 proxy_pass denial of service
7385| [8618] nginx 1.3.9/1.4.0 http/ngx_http_parse.c ngx_http_parse_chunked() memory corruption
7386| [7247] nginx 1.2.6 Proxy Function spoofing
7387| [61434] nginx 1.2.0/1.3.0 on Windows Access Restriction privilege escalation
7388| [5293] nginx up to 1.1.18 ngx_http_mp4_module MP4 File memory corruption
7389| [4843] nginx up to 1.0.13/1.1.16 HTTP Header Response Parser ngx_http_parse.c information disclosure
7390| [59645] nginx up to 0.8.9 Heap-based memory corruption
7391| [53592] nginx 0.8.36 memory corruption
7392| [53590] nginx up to 0.8.9 unknown vulnerability
7393| [51533] nginx 0.7.64 Terminal privilege escalation
7394| [50905] nginx up to 0.8.9 directory traversal
7395| [50903] nginx up to 0.8.10 NULL Pointer Dereference denial of service
7396| [50043] nginx up to 0.8.10 memory corruption
7397|
7398| MITRE CVE - https://cve.mitre.org:
7399| [CVE-2013-2070] http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028.
7400| [CVE-2013-2028] The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
7401| [CVE-2012-3380] Directory traversal vulnerability in naxsi-ui/nx_extract.py in the Naxsi module before 0.46-1 for Nginx allows local users to read arbitrary files via unspecified vectors.
7402| [CVE-2012-2089] Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
7403| [CVE-2012-1180] Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
7404| [CVE-2011-4963] nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
7405| [CVE-2011-4315] Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
7406| [CVE-2010-2266] nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded directory traversal sequences that trigger memory corruption, as demonstrated using the "%c0.%c0." sequence.
7407| [CVE-2010-2263] nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.
7408| [CVE-2009-4487] nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
7409| [CVE-2009-3898] Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination HTTP header for the WebDAV (1) COPY or (2) MOVE method.
7410| [CVE-2009-3896] src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a long URI.
7411| [CVE-2009-2629] Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
7412|
7413| SecurityFocus - https://www.securityfocus.com/bid/:
7414| [99534] Nginx CVE-2017-7529 Remote Integer Overflow Vulnerability
7415| [93903] Nginx CVE-2016-1247 Remote Privilege Escalation Vulnerability
7416| [91819] Nginx CVE-2016-1000105 Security Bypass Vulnerability
7417| [90967] nginx CVE-2016-4450 Denial of Service Vulnerability
7418| [82230] nginx Multiple Denial of Service Vulnerabilities
7419| [78928] Nginx CVE-2010-2266 Denial-Of-Service Vulnerability
7420| [70025] nginx CVE-2014-3616 SSL Session Fixation Vulnerability
7421| [69111] nginx SMTP Proxy Remote Command Injection Vulnerability
7422| [67507] nginx SPDY Implementation CVE-2014-0088 Arbitrary Code Execution Vulnerability
7423| [66537] nginx SPDY Implementation Heap Based Buffer Overflow Vulnerability
7424| [63814] nginx CVE-2013-4547 URI Processing Security Bypass Vulnerability
7425| [59824] Nginx CVE-2013-2070 Remote Security Vulnerability
7426| [59699] nginx 'ngx_http_parse.c' Stack Buffer Overflow Vulnerability
7427| [59496] nginx 'ngx_http_close_connection()' Remote Integer Overflow Vulnerability
7428| [59323] nginx NULL-Byte Arbitrary Code Execution Vulnerability
7429| [58105] Nginx 'access.log' Insecure File Permissions Vulnerability
7430| [57139] nginx CVE-2011-4968 Man in The Middle Vulnerability
7431| [55920] nginx CVE-2011-4963 Security Bypass Vulnerability
7432| [54331] Nginx Naxsi Module 'nx_extract.py' Script Remote File Disclosure Vulnerability
7433| [52999] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
7434| [52578] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
7435| [50710] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
7436| [40760] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
7437| [40434] nginx Space String Remote Source Code Disclosure Vulnerability
7438| [40420] nginx Directory Traversal Vulnerability
7439| [37711] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
7440| [36839] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
7441| [36490] nginx WebDAV Multiple Directory Traversal Vulnerabilities
7442| [36438] nginx Proxy DNS Cache Domain Spoofing Vulnerability
7443| [36384] nginx HTTP Request Remote Buffer Overflow Vulnerability
7444|
7445| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7446| [84623] Phusion Passenger gem for Ruby with nginx configuration insecure permissions
7447| [84172] nginx denial of service
7448| [84048] nginx buffer overflow
7449| [83923] nginx ngx_http_close_connection() integer overflow
7450| [83688] nginx null byte code execution
7451| [83103] Naxsi module for Nginx naxsi_unescape_uri() function security bypass
7452| [82319] nginx access.log information disclosure
7453| [80952] nginx SSL spoofing
7454| [77244] nginx and Microsoft Windows request security bypass
7455| [76778] Naxsi module for Nginx nx_extract.py directory traversal
7456| [74831] nginx ngx_http_mp4_module.c buffer overflow
7457| [74191] nginx ngx_cpystrn() information disclosure
7458| [74045] nginx header response information disclosure
7459| [71355] nginx ngx_resolver_copy() buffer overflow
7460| [59370] nginx characters denial of service
7461| [59369] nginx DATA source code disclosure
7462| [59047] nginx space source code disclosure
7463| [58966] nginx unspecified directory traversal
7464| [54025] nginx ngx_http_parse.c denial of service
7465| [53431] nginx WebDAV component directory traversal
7466| [53328] Nginx CRC-32 cached domain name spoofing
7467| [53250] Nginx ngx_http_parse_complex_uri() function code execution
7468|
7469| Exploit-DB - https://www.exploit-db.com:
7470| [26737] nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit
7471| [25775] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow
7472| [25499] nginx 1.3.9-1.4.0 DoS PoC
7473| [24967] nginx 0.6.x Arbitrary Code Execution NullByte Injection
7474| [14830] nginx 0.6.38 - Heap Corruption Exploit
7475| [13822] Nginx <= 0.7.65 / 0.8.39 (dev) Source Disclosure / Download Vulnerability
7476| [13818] Nginx 0.8.36 Source Disclosure and DoS Vulnerabilities
7477| [12804] nginx [engine x] http server <= 0.6.36 Path Draversal
7478| [9901] nginx 0.7.0-0.7.61, 0.6.0-0.6.38, 0.5.0-0.5.37, 0.4.0-0.4.14 PoC
7479| [9829] nginx 0.7.61 WebDAV directory traversal
7480|
7481| OpenVAS (Nessus) - http://www.openvas.org:
7482| [864418] Fedora Update for nginx FEDORA-2012-3846
7483| [864310] Fedora Update for nginx FEDORA-2012-6238
7484| [864209] Fedora Update for nginx FEDORA-2012-6411
7485| [864204] Fedora Update for nginx FEDORA-2012-6371
7486| [864121] Fedora Update for nginx FEDORA-2012-4006
7487| [864115] Fedora Update for nginx FEDORA-2012-3991
7488| [864065] Fedora Update for nginx FEDORA-2011-16075
7489| [863654] Fedora Update for nginx FEDORA-2011-16110
7490| [861232] Fedora Update for nginx FEDORA-2007-1158
7491| [850180] SuSE Update for nginx openSUSE-SU-2012:0237-1 (nginx)
7492| [831680] Mandriva Update for nginx MDVSA-2012:043 (nginx)
7493| [802045] 64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
7494| [801636] nginx HTTP Request Remote Buffer Overflow Vulnerability
7495| [103470] nginx 'ngx_http_mp4_module.c' Buffer Overflow Vulnerability
7496| [103469] nginx 'ngx_cpystrn()' Information Disclosure Vulnerability
7497| [103344] nginx DNS Resolver Remote Heap Buffer Overflow Vulnerability
7498| [100676] nginx Remote Source Code Disclosure and Denial of Service Vulnerabilities
7499| [100659] nginx Directory Traversal Vulnerability
7500| [100658] nginx Space String Remote Source Code Disclosure Vulnerability
7501| [100441] nginx Terminal Escape Sequence in Logs Command Injection Vulnerability
7502| [100321] nginx 'ngx_http_process_request_headers()' Remote Buffer Overflow Vulnerability
7503| [100277] nginx Proxy DNS Cache Domain Spoofing Vulnerability
7504| [100276] nginx HTTP Request Remote Buffer Overflow Vulnerability
7505| [100275] nginx WebDAV Multiple Directory Traversal Vulnerabilities
7506| [71574] Gentoo Security Advisory GLSA 201206-07 (nginx)
7507| [71308] Gentoo Security Advisory GLSA 201203-22 (nginx)
7508| [71297] FreeBSD Ports: nginx
7509| [71276] FreeBSD Ports: nginx
7510| [71239] Debian Security Advisory DSA 2434-1 (nginx)
7511| [66451] Fedora Core 11 FEDORA-2009-12782 (nginx)
7512| [66450] Fedora Core 10 FEDORA-2009-12775 (nginx)
7513| [66449] Fedora Core 12 FEDORA-2009-12750 (nginx)
7514| [64924] Gentoo Security Advisory GLSA 200909-18 (nginx)
7515| [64912] Fedora Core 10 FEDORA-2009-9652 (nginx)
7516| [64911] Fedora Core 11 FEDORA-2009-9630 (nginx)
7517| [64894] FreeBSD Ports: nginx
7518| [64869] Debian Security Advisory DSA 1884-1 (nginx)
7519|
7520| SecurityTracker - https://www.securitytracker.com:
7521| [1028544] nginx Bug Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
7522| [1028519] nginx Stack Overflow Lets Remote Users Execute Arbitrary Code
7523| [1026924] nginx Buffer Overflow in ngx_http_mp4_module Lets Remote Users Execute Arbitrary Code
7524| [1026827] nginx HTTP Response Processing Lets Remote Users Obtain Portions of Memory Contents
7525|
7526| OSVDB - http://www.osvdb.org:
7527| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
7528| [93282] nginx proxy_pass Crafted Upstream Proxied Server Response Handling Worker Process Memory Disclosure
7529| [93037] nginx /http/ngx_http_parse.c Worker Process Crafted Request Handling Remote Overflow
7530| [92796] nginx ngx_http_close_connection Function Crafted r->
7531| [92634] nginx ngx_http_request.h zero_in_uri URL Null Byte Handling Remote Code Execution
7532| [90518] nginx Log Directory Permission Weakness Local Information Disclosure
7533| [88910] nginx Proxy Functionality SSL Certificate Validation MitM Spoofing Weakness
7534| [84339] nginx/Windows Multiple Request Sequence Parsing Arbitrary File Access
7535| [83617] Naxsi Module for Nginx naxsi-ui/ nx_extract.py Traversal Arbitrary File Access
7536| [81339] nginx ngx_http_mp4_module Module Atom MP4 File Handling Remote Overflow
7537| [80124] nginx HTTP Header Response Parsing Freed Memory Information Disclosure
7538| [77184] nginx ngx_resolver.c ngx_resolver_copy() Function DNS Response Parsing Remote Overflow
7539| [65531] nginx on Windows URI ::$DATA Append Arbitrary File Access
7540| [65530] nginx Encoded Traversal Sequence Memory Corruption Remote DoS
7541| [65294] nginx on Windows Encoded Space Request Remote Source Disclosure
7542| [63136] nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
7543| [62617] nginx Internal DNS Cache Poisoning Weakness
7544| [61779] nginx HTTP Request Escape Sequence Terminal Command Injection
7545| [59278] nginx src/http/ngx_http_parse.c ngx_http_process_request_headers() Function URL Handling NULL Dereference DoS
7546| [58328] nginx WebDAV Multiple Method Traversal Arbitrary File Write
7547| [58128] nginx ngx_http_parse_complex_uri() Function Underflow
7548| [44447] nginx (engine x) msie_refresh Directive Unspecified XSS
7549| [44446] nginx (engine x) ssl_verify_client Directive HTTP/0.9 Protocol Bypass
7550| [44445] nginx (engine x) ngx_http_realip_module satisfy_any Directive Unspecified Access Bypass
7551| [44444] nginx (engine x) X-Accel-Redirect Header Unspecified Traversal
7552| [44443] nginx (engine x) rtsig Method Signal Queue Overflow
7553| [44442] nginx (engine x) Worker Process Millisecond Timers Unspecified Overflow
7554|_
7555465/tcp open ssl/smtp Exim smtpd 4.90devstart-1178-b07e68e5-XX
7556| vulscan: VulDB - https://vuldb.com:
7557| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
7558| [141327] Exim up to 4.92.1 Backslash privilege escalation
7559| [138827] Exim up to 4.92 Expansion Code Execution
7560| [135932] Exim up to 4.92 privilege escalation
7561|
7562| MITRE CVE - https://cve.mitre.org:
7563| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
7564| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
7565| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
7566| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
7567| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
7568| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
7569| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
7570| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
7571| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
7572| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
7573| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
7574| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
7575| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
7576| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
7577| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
7578| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
7579|
7580| SecurityFocus - https://www.securityfocus.com/bid/:
7581| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
7582| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
7583| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
7584| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
7585| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
7586| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
7587| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
7588| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
7589| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
7590| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
7591| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
7592| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
7593| [45308] Exim Crafted Header Remote Code Execution Vulnerability
7594| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
7595| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
7596| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
7597| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
7598| [17110] sa-exim Unauthorized File Access Vulnerability
7599| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
7600| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
7601| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
7602| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
7603| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
7604| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
7605| [6314] Exim Internet Mailer Format String Vulnerability
7606| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
7607| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
7608| [2828] Exim Format String Vulnerability
7609| [1859] Exim Buffer Overflow Vulnerability
7610|
7611| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7612| [84758] Exim sender_address parameter command execution
7613| [84015] Exim command execution
7614| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
7615| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
7616| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
7617| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
7618| [67455] Exim DKIM processing code execution
7619| [67299] Exim dkim_exim_verify_finish() format string
7620| [65028] Exim open_log privilege escalation
7621| [63967] Exim config file privilege escalation
7622| [63960] Exim header buffer overflow
7623| [59043] Exim mail directory privilege escalation
7624| [59042] Exim MBX symlink
7625| [52922] ikiwiki teximg plugin information disclosure
7626| [34265] Exim spamd buffer overflow
7627| [25286] Sa-exim greylistclean.cron file deletion
7628| [22687] RHSA-2005:025 updates for exim not installed
7629| [18901] Exim dns_build_reverse buffer overflow
7630| [18764] Exim spa_base64_to_bits function buffer overflow
7631| [18763] Exim host_aton buffer overflow
7632| [16079] Exim require_verify buffer overflow
7633| [16077] Exim header_check_syntax buffer overflow
7634| [16075] Exim sender_verify buffer overflow
7635| [13067] Exim HELO or EHLO command heap overflow
7636| [10761] Exim daemon.c format string
7637| [8194] Exim configuration file -c command-line argument buffer overflow
7638| [7738] Exim allows attacker to hide commands in localhost names using pipes
7639| [6671] Exim "
7640| [1893] Exim MTA allows local users to gain root privileges
7641|
7642| Exploit-DB - https://www.exploit-db.com:
7643| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
7644| [15725] Exim 4.63 Remote Root Exploit
7645| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
7646| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
7647| [796] Exim <= 4.42 Local Root Exploit
7648| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
7649|
7650| OpenVAS (Nessus) - http://www.openvas.org:
7651| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
7652|
7653| SecurityTracker - https://www.securitytracker.com:
7654| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
7655| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
7656| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
7657| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
7658| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
7659| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
7660| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
7661| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
7662| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
7663| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
7664| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
7665| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
7666|
7667| OSVDB - http://www.osvdb.org:
7668| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
7669| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
7670| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
7671| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
7672| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
7673| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
7674| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
7675| [70696] Exim log.c open_log() Function Local Privilege Escalation
7676| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
7677| [69685] Exim string_format Function Remote Overflow
7678| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
7679| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
7680| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
7681| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
7682| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
7683| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
7684| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
7685| [12726] Exim -be Command Line Option host_aton Function Local Overflow
7686| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
7687| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
7688| [10032] libXpm CreateXImage Function Integer Overflow
7689| [7160] Exim .forward :include: Option Privilege Escalation
7690| [6479] Vexim COOKIE Authentication Credential Disclosure
7691| [6478] Vexim Multiple Parameter SQL Injection
7692| [5930] Exim Parenthesis File Name Filter Bypass
7693| [5897] Exim header_syntax Function Remote Overflow
7694| [5896] Exim sender_verify Function Remote Overflow
7695| [5530] Exim Localhost Name Arbitrary Command Execution
7696| [5330] Exim Configuration File Variable Overflow
7697| [1855] Exim Batched SMTP Mail Header Format String
7698|_
7699587/tcp open smtp Exim smtpd 4.90devstart-1178-b07e68e5-XX
7700| vulscan: VulDB - https://vuldb.com:
7701| [113048] Exim up to 4.90 SMTP Listener Message memory corruption
7702| [141327] Exim up to 4.92.1 Backslash privilege escalation
7703| [138827] Exim up to 4.92 Expansion Code Execution
7704| [135932] Exim up to 4.92 privilege escalation
7705|
7706| MITRE CVE - https://cve.mitre.org:
7707| [CVE-2012-5671] Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers to execute arbitrary code via an email from a malicious DNS server.
7708| [CVE-2012-0478] The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 does not properly restrict JSVAL_TO_OBJECT casts, which might allow remote attackers to execute arbitrary code via a crafted web page.
7709| [CVE-2011-1764] Format string vulnerability in the dkim_exim_verify_finish function in src/dkim.c in Exim before 4.76 might allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via format string specifiers in data used in DKIM logging, as demonstrated by an identity field containing a % (percent) character.
7710| [CVE-2011-1407] The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or access a filesystem via a crafted identity.
7711| [CVE-2011-0017] The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
7712| [CVE-2010-4345] Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory directive.
7713| [CVE-2010-4344] Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted headers, leading to improper rejection logging.
7714| [CVE-2010-2024] transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/.
7715| [CVE-2010-2023] transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file.
7716| [CVE-2006-1251] Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
7717| [CVE-2005-0022] Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
7718| [CVE-2005-0021] Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
7719| [CVE-2004-0400] Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
7720| [CVE-2004-0399] Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
7721| [CVE-2003-0743] Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
7722| [CVE-2002-1381] Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.
7723|
7724| SecurityFocus - https://www.securityfocus.com/bid/:
7725| [103049] Exim 'base64d()' Function Buffer Overflow Vulnerability
7726| [99252] Exim CVE-2017-1000369 Local Privilege Escalation Vulnerability
7727| [94947] Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
7728| [84132] Exim CVE-2016-1531 Local Privilege Escalation Vulnerability
7729| [68857] Exim CVE-2014-2972 Local Privilege Escalation Vulnerability
7730| [67695] Exim 'dmarc.c' Remote Code Execution Vulnerability
7731| [60465] Exim for Dovecot 'use_shell' Remote Command Execution Vulnerability
7732| [56285] Exim DKIM DNS Decoding CVE-2012-5671 Remote Buffer Overflow Vulnerability
7733| [47836] Exim DKIM CVE-2011-1407 Remote Code Execution Vulnerability
7734| [47736] Exim 'dkim_exim_verify_finish()' Remote Format String Vulnerability
7735| [46065] Exim 'log.c' Local Privilege Escalation Vulnerability
7736| [45341] Exim ALT_CONFIG_ROOT_ONLY 'exim' User Local Privilege Escalation Vulnerability
7737| [45308] Exim Crafted Header Remote Code Execution Vulnerability
7738| [40454] Exim MBX Locking Insecure Temporary File Creation Vulnerability
7739| [40451] Exim Sticky Mail Directory Local Privilege Escalation Vulnerability
7740| [36181] ikiwiki 'teximg' Plugin Insecure TeX Commands Information Disclosure Vulnerability
7741| [23977] Exim SpamAssassin Reply Remote Buffer Overflow Vulnerability
7742| [17110] sa-exim Unauthorized File Access Vulnerability
7743| [12268] Exim IP Address Command Line Argument Local Buffer Overflow Vulnerability
7744| [12188] Exim SPA Authentication Remote Buffer Overflow Vulnerability
7745| [12185] Exim Illegal IPv6 Address Buffer Overflow Vulnerability
7746| [10291] Exim Header Syntax Checking Remote Stack Buffer Overrun Vulnerability
7747| [10290] Exim Sender Verification Remote Stack Buffer Overrun Vulnerability
7748| [8518] Exim EHLO/HELO Remote Heap Corruption Vulnerability
7749| [6314] Exim Internet Mailer Format String Vulnerability
7750| [4096] Exim Configuration File Argument Command Line Buffer Overflow Vulnerability
7751| [3728] Exim Pipe Hostname Arbitrary Command Execution Vulnerability
7752| [2828] Exim Format String Vulnerability
7753| [1859] Exim Buffer Overflow Vulnerability
7754|
7755| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7756| [84758] Exim sender_address parameter command execution
7757| [84015] Exim command execution
7758| [80186] Mozilla Firefox, Thunderbird, and SeaMonkey copyTexImage2D code execution
7759| [80184] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D calls code execution
7760| [79615] Exim dkim_exim_query_dns_txt() buffer overflow
7761| [75155] Mozilla Firefox, Thunderbird, and SeaMonkey texImage2D denial of service
7762| [67455] Exim DKIM processing code execution
7763| [67299] Exim dkim_exim_verify_finish() format string
7764| [65028] Exim open_log privilege escalation
7765| [63967] Exim config file privilege escalation
7766| [63960] Exim header buffer overflow
7767| [59043] Exim mail directory privilege escalation
7768| [59042] Exim MBX symlink
7769| [52922] ikiwiki teximg plugin information disclosure
7770| [34265] Exim spamd buffer overflow
7771| [25286] Sa-exim greylistclean.cron file deletion
7772| [22687] RHSA-2005:025 updates for exim not installed
7773| [18901] Exim dns_build_reverse buffer overflow
7774| [18764] Exim spa_base64_to_bits function buffer overflow
7775| [18763] Exim host_aton buffer overflow
7776| [16079] Exim require_verify buffer overflow
7777| [16077] Exim header_check_syntax buffer overflow
7778| [16075] Exim sender_verify buffer overflow
7779| [13067] Exim HELO or EHLO command heap overflow
7780| [10761] Exim daemon.c format string
7781| [8194] Exim configuration file -c command-line argument buffer overflow
7782| [7738] Exim allows attacker to hide commands in localhost names using pipes
7783| [6671] Exim "
7784| [1893] Exim MTA allows local users to gain root privileges
7785|
7786| Exploit-DB - https://www.exploit-db.com:
7787| [16925] Exim4 <= 4.69 - string_format Function Heap Buffer Overflow
7788| [15725] Exim 4.63 Remote Root Exploit
7789| [1009] Exim <= 4.41 dns_build_reverse Local Exploit
7790| [812] Exim <= 4.43 auth_spa_server() Remote PoC Exploit
7791| [796] Exim <= 4.42 Local Root Exploit
7792| [756] Exim <= 4.41 dns_build_reverse Local Exploit PoC
7793|
7794| OpenVAS (Nessus) - http://www.openvas.org:
7795| [100663] Exim < 4.72 RC2 Multiple Vulnerabilities
7796|
7797| SecurityTracker - https://www.securitytracker.com:
7798| [1025539] Exim DKIM Processing Flaw Lets Remote Users Execute Arbitrary Code
7799| [1025504] Exim DKIM Signature Format String Flaw Lets Remote Users Execute Arbitrary Code
7800| [1024859] Exim Configuration File Capability Lets Local Users Gain Elevated Privileges
7801| [1024858] Exim Buffer Overfow in string_format() Lets Remote Users Execute Arbitrary Code
7802| [1012904] Exim Buffer Overflow in dns_build_reverse() Lets Local Users Obtain Elevated Privileges
7803| [1012771] Exim Buffer Overflows in host_aton() and spa_base64_to_bits() May Let Local Users Gain Elevated Privileges
7804| [1010081] Exim Buffer Overflows in 'accept.c' and 'verify.c' Let Remote Users Execute Arbitrary Code
7805| [1007609] Exim Heap Overflow in 'smtp_in.c' May Allow Remote Arbitrary Code Execution
7806| [1005756] Exim Mail Server Format String Bug Lets Local Exim Administrators Execute Arbitrary Code With Root Privileges
7807| [1003547] Potential Bug in Exim Mail Server May Let Local Users Execute Code With Root Privileges
7808| [1003014] Exim Mail Server Pipe Address Validation Error May Let Remote Users Execute Arbitrary Code With Root Privileges in a Certain Configuration
7809| [1001694] Exim Mail Server May Allow Remote Users to Execute Arbitrary Code with Root-Level Privileges on the Server
7810|
7811| OSVDB - http://www.osvdb.org:
7812| [93004] Dovecot with Exim sender_address Parameter Remote Command Execution
7813| [87599] Mozilla Multiple Product copyTexImage2D Call Image Dimension Handling Memory Corruption
7814| [87581] Mozilla Multiple Product texImage2D Call Handling Memory Corruption
7815| [86616] Exim src/dkim.c dkim_exim_query_dns_txt() Function DNS Record Parsing Remote Overflow
7816| [81523] Mozilla Multiple Product WebGL texImage2D() Function JSVAL_TO_OBJECT Remote Code Execution
7817| [72642] Exim DKIM Identity Lookup Item Remote Code Execution
7818| [72156] Exim src/dkim.c dkim_exim_verify_finish() Function DKIM-Signature Header Format String
7819| [70696] Exim log.c open_log() Function Local Privilege Escalation
7820| [69860] Exim exim User Account Configuration File Directive Local Privilege Escalation
7821| [69685] Exim string_format Function Remote Overflow
7822| [65159] Exim transports/appendfile.c MBX Locking Race Condition Permission Modification
7823| [65158] Exim transports/appendfile.c Hardlink Handling Arbitrary File Overwrite
7824| [57575] teximg Plugin for ikiwiki TEX Command Arbitrary File Local Disclosure
7825| [23849] sa-exim greylistclean.cron Arbitrary File Deletion
7826| [13073] Oracle Database Server Advanced Queuing Component dbms_transform_eximp Unspecified Security Issue
7827| [12946] Exim -bh Command Line Option dns_build_reverse Function Local Overflow
7828| [12727] Exim SPA Authentication spa_base64_to_bits Function Remote Overflow
7829| [12726] Exim -be Command Line Option host_aton Function Local Overflow
7830| [10877] Exim smtp_in.c HELO/EHLO Remote Overflow
7831| [10360] Exim daemon.c pid_file_path Variable Manipulation Arbitrary Command Execution
7832| [10032] libXpm CreateXImage Function Integer Overflow
7833| [7160] Exim .forward :include: Option Privilege Escalation
7834| [6479] Vexim COOKIE Authentication Credential Disclosure
7835| [6478] Vexim Multiple Parameter SQL Injection
7836| [5930] Exim Parenthesis File Name Filter Bypass
7837| [5897] Exim header_syntax Function Remote Overflow
7838| [5896] Exim sender_verify Function Remote Overflow
7839| [5530] Exim Localhost Name Arbitrary Command Execution
7840| [5330] Exim Configuration File Variable Overflow
7841| [1855] Exim Batched SMTP Mail Header Format String
7842|_
7843993/tcp open ssl/imaps?
7844995/tcp open ssl/pop3s?
78452077/tcp open tsrmagt?
7846| fingerprint-strings:
7847| SIPOptions:
7848| HTTP/1.1 302 Moved
7849| Date: Thu, 24 Oct 2019 15:55:04 GMT
7850| Server: cPanel
7851| Persistent-Auth: false
7852| Host: c59833.sgvps.net:2077
7853| Cache-Control: no-cache, no-store, must-revalidate, private
7854| Connection: close
7855| Location: https://c59833.sgvps.net:2078sip:nm
7856| Vary: Accept-Encoding
7857| Expires: Fri, 01 Jan 1990 00:00:00 GMT
7858|_ X-Redirect-Reason: requiressl
78592078/tcp open ssl/http cPanel httpd (unauthorized)
7860|_http-server-header: cPanel
7861| vulscan: VulDB - https://vuldb.com:
7862| [139613] cPanel up to 57.9999.53 TTY enablefileprotect unknown vulnerability
7863| [139612] cPanel up to 57.9999.53 TTY /scripts/unsuspendacct unknown vulnerability
7864| [139611] cPanel up to 57.9999.53 TTY maildir_converter unknown vulnerability
7865| [139610] cPanel up to 57.9999.53 TTY /scripts/checkinfopages unknown vulnerability
7866| [139609] cPanel up to 57.9999.53 TTY /scripts/addpop unknown vulnerability
7867| [139608] cPanel up to 57.9999.53 /scripts/killpvhost denial of service
7868| [139607] cPanel up to 57.9999.53 Paper Lantern Landing Page cross site scripting
7869| [139606] cPanel up to 57.9999.53 ajax_maketext_syntax_util.pl Code Execution
7870| [139605] cPanel up to 57.9999.53 SQLite Journal directory traversal
7871| [139604] cPanel up to 57.9999.104 LOC Record Newline Injection privilege escalation
7872| [139603] cPanel up to 58.0.4 PHP CGI Code Execution
7873| [139602] cPanel up to 58.0.3 Session unknown vulnerability
7874| [139601] cPanel up to 58.0.3 BoxTrapper API API Call privilege escalation
7875| [139599] cPanel before up to 58.0.3 unknown vulnerability
7876| [139551] cPanel up to 58.0.3 Purchase and Install an SSL Certificate Page Domain information disclosure
7877| [139549] cPanel up to 59.9999.144 tail_upcp2.cgi cross site scripting
7878| [139548] cPanel up to 59.9999.144 Multipart Message File privilege escalation
7879| [139547] cPanel up to 59.9999.144 Script Code Execution
7880| [139546] cPanel up to 59.9999.144 Mailman List Archive Code Execution
7881| [139545] cPanel up to 60.0.14 Password Policy denial of service
7882| [139544] cPanel up to 60.0.24 HTTP POST weak encryption
7883| [139543] cPanel up to 60.0.24 Error Response Code Execution
7884| [139542] cPanel up to 60.0.24 Maketext Code Execution
7885| [139541] cPanel up to 60.0.24 Access Control privilege escalation
7886| [139540] cPanel up to 60.0.24 Apache HTTP Server Key information disclosure
7887| [139539] cPanel up to 60.0.24 File Copy information disclosure
7888| [139538] cPanel up to 60.0.24 Alias Upload Interface cross site scripting
7889| [139537] cPanel up to 60.0.24 SSL_listkeys Stored cross site scripting
7890| [139536] cPanel up to 60.0.24 postgres API1 listdbs Stored cross site scripting
7891| [139535] cPanel up to 60.0.24 UI_confirm API cross site scripting
7892| [139534] cPanel up to 60.0.24 ftp_sessions API Stored cross site scripting
7893| [139533] cPanel up to 60.0.24 api1_listautoresponders Stored cross site scripting
7894| [139532] cPanel up to 60.0.24 listftpstable API Stored cross site scripting
7895| [139531] cPanel up to 60.0.24 WHM Tweak Settings for autodiscover_host cross site scripting
7896| [139530] cPanel up to 60.0.24 WHM Account Termination Stored cross site scripting
7897| [139495] cPanel up to 62.0.3 WHM API privilege escalation
7898| [139494] cPanel up to 62.0.3 Account Suspension Stored cross site scripting
7899| [139493] cPanel up to 62.0.3 WHM API API Call privilege escalation
7900| [139492] cPanel up to 62.0.3 WHM SSL certificate Generation Email privilege escalation
7901| [139491] cPanel up to 62.0.3 XML-API ACL privilege escalation
7902| [139490] cPanel up to 62.0.3 Exim privilege escalation
7903| [139489] cPanel up to 62.0.3 Leech Protect privilege escalation
7904| [139488] cPanel up to 62.0.3 Exim privilege escalation
7905| [139487] cPanel up to 62.0.3 Exim directory traversal
7906| [139486] cPanel up to 62.0.3 WebMail cross site scripting
7907| [139485] cPanel up to 62.0.3 Password Reset Reflected cross site scripting
7908| [139484] cPanel up to 62.0.3 Password Change cross site scripting
7909| [139483] cPanel up to 62.0.3 Test Account Default Credentials weak authentication
7910| [139482] cPanel up to 62.0.16 API API Call Code Execution
7911| [139481] cPanel up to 62.0.16 API setphppreference Code Execution
7912| [139480] cPanel up to 62.0.16 URL Filter privilege escalation
7913| [139479] cPanel up to 62.0.16 Domain privilege escalation
7914| [139477] cPanel up to 62.0.16 WHM Zone Template Editor privilege escalation
7915| [139476] cPanel up to 62.0.16 IP Protection Bypass privilege escalation
7916| [139475] cPanel up to 60.0.24 reassign_post_terminate_cruft privilege escalation
7917| [139474] cPanel up to 60.0.24 tail_ea4_migration.cgi cross site scripting
7918| [139473] cPanel up to 60.0.24 Message Format String
7919| [139471] cPanel up to 60.0.24 ModSecurity Audit Logfile privilege escalation
7920| [139470] cPanel up to 60.0.24 RoundCube Update privilege escalation
7921| [139469] cPanel up to 60.0.24 FormMail-clone.cgi Open Redirect
7922| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
7923| [139467] cPanel up to 60.0.24 WHM Repair Mailbox Permissions Interface Stored cross site scripting
7924| [139361] cPanel up to 62.0.16 Security Policy privilege escalation
7925| [139356] cPanel up to 62.0.16 WHM cPAddons showsecurity Interface cross site scripting
7926| [139355] cPanel up to 62.0.16 Addon Domain Conversion privilege escalation
7927| [139354] cPanel up to 62.0.23 WHM cPAddons Install Interface Stored cross site scripting
7928| [139353] cPanel up to 64.0.20 Account Rename privilege escalation
7929| [139351] cPanel up to 64.0.20 crontab Timing information disclosure
7930| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
7931| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
7932| [139348] cPanel up to 64.0.20 Serverinfo_manpage API API Call directory traversal
7933| [139347] cPanel up to 64.0.20 ClamScanner_getsocket API Code Execution
7934| [139346] cPanel up to 64.0.20 SourceIPCheck API directory traversal
7935| [139345] cPanel up to 64.0.20 SSL API API Call privilege escalation
7936| [139344] cPanel up to 64.0.20 SSH API Command privilege escalation
7937| [139343] cPanel up to 64.0.20 SSH Port Forwarding privilege escalation
7938| [139342] cPanel up to 64.0.20 API Cpanel::SPFUI privilege escalation
7939| [139341] cPanel up to 64.0.20 Demo Account Open Redirect
7940| [139340] cPanel up to 64.0.20 traceroute privilege escalation
7941| [139339] cPanel up to 64.0.20 ImageManager API Call Code Execution
7942| [139338] cPanel up to 64.0.20 Encoding API Call Code Execution
7943| [139336] cPanel up to 64.0.20 API Call Fileman::getfileactions directory traversal
7944| [139335] cPanel up to 64.0.20 BoxTrapper API Code Execution
7945| [139333] cPanel up to 64.0.20 Filter API API Call Code Execution
7946| [139331] cPanel up to 66.0.0 Suspend privilege escalation
7947| [139326] cPanel up to 66.0.1 Log File information disclosure
7948| [139320] cPanel up to 66.0.1 WHM cPAddons Processing Stored cross site scripting
7949| [139319] cPanel up to 66.0.1 WHM cPAddons Uninstallation Stored cross site scripting
7950| [139318] cPanel up to 66.0.1 WHM cPAddons file Operation Stored cross site scripting
7951| [139317] cPanel up to 66.0.1 WHM cPAddons Installation Stored cross site scripting
7952| [139316] cPanel up to 67.9999.102 Roundcube SQLite Schema Update directory traversal
7953| [139314] cPanel up to 67.9999.102 redirect.html Open Redirect
7954| [139311] cPanel up to 67.9999.102 Addon Domain Conversion privilege escalation
7955| [139310] cPanel up to 67.9999.102 Backup Archive information disclosure
7956| [139309] cPanel up to 67.9999.102 Backup Interface Archive information disclosure
7957| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
7958| [139307] cPanel up to 67.9999.102 Support-Agreement Download weak authentication
7959| [139306] cPanel up to 67.9999.102 eximstats sql injection
7960| [139304] cPanel up to 68.0.14 Domain denial of service
7961| [139303] cPanel up to 68.0.14 Mailman Archive Code Execution
7962| [139302] cPanel up to 68.0.14 cpaddons Stored cross site scripting
7963| [139301] cPanel up to 68.0.14 Username unknown vulnerability
7964| [139299] cPanel up to 68.0.14 sqloptimizer information disclosure
7965| [139298] cPanel up to 68.0.14 Hostname privilege escalation
7966| [139295] cPanel up to 68.0.14 SSL Username privilege escalation
7967| [139294] cPanel up to 68.0.14 Username privilege escalation
7968| [139293] cPanel up to 68.0.14 Email Username privilege escalation
7969| [139292] cPanel up to 68.0.14 PostgreSQL Database Collision privilege escalation
7970| [139289] cPanel up to 68.0.14 dovecot-xaps-plugin Format privilege escalation
7971| [139287] cPanel up to 68.0.14 Reseller Style Upload Code Execution
7972| [139286] cPanel up to 68.0.14 PostgresAdmin Code Execution
7973| [139282] cPanel up to 68.0.14 DNS Zone SOA Record privilege escalation
7974| [139260] cPanel up to 68.0.26 WHM listips Interface cross site scripting
7975| [139259] cPanel up to 68.0.26 WHM Apache Includes Editor information disclosure
7976| [139258] cPanel up to 68.0.26 WHM Spamd Startup Config cross site scripting
7977| [139257] cPanel up to 68.0.26 WHM Account Transfer Stored cross site scripting
7978| [139256] cPanel up to 68.0.26 WHM Apache Configuration Include Editor cross site scripting
7979| [139255] cPanel up to 68.0.26 Backup cross site scripting
7980| [139252] cPanel up to 68.0.26 bin/csvprocess privilege escalation
7981| [139245] cPanel up to 68.0.26 WHM API API Call privilege escalation
7982| [139244] cPanel up to 68.0.26 Rename User Name information disclosure
7983| [139242] cPanel up to 70.0.22 WHM Reset a DNS Zone Stored cross site scripting
7984| [139241] cPanel up to 70.0.22 Account Suspension privilege escalation
7985| [139240] cPanel up to 70.0.22 WHM Edit DNS Zone Stored cross site scripting
7986| [139239] cPanel up to 70.0.22 Apache HTTP Server Log information disclosure
7987| [139238] cPanel up to 70.0.22 Landing Page Code Execution
7988| [139237] cPanel up to 70.0.22 Htaccess Optimization Bypass privilege escalation
7989| [139236] cPanel up to 70.0.22 redirect.html Open Redirect
7990| [139235] cPanel up to 70.0.22 cpaddons Vendor Interface Stored cross site scripting
7991| [139231] cPanel up to 70.0.22 WHM Style Upload privilege escalation
7992| [139230] cPanel up to 70.0.22 WHM Synchronize DNS Record Stored cross site scripting
7993| [139229] cPanel up to 70.0.22 WHM DNS Cleanup Stored cross site scripting
7994| [139228] cPanel up to 70.0.22 WHM Delete a DNS Zone Stored cross site scripting
7995| [139227] cPanel up to 70.0.22 HM Edit DNS Zone Stored cross site scripting
7996| [139226] cPanel up to 70.0.22 WHM Create Account Stored cross site scripting
7997| [139225] cPanel up to 70.0.22 WHM DNS Cluster Stored cross site scripting
7998| [139223] cPanel up to 70.0.22 WHM Edit MX Entry Stored cross site scripting
7999| [139222] cPanel up to 70.0.22 WHM Edit DNS Zone Stored cross site scripting
8000| [139221] cPanel up to 70.0.22 OpenID Injection privilege escalation
8001| [139220] cPanel up to 70.0.22 trustclustermaster.cgi information disclosure
8002| [139219] cPanel up to 70.0.22 awstats Code Execution
8003| [139218] cPanel up to 70.0.22 cpaddonsup Code Execution
8004| [139217] cPanel up to 70.0.22 WHM cPAddons showsecurity Interface cross site scripting
8005| [139214] cPanel up to 71.9980.36 API Mime::list_hotlinks privilege escalation
8006| [139213] cPanel up to 71.9980.36 Image Feature API Call privilege escalation
8007| [139212] cPanel up to 71.9980.36 Backup API Call privilege escalation
8008| [139211] cPanel up to 71.9980.36 cron API Call privilege escalation
8009| [139210] cPanel up to 71.9980.36 WHM Backup Configuration Interface cross site scripting
8010| [139208] cPanel up to 71.9980.36 WHM Save Theme Interface Stored cross site scripting
8011| [139207] cPanel up to 71.9980.36 YUM Autorepair Stored cross site scripting
8012| [139206] cPanel up to 71.9980.36 WHM cPAddons Installation Interface Stored cross site scripting
8013| [139205] cPanel up to 71.9980.36 cPAddons Moderation Injection privilege escalation
8014| [139202] cPanel up to 71.9980.36 API Token ACL unknown vulnerability
8015| [139199] cPanel up to 73.x CAA Record privilege escalation
8016| [139197] cPanel up to 73.x Record privilege escalation
8017| [139194] cPanel up to 73.x Database Backup sql injection
8018| [139190] cPanel up to 11.53.x WHM API Zone privilege escalation
8019| [139189] cPanel up to 11.53.x Webmail API Password Reset privilege escalation
8020| [139188] cPanel up to 11.53.x DNS NS Entry Code Execution
8021| [139187] cPanel up to 11.53.x Email Sending privilege escalation
8022| [139186] cPanel up to 11.53.x Comet Feed information disclosure
8023| [139185] cPanel up to 11.54.0.3 cpsrvd Code Execution
8024| [139184] cPanel up to 11.54.0.3 X3 Entropy Banner Interface cross site scripting
8025| [139183] cPanel up to 11.54.0.3 WHM Feature Manager interface Stored cross site scripting
8026| [139182] cPanel up to 11.54.0.3 AppConfig Subsystem ACL privilege escalation
8027| [139181] cPanel up to 11.54.0.3 WHM PHP Configuration Editor Interface cross site scripting
8028| [139180] cPanel up to 11.54.0.3 synccpaddonswithsqlhost Code Execution
8029| [139179] cPanel up to 11.54.0.3 scripts/secureit privilege escalation
8030| [139178] cPanel up to 11.54.0.3 scripts/quotacheck directory traversal
8031| [139177] cPanel up to 11.54.0.3 scripts/fixmailboxpath directory traversal
8032| [139176] cPanel up to 11.54.0.3 Roundcube Database Conversion privilege escalation
8033| [139175] cPanel up to 11.54.0.3 check_system_storable directory traversal
8034| [139174] cPanel up to 11.54.0.3 chcpass Password information disclosure
8035| [139173] cPanel up to 11.54.0.3 JSON-API Code Execution
8036| [139172] cPanel up to 11.54.0.3 setup_global_spam_filter.pl directory traversal
8037| [139171] cPanel up to 11.54.0.3 bin/mkvhostspasswd information disclosure
8038| [139170] cPanel up to 11.54.0.3 Duplication Code Execution
8039| [139169] cPanel up to 11.54.0.3 horde_update_usernames sql injection
8040| [139168] cPanel up to 11.54.0.3 bin/fmq directory traversal
8041| [139167] cPanel up to 11.54.0.3 @INC Path Code Execution
8042| [139166] cPanel up to 55.9999.140 Authentication directory traversal
8043| [139165] cPanel up to 55.9999.140 cPHulkd privilege escalation
8044| [139164] cPanel up to 55.9999.140 FTP Lockout privilege escalation
8045| [139163] cPanel up to 55.9999.140 cPHulkd privilege escalation
8046| [139162] cPanel up to 55.9999.140 FTP cPHulk privilege escalation
8047| [139161] cPanel up to 55.9999.140 Two-factor Authentication weak authentication
8048| [139160] cPanel up to 55.9999.140 ACL Bypass privilege escalation
8049| [139158] cPanel up to 55.9999.140 @INC Path Code Execution
8050| [139157] cPanel up to 55.9999.140 WHM Edit System Mail Preferences Stored cross site scripting
8051| [139156] cPanel up to 55.9999.140 Two Factor Authentication DNS Clustering Request Bypass weak authentication
8052| [139155] cPanel up to 55.9999.140 Security Policy Bypass privilege escalation
8053| [139154] cPanel up to 55.9999.140 DNS NS Entry Code Execution
8054| [139153] cPanel up to 55.9999.140 Maketext Code Execution
8055| [139152] cPanel up to 55.9999.140 X3 Reseller Branding Image cross site scripting
8056| [139151] cPanel up to 55.9999.140 Scripts/addpop information disclosure
8057| [139150] cPanel up to 55.9999.140 Daemons privilege escalation
8058| [139149] cPanel up to 57.9999.53 cpanellogd information disclosure
8059| [139148] cPanel up to 57.9999.53 File Permission Log privilege escalation
8060| [139147] cPanel up to 57.9999.53 ModSecurity TailWatch Log File sql injection
8061| [139146] cPanel up to 57.9999.53 WebMail Code Execution
8062| [139145] cPanel up to 57.9999.53 WebMail directory traversal
8063| [139144] cPanel up to 57.9999.53 Demo Mode show_template.stor privilege escalation
8064| [139143] cPanel up to 57.9999.53 FTP Account cross site scripting
8065| [139142] cPanel up to 11.52.0.12 get_information_for_applications directory traversal
8066| [139130] cPanel up to 73.x Apache HTTP Server Injection privilege escalation
8067| [139129] cPanel up to 73.x WHM File Restoration Interface Stored cross site scripting
8068| [139128] cPanel up to 74.0.7 Account Suspension privilege escalation
8069| [139126] cPanel up to 74.0.7 Security Questions Login Page Stored cross site scripting
8070| [139124] cPanel up to 74.0.7 Demo Account Fileman::viewfile Code Execution
8071| [139123] cPanel up to 74.0.7 File and Directory Restoration Stored cross site scripting
8072| [139122] cPanel up to 74.0.7 WHM Style Upload Interface cross site scripting
8073| [139121] cPanel up to 74.0.7 Site Software Moderation Interface cross site scripting
8074| [139120] cPanel up to 74.0.7 WHM Security Questions Interface cross site scripting
8075| [139119] cPanel up to 74.0.7 Create a New Account cross site scripting
8076| [139021] cPanel up to 78.0.1 Connection Reset File privilege escalation
8077| [139019] cPanel up to 78.0.1 DCV API privilege escalation
8078| [139016] cPanel up to 78.0.1 Demo Account privilege escalation
8079| [139015] cPanel up to 78.0.1 OpenID information disclosure
8080| [139014] cPanel up to 78.0.17 BoxTrapper Queue Listing Stored cross site scripting
8081| [139013] cPanel up to 78.0.17 securitypolicy.cg Code Execution
8082| [139011] cPanel up to 78.0.17 Mail Relay Spam privilege escalation
8083| [139009] cPanel up to 78.0.17 API Code Execution
8084| [139006] cPanel up to 80.0.4 ajax_maketext_syntax_util.pl Code Execution
8085| [139005] cPanel up to 80.0.4 API privilege escalation
8086| [139000] cPanel up to 80.0.21 Demo Account Code Execution
8087| [138998] cPanel up to 82.0.1 Modify Account Interface Stored cross site scripting
8088| [138996] cPanel up to 82.0.1 Exim Log Parser privilege escalation
8089| [138995] cPanel up to 82.0.1 Webmail Master Template cross site scripting
8090| [138994] cPanel up to 82.0.1 WHM Tomcat Manager Interface Stored cross site scripting
8091| [138974] cPanel up to 76.0.7 MultiPHP Manager Interface Stored cross site scripting
8092| [138973] cPanel up to 76.0.7 Connection Open Redirect
8093| [138972] cPanel up to 76.0.7 DNS Zone Stored cross site scripting
8094| [138971] cPanel up to 76.0.7 Backup cross site scripting
8095| [138970] cPanel up to 76.0.7 Virtual FTP Server privilege escalation
8096| [138969] cPanel up to 76.0.7 Attachment Code Execution
8097| [123444] cPanel up to 74 HTML Rendering index.html cross site scripting
8098| [114155] Afian FileRun ?module=users§ion=cpanel&page=list Parameter sql injection
8099| [103771] cPanel up to 66.0.1 WHM Upload Locale Interface Filename cross site scripting
8100| [95199] cPanel entropysearch.cgi information disclosure
8101| [95198] cPanel entropysearch.cgi information disclosure
8102| [75240] GoAutoDial GoAdmin CE up to 3.3 cPanel go_site.php privilege escalation
8103| [75239] GoAutoDial GoAdmin CE up to 3.3 cPanel go_site.php privilege escalation
8104| [13380] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Interfaces cross site scripting
8105| [13379] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Locales ACL privilege escalation
8106| [13378] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Mailman List Password change_pw weak encryption
8107| [13377] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Configure Customer Contact privilege escalation
8108| [13376] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 DNS Clustering ACL privilege escalation
8109| [13375] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 DNS Clustering Commands privilege escalation
8110| [13370] cPanel 11.40.1.13/11.42.1.15 Database ADDDBPRIVS Command privilege escalation
8111| [13369] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Boxtrapper cgi-sys Script bxd.cgi denial of service
8112| [13368] cPanel 11.40.1.13/11.42.1.15 Transfer CGI Scripts privilege escalation
8113| [13367] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Thirdparty Service Call serviceinfo privilege escalation
8114| [13366] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 Thirdparty Service Call /scripts2/showservice privilege escalation
8115| [13365] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 SSH Key Password privilege escalation
8116| [13363] cPanel 11.40.1.13/11.42.1.15/11.43.0.11 cgiemail 1.6 privilege escalation
8117| [13361] cPanel up to 11.43.0.11/11.42.1.15/11.40.1.13 unknown vulnerability
8118| [12816] cPanel 11.38.2/11.40.1/11.42.0 Modify Account Interface privilege escalation
8119| [12814] cPanel 11.38.2/11.40.1/11.42.0 URL cross site scripting
8120| [12813] cPanel 11.38.2/11.40.1/11.42.0 Password Reset privilege escalation
8121| [12809] cPanel 11.38.2/11.40.1/11.42.0 Form Mailer Header FormMail.pl privilege escalation
8122| [12808] cPanel 11.38.2/11.40.1/11.42.0 XML-API batch memory corruption
8123| [12807] cPanel 11.38.2/11.40.1/11.42.0 wwwacct Interface /scripts5/wwwacct privilege escalation
8124| [12806] cPanel 11.38.2/11.40.1/11.42.0 objcache Storage System Template Toolkit memory corruption
8125| [12805] cPanel 11.38.2/11.40.1/11.42.0 XML information disclosure
8126| [12798] cPanel 11.38.2/11.40.1/11.42.0 /cgi/cpaddons_report.pl cross site scripting
8127| [12797] cPanel 11.38.2/11.40.1/11.42.0 DNS Zone Editor information disclosure
8128| [12796] cPanel WHM 11.38.2/11.40.1/11.42.0 /cgi/sshcheck.cgi cross site scripting
8129| [12795] cPanel WHM 11.38.2/11.40.1/11.42.0 /scripts/installfp cross site scripting
8130| [12794] cPanel WHM 11.38.2/11.40.1/11.42.0 /scripts/uninstallfp cross site scripting
8131| [12793] cPanel 11.38.2/11.40.1/11.42.0 entropysearch.cgi cross site scripting
8132| [12792] cPanel 11.38.2/11.40.1/11.42.0 activate_remote_nameservers.cgi maketext privilege escalation
8133| [12285] cPanel 11.38.2/11.40.1/11.42.0 filelist-thumbs.html cross site scripting
8134| [12284] cPanel 11.38.2/11.40.1/11.42.0 editit.html cross site scripting
8135| [12283] cPanel 11.38.2/11.40.1/11.42.0 def.html cross site scripting
8136| [12282] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 DNS Cluster privilege escalation
8137| [12281] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 New Account wwwacctform locale/cpmod Parameter privilege escalation
8138| [12280] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 /cgi/cpaddons_feature.pl cross site scripting
8139| [12279] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 Account Creation Ruby Code privilege escalation
8140| [12278] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 XML API Backup Restore privilege escalation
8141| [12277] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 XML API Bypass privilege escalation
8142| [12276] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 /cgi/zoneeditor.cgi Newline privilege escalation
8143| [12275] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 WHM Interface /scripts/park directory traversal
8144| [12274] cPanel 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 XML API get_remote_access_hash information disclosure
8145| [12273] cPanel 11.36.2.9/11.38.2.12 Account Creation directory traversal
8146| [12220] cPanel 11.36.2.10/11.38.2.13/11.40.0.29/11.40.1.3 WHM XML/JSON API getpkginfo information disclosure
8147| [11601] cPanel WHM 11.36.2.11/11.38.2.14/11.40.0.30/11.40.1.6 XML/JSON getpkginfo information disclosure
8148| [11625] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 Login Security Token information disclosure
8149| [11624] cPanel WHM 11.38.2.12 Branding Subsystem privilege escalation
8150| [11621] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 cPAddons Upgrade Password information disclosure
8151| [11620] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 Edit DNS Zone Interface Entry information disclosure
8152| [11619] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 SSH Authentication User Name privilege escalation
8153| [11618] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 X3 Theme countedit.cgi directory traversal
8154| [11616] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 cpsrvd HTTP Request Bypass privilege escalation
8155| [11613] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 Bandmin Reflected cross site scripting
8156| [11612] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 API Call UI::dynamicincludelist directory traversal
8157| [11609] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 Config cross site request forgery
8158| [11608] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 Translatable Phrase Locale::Maketext privilege escalation
8159| [11607] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 CSRF Protection Token Bypass cross site request forgery
8160| [11606] cPanel WHM 11.36.2.9/11.38.2.12/11.40.0.28/11.40.1.2 cross site scripting
8161| [11604] cPanel WHM 11.36.2.9 Virtualhost Installation privilege escalation
8162| [11018] cPanel WHM up to 11.40.0.11 Apache mod_userdir Tweak Interface privilege escalation
8163| [11017] cPanel WHM up to 11.40.0.11 SSL Certificate denial of service
8164| [11016] cPanel WHM up to 11.40.0.11 Configure Customer Contact Interface Bypass privilege escalation
8165| [11015] cPanel WHM up to 11.40.0.11 Bypass cross site scripting
8166| [11014] cPanel WHM up to 11.40.0.11 File Upload Bypass privilege escalation
8167| [11013] cPanel WHM up to 11.40.0.11 POST Request privilege escalation
8168| [11011] cPanel WHM up to 11.40.0.11 Cpanel::LogMeIn weak authentication
8169| [11010] cPanel WHM up to 11.40.0.11 logaholic_lang Cookie privilege escalation
8170| [11007] cPanel WHM up to 11.40.0.11 Manage SSL Hosts Interface cross site request forgery
8171| [9921] cPanel WHM 11.34.1.24/11.36.1.14/11.38.1.12/11.39.0.4 SSL Certificate privilege escalation
8172| [9920] cPanel WHM 11.34.1.24/11.36.1.14/11.38.1.12/11.39.0.4 Web Host Manager WHM privilege escalation
8173| [9919] cPanel WHM 11.34.1.24/11.36.1.14/11.38.1.12/11.39.0.4 Web Host Manager WHM privilege escalation
8174| [10129] cPanel WHM up to 11.38.0.14 cross site scripting
8175| [10126] cPanel WHM up to 11.38.0.14 weak authentication
8176| [9361] cPanel WHM up to 11.38.0.14 Web Host Manager privilege escalation
8177| [9352] cPanel WHM up to 11.38.0.8 Restore Full Backup Symlink unknown vulnerability
8178| [9348] cPanel WHM up to 11.36.1.5 scripts2/ssh_doaddkey unknown vulnerability
8179| [10123] cPanel WHM up to 11.36.0.9 Access Control privilege escalation
8180| [10122] cPanel WHM up to 11.36.0.9 countedit.cgi cross site scripting
8181| [91109] cPanel WHM v11.24.7.x cross site scripting
8182| [52940] cPanel up to 11.24.7 cross site scripting
8183| [86883] cPanel fileop.html cross site scripting
8184| [48827] cPanel up to 11.23.1 Current index.php directory traversal
8185| [48812] cPanel directory traversal
8186| [49331] cPanel autoinstall4imagesgalleryupgrade.php cross site scripting
8187| [42542] cPanel 11.8.6/11.23.1 memory corruption
8188| [42303] cPanel up to 11.22.2 WHM Interface cross site request forgery
8189| [42302] cPanel up to 11.22.2 WHM Interface cross site scripting
8190| [42219] cPanel 11.18.3/11.19.3 cross site request forgery
8191| [41689] cPanel 11.18.3/11.21 cross site scripting
8192| [49762] cPanel 11.18.3 index.html directory traversal
8193| [40642] cPanel 11.16 dohtaccess.html cross site scripting
8194| [38023] cPanel 10.9.1 changepro.html cross site scripting
8195| [37433] cPanel 10.9.0 Build 10300/11.4.19 Error Message information disclosure
8196| [37432] cPanel 10.9.0 Build 10300/11.4.19 CGI Wrapper cross site scripting
8197| [35618] cPanel 10.x directory traversal
8198| [34925] cPanel WebHost Manager memory corruption
8199| [34986] cPanel WebHost Manager up to 11.0.0 cross site scripting
8200| [85585] cPanel scripts2/objcache memory corruption
8201| [85156] cPanel WebHost Manager scripts2/objcache privilege escalation
8202| [30642] cPanel privilege escalation
8203| [33838] cPanel WebHost Manager 3.1.0 cross site scripting
8204| [33814] cPanel 11 cross site scripting
8205| [33536] cPanel WebHost Manager 3.1.0 cross site scripting
8206| [84843] cPanel newuser.html cross site scripting
8207| [33243] cPanel 10 seldir.html cross site scripting
8208| [32973] cPanel 10.9.0 R50 cross site scripting
8209|
8210| MITRE CVE - https://cve.mitre.org:
8211| [CVE-2009-4823] Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter.
8212| [CVE-2009-3316] SQL injection vulnerability in the JReservation (com_jreservation) component 1.0 and 1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pid parameter in a propertycpanel action to index.php.
8213| [CVE-2009-2275] Directory traversal vulnerability in frontend/x3/stats/lastvisit.html in cPanel allows remote attackers to read arbitrary files via a .. (dot dot) in the domain parameter.
8214| [CVE-2009-2168] cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a redirect to the web browser but does not exit when the supplied credentials are incorrect, which allows remote attackers to bypass authentication by providing arbitrary username and password parameters.
8215| [CVE-2009-2167] Multiple SQL injection vulnerabilities in cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter.
8216| [CVE-2008-7142] Absolute path traversal vulnerability in the Disk Usage module (frontend/x/diskusage/index.html) in cPanel 11.18.3 allows remote attackers to list arbitrary directories via the showtree parameter.
8217| [CVE-2008-6927] Multiple cross-site scripting (XSS) vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote attackers to inject arbitrary web script or HTML via the (1) localapp, (2) updatedir, (3) scriptpath_show, (4) domain_show, (5) thispage, (6) thisapp, and (7) currentversion parameters in an Upgrade action.
8218| [CVE-2008-6926] Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory.
8219| [CVE-2008-6843] Directory traversal vulnerability in index.php in Fantastico, as used with cPanel 11.x, allows remote attackers to read arbitrary files via a .. (dot dot) in the sup3r parameter.
8220| [CVE-2008-4181] Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) or absolute pathname in the fantasticopath parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
8221| [CVE-2008-2478] ** DISPUTED ** scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel."
8222| [CVE-2008-2071] Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.
8223| [CVE-2008-2070] The WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allows remote attackers to bypass XSS protection and inject arbitrary script or HTML via repeated, improperly-ordered "<" and ">" characters in the (1) issue parameter to scripts2/knowlegebase, (2) user parameter to scripts2/changeip, (3) search parameter to scripts2/listaccts, and other unspecified vectors.
8224| [CVE-2008-2043] Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) frontend/x2/sql/adddb.html, (3) frontend/x2/sql/adduser.html, and (4) frontend/x2/ftp/doaddftp.html.
8225| [CVE-2008-1499] Cross-site scripting (XSS) vulnerability in frontend/x/manpage.html in cPanel 11.18.3 and 11.21.0-BETA allows remote attackers to inject arbitrary web script or HTML via the query string.
8226| [CVE-2008-0370] Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel before 11.17 build 19417 allows remote attackers to inject arbitrary web script or HTML via the rurl parameter. NOTE: some of these details are obtained from third party information.
8227| [CVE-2007-4022] Cross-site scripting (XSS) vulnerability in frontend/x/htaccess/changepro.html in cPanel 10.9.1 allows remote attackers to inject arbitrary web script or HTML via the resname parameter.
8228| [CVE-2007-3367] Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to obtain sensitive information via a direct request, which reveals the path in an error message. NOTE: the provenance of this information is unknown
8229| [CVE-2007-3366] Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378, allows remote attackers to inject arbitrary web script or HTML via the URI. NOTE: the provenance of this information is unknown
8230| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
8231| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
8232| [CVE-2007-0854] Remote file inclusion vulnerability in scripts2/objcache in cPanel WebHost Manager (WHM) allows remote attackers to execute arbitrary code via a URL in the obj parameter. NOTE: a third party claims that this issue is not file inclusion because the contents are not parsed, but the attack can be used to overwrite files in /var/cpanel/objcache or provide unexpected web page contents.
8233| [CVE-2006-6566] PHP remote file inclusion vulnerability in includes/profilcp_constants.php in the Profile Control Panel (CPanel) module for mxBB 0.91c allows remote attackers to execute arbitrary PHP code via a URL in the module_root_path parameter.
8234| [CVE-2006-6548] Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to (1) scripts2/changeemail, (2) scripts2/limitbw, or (3) scripts/rearrangeacct. NOTE: the feature parameter to scripts2/dofeaturemanager is already covered by CVE-2006-6198.
8235| [CVE-2006-6523] Cross-site scripting (XSS) vulnerability in mail/manage.html in BoxTrapper in cPanel 11 allows remote attackers to inject arbitrary web script or HTML via the account parameter.
8236| [CVE-2006-6198] Multiple cross-site scripting (XSS) vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) email parameter to (a) scripts2/dochangeemail, the (2) supporturl parameter to (b) cgi/addon_configsupport.cgi, the (3) pkg parameter to (c) scripts/editpkg, the (4) domain parameter to (d) scripts2/domts2 and (e) scripts/editzone, the (5) feature parameter to (g) scripts2/dofeaturemanager, and the (6) ndomain parameter to (h) scripts/park.
8237| [CVE-2006-5883] Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote authenticated users to inject arbitrary web script or HTML via the (1) dir parameter in (a) seldir.html, and the (2) user and (3) dir parameters in (b) newuser.html.
8238| [CVE-2006-5535] Multiple cross-site scripting (XSS) vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 allow remote attackers to inject arbitrary web script or HTML via the (1) theme parameter to scripts/dosetmytheme and the (2) template parameter to scripts2/editzonetemplate.
8239| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
8240| [CVE-2006-4293] Multiple cross-site scripting (XSS) vulnerabilities in cPanel 10 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter in dohtaccess.html, or the (2) file parameter in (a) editit.html or (b) showfile.html.
8241| [CVE-2006-3337] Cross-site scripting (XSS) vulnerability in frontend/x/files/select.html in cPanel 10.8.2-CURRENT 118 and earlier allows remote attackers to inject arbitrary web script or HTML via the file parameter.
8242| [CVE-2006-2825] cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main server URL (such as ~username) that is blocked by the user's own open_basedir directive, but not the main server's open_basedir directive.
8243| [CVE-2006-1119] fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message.
8244| [CVE-2006-0763] Cross-site scripting (XSS) vulnerability in dowebmailforward.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via a URL encoded value in the fwd parameter.
8245| [CVE-2006-0574] Cross-site scripting (XSS) vulnerability in mime/handle.html in cPanel 10 allows remote attackers to inject arbitrary web script or HTML via the (1) file extension or (2) mime-type.
8246| [CVE-2006-0573] Multiple cross-site scripting (XSS) vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to (a) editquota.html or (b) dodelpop.html
8247| [CVE-2006-0533] Cross-site scripting (XSS) vulnerability in webmailaging.cgi in cPanel allows remote attackers to inject arbitrary web script or HTML via the numdays parameter.
8248| [CVE-2005-3505] Cross-site scripting (XSS) vulnerability in the Entropy Chat script in cPanel 10.2.0-R82 and 10.6.0-R137 allows remote attackers to inject arbitrary web script or HTML via a chat message containing Javascript in style attributes in tags such as <b>, which are processed by Internet Explorer.
8249| [CVE-2005-2021] Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user parameter in the login page.
8250| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
8251| [CVE-2004-2308] Cross-site scripting (XSS) vulnerability in cPanel 9.1.0 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the dir parameter in dohtaccess.html.
8252| [CVE-2004-1875] Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html, (4) account parameter to ignorelist.html, (5) account parameter to showlog.html, (6) db parameter to repairdb.html, (7) login parameter to doaddftp.html (8) account parameter to editmsg.htm, or (9) ip parameter to del.html. NOTE: the dnslook.html vector was later reported to exist in cPanel 10.
8253| [CVE-2004-1849] Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to dodelautores.html or (2) handle parameter to addhandle.html.
8254| [CVE-2004-1770] The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter.
8255| [CVE-2004-1769] The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass.
8256| [CVE-2004-1604] cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
8257| [CVE-2004-1603] cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files via the backup feature or (2) chown arbitrary files via the .htaccess file when Front Page extensions are enabled or disabled.
8258| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
8259| [CVE-2004-0490] cPanel, when compiling Apache 1.3.29 and PHP with the mod_phpsuexec option, does not set the --enable-discard-path option, which causes php to use the SCRIPT_FILENAME variable to find and execute a script instead of the PATH_TRANSLATED variable, which allows local users to execute arbitrary PHP code as other users via a URL that references the attacker's script after the user's script, which executes the attacker's script with the user's privileges, a different vulnerability than CVE-2004-0529.
8260| [CVE-2003-1426] Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.
8261| [CVE-2003-1425] guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.
8262| [CVE-2003-0521] Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens.
8263|
8264| SecurityFocus - https://www.securityfocus.com/bid/:
8265| [95395] cPanel Multiple Security Vulnerabilities
8266| [90463] cPanel CVE-2004-1604 Remote Security Vulnerability
8267| [85002] cPanel CVE-2008-2043 Cross-Site Request Forgery Vulnerability
8268| [84099] cPanel CVE-2006-0573 Cross-Site Scripting Vulnerability
8269| [84076] cPanel CVE-2006-0533 Cross-Site Scripting Vulnerability
8270| [84074] cPanel CVE-2006-0574 Cross-Site Scripting Vulnerability
8271| [84064] cPanel CVE-2006-0763 Cross-Site Scripting Vulnerability
8272| [82752] cPanel CVE-2003-0521 Cross-Site Scripting Vulnerability
8273| [80161] cPanel CVE-2006-2825 Remote Security Vulnerability
8274| [67611] cPanel Multiple Unspecified Security Vulnerabilities
8275| [66561] cPanel Multiple Security Vulnerabilities
8276| [65618] cPanel Horde Backup Archive Insecure File Permissions Vulnerability
8277| [65464] cPanel Multiple Security Vulnerabilities
8278| [65159] Cpanel CloudFlare Plugin Local Security Bypass Vulnerability
8279| [64511] cPanel WHM XML and JSON APIs Multiple Arbitrary File Disclosure Vulnerabilities
8280| [64472] cPanel Multiple Security Vulnerabilities
8281| [64016] cPanel Varnish Plugin Multiple Security Vulnerabilities
8282| [63831] Add-On Domain to Main Account Convertor cPanel WHM Plugin Arbitrary Command Execution Vulnerability
8283| [63829] Add-On Domain to Main Account Convertor cPanel WHM Plugin Local Privilege Escalation Vulnerability
8284| [63371] cPanel Multiple Security Vulnerabilities
8285| [63220] CloudFlare Plugin For cPanel Arbitrary File Write Local Privilege Escalation Vulnerability
8286| [62140] cPanel Multiple Security Vulnerabilities
8287| [61812] cPanel Multiple Remote Security Vulnerabilities
8288| [61018] cPanel 'cpanellogd' Multiple Remote Privilege Escalation Vulnerabilities
8289| [60672] WHMXtra Cpanel Xtra Plugin Unspecified Local Security Bypass Vulnerability
8290| [60663] cPanel Varnish Plugin Remote Privilege Escalation Vulnerability
8291| [57064] cPanel 'dir' Parameter Cross Site Scripting Vulnerability
8292| [57060] cPanel and WHM Multiple Cross Site Scripting Vulnerabilities
8293| [57045] cPanel 'account' Parameter Cross Site Scripting Vulnerability
8294| [56818] cPanel Multiple Unspecified Vulnerabilities
8295| [53757] cPanel Multiple Unspecified Vulnerabilities
8296| [47621] cPanel X3 File Manager Module Cross-Site Scripting Vulnerability
8297| [41723] cPanel Unspecified Cross Site Scripting Vulnerability
8298| [41391] cPanel Cross-Site Request Forgery Vulnerability
8299| [40622] cPanel Image Manager 'target' Parameter Local File Include Vulnerability
8300| [37902] cPanel and WHM 'failurl' Parameter HTTP Response Splitting Vulnerability
8301| [37394] cPanel 'fileop' Parameter Multiple Cross Site Scripting Vulnerabilities
8302| [35518] cPanel 'lastvisit.html' Arbitrary File Disclosure Vulnerability
8303| [34142] cPanel Legacy File Manager File Name HTML Injection Vulnerability
8304| [33840] cPanel HTML Injection and Cross-Site Scripting Vulnerabilities
8305| [29277] cPanel 'wwwact' Remote Privilege Escalation Vulnerability
8306| [29125] cPanel Multiple Cross-Site Scripting Vulnerabilities
8307| [28403] cPanel 'manpage.html' Cross-Site Scripting Vulnerability
8308| [28300] cPanel List Directories and Folders Information Disclosure Vulnerability
8309| [27308] cPanel 'dohtaccess.html' Cross-Site Scripting Vulnerability
8310| [25047] CPanel Resname Parameter Cross-Site Scripting Vulnerability
8311| [24586] CPanel SCGIwrap Path Disclosure And Cross-Site Scripting Vulnerabilities
8312| [22915] cPanel Multiple Local File Include Vulnerabilities
8313| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
8314| [22455] Cpanel Web Hosting Manager OBJCache.PHP Remote File Include Vulnerability
8315| [21497] CPanel BoxTrapper Manage.HTML Cross-Site Scripting Vulnerability
8316| [21387] CPanel Multiple HTML Injection Vulnerabilities
8317| [21287] CPanel 11 Beta Multiple Cross-Site Scripting Vulnerabilities
8318| [21142] CPanel DNSlook.HTML Cross-Site Scripting Vulnerability
8319| [21027] CPanel User and Dir Parameters Multiple Cross-Site Scripting Vulnerabilities
8320| [20683] CPanel Multiple Cross-Site Scripting Vulnerabilities
8321| [20163] CPanel SUID Wrapper Remote Privilege Escalation Vulnerability
8322| [19624] CPanel Multiple Cross-Site Scripting Vulnerabilities
8323| [18671] cPanel OnMouseover Cross-Site Scripting Vulnerability
8324| [18655] Cpanel Select.HTML Cross-Site Scripting Vulnerability
8325| [16482] cPanel Multiple Cross-Site Scripting Vulnerabilities
8326| [15327] cPanel Chat Message Field HTML Injection Vulnerability
8327| [13996] cPanel User Parameter Cross-Site Scripting Vulnerability
8328| [11456] cPanel Front Page Extension Installation Information Disclosure Vulnerability
8329| [11455] cPanel Front Page Extension Installation File Ownership Vulnerability
8330| [11449] cPanel Remote Backup Information Disclosure Vulnerability
8331| [10505] cPanel Passwd Remote SQL Injection Vulnerability
8332| [10479] Multiple CPanel Perl Script Failure To Implement Taint Mode Weakness
8333| [10468] cPanel Killacct Script Customer Account DNS Information Deletion Vulnerability
8334| [10407] cPanel Local Privilege Escalation Vulnerability
8335| [10002] cPanel Multiple Module Cross-Site Scripting Vulnerabilities
8336| [9965] CPanel Multiple Cross-Site Scripting Vulnerabilities
8337| [9855] cPanel Login Script Remote Command Execution Vulnerability
8338| [9853] cPanel dir Parameter Cross-Site Scripting Vulnerability
8339| [9848] cPanel Resetpass Remote Command Execution Vulnerability
8340| [8119] CPanel Admin Interface HTML Injection Vulnerability
8341| [7758] cPanel/Formail-Clone E-Mail Restriction Bypass Vulnerability
8342| [6885] cPanel Openwebmail Local Privileges Escalation Vulnerability
8343| [6882] cPanel Guestbook.cgi Remote Command Execution Vulnerability
8344|
8345| IBM X-Force - https://exchange.xforce.ibmcloud.com:
8346| [85491] cPanel cpanellogd multiple privilege escalation
8347| [85114] Cpanel Xtra plugin for WHMXtra unspecified security bypass
8348| [80880] cPanel dir.html dir parameter cross-site scripting
8349| [80854] cPanel and WHM clientconf.html and detailbw.html cross-site scripting
8350| [80822] cPanel manage.html cross-site scripting
8351| [80514] cPanel multiple unspecified vulns
8352| [79604] cPanel Pro multiple cross-site request forgery
8353| [76017] cPanel multiple unspecified
8354| [71957] Whois.Cart Billing cpanel_2_log.htm information disclosure
8355| [67678] cPanel savefile.html cross-site request forgery
8356| [67175] cPanel X3 File Manager index.html cross-site scripting
8357| [63399] cPanel saveemail.html cross-site request forgery
8358| [61515] cPanel autoinstallhome.php security bypass
8359| [60429] cPanel unspecified cross-site scripting
8360| [60035] cPanel doaddftp.html cross-site request forgery
8361| [59275] Jreservation Component for Joomla! Property-Cpanel.html cross-site scripting
8362| [59274] Jreservation Component for Joomla! Property-Cpanel.html SQL Injection
8363| [59216] cPanel Image Manager target parameter file include
8364| [56437] cPanel addb.html cross-site request forgery
8365| [55814] cPanel failurl HTTP response splitting
8366| [55211] Whois.Cart cpanel_1_log.htm infomation disclosure
8367| [51426] cPanel lastvisit.html directory traversal
8368| [51412] Whois.Cart cpanel_1_log.htm information disclosure
8369| [51366] EgyPlus 7ml cpanel/login.php authentication bypass
8370| [49293] cPanel file manager cross-site scripting
8371| [48832] cPanel WHM interface cross-site request forgery
8372| [48831] cPanel scripts2/confdkillproc cross-site scripting
8373| [48830] cPanel .contactemail file cross-site scripting
8374| [46991] cPanel index.php directory traversal
8375| [46253] cPanel autoinstall4imagesgalleryupgrade.php cross-site scripting
8376| [46252] cPanel autoinstall4imagesgalleryupgrade.php file include
8377| [45147] Fantastico De Luxe module for cPanel xml.php file include
8378| [42529] cPanel wwwact privilege escalation
8379| [42306] cPanel WHM interface cross-site request forgery
8380| [42305] cPanel WHM interface cross-site scripting
8381| [42114] cPanel HTTP requests cross-site request forgery
8382| [41374] cPanel manpage.html cross-site scripting
8383| [41266] cPanel index.php showtree parameter information disclosure
8384| [39711] cPanel Hosting Manager dohtaccess.html cross-site scripting
8385| [35652] cPanel changepro.html cross-site scripting
8386| [35009] cPanel scgiwrap (Simple CGI Wrapper) path disclosure
8387| [35008] cPanel scgiwrap (Simple CGI Wrapper) cross-site scripting
8388| [32933] cPanel load_language.php and mysqlconfig.php file include
8389| [32462] cPanel passwdmysql cross-site scripting
8390| [32400] cPanel and WebHost Manager (WHM) Module scripts2/objcache cross-site scripting
8391| [30821] mxBB Cpanel Profile Module profilcp_constants.php file include
8392| [30793] cPanel pops.html cross-site scripting
8393| [30788] cPanel BoxTrapper manage.html cross-site scripting
8394| [30493] cPanel multiple scripts cross-site scripting
8395| [30413] cPanel Network Tools dnslook.html cross-site scripting
8396| [30229] cPanel user parameter cross-site scripting
8397| [29808] cPanel theme parameter cross-site scripting
8398| [29249] cPanel unspecified privilege escalation
8399| [28447] cPanel dohtaccess.html, editit.html and showfile.html cross-site scripting
8400| [27403] cPanel files/select.html cross-site scripting
8401| [26613] cPanel OpenBaseDir phpshell.php security bypass
8402| [25277] cPanel fantastico path disclosure
8403| [24839] cPanel dowebmailforward.cgi cross-site scripting
8404| [24580] cPanel admin username disclosure
8405| [24468] cPanel multiple scripts allow cross-site scripting
8406| [22993] cPanel Entropy Chat script can allow cross-site scripting
8407| [21781] cPanel administrator password allows domain access
8408| [21084] cPanel cpsrvd.pl cross-site scripting
8409| [17837] cPanel allows attacker to brute force account passwords
8410| [17781] cPanel _private modify permissions
8411| [17780] cPanel .htaccess modify ownership of files
8412| [17779] cPanel backup could allow an attacker to view files
8413| [16410] cPanel passwd allows password modification
8414| [16381] cPanel taint weak security
8415| [16347] cPanel suEXEC allows command execution
8416| [16325] cPanel killacct account deletion
8417| [16239] cPanel mod_phpsuexec allows command execution
8418| [16197] cPanel Fantastico information disclosure
8419| [15671] cPanel multiple scripts cross-site scripting
8420| [15517] cPanel dodelautores.html or addhandle.html cross-site scripting
8421| [15486] cPanel login scripts allows command execution
8422| [15485] cPanel dir parameter allows cross-site scripting
8423| [15443] cPanel resetpass section allows execution of commands
8424| [12508] cPanel Error Log and Latest Visitors page cross-site scripting
8425| [12237] cPanel Formail-clone domain name bypass allows email relaying
8426| [11357] cPanel SCRIPT_FILENAME privilege elevation
8427| [11356] cPanel guestbook.cgi command execution
8428|
8429| Exploit-DB - https://www.exploit-db.com:
8430| [30380] CPanel 10.9.1 Resname Parameter Cross-Site Scripting Vulnerability
8431| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
8432| [29238] cPanel Web Hosting Manager 3.1 - Multiple Cross-Site Scripting Vulnerabilities
8433| [29237] CPanel 11 BoxTrapper Manage.HTML Cross-Site Scripting Vulnerability
8434| [29188] cPanel WebHost Manager 3.1 park ndomain Parameter XSS
8435| [29187] cPanel WebHost Manager 3.1 dofeaturemanager feature Parameter XSS
8436| [29186] cPanel WebHost Manager 3.1 editzone domain Parameter XSS
8437| [29185] cPanel WebHost Manager 3.1 domts2 domain Parameter XSS
8438| [29184] cPanel WebHost Manager 3.1 editpkg pkg Parameter XSS
8439| [29183] cPanel WebHost Manager 3.1 addon_configsupport.cgi supporturl Parameter XSS
8440| [29182] cPanel WebHost Manager 3.1 dochangeemail email Parameter XSS
8441| [29181] CPanel 11 Beta Multiple Cross-Site Scripting Vulnerabilities
8442| [29071] CPanel 10 DNSlook.HTML Cross-Site Scripting Vulnerability
8443| [28983] cPanel 10 newuser.html Multiple Parameter XSS
8444| [28982] cPanel 10 seldir.html dir Parameter XSS
8445| [28844] cPanel 10.9 editzonetemplate template Parameter XSS
8446| [28843] cPanel 10.9 dosetmytheme theme Parameter XSS
8447| [28660] CPanel 5-10 SUID Wrapper Remote Privilege Escalation Vulnerability
8448| [28415] cPanel 10.x showfile.html file Parameter XSS
8449| [28414] cPanel 10.x editit.html file Parameter XSS
8450| [28413] cPanel 10.x dohtaccess.html dir Parameter XSS
8451| [28113] cPanel 10.8.1/10.8.2 OnMouseover Cross-Site Scripting Vulnerability
8452| [28107] Cpanel 10 Select.HTML Cross-Site Scripting Vulnerability
8453| [27162] cPanel 10.8.1 - Multiple Cross-Site Scripting Vulnerabilities
8454| [25846] cPanel <= 9.1 User Parameter Cross-Site Scripting Vulnerability
8455| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
8456| [24183] cPanel 5-9 Passwd Remote SQL Injection Vulnerability
8457| [24172] cPanel 5-9 Killacct Script Customer Account DNS Information Deletion Vulnerability
8458| [24141] cPanel 5-9 Local Privilege Escalation Vulnerability
8459| [23807] cPanel 5/6/7/8/9 Login Script Remote Command Execution Vulnerability
8460| [23806] cPanel 5/6/7/8/9 dir Parameter Cross-Site Scripting Vulnerability
8461| [23804] cPanel 5/6/7/8/9 Resetpass Remote Command Execution Vulnerability
8462| [22874] CPanel 5.0/5.3/6.x Admin Interface HTML Injection Vulnerability
8463| [22693] cPanel 5/6,Formail-Clone E-Mail Restriction Bypass Vulnerability
8464| [22265] cPanel 5.0 Openwebmail Local Privileges Escalation Vulnerability
8465| [22263] cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (4)
8466| [22262] cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (3)
8467| [22261] cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (2)
8468| [22260] cPanel 5.0 Guestbook.cgi Remote Command Execution Vulnerability (1)
8469| [17330] cPanel < 11.25 CSRF - Add User php Script
8470| [15593] Cpanel 11.x - Edit E-mail Cross Site Request Forgery exploit
8471| [14854] MOAUB #1 - Cpanel PHP Restriction Bypass Vulnerability 0day
8472| [14188] Cpanel 11.25 - CSRF Add FTP Account Exploit
8473| [11527] cPanel Multiple CSRF Vulnerabilities
8474| [11211] cPanel HTTP Response Splitting Vulnerability
8475| [9039] Cpanel - (lastvisit.html domain) Arbitrary File Disclosure Vulnerability (auth)
8476| [6897] cpanel 11.x XSS / Local File Inclusion Vulnerability
8477| [6461] Cpanel <= 11.x (Fantastico) LFI Vulnerability (sec bypass)
8478| [3459] cPanel <= 10.9.x (fantastico) Local File Inclusion Vulnerabilities
8479| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
8480| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
8481|
8482| OpenVAS (Nessus) - http://www.openvas.org:
8483| No findings
8484|
8485| SecurityTracker - https://www.securitytracker.com:
8486| [1028743] cPanel Flaws in Archive Function Let Local Users Gain Elevated Privileges
8487| [1027928] cPanel Input Validation Flaws in 'clientconf.html' and 'detailbw.html' Permit Cross-Site Scripting Attacks
8488| [1027923] cPanel Input Validation Flaw in 'account' Parameter Permits Cross-Site Scripting Attacks
8489| [1027839] cPanel Unspecified Flaws Have Unspecified Impact
8490| [1027111] cPanel Unspecified Flaws Have Unspecified Impact
8491| [1024382] cPanel Error in 'autoinstallhome.php' Lets Local Users Bypass PHP Restrictions
8492| [1022490] cPanel Input Validation Flaw in 'lastvisit.html' Lets Remote Users View Files
8493| [1020042] cPanel Input Validation Flaw in 'Email' Parameter Lets Local Users Gain Elevated Privileges
8494| [1016913] cPanel Bug Lets Remote Authenticated Users Gain Root Access
8495| [1016383] cPanel Input Validation Flaw in 'select.html' Permits Cross-Site Scripting Attacks
8496| [1015589] cPanel 'mime/handle.html' Input Validation Bug Permits Cross-Site Scripting Attacks
8497| [1015157] cPanel Input Validation Hole in Entropy Chat Permits Cross-Site Scripting Attacks
8498| [1014633] cPanel Domain Access Control Flaw May Let Remote Users Access Other Domains in Certain Cases
8499| [1011877] cPanel Webmail Only Requires First Eight Characters of Password
8500| [1011762] cPanel Backup and FrontPage Management Bugs Let Remote Authenticated Users View, Edit, and Own Arbitrary Files
8501| [1010449] cPanel Access Control Flaw Lets Remote Authenticated Users Make Unauthorized Database Password Changes
8502| [1010411] cPanel suEXEC Flaw May Let Remote Authenticated Users Execute Abitrary Code
8503| [1010398] cPanel 'killacct' May Let Remote Authenticated Administrators Delete Accounts Belonging to Other Administrators
8504| [1010270] cPanel Apache mod_phpsuexec Options Let Local Users Gain Elevated Privileges
8505| [1009541] cPanel 'dodelautores.html' and 'addhandle.html' Input Validation Flaws Permit Cross-Site Scripting Attacks
8506| [1009402] cPanel 'dohtaccess' Input Validation Flaw Permits Cross-Site Scripting Attacks
8507| [1009400] cPanel Password Reset and Login Features Let Remote Users Execute Arbitrary Commands With Root Privileges
8508| [1007113] cPanel Log File Filtering Flaw Permits Remote Cross-Site Scripting Attacks Against Administrators
8509| [1006127] cPanel Web Hosting Control Panel Bugs Let Remote Users Execute Arbitrary Commands and Local Users Gain Root Privileges
8510|
8511| OSVDB - http://www.osvdb.org:
8512| [96167] SecPanel Unspecified User Plaintext Local Password Disclosure
8513| [96166] cPanel WHM Suspend Function Arbitrary Account Lockout Local DoS
8514| [96165] cPanel WHM Purchase and Install an SSL Certificate Feature Arbitrary File Overwrite
8515| [96164] cPanel WHM Unspecified Arbitrary Domain Manipulation
8516| [96163] cPanel WHM Unspecified Arbitrary DNS Zone Modification
8517| [94918] cPanel cpanellogd Cpanel::Logs::prep_logs_path Archive Creation Local Privilege Escalation
8518| [94904] RVSiteBuilder Plugin for cPanel Unspecified Symlink Local Privilege Escalation
8519| [94903] RVSkin rvwrapper Arbitrary cPanel Account Manipulation
8520| [94902] RVSiteBuilder Plugin for cPanel Unspecified Hardlink Arbitrary File Access
8521| [94884] cPanel Web Host Manager (WHM) locale Function Privilege Escalation
8522| [94868] cPanel Restore a Full Backup/cpmove File Feature Crafted Archive Restoration Symlink Arbitrary File Access
8523| [94865] cPremote Plugin for cPanel Unauthorized User Backup Service Access
8524| [94864] cPnginx Plugin for cPanel nginx Configuration Manipulation Arbitrary File Access
8525| [94859] cPanel /scripts2/ssh_doaddkey Arbitrary SSH Key Overwrite DoS
8526| [94427] WHMXtra Ultimate Pro Cpanel Xtra Plugin Arbitrary File Manipulation
8527| [94333] Varnish Plugin for cPanel Advanced Configuration Page Remote Privilege Escalation
8528| [88872] cPanel WebHost Manager (WHM) /webmail/x3/mail/filters/editfilter.html filtername Parameter XSS
8529| [88820] cPanel dir.html dir Parameter XSS
8530| [88773] cPanel WebHost Manager (WHM) /webmail/x3/mail/clientconf.html acct Parameter XSS
8531| [88749] cPanel frontend/x3/mail/manage.html account Parameter XSS
8532| [88125] cPanel Multiple Unspecified Issues
8533| [82646] cPanel cPDAVd Filename Parsing Remote Code Execution
8534| [82611] cPanel Apache Piped Log Configuration Log Message Formatting Traversal Arbitrary File Creation
8535| [80801] Almnzm /admincpanel/index.php Arbitrary Admin Creation CSRF
8536| [68373] cPanel Local safe_mode Bypass
8537| [67159] cPanel Unspecified XSS
8538| [61954] cPanel login/index.php failurl Parameter HTTP Response Splitting
8539| [61231] cPanel frontend/x3/files/fileop.html fileop Parameter XSS
8540| [56919] Fantastico De Luxe Module for cPanel autoinstall4imagesgalleryupgrade.php scriptpath_show Parameter Traversal Local File Inclusion
8541| [55545] Fantastico for cPanel index.php sup3r Parameter Traversal Arbitrary File Access
8542| [55515] cPanel frontend/x3/stats/lastvisit.html domain Parameter Traversal Arbitrary File Access
8543| [55301] 7ammel (7ml) cpanel/login.php Multiple Parameter SQL Injection
8544| [55286] 7ammel (7ml) cpanel/login.php Multiple Parameter SQL Injection
8545| [54356] Fantastico De Luxe Module for cPanel language.php Manipulation Privilege Escalation
8546| [53264] cPanel Legacy File Manager Filename XSS
8547| [53263] cPanel Standard File Manager Filename XSS
8548| [52253] cPanel Module Installation Function CSRF
8549| [52252] cPanel Password Change Function CSRF
8550| [52251] cPanel scripts2/confdkillproc Query String XSS
8551| [52250] cPanel .contactemail Local File XSS
8552| [51582] cPanel Disk Usage Module frontend/x/diskusage/index.html showtree Parameter Traversal Arbitrary Directory Listing
8553| [49518] Fantastico De Luxe Module for cPanel autoinstall4imagesgalleryupgrade.php Multiple Parameter XSS
8554| [48126] Fantastico De Luxe Module for cPanel includes/xml.php fantasticopath Parameter Local File Inclusion
8555| [45816] cPanel scripts/wwwacct Email Address Field Arbitrary Shell Command Execution
8556| [45068] WHM Interface for cPanel cpanel/whm/webmail CSRF
8557| [45067] WHM Interface for cPanel scripts2/listaccts search Parameter XSS
8558| [45066] WHM Interface for cPanel scripts2/changeip user Parameter XSS
8559| [45065] WHM Interface for cPanel scripts2/knowlegebase issue Parameter XSS
8560| [44848] cPanel frontend/x2/ftp/doaddftp.html command1 Parameter CSRF
8561| [44847] cPanel frontend/x2/sql/adduser.html command1 Parameter CSRF
8562| [44846] cPanel frontend/x2/sql/adddb.html command1 Parameter CSRF
8563| [44845] cPanel frontend/x2/cron/editcronsimple.html command1 Parameter CSRF
8564| [43854] cPanel frontend/x/manpage.html Query String XSS
8565| [40512] cPanel dohtaccess.html rurl Parameter XSS
8566| [39286] Dada Mail cpanel Mass Add/DL Subscriber XSS
8567| [36468] cPanel frontend/x/htaccess/changepro.html resname Parameter XSS
8568| [35861] cPanel Simple CGI Wrapper Direct Request Path Disclosure
8569| [35860] cPanel Simple CGI Wrapper URI XSS
8570| [35750] cPanel scripts2/objcache objcache Parameter Remote File Inclusion
8571| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
8572| [35036] Fantastico for cPanel includes/load_language.php userlanguage Parameter Traversal Local File Inclusion
8573| [33240] cPanel WebHost Manager (WHM) scripts2/objcache obj Variable Arbitrary Limited File Overwrite
8574| [33239] cPanel WebHost Manager (WHM) scripts/rearrangeacct domain Parameter XSS
8575| [33238] cPanel WebHost Manager (WHM) scripts2/dofeaturemanager feature Parameter XSS
8576| [33237] cPanel WebHost Manager (WHM) scripts2/limitbw domain Parameter XSS
8577| [33236] cPanel WebHost Manager (WHM) scripts2/changeemail domain Parameter XSS
8578| [33235] cPanel err/erredit.html dir Parameter XSS
8579| [33234] cPanel cpanelpro/dohtaccess.html dir Parameter XSS
8580| [33233] cPanel mail/pops.html domain Parameter XSS
8581| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
8582| [32043] cPanel scripts2/objcache objcache Parameter XSS
8583| [32042] cPanel BoxTrapper /mail/manage.html account Parameter XSS
8584| [31835] cPanel PHP OpenBaseDir Configuration Local Access Restriction Bypass
8585| [31757] cPanel WebHost Manager (WHM) park ndomain Parameter XSS
8586| [31756] cPanel WebHost Manager (WHM) dofeaturemanager feature Parameter XSS
8587| [31755] cPanel WebHost Manager (WHM) editzone domain Parameter XSS
8588| [31754] cPanel WebHost Manager (WHM) domts2 domain Parameter XSS
8589| [31753] cPanel WebHost Manager (WHM) editpkg pkg Parameter XSS
8590| [31752] cPanel WebHost Manager (WHM) addon_configsupport.cgi supporturl Parameter XSS
8591| [31751] cPanel WebHost Manager (WHM) dochangeemail email Parameter XSS
8592| [30586] cPanel dnslook.html dns Parameter XSS
8593| [30387] cPanel newuser.html Multiple Parameter XSS
8594| [30386] cPanel seldir.html dir Parameter XSS
8595| [30048] cPanel editzonetemplate template Parameter XSS
8596| [30047] cPanel dosetmytheme theme Parameter XSS
8597| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
8598| [29072] cPanel Multiple Password User Authentication Weakness
8599| [28043] cPanel showfile.html file Parameter XSS
8600| [28042] cPanel editit.html file Parameter XSS
8601| [28041] cPanel dohtaccess.html dir Parameter XSS
8602| [26866] cPanel select.html file Parameter XSS
8603| [24056] Fantastico cPanel Add-on Script Installation Failure Path Disclosure
8604| [22972] cPanel Null Login Administrator Username Disclosure
8605| [22971] cPanel dowebmailforward.cgi fwd Parameter XSS
8606| [22940] cPanel handle.html Multiple Field XSS
8607| [22939] cPanel detailbw.html target Parameter XSS
8608| [22938] cPanel diskusage.html showtree Parameter XSS
8609| [22937] cPanel dodelpop.html email Parameter XSS
8610| [22936] cPanel editquota.html email Parameter XSS
8611| [22906] cPanel webmailaging.cgi numdays Parameter XSS
8612| [20459] cPanel Entropy Chat Message Field XSS
8613| [18661] cPanel Common Password Cross Domain Privilege Escalation
8614| [17399] cPanel cpsrvd.pl user Parameter XSS
8615| [15298] cPanel/WHM SSH Port Forwarding Anonymous Proxy
8616| [11043] cPanel Webmail Truncated Password Weakness
8617| [10962] cPanel Frontpage _private Symlink Arbitrary File Permission Modification
8618| [10961] cPanel Frontpage .htaccess Hardlink Arbitrary File Owernship Modification
8619| [10960] cPanel Backup Feature Hardlink Arbitrary File Access
8620| [7665] cPanel whm Password File Locking Issue
8621| [7006] cPanel passwd Script Unauthorized Database Password Change
8622| [6946] cPanel detailbw.html Multiple Parameter XSS
8623| [6945] cPanel detailsubbw.html Multiple Parameter XSS
8624| [6944] cPanel bwday.html Multiple Parameter XSS
8625| [6943] cPanel detailsubbw.html View Unauthorized Domain Statistics
8626| [6942] cPanel bwday.html View Unauthorized Domain Statistics
8627| [6941] cPanel detailbw.html View Unauthorized Domain Statistics
8628| [6940] cPanel suEXEC Privilege Escalation
8629| [6712] cPanel killacct Script Arbitrary DNS Deletion
8630| [6418] cPanel mod_phpsuexec Arbitrary Code Execution
8631| [4530] cPanel addhandle.html handle Parameter XSS
8632| [4529] cPanel dodelautores.html email Parameter XSS
8633| [4244] cPanel htaccess/index.html dir Parameter XSS
8634| [4243] cPanel del.html account Parameter XSS
8635| [4222] cPanel Formail-clone E-Mail Relay
8636| [4220] cPanel guestbook.cgi template Variable Arbitrary Command Execution
8637| [4219] cPanel dohtaccess.html dir Parameter XSS
8638| [4218] cPanel Login Page user Parameter Arbitrary Command Execution
8639| [4217] cPanel editmsg.html Arbitrary File Access
8640| [4216] cPanel erredit.html Arbitrary File Access
8641| [4215] cPanel editmsg.html account Parameter XSS
8642| [4214] cPanel doaddftp.html login Parameter XSS
8643| [4213] cPanel repairdb.html db Parameter XSS
8644| [4212] cPanel showlog.html account Parameter XSS
8645| [4211] cPanel ignorelist.html account Parameter XSS
8646| [4210] cPanel dnslook.html dns Parameter XSS
8647| [4209] cPanel erredit.html file Parameter XSS
8648| [4208] cPanel testfile.html email Parameter XSS
8649| [4205] cPanel resetpass Arbitrary Command Execution
8650| [2277] cPanel Error Log Malicious HTML Tags Injection
8651|_
86522082/tcp open infowave?
8653| fingerprint-strings:
8654| SIPOptions:
8655| HTTP/1.1 301 Moved
8656| Server: cpsrvd
8657| Content-length: 122
8658| Location: https://c59833.sgvps.net:2083/sip%3anm
8659| Content-type: text/html; charset="utf-8"
8660| Cache-Control: no-cache, no-store, must-revalidate, private
8661|_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://c59833.sgvps.net:2083/sip%3anm"></head><body></body></html>
86622083/tcp open ssl/radsec?
8663| fingerprint-strings:
8664| GetRequest:
8665| HTTP/1.0 401 Access Denied
8666| Connection: close
8667| Content-Type: text/html; charset="utf-8"
8668| Date: Thu, 24 Oct 2019 15:53:53 GMT
8669| Cache-Control: no-cache, no-store, must-revalidate, private
8670| Pragma: no-cache
8671| WWW-Authenticate: Basic realm="cPanel"
8672| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8673| Set-Cookie: cpsession=%3auF56tq0bKo2O_s34%2c801260ca36c459fc9c0f9b32d8d107f4; HttpOnly; path=/; port=2083; secure
8674| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8675| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8676| Set-Cookie: Horde=expired; HttpOnly; domain=.c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8677| Set-Cookie: horde_secret_key=expired; HttpOnly; domain
8678| HTTPOptions:
8679| HTTP/1.0 401 Access Denied
8680| Connection: close
8681| Content-Type: text/html; charset="utf-8"
8682| Date: Thu, 24 Oct 2019 15:53:56 GMT
8683| Cache-Control: no-cache, no-store, must-revalidate, private
8684| Pragma: no-cache
8685| WWW-Authenticate: Basic realm="cPanel"
8686| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8687| Set-Cookie: cpsession=%3anwN20sGGoRuMLQPD%2c32d6063fb774e96a76b922a47270d1e6; HttpOnly; path=/; port=2083; secure
8688| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8689| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8690| Set-Cookie: Horde=expired; HttpOnly; domain=.c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
8691|_ Set-Cookie: horde_secret_key=expired; HttpOnly; domain
86922086/tcp open gnunet?
8693| fingerprint-strings:
8694| SIPOptions:
8695| HTTP/1.1 301 Moved
8696| Server: cpsrvd
8697| Content-length: 122
8698| Location: https://c59833.sgvps.net:2087/sip%3anm
8699| Content-type: text/html; charset="utf-8"
8700| Cache-Control: no-cache, no-store, must-revalidate, private
8701|_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://c59833.sgvps.net:2087/sip%3anm"></head><body></body></html>
87022087/tcp open ssl/eli?
8703| fingerprint-strings:
8704| GetRequest:
8705| HTTP/1.0 401 Access Denied
8706| Connection: close
8707| Content-Type: text/html; charset="utf-8"
8708| Date: Thu, 24 Oct 2019 15:53:53 GMT
8709| Cache-Control: no-cache, no-store, must-revalidate, private
8710| Pragma: no-cache
8711| WWW-Authenticate: Basic realm="Web Host Manager"
8712| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8713| Set-Cookie: whostmgrsession=%3avX4EQVVksf5E20iP%2c1d99094507c476f31f59bb1d887576a4; HttpOnly; path=/; port=2087; secure
8714| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8715| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8716| Set-Cookie: Horde=expired; HttpOnly; domain=.c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8717| Set-Cookie: horde_secret_key=exp
8718| HTTPOptions:
8719| HTTP/1.0 401 Access Denied
8720| Connection: close
8721| Content-Type: text/html; charset="utf-8"
8722| Date: Thu, 24 Oct 2019 15:53:55 GMT
8723| Cache-Control: no-cache, no-store, must-revalidate, private
8724| Pragma: no-cache
8725| WWW-Authenticate: Basic realm="Web Host Manager"
8726| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8727| Set-Cookie: whostmgrsession=%3adociVBoOQFDQv40n%2c3f52370bb826205399adcd60d4b4a95f; HttpOnly; path=/; port=2087; secure
8728| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8729| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8730| Set-Cookie: Horde=expired; HttpOnly; domain=.c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
8731|_ Set-Cookie: horde_secret_key=exp
87322095/tcp open nbx-ser?
8733| fingerprint-strings:
8734| SIPOptions:
8735| HTTP/1.1 301 Moved
8736| Server: cpsrvd
8737| Content-length: 122
8738| Location: https://c59833.sgvps.net:2096/sip%3anm
8739| Content-type: text/html; charset="utf-8"
8740| Cache-Control: no-cache, no-store, must-revalidate, private
8741|_ <html><head><META HTTP-EQUIV="refresh" CONTENT="2;URL=https://c59833.sgvps.net:2096/sip%3anm"></head><body></body></html>
87422096/tcp open ssl/nbx-dir?
8743| fingerprint-strings:
8744| GetRequest:
8745| HTTP/1.0 401 Access Denied
8746| Connection: close
8747| Content-Type: text/html; charset="utf-8"
8748| Date: Thu, 24 Oct 2019 15:53:53 GMT
8749| Cache-Control: no-cache, no-store, must-revalidate, private
8750| Pragma: no-cache
8751| WWW-Authenticate: Basic realm="WebMail"
8752| Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8753| Set-Cookie: webmailsession=%3aYyqtxh5EFnsVxHbQ%2cfcf6f156365a29053a7a1106e35fc895; HttpOnly; path=/; port=2096; secure
8754| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8755| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8756| Set-Cookie: Horde=expired; HttpOnly; domain=.c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8757| Set-Cookie: horde_secret_key=expired; HttpO
8758| HTTPOptions:
8759| HTTP/1.0 401 Access Denied
8760| Connection: close
8761| Content-Type: text/html; charset="utf-8"
8762| Date: Thu, 24 Oct 2019 15:53:55 GMT
8763| Cache-Control: no-cache, no-store, must-revalidate, private
8764| Pragma: no-cache
8765| WWW-Authenticate: Basic realm="WebMail"
8766| Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8767| Set-Cookie: webmailsession=%3a17JeBz_1o_wIPi5Y%2c02d83ae2c1576689a79b73fe4e630b2a; HttpOnly; path=/; port=2096; secure
8768| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8769| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8770| Set-Cookie: Horde=expired; HttpOnly; domain=.c59833.sgvps.net; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2096; secure
8771|_ Set-Cookie: horde_secret_key=expired; HttpO
87723306/tcp open mysql MySQL (unauthorized)
8773| vulscan: VulDB - https://vuldb.com:
8774| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
8775| [140101] Yandex ClickHouse MySQL Client information disclosure
8776| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
8777| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
8778| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
8779| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
8780| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
8781| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
8782| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
8783| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
8784| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
8785| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
8786| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
8787| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
8788| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
8789| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
8790| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
8791| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8792| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8793| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8794| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8795| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8796| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8797| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8798| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
8799| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
8800| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
8801| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
8802| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
8803| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
8804| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
8805| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
8806| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
8807| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
8808| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
8809| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
8810| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
8811| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
8812| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
8813| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
8814| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
8815| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
8816| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
8817| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8818| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
8819| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
8820| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
8821| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
8822| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
8823| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
8824| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
8825| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
8826| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
8827| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
8828| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
8829| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
8830| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
8831| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8832| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8833| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8834| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8835| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8836| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8837| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8838| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8839| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
8840| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
8841| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
8842| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
8843| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
8844| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
8845| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
8846| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8847| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8848| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
8849| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
8850| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
8851| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
8852| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
8853| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
8854| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
8855| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
8856| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
8857| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
8858| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
8859| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
8860| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
8861| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
8862| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
8863| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
8864| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
8865| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
8866| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
8867| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
8868| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
8869| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
8870| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
8871| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
8872| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
8873| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
8874| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
8875| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
8876| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
8877| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
8878| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
8879| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
8880| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
8881| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
8882| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
8883| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
8884| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
8885| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
8886| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
8887| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
8888| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
8889| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
8890| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
8891| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
8892| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
8893| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
8894| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
8895| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
8896| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
8897| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
8898| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
8899| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
8900| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
8901| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
8902| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
8903| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
8904| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
8905| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
8906| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
8907| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
8908| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
8909| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
8910| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
8911| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
8912| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
8913| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
8914| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
8915| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
8916| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
8917| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
8918| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
8919| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
8920| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
8921| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
8922| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
8923| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
8924| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
8925| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
8926| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
8927| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
8928| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
8929| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
8930| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
8931| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
8932| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
8933| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
8934| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
8935| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
8936| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
8937| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
8938| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
8939| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
8940| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
8941| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
8942| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
8943| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
8944| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
8945| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
8946| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
8947| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
8948| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
8949| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
8950| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
8951| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
8952| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
8953| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
8954| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
8955| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
8956| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
8957| [118340] mysqljs on Node.js Backdoor privilege escalation
8958| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
8959| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
8960| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
8961| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
8962| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
8963| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
8964| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
8965| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
8966| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
8967| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
8968| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
8969| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
8970| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
8971| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
8972| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
8973| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
8974| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
8975| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
8976| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
8977| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
8978| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
8979| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
8980| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
8981| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
8982| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
8983| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
8984| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
8985| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
8986| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
8987| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
8988| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
8989| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
8990| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
8991| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
8992| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
8993| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
8994| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
8995| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
8996| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
8997| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
8998| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
8999| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
9000| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
9001| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
9002| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
9003| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
9004| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
9005| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
9006| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
9007| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
9008| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
9009| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
9010| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
9011| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
9012| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
9013| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
9014| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
9015| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
9016| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
9017| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
9018| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
9019| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
9020| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
9021| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
9022| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
9023| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
9024| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
9025| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
9026| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
9027| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
9028| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
9029| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
9030| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
9031| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
9032| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
9033| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
9034| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
9035| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
9036| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
9037| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
9038| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
9039| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
9040| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
9041| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
9042| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
9043| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
9044| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
9045| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
9046| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
9047| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
9048| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
9049| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
9050| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
9051| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
9052| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
9053| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
9054| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
9055| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
9056| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
9057| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
9058| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
9059| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
9060| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
9061| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
9062| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
9063| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
9064| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
9065| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
9066| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
9067| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
9068| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
9069| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
9070| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
9071| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
9072| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
9073| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
9074| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
9075| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
9076| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
9077| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
9078| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
9079| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
9080| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
9081| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
9082| [103578] MySQL Dumper 1.24 Stored cross site scripting
9083| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
9084| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
9085| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
9086| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
9087| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
9088| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
9089| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
9090| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
9091| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
9092| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
9093| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
9094| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
9095| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
9096| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
9097| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
9098| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
9099| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
9100| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
9101| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
9102| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
9103| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
9104| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
9105| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
9106| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
9107| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
9108| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
9109| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
9110| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
9111| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
9112| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
9113| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
9114| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
9115| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
9116| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
9117| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
9118| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
9119| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
9120| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
9121| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
9122| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
9123| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
9124| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
9125| [97041] MySQL DBD::mysql up to 4.38 denial of service
9126| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
9127| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
9128| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
9129| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
9130| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
9131| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
9132| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
9133| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
9134| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
9135| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
9136| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
9137| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
9138| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
9139| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
9140| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
9141| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
9142| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
9143| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
9144| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
9145| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
9146| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
9147| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
9148| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
9149| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
9150| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
9151| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
9152| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
9153| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
9154| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
9155| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
9156| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
9157| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
9158| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
9159| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
9160| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9161| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
9162| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
9163| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
9164| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
9165| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
9166| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
9167| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
9168| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
9169| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
9170| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
9171| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
9172| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
9173| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9174| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
9175| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
9176| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9177| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9178| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9179| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9180| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
9181| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
9182| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
9183| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
9184| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
9185| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
9186| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
9187| [90877] DBD::mysql up to 4.033 my_login memory corruption
9188| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
9189| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
9190| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
9191| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
9192| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
9193| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
9194| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
9195| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
9196| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
9197| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
9198| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
9199| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
9200| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
9201| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
9202| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
9203| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
9204| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
9205| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
9206| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
9207| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
9208| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
9209| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
9210| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
9211| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
9212| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
9213| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
9214| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
9215| [80604] Oracle MySQL Server up to 5.6.26 denial of service
9216| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
9217| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
9218| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
9219| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
9220| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
9221| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
9222| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
9223| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
9224| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
9225| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
9226| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
9227| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
9228| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
9229| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
9230| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
9231| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
9232| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
9233| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
9234| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
9235| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
9236| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
9237| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
9238| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
9239| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
9240| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
9241| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
9242| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
9243| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
9244| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
9245| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
9246| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
9247| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
9248| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
9249| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
9250| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
9251| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
9252| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
9253| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
9254| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
9255| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
9256| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
9257| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
9258| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
9259| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
9260| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
9261| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
9262| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
9263| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
9264| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
9265| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
9266| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
9267| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
9268| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
9269| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
9270| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
9271| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
9272| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
9273| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
9274| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
9275| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
9276| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
9277| [76628] Oracle MySQL Server up to 5.6.24 denial of service
9278| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
9279| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
9280| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
9281| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
9282| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
9283| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
9284| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
9285| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
9286| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
9287| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
9288| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
9289| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
9290| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
9291| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
9292| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
9293| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
9294| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
9295| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
9296| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
9297| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
9298| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
9299| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
9300| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
9301| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
9302| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
9303| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
9304| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
9305| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
9306| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
9307| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
9308| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
9309| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
9310| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
9311| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
9312| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
9313| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
9314| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
9315| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
9316| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
9317| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
9318| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
9319| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
9320| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
9321| [67987] Oracle MySQL Server up to 5.6.19 denial of service
9322| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
9323| [67985] Oracle MySQL Server up to 5.6.19 denial of service
9324| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
9325| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
9326| [67982] Oracle MySQL Server up to 5.5.38 denial of service
9327| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
9328| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
9329| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
9330| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
9331| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
9332| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
9333| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
9334| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
9335| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
9336| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
9337| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
9338| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
9339| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
9340| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
9341| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
9342| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
9343| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
9344| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
9345| [67165] Oracle MySQL Server up to 5.6.17 denial of service
9346| [67163] Oracle MySQL Server up to 5.6.17 denial of service
9347| [67162] Oracle MySQL Server up to 5.5.37 denial of service
9348| [67161] Oracle MySQL Server up to 5.6.17 denial of service
9349| [67160] Oracle MySQL Server up to 5.5.37 denial of service
9350| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
9351| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
9352| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
9353| [13065] Django up to 1.7 MySQL Typecast privilege escalation
9354| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
9355| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
9356| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
9357| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
9358| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
9359| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
9360| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
9361| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
9362| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
9363| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
9364| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
9365| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
9366| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
9367| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
9368| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
9369| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
9370| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
9371| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
9372| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
9373| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
9374| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
9375| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
9376| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
9377| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
9378| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
9379| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
9380| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
9381| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
9382| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
9383| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
9384| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
9385| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
9386| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
9387| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
9388| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
9389| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
9390| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
9391| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
9392| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
9393| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
9394| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
9395| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
9396| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
9397| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
9398| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
9399| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
9400| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
9401| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
9402| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
9403| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
9404| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
9405| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
9406| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
9407| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
9408| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
9409| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
9410| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
9411| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
9412| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
9413| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
9414| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
9415| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
9416| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
9417| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
9418| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
9419| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
9420| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
9421| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
9422| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
9423| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
9424| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
9425| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
9426| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
9427| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
9428| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
9429| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
9430| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
9431| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
9432| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
9433| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
9434| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
9435| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
9436| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
9437| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
9438| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
9439| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
9440| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
9441| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
9442| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
9443| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
9444| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
9445| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
9446| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
9447| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
9448| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
9449| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
9450| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
9451| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
9452| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
9453| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
9454| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
9455| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
9456| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
9457| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
9458| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
9459| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
9460| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
9461| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
9462| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
9463| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
9464| [63111] Oracle MySQL 5.5.19 Installation denial of service
9465| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
9466| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
9467| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
9468| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
9469| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
9470| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
9471| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
9472| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
9473| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
9474| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
9475| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
9476| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
9477| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
9478| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
9479| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
9480| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
9481| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
9482| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
9483| [61672] MySQL unknown vulnerability
9484| [61567] MySQLDumper 1.24.4 Error Message information disclosure
9485| [61566] MySQLDumper 1.24.4 Restore information disclosure
9486| [61565] MySQLDumper 1.24.4 directory traversal
9487| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
9488| [61563] MySQLDumper 1.24.4 index.php cross site scripting
9489| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
9490| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
9491| [5781] Oracle MySQL Server up to 5.5.23 denial of service
9492| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
9493| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
9494| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
9495| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
9496| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
9497| [5168] Oracle MySQL Server Optimizer denial of service
9498| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
9499| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
9500| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
9501| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
9502| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
9503| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
9504| [5072] Oracle MySQL Server up to 5.5.21 denial of service
9505| [4627] Oracle MySQL up to 5.5.20 memory corruption
9506| [60055] WordPress up to 1.2 MySQL Database denial of service
9507| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
9508| [5235] Oracle MySQL Server 5.5.x denial of service
9509| [5233] Oracle MySQL Server 5.5.x denial of service
9510| [5232] Oracle MySQL Server 5.5.x denial of service
9511| [5231] Oracle MySQL Server 5.5.x denial of service
9512| [5230] Oracle MySQL Server 5.5.x denial of service
9513| [5229] Oracle MySQL Server 5.5.x denial of service
9514| [5228] Oracle MySQL Server 5.5.x denial of service
9515| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
9516| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
9517| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
9518| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9519| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9520| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9521| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9522| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9523| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9524| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9525| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
9526| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
9527| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
9528| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
9529| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
9530| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
9531| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
9532| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
9533| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
9534| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
9535| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
9536| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
9537| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
9538| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
9539| [56083] MySQL Crash denial of service
9540| [56082] MySQL Use-After-Free denial of service
9541| [56081] MySQL Optimizer Crash denial of service
9542| [56080] MySQL up to 5.1.25 Stored denial of service
9543| [56079] MySQL Crash denial of service
9544| [56078] MySQL Create Table Crash denial of service
9545| [56025] MySQL up to 5.1.25 Crash denial of service
9546| [56024] MySQL up to 5.1.25 store denial of service
9547| [56023] MySQL up to 5.1.25 Crash denial of service
9548| [56022] MySQL up to 5.1.25 Crash denial of service
9549| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
9550| [56020] MySQL up to 5.1.25 Crash denial of service
9551| [56019] MySQL up to 5.1.25 Crash denial of service
9552| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
9553| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
9554| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
9555| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
9556| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
9557| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
9558| [54026] MySQL up to 5.1.25 Crash denial of service
9559| [53483] MySQL up to 5.0.0.0 memory corruption
9560| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
9561| [53481] MySQL up to 5.0.0.0 directory traversal
9562| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
9563| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
9564| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
9565| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
9566| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
9567| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
9568| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
9569| [50961] mysql GeomFromWKB denial of service
9570| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
9571| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
9572| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
9573| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
9574| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
9575| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
9576| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
9577| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
9578| [46636] MyBlog MySQL Database Cleartext information disclosure
9579| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
9580| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
9581| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
9582| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
9583| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
9584| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
9585| [44358] MySQL up to 5.0.67 cross site scripting
9586| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
9587| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
9588| [44131] NooMS 1.1 MySQL db.php information disclosure
9589| [44076] MySQL Create Table Symlink privilege escalation
9590| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
9591| [43987] MySQL Crash denial of service
9592| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
9593| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
9594| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
9595| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
9596| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
9597| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
9598| [42868] BlognPlus 2.5.4 MySQL sql injection
9599| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
9600| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
9601| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
9602| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
9603| [39993] MySQL denial of service
9604| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
9605| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
9606| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
9607| [39991] MySQL up to 6.0.4 denial of service
9608| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
9609| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
9610| [38781] PHP 5.2.4 MySQL memory corruption
9611| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
9612| [85747] InterWorx SiteWorx mysql.php cross site scripting
9613| [85735] InterWorx NodeWorx mysql.php cross site scripting
9614| [37818] MySQL Community Server up to 5.0.40 denial of service
9615| [39994] MySQL Federated Crash denial of service
9616| [37641] MySQLDumper htaccess privilege escalation
9617| [86077] NetClassifieds Mysql_db.php information disclosure
9618| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
9619| [36814] MySQL up to 5.1.17 information disclosure
9620| [36669] MySQL 4.0.1 unknown vulnerability
9621| [36813] mysql up to 5.1.17 thd::db_access denial of service
9622| [36812] MySQL up to 5.1.17 unknown vulnerability
9623| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
9624| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
9625| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
9626| [35917] Advanced Website Creator MySQL sql injection
9627| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
9628| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
9629| [85480] Fantastico includes/mysqlconfig.php directory traversal
9630| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
9631| [85212] WGS-PPC config/mysql_config.php privilege escalation
9632| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
9633| [34576] MyODBC MySQL Database denial of service
9634| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
9635| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
9636| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
9637| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
9638| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
9639| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
9640| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
9641|
9642| MITRE CVE - https://cve.mitre.org:
9643| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
9644| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
9645| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
9646| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
9647| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
9648| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
9649| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
9650| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
9651| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9652| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
9653| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
9654| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
9655| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9656| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
9657| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
9658| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
9659| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
9660| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
9661| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
9662| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
9663| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9664| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
9665| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9666| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
9667| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
9668| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
9669| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
9670| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
9671| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
9672| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
9673| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9674| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
9675| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
9676| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
9677| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
9678| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
9679| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
9680| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
9681| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
9682| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
9683| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
9684| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9685| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
9686| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
9687| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
9688| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9689| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
9690| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
9691| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
9692| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
9693| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
9694| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
9695| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9696| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
9697| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
9698| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
9699| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
9700| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
9701| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
9702| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
9703| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
9704| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
9705| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
9706| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
9707| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
9708| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
9709| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
9710| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
9711| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
9712| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
9713| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
9714| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
9715| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9716| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
9717| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
9718| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
9719| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9720| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
9721| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
9722| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
9723| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
9724| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9725| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
9726| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
9727| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
9728| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
9729| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
9730| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
9731| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
9732| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9733| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
9734| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9735| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9736| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9737| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9738| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
9739| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
9740| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9741| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9742| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9743| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
9744| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
9745| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
9746| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
9747| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
9748| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
9749| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
9750| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
9751| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
9752| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
9753| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
9754| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
9755| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
9756| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
9757| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
9758| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
9759| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
9760| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
9761| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
9762| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
9763| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
9764| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
9765| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
9766| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
9767| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
9768| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
9769| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
9770| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
9771| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
9772| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
9773| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
9774| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
9775| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
9776| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
9777| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
9778| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
9779| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
9780| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
9781| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
9782| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
9783| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
9784| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
9785| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
9786| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
9787| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
9788| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
9789| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
9790| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
9791| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
9792| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
9793| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
9794| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
9795| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
9796| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
9797| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
9798| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
9799| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
9800| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
9801| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
9802| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
9803| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
9804| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
9805| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
9806| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
9807| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
9808| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
9809| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
9810| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
9811| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
9812| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
9813| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
9814| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
9815| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
9816| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
9817| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
9818| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
9819| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
9820| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
9821| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
9822| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
9823| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
9824| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
9825| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
9826| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
9827| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
9828| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
9829| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
9830| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
9831| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
9832| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
9833| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
9834| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
9835| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
9836| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
9837| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
9838| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
9839| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
9840| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
9841| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
9842| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
9843| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
9844| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
9845| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
9846| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
9847| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
9848| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
9849| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
9850| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
9851| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
9852| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
9853| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
9854| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
9855| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
9856| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
9857| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
9858| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
9859| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
9860| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
9861| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
9862| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
9863| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
9864| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
9865| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
9866| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
9867| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
9868| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
9869| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
9870| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
9871| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
9872| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
9873| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
9874| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
9875| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
9876| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
9877| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
9878| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
9879| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
9880| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
9881| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
9882| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
9883| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
9884| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
9885| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
9886| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
9887| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
9888| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
9889| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
9890| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
9891| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
9892| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
9893| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
9894| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
9895| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
9896| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
9897| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
9898| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
9899| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
9900| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
9901| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
9902| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
9903| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
9904| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
9905| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
9906| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
9907| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
9908| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
9909| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
9910| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
9911| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
9912| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
9913| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
9914| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
9915| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
9916| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
9917| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
9918| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
9919| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
9920| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
9921| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
9922| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
9923| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
9924| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
9925| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
9926| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
9927| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
9928| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
9929| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
9930| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
9931| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
9932| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
9933| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
9934| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
9935| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
9936| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
9937| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
9938| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
9939| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
9940| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
9941| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
9942| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
9943| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
9944| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
9945| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
9946| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
9947| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
9948| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
9949| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
9950| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
9951| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
9952| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
9953| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
9954| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
9955| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
9956| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
9957| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
9958| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
9959| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
9960| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
9961| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
9962| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
9963| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
9964| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
9965| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
9966| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
9967| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
9968| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
9969| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
9970| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
9971| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
9972| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
9973| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
9974| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
9975| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
9976| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
9977| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
9978| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
9979| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
9980| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
9981| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
9982| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
9983| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
9984| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
9985| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
9986| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
9987| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
9988| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
9989| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
9990| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
9991| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
9992| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
9993| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
9994| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
9995| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
9996| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
9997| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
9998| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
9999| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
10000| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
10001| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
10002| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
10003| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
10004| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
10005| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
10006| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
10007| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
10008| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
10009| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
10010| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
10011| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
10012| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
10013| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
10014| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
10015| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
10016| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
10017| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
10018| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
10019| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
10020| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
10021| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
10022| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
10023| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
10024| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
10025| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
10026| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
10027| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
10028| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
10029| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
10030| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
10031| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
10032| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
10033| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
10034| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
10035| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
10036| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
10037| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
10038| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
10039| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
10040| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
10041| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
10042| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
10043| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
10044| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
10045| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
10046| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
10047| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
10048| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
10049| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
10050| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
10051| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
10052| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
10053| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
10054| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
10055| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
10056| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
10057| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
10058| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
10059| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
10060| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
10061| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
10062| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
10063| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
10064|
10065| SecurityFocus - https://www.securityfocus.com/bid/:
10066| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
10067| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
10068| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
10069| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
10070| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
10071| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
10072| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
10073| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
10074| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
10075| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
10076| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
10077| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
10078| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
10079| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
10080| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
10081| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
10082| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
10083| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
10084| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
10085| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
10086| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
10087| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
10088| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
10089| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
10090| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
10091| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
10092| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
10093| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
10094| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
10095| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
10096| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
10097| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
10098| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
10099| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
10100| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
10101| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
10102| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
10103| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
10104| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
10105| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
10106| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
10107| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
10108| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
10109| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
10110| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
10111| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
10112| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
10113| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
10114| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
10115| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
10116| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
10117| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
10118| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
10119| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
10120| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
10121| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
10122| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
10123| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
10124| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
10125| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
10126| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
10127| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
10128| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
10129| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
10130| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
10131| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
10132| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
10133| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
10134| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
10135| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
10136| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
10137| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
10138| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
10139| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
10140| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
10141| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
10142| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
10143| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
10144| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
10145| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
10146| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
10147| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
10148| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
10149| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
10150| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
10151| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
10152| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
10153| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
10154| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
10155| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
10156| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
10157| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
10158| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
10159| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
10160| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
10161| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
10162| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
10163| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
10164| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
10165| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
10166| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
10167| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
10168| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
10169| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
10170| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
10171| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
10172| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
10173| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
10174| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
10175| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
10176| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
10177| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
10178| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
10179| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
10180| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
10181| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
10182| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
10183| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
10184| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
10185| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
10186| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
10187| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
10188| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
10189| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
10190| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
10191| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
10192| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
10193| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
10194| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
10195| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
10196| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
10197| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
10198| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
10199| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
10200| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
10201| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
10202| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
10203| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
10204| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
10205| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
10206| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
10207| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
10208| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
10209| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
10210| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
10211| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
10212| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
10213| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
10214| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
10215| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
10216| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
10217| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
10218| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
10219| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
10220| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
10221| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
10222| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
10223| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
10224| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
10225| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
10226| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
10227| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
10228| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
10229| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
10230| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
10231| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
10232| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
10233| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
10234| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
10235| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
10236| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
10237| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
10238| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
10239| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
10240| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
10241| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
10242| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
10243| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
10244| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
10245| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
10246| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
10247| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
10248| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
10249| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
10250| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
10251| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
10252| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
10253| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
10254| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
10255| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
10256| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
10257| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
10258| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
10259| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
10260| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
10261| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
10262| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
10263| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
10264| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
10265| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
10266| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
10267| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
10268| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
10269| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
10270| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
10271| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
10272| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
10273| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
10274| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
10275| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
10276| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
10277| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
10278| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
10279| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
10280| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
10281| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
10282| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
10283| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
10284| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
10285| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
10286| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
10287| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
10288| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
10289| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
10290| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
10291| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
10292| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
10293| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
10294| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
10295| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
10296| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
10297| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
10298| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
10299| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
10300| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
10301| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
10302| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
10303| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
10304| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
10305| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
10306| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
10307| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
10308| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
10309| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
10310| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
10311| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
10312| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
10313| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
10314| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
10315| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
10316| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
10317| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
10318| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
10319| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
10320| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
10321| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
10322| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
10323| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
10324| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
10325| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
10326| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
10327| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
10328| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
10329| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
10330| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
10331| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
10332| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
10333| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
10334| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
10335| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
10336| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
10337| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
10338| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
10339| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
10340| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
10341| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
10342| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
10343| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
10344| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
10345| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
10346| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
10347| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
10348| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
10349| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
10350| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
10351| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
10352| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
10353| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
10354| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
10355| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
10356| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
10357| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
10358| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
10359| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
10360| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
10361| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
10362| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
10363| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
10364| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
10365| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
10366| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
10367| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
10368| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
10369| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
10370| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
10371| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
10372| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
10373| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
10374| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
10375| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
10376| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
10377| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
10378| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
10379| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
10380| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
10381| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
10382| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
10383| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
10384| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
10385| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
10386| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
10387| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
10388| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
10389| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
10390| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
10391| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
10392| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
10393| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
10394| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
10395| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
10396| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
10397| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
10398| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
10399| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
10400| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
10401| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
10402| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
10403| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
10404| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
10405| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
10406| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
10407| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
10408| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
10409| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
10410| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
10411| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
10412| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
10413| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
10414| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
10415| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
10416| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
10417| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
10418| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
10419| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
10420| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
10421| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
10422| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
10423| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
10424| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
10425| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
10426| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
10427| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
10428| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
10429| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
10430| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
10431| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
10432| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
10433| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
10434| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
10435| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
10436| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
10437| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
10438| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
10439| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
10440| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
10441| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
10442| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
10443| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
10444| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
10445| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
10446| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
10447| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
10448| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
10449| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
10450| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
10451| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
10452| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
10453| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
10454| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
10455| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
10456| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
10457| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
10458| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
10459| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
10460| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
10461| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
10462| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
10463| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
10464| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
10465| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
10466| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
10467| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
10468| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
10469| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
10470| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
10471| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
10472| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
10473| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
10474| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
10475| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
10476| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
10477| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
10478| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
10479| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
10480| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
10481| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
10482| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
10483| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
10484| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
10485| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
10486| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
10487| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
10488| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
10489| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
10490| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
10491| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
10492| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
10493| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
10494| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
10495| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
10496| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
10497| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
10498| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
10499| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
10500| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
10501| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
10502| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
10503| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
10504| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
10505| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
10506| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
10507| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
10508| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
10509| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
10510| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
10511| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
10512| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
10513| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
10514| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
10515| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
10516| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
10517| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
10518| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
10519| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
10520| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
10521| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
10522| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
10523| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
10524| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
10525| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
10526| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
10527| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
10528| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
10529| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
10530| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
10531| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
10532| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
10533| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
10534| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
10535| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
10536| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
10537| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
10538| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
10539| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
10540| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
10541| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
10542| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
10543| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
10544| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
10545| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
10546| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
10547| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
10548| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
10549| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
10550| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
10551| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
10552| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
10553| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
10554| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
10555| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
10556| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
10557| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
10558| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
10559| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
10560| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
10561| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
10562| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
10563| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
10564| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
10565| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
10566| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
10567| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
10568| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
10569| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
10570| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
10571| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
10572| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
10573| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
10574| [56791] Oracle MySQL Remote Code Execution Vulnerability
10575| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
10576| [56772] Oracle MySQL Remote Code Execution Vulnerability
10577| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
10578| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
10579| [56768] Oracle MySQL Server Heap Overflow Vulnerability
10580| [56766] Oracle MySQL Server Username Enumeration Weakness
10581| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
10582| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
10583| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
10584| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
10585| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
10586| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
10587| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
10588| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
10589| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
10590| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
10591| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
10592| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
10593| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
10594| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
10595| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
10596| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
10597| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
10598| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
10599| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
10600| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
10601| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
10602| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
10603| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
10604| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
10605| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
10606| [53306] MySQLDumper Multiple Security Vulnerabilities
10607| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
10608| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
10609| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
10610| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
10611| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
10612| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
10613| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
10614| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
10615| [51925] MySQL Unspecified Remote Code Execution Vulnerability
10616| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
10617| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
10618| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
10619| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
10620| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
10621| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
10622| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
10623| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
10624| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
10625| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
10626| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
10627| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
10628| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
10629| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
10630| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
10631| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
10632| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
10633| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
10634| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
10635| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
10636| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
10637| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
10638| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
10639| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
10640| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
10641| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
10642| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
10643| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
10644| [48466] MySQLDriverCS SQL Injection Vulnerability
10645| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
10646| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
10647| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
10648| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
10649| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
10650| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
10651| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
10652| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
10653| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
10654| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
10655| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
10656| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
10657| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
10658| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
10659| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
10660| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
10661| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
10662| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
10663| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
10664| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
10665| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
10666| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
10667| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
10668| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
10669| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
10670| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
10671| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
10672| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
10673| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
10674| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
10675| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
10676| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
10677| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
10678| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
10679| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
10680| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
10681| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
10682| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
10683| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
10684| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
10685| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
10686| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
10687| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
10688| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
10689| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
10690| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
10691| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
10692| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
10693| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
10694| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
10695| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
10696| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
10697| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
10698| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
10699| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
10700| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
10701| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
10702| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
10703| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
10704| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
10705| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
10706| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
10707| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
10708| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
10709| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
10710| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
10711| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
10712| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
10713| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
10714| [26156] Bacula MySQL Password Information Disclosure Vulnerability
10715| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
10716| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
10717| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
10718| [24016] MySQL Rename Table Function Access Validation Vulnerability
10719| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
10720| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
10721| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
10722| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
10723| [22941] MySQL Commander Remote File Include Vulnerability
10724| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
10725| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
10726| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
10727| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
10728| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
10729| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
10730| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
10731| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
10732| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
10733| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
10734| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
10735| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
10736| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
10737| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
10738| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
10739| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
10740| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
10741| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
10742| [16850] MySQL Query Logging Bypass Vulnerability
10743| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
10744| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
10745| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
10746| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
10747| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
10748| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
10749| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
10750| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
10751| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
10752| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
10753| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
10754| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
10755| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
10756| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
10757| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
10758| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
10759| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
10760| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
10761| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
10762| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
10763| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
10764| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
10765| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
10766| [11357] MySQL Multiple Local Vulnerabilities
10767| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
10768| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
10769| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
10770| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
10771| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
10772| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
10773| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
10774| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
10775| [10654] MySQL Authentication Bypass Vulnerability
10776| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
10777| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
10778| [8796] MySQL Multiple Vulnerabilities
10779| [8590] MySQL Password Handler Buffer Overflow Vulnerability
10780| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
10781| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
10782| [7500] MySQL Weak Password Encryption Vulnerability
10783| [7052] MySQL mysqld Privilege Escalation Vulnerability
10784| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
10785| [6718] MySQL Double Free Heap Corruption Vulnerability
10786| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
10787| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
10788| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
10789| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
10790| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
10791| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
10792| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
10793| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
10794| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
10795| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
10796| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
10797| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
10798| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
10799| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
10800| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
10801| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
10802| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
10803| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
10804| [2262] Mysql Local Buffer Overflow Vulnerability
10805| [1850] pam_mysql Authentication Input Validation Vulnerability
10806| [1826] MySQL Authentication Algorithm Vulnerability
10807| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
10808| [975] MySQL Unauthenticated Remote Access Vulnerability
10809| [926] MySQL GRANT Global Password Changing Vulnerability
10810|
10811| IBM X-Force - https://exchange.xforce.ibmcloud.com:
10812| [85724] Oracle MySQL Server XA Transactions denial of service
10813| [85723] Oracle MySQL Server Server Replication denial of service
10814| [85722] Oracle MySQL Server InnoDB denial of service
10815| [85721] Oracle MySQL Server Server Privileges unspecified
10816| [85720] Oracle MySQL Server Server Partition denial of service
10817| [85719] Oracle MySQL Server Server Parser denial of service
10818| [85718] Oracle MySQL Server Server Options denial of service
10819| [85717] Oracle MySQL Server Server Options denial of service
10820| [85716] Oracle MySQL Server Server Optimizer denial of service
10821| [85715] Oracle MySQL Server Server Optimizer denial of service
10822| [85714] Oracle MySQL Server Prepared Statements denial of service
10823| [85713] Oracle MySQL Server InnoDB denial of service
10824| [85712] Oracle MySQL Server Full Text Search denial of service
10825| [85711] Oracle MySQL Server Data Manipulation Language denial of service
10826| [85710] Oracle MySQL Server Data Manipulation Language denial of service
10827| [85709] Oracle MySQL Server Audit Log unspecified
10828| [85708] Oracle MySQL Server MemCached unspecified
10829| [84846] Debian mysql-server package information disclosure
10830| [84375] Wireshark MySQL dissector denial of service
10831| [83554] Oracle MySQL Server Server Partition denial of service
10832| [83553] Oracle MySQL Server Server Locking denial of service
10833| [83552] Oracle MySQL Server Server Install unspecified
10834| [83551] Oracle MySQL Server Server Types denial of service
10835| [83550] Oracle MySQL Server Server Privileges unspecified
10836| [83549] Oracle MySQL Server InnoDB denial of service
10837| [83548] Oracle MySQL Server InnoDB denial of service
10838| [83547] Oracle MySQL Server Data Manipulation Language denial of service
10839| [83546] Oracle MySQL Server Stored Procedure denial of service
10840| [83545] Oracle MySQL Server Server Replication denial of service
10841| [83544] Oracle MySQL Server Server Partition denial of service
10842| [83543] Oracle MySQL Server Server Optimizer denial of service
10843| [83542] Oracle MySQL Server InnoDB denial of service
10844| [83541] Oracle MySQL Server Information Schema denial of service
10845| [83540] Oracle MySQL Server Data Manipulation Language denial of service
10846| [83539] Oracle MySQL Server Data Manipulation Language denial of service
10847| [83538] Oracle MySQL Server Server Optimizer unspecified
10848| [83537] Oracle MySQL Server MemCached denial of service
10849| [83536] Oracle MySQL Server Server Privileges unspecified
10850| [83535] Oracle MySQL Server Server Privileges unspecified
10851| [83534] Oracle MySQL Server Server unspecified
10852| [83533] Oracle MySQL Server Information Schema unspecified
10853| [83532] Oracle MySQL Server Server Locking unspecified
10854| [83531] Oracle MySQL Server Data Manipulation Language denial of service
10855| [83388] MySQL administrative login attempt detected
10856| [82963] Mambo MySQL database information disclosure
10857| [82946] Oracle MySQL buffer overflow
10858| [82945] Oracle MySQL buffer overflow
10859| [82895] Oracle MySQL and MariaDB geometry queries denial of service
10860| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
10861| [81325] Oracle MySQL Server Server Privileges denial of service
10862| [81324] Oracle MySQL Server Server Partition denial of service
10863| [81323] Oracle MySQL Server Server Optimizer denial of service
10864| [81322] Oracle MySQL Server Server Optimizer denial of service
10865| [81321] Oracle MySQL Server Server denial of service
10866| [81320] Oracle MySQL Server MyISAM denial of service
10867| [81319] Oracle MySQL Server InnoDB denial of service
10868| [81318] Oracle MySQL Server InnoDB denial of service
10869| [81317] Oracle MySQL Server Server Locking denial of service
10870| [81316] Oracle MySQL Server Server denial of service
10871| [81315] Oracle MySQL Server Server Replication unspecified
10872| [81314] Oracle MySQL Server Server Replication unspecified
10873| [81313] Oracle MySQL Server Stored Procedure denial of service
10874| [81312] Oracle MySQL Server Server Optimizer denial of service
10875| [81311] Oracle MySQL Server Information Schema denial of service
10876| [81310] Oracle MySQL Server GIS Extension denial of service
10877| [80790] Oracle MySQL yaSSL buffer overflow
10878| [80553] Oracle MySQL and MariaDB salt security bypass
10879| [80443] Oracle MySQL Server unspecified code execution
10880| [80442] Oracle MySQL Server acl_get() buffer overflow
10881| [80440] Oracle MySQL Server table buffer overflow
10882| [80435] Oracle MySQL Server database privilege escalation
10883| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
10884| [80433] Oracle MySQL Server Stuxnet privilege escalation
10885| [80432] Oracle MySQL Server authentication information disclosure
10886| [79394] Oracle MySQL Server Server Installation information disclosure
10887| [79393] Oracle MySQL Server Server Replication denial of service
10888| [79392] Oracle MySQL Server Server Full Text Search denial of service
10889| [79391] Oracle MySQL Server Server denial of service
10890| [79390] Oracle MySQL Server Client information disclosure
10891| [79389] Oracle MySQL Server Server Optimizer denial of service
10892| [79388] Oracle MySQL Server Server Optimizer denial of service
10893| [79387] Oracle MySQL Server Server denial of service
10894| [79386] Oracle MySQL Server InnoDB Plugin denial of service
10895| [79385] Oracle MySQL Server InnoDB denial of service
10896| [79384] Oracle MySQL Server Client unspecified
10897| [79383] Oracle MySQL Server Server denial of service
10898| [79382] Oracle MySQL Server Protocol unspecified
10899| [79381] Oracle MySQL Server Information Schema unspecified
10900| [78954] SilverStripe MySQLDatabase.php information disclosure
10901| [78948] MySQL MyISAM table symlink
10902| [77865] MySQL unknown vuln
10903| [77864] MySQL sort order denial of service
10904| [77768] MySQLDumper refresh_dblist.php information disclosure
10905| [77177] MySQL Squid Access Report unspecified cross-site scripting
10906| [77065] Oracle MySQL Server Optimizer denial of service
10907| [77064] Oracle MySQL Server Optimizer denial of service
10908| [77063] Oracle MySQL Server denial of service
10909| [77062] Oracle MySQL InnoDB denial of service
10910| [77061] Oracle MySQL GIS Extension denial of service
10911| [77060] Oracle MySQL Server Optimizer denial of service
10912| [76189] MySQL unspecified error
10913| [76188] MySQL attempts security bypass
10914| [75287] MySQLDumper restore.php information disclosure
10915| [75286] MySQLDumper filemanagement.php directory traversal
10916| [75285] MySQLDumper main.php cross-site request forgery
10917| [75284] MySQLDumper install.php cross-site scripting
10918| [75283] MySQLDumper install.php file include
10919| [75282] MySQLDumper menu.php code execution
10920| [75022] Oracle MySQL Server Server Optimizer denial of service
10921| [75021] Oracle MySQL Server Server Optimizer denial of service
10922| [75020] Oracle MySQL Server Server DML denial of service
10923| [75019] Oracle MySQL Server Partition denial of service
10924| [75018] Oracle MySQL Server MyISAM denial of service
10925| [75017] Oracle MySQL Server Server Optimizer denial of service
10926| [74672] Oracle MySQL Server multiple unspecified
10927| [73092] MySQL unspecified code execution
10928| [72540] Oracle MySQL Server denial of service
10929| [72539] Oracle MySQL Server unspecified
10930| [72538] Oracle MySQL Server denial of service
10931| [72537] Oracle MySQL Server denial of service
10932| [72536] Oracle MySQL Server unspecified
10933| [72535] Oracle MySQL Server denial of service
10934| [72534] Oracle MySQL Server denial of service
10935| [72533] Oracle MySQL Server denial of service
10936| [72532] Oracle MySQL Server denial of service
10937| [72531] Oracle MySQL Server denial of service
10938| [72530] Oracle MySQL Server denial of service
10939| [72529] Oracle MySQL Server denial of service
10940| [72528] Oracle MySQL Server denial of service
10941| [72527] Oracle MySQL Server denial of service
10942| [72526] Oracle MySQL Server denial of service
10943| [72525] Oracle MySQL Server information disclosure
10944| [72524] Oracle MySQL Server denial of service
10945| [72523] Oracle MySQL Server denial of service
10946| [72522] Oracle MySQL Server denial of service
10947| [72521] Oracle MySQL Server denial of service
10948| [72520] Oracle MySQL Server denial of service
10949| [72519] Oracle MySQL Server denial of service
10950| [72518] Oracle MySQL Server unspecified
10951| [72517] Oracle MySQL Server unspecified
10952| [72516] Oracle MySQL Server unspecified
10953| [72515] Oracle MySQL Server denial of service
10954| [72514] Oracle MySQL Server unspecified
10955| [71965] MySQL port denial of service
10956| [70680] DBD::mysqlPP unspecified SQL injection
10957| [70370] TaskFreak! multi-mysql unspecified path disclosure
10958| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
10959| [68294] MySQLDriverCS statement.cs sql injection
10960| [68175] Prosody MySQL denial of service
10961| [67539] Zend Framework MySQL PDO security bypass
10962| [67254] DirectAdmin MySQL information disclosure
10963| [66567] Xoops mysql.sql information disclosure
10964| [65871] PyWebDAV MySQLAuthHandler class SQL injection
10965| [65543] MySQL Select Arbitrary data into a File
10966| [65529] MySQL Eventum full_name field cross-site scripting
10967| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
10968| [65379] Oracle MySQL Eventum list.php cross-site scripting
10969| [65266] Accellion File Transfer Appliance MySQL default password
10970| [64878] MySQL Geometry denial of service
10971| [64877] MySQL EXPLAIN EXTENDED denial of service
10972| [64876] MySQL prepared statement denial of service
10973| [64845] MySQL extreme-value denial of service
10974| [64844] MySQL Gis_line_string::init_from_wkb denial of service
10975| [64843] MySQL user-variable denial of service
10976| [64842] MySQL view preparation denial of service
10977| [64841] MySQL prepared statement denial of service
10978| [64840] MySQL LONGBLOB denial of service
10979| [64839] MySQL invocations denial of service
10980| [64838] MySQL Gis_line_string::init_from_wkb denial of service
10981| [64689] MySQL dict0crea.c denial of service
10982| [64688] MySQL SET column denial of service
10983| [64687] MySQL BINLOG command denial of service
10984| [64686] MySQL InnoDB denial of service
10985| [64685] MySQL HANDLER interface denial of service
10986| [64684] MySQL Item_singlerow_subselect::store denial of service
10987| [64683] MySQL OK packet denial of service
10988| [63518] MySQL Query Browser GUI Tools information disclosure
10989| [63517] MySQL Administrator GUI Tools information disclosure
10990| [62272] MySQL PolyFromWKB() denial of service
10991| [62269] MySQL LIKE predicates denial of service
10992| [62268] MySQL joins denial of service
10993| [62267] MySQL GREATEST() or LEAST() denial of service
10994| [62266] MySQL GROUP_CONCAT() denial of service
10995| [62265] MySQL expression values denial of service
10996| [62264] MySQL temporary table denial of service
10997| [62263] MySQL LEAST() or GREATEST() denial of service
10998| [62262] MySQL replication privilege escalation
10999| [61739] MySQL WITH ROLLUP denial of service
11000| [61343] MySQL LOAD DATA INFILE denial of service
11001| [61342] MySQL EXPLAIN denial of service
11002| [61341] MySQL HANDLER denial of service
11003| [61340] MySQL BINLOG denial of service
11004| [61339] MySQL IN() or CASE denial of service
11005| [61338] MySQL SET denial of service
11006| [61337] MySQL DDL denial of service
11007| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
11008| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
11009| [61316] PHP php_mysqlnd_auth_write buffer overflow
11010| [61274] MySQL TEMPORARY InnoDB denial of service
11011| [59905] MySQL ALTER DATABASE denial of service
11012| [59841] CMySQLite updateUser.php cross-site request forgery
11013| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
11014| [59075] PHP php_mysqlnd_auth_write() buffer overflow
11015| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
11016| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
11017| [59072] PHP php_mysqlnd_ok_read() information disclosure
11018| [58842] MySQL DROP TABLE file deletion
11019| [58676] Template Shares MySQL information disclosure
11020| [58531] MySQL COM_FIELD_LIST buffer overflow
11021| [58530] MySQL packet denial of service
11022| [58529] MySQL COM_FIELD_LIST security bypass
11023| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
11024| [57925] MySQL UNINSTALL PLUGIN security bypass
11025| [57006] Quicksilver Forums mysqldump information disclosure
11026| [56800] Employee Timeclock Software mysqldump information disclosure
11027| [56200] Flex MySQL Connector ActionScript SQL injection
11028| [55877] MySQL yaSSL buffer overflow
11029| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
11030| [55416] MySQL unspecified buffer overflow
11031| [55382] Ublog UblogMySQL.sql information disclosure
11032| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
11033| [54597] MySQL sql_table.cc security bypass
11034| [54596] MySQL mysqld denial of service
11035| [54365] MySQL OpenSSL security bypass
11036| [54364] MySQL MyISAM table symlink
11037| [53950] The mysql-ocaml mysql_real_escape_string weak security
11038| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
11039| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
11040| [52660] iScouter PHP Web Portal MySQL Password Retrieval
11041| [52220] aa33code mysql.inc information disclosure
11042| [52122] MySQL Connector/J unicode SQL injection
11043| [51614] MySQL dispatch_command() denial of service
11044| [51406] MySQL Connector/NET SSL spoofing
11045| [49202] MySQL UDF command execution
11046| [49050] MySQL XPath denial of service
11047| [48919] Cisco Application Networking Manager MySQL default account password
11048| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
11049| [47544] MySQL Calendar index.php SQL injection
11050| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
11051| [45649] MySQL MyISAM symlink security bypass
11052| [45648] MySQL MyISAM symlinks security bypass
11053| [45607] MySQL Quick Admin actions.php file include
11054| [45606] MySQL Quick Admin index.php file include
11055| [45590] MySQL command-line client cross-site scripting
11056| [45436] PromoteWeb MySQL go.php SQL injection
11057| [45042] MySQL empty bit-string literal denial of service
11058| [44662] mysql-lists unspecified cross-site scripting
11059| [42267] MySQL MyISAM security bypass
11060| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
11061| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
11062| [40920] MySQL sql_select.cc denial of service
11063| [40734] MySQL Server BINLOG privilege escalation
11064| [40350] MySQL password information disclosure
11065| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
11066| [39402] PHP LOCAL INFILE and MySQL extension security bypass
11067| [38999] aurora framework db_mysql.lib SQL injection
11068| [38990] MySQL federated engine denial of service
11069| [38989] MySQL DEFINER value privilege escalation
11070| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
11071| [38964] MySQL RENAME TABLE symlink
11072| [38733] ManageEngine EventLog Analyzer MySQL default password
11073| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
11074| [38189] MySQL default root password
11075| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
11076| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
11077| [36555] PHP MySQL extension multiple functions security bypass
11078| [35960] MySQL view privilege escalation
11079| [35959] MySQL CREATE TABLE LIKE information disclosure
11080| [35958] MySQL connection protocol denial of service
11081| [35291] MySQLDumper main.php security bypass
11082| [34811] MySQL udf_init and mysql_create_function command execution
11083| [34809] MySQL mysql_update privilege escalation
11084| [34349] MySQL ALTER information disclosure
11085| [34348] MySQL mysql_change_db privilege escalation
11086| [34347] MySQL RENAME TABLE weak security
11087| [34232] MySQL IF clause denial of service
11088| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
11089| [33285] Eve-Nuke mysql.php file include
11090| [32957] MySQL Commander dbopen.php file include
11091| [32933] cPanel load_language.php and mysqlconfig.php file include
11092| [32911] MySQL filesort function denial of service
11093| [32462] cPanel passwdmysql cross-site scripting
11094| [32288] RHSA-2006:0544 updates for mysql not installed
11095| [32266] MySQLNewsEngine affichearticles.php3 file include
11096| [31244] The Address Book MySQL export.php password information disclosure
11097| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
11098| [30760] BTSaveMySql URL file disclosure
11099| [30191] StoryStream mysql.php and mysqli.php file include
11100| [30085] MySQL MS-DOS device name denial of service
11101| [30031] Agora MysqlfinderAdmin.php file include
11102| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
11103| [29179] paBugs class.mysql.php file include
11104| [29120] ZoomStats MySQL file include
11105| [28448] MySQL case sensitive database name privilege escalation
11106| [28442] MySQL GRANT EXECUTE privilege escalation
11107| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
11108| [28202] MySQL multiupdate subselect query denial of service
11109| [28180] MySQL MERGE table security bypass
11110| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
11111| [27995] Opsware Network Automation System MySQL plaintext password
11112| [27904] MySQL date_format() format string
11113| [27635] MySQL Instance Manager denial of service
11114| [27212] MySQL SELECT str_to_date denial of service
11115| [26875] MySQL ASCII escaping SQL injection
11116| [26420] Apple Mac OS X MySQL Manager blank password
11117| [26236] MySQL login packet information disclosure
11118| [26232] MySQL COM_TABLE_DUMP buffer overflow
11119| [26228] MySQL sql_parce.cc information disclosure
11120| [26042] MySQL running
11121| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
11122| [24966] MySQL mysql_real_query logging bypass
11123| [24653] PAM-MySQL logging function denial of service
11124| [24652] PAM-MySQL authentication double free code execution
11125| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
11126| [24095] PHP ext/mysqli exception handling format string
11127| [23990] PHP mysql_connect() buffer overflow
11128| [23596] MySQL Auction search module could allow cross-site scripting
11129| [22642] RHSA-2005:334 updates for mysql not installed
11130| [21757] MySQL UDF library functions command execution
11131| [21756] MySQL LoadLibraryEx function denial of service
11132| [21738] MySQL UDF mysql_create_function function directory traversal
11133| [21737] MySQL user defined function buffer overflow
11134| [21640] MySQL Eventum multiple class SQL injection
11135| [21638] MySQL Eventum multiple scripts cross-site scripting
11136| [20984] xmysqladmin temporary file symlink
11137| [20656] MySQL mysql_install_db script symlink
11138| [20333] Plans MySQL password information disclosure
11139| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
11140| [19658] MySQL udf_init function gain access
11141| [19576] auraCMS mysql_fetch_row function path disclosure
11142| [18922] MySQL mysqlaccess script symlink attack
11143| [18824] MySQL UDF root privileges
11144| [18464] mysql_auth unspecified vulnerability
11145| [18449] Sugar Sales plaintext MySQL password
11146| [17783] MySQL underscore allows elevated privileges
11147| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
11148| [17667] MySQL UNION change denial of service
11149| [17666] MySQL ALTER TABLE RENAME bypass restriction
11150| [17493] MySQL libmysqlclient bulk inserts buffer overflow
11151| [17462] MySQLGuest AWSguest.php script cross-site scripting
11152| [17047] MySQL mysql_real_connect buffer overflow
11153| [17030] MySQL mysqlhotcopy insecure temporary file
11154| [16612] MySQL my_rnd buffer overflow
11155| [16604] MySQL check_scramble_323 function allows unauthorized access
11156| [15883] MySQL mysqld_multi script symlink attack
11157| [15617] MySQL mysqlbug script symlink attack
11158| [15417] Confixx db_mysql_loeschen2.php SQL injection
11159| [15280] Proofpoint Protection Server MySQL allows unauthorized access
11160| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
11161| [13153] MySQL long password buffer overflow
11162| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
11163| [12540] Teapop PostSQL and MySQL modules SQL injection
11164| [12337] MySQL mysql_real_connect function buffer overflow
11165| [11510] MySQL datadir/my.cnf modification could allow root privileges
11166| [11493] mysqlcc configuration and connection files are world writable
11167| [11340] SuckBot mod_mysql_logger denial of service
11168| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
11169| [10850] MySQL libmysql client read_one_row buffer overflow
11170| [10849] MySQL libmysql client read_rows buffer overflow
11171| [10848] MySQL COM_CHANGE_USER password buffer overflow
11172| [10847] MySQL COM_CHANGE_USER command password authentication bypass
11173| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
11174| [10483] Bugzilla stores passwords in plain text in the MySQL database
11175| [10455] gBook MySQL could allow administrative access
11176| [10243] MySQL my.ini "
11177| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
11178| [9909] MySQL logging disabled by default on Windows
11179| [9908] MySQL binding to the loopback adapter is disabled
11180| [9902] MySQL default root password could allow unauthorized access
11181| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
11182| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
11183| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
11184| [7206] WinMySQLadmin stores MySQL password in plain text
11185| [6617] MySQL "
11186| [6419] MySQL drop database command buffer overflow
11187| [6418] MySQL libmysqlclient.so buffer overflow
11188| [5969] MySQL select buffer overflow
11189| [5447] pam_mysql authentication input
11190| [5409] MySQL authentication algorithm obtain password hash
11191| [5057] PCCS MySQL Database Admin Tool could reveal username and password
11192| [4228] MySQL unauthenticated remote access
11193| [3849] MySQL default test account could allow any user to connect to the database
11194| [1568] MySQL creates readable log files
11195|
11196| Exploit-DB - https://www.exploit-db.com:
11197| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
11198| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
11199| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
11200| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
11201| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
11202| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
11203| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
11204| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
11205| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
11206| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
11207| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
11208| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
11209| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
11210| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
11211| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
11212| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
11213| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
11214| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
11215| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
11216| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
11217| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
11218| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
11219| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
11220| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
11221| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
11222| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
11223| [23179] Oracle MySQL for Microsoft Windows MOF Execution
11224| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
11225| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
11226| [23081] MySQL Remote Preauth User Enumeration Zeroday
11227| [23078] MySQL Denial of Service Zeroday PoC
11228| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
11229| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
11230| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
11231| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
11232| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
11233| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
11234| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
11235| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
11236| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
11237| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
11238| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
11239| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
11240| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
11241| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
11242| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
11243| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
11244| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
11245| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
11246| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
11247| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
11248| [19092] MySQL Remote Root Authentication Bypass
11249| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
11250| [16957] Oracle MySQL for Microsoft Windows Payload Execution
11251| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
11252| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
11253| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
11254| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
11255| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
11256| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
11257| [14096] CMSQlite & CMySQLite CSRF Vulnerability
11258| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
11259| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
11260| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
11261| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
11262| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
11263| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
11264| [7856] MySQL 4/5/6 UDF for Command Execution
11265| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
11266| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
11267| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
11268| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
11269| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
11270| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
11271| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
11272| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
11273| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
11274| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
11275| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
11276| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
11277| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
11278| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
11279| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
11280| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
11281| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
11282| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
11283| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
11284| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
11285| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
11286| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
11287| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
11288| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
11289| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
11290| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
11291| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
11292| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
11293| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
11294| [98] MySQL 3.23.x/4.0.x Remote Exploit
11295|
11296| OpenVAS (Nessus) - http://www.openvas.org:
11297| [902675] MySQLDumper Multiple Vulnerabilities
11298| [881549] CentOS Update for mysql CESA-2012:1551 centos6
11299| [881538] CentOS Update for mysql CESA-2012:1462 centos6
11300| [881225] CentOS Update for mysql CESA-2012:0105 centos6
11301| [881185] CentOS Update for mysql CESA-2012:0127 centos5
11302| [881061] CentOS Update for mysql CESA-2012:0874 centos6
11303| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
11304| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
11305| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
11306| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
11307| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
11308| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
11309| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
11310| [870870] RedHat Update for mysql RHSA-2012:1551-01
11311| [870861] RedHat Update for mysql RHSA-2012:1462-01
11312| [870778] RedHat Update for mysql RHSA-2012:0874-04
11313| [870736] RedHat Update for mysql RHSA-2011:0164-01
11314| [870647] RedHat Update for mysql RHSA-2012:0105-01
11315| [870547] RedHat Update for mysql RHSA-2012:0127-01
11316| [870357] RedHat Update for mysql RHSA-2010:0824-01
11317| [870356] RedHat Update for mysql RHSA-2010:0825-01
11318| [870272] RedHat Update for mysql RHSA-2010:0442-01
11319| [870218] RedHat Update for mysql RHSA-2010:0110-01
11320| [870216] RedHat Update for mysql RHSA-2010:0109-01
11321| [870195] RedHat Update for mysql RHSA-2007:1155-01
11322| [870069] RedHat Update for mysql RHSA-2008:0364-01
11323| [870033] RedHat Update for mysql RHSA-2008:0768-01
11324| [864951] Fedora Update for mysql FEDORA-2012-19823
11325| [864945] Fedora Update for mysql FEDORA-2012-19833
11326| [864504] Fedora Update for mysql FEDORA-2012-9324
11327| [864474] Fedora Update for mysql FEDORA-2012-9308
11328| [863910] Fedora Update for mysql FEDORA-2012-0972
11329| [863725] Fedora Update for mysql FEDORA-2012-0987
11330| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
11331| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
11332| [862676] Fedora Update for mysql FEDORA-2010-15147
11333| [862444] Fedora Update for mysql FEDORA-2010-15166
11334| [862300] Fedora Update for mysql FEDORA-2010-11126
11335| [862290] Fedora Update for mysql FEDORA-2010-11135
11336| [862149] Fedora Update for mysql FEDORA-2010-9053
11337| [862148] Fedora Update for mysql FEDORA-2010-9061
11338| [862136] Fedora Update for mysql FEDORA-2010-9016
11339| [861948] Fedora Update for mysql FEDORA-2010-7355
11340| [861936] Fedora Update for mysql FEDORA-2010-7414
11341| [861707] Fedora Update for mysql FEDORA-2010-1300
11342| [861651] Fedora Update for mysql FEDORA-2010-1348
11343| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
11344| [861392] Fedora Update for mysql FEDORA-2007-4471
11345| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
11346| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
11347| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
11348| [861033] Fedora Update for mysql FEDORA-2007-4465
11349| [855481] Solaris Update for mysql 120292-02
11350| [855333] Solaris Update for mysql 120293-02
11351| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
11352| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
11353| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
11354| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
11355| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
11356| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
11357| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
11358| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
11359| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
11360| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
11361| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
11362| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
11363| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
11364| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
11365| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
11366| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
11367| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
11368| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
11369| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
11370| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
11371| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
11372| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
11373| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
11374| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
11375| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
11376| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
11377| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
11378| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
11379| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
11380| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
11381| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
11382| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
11383| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
11384| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
11385| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
11386| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
11387| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
11388| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
11389| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
11390| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
11391| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
11392| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
11393| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
11394| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
11395| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
11396| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
11397| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
11398| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
11399| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
11400| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
11401| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
11402| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
11403| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
11404| [70586] FreeBSD Ports: proftpd, proftpd-mysql
11405| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
11406| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
11407| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
11408| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
11409| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
11410| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
11411| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
11412| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
11413| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
11414| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
11415| [65937] SLES10: Security update for MySQL
11416| [65884] SLES10: Security update for MySQL
11417| [65827] SLES10: Security update for MySQL
11418| [65710] SLES11: Security update for MySQL
11419| [65610] SLES9: Security update for MySQL
11420| [65566] SLES9: Security update for MySQL
11421| [65507] SLES9: Security update for MySQL
11422| [65502] SLES9: Security update for mysql
11423| [65426] SLES9: Security update for MySQL
11424| [65385] SLES9: Security update for mysql
11425| [65341] SLES9: Security update for MySQL
11426| [65181] SLES9: Security update for MySQL
11427| [65176] SLES9: Security update for MySQL
11428| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
11429| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
11430| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
11431| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
11432| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
11433| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
11434| [63630] FreeBSD Ports: proftpd, proftpd-mysql
11435| [63171] FreeBSD Ports: mysql-server
11436| [63170] FreeBSD Ports: mysql-server
11437| [63169] FreeBSD Ports: mysql-server
11438| [63168] FreeBSD Ports: mysql-server
11439| [63095] FreeBSD Ports: mysql-server
11440| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
11441| [61699] FreeBSD Ports: mysql-client
11442| [61656] FreeBSD Ports: proftpd, proftpd-mysql
11443| [61618] FreeBSD Ports: mysql-server
11444| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
11445| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
11446| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
11447| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
11448| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
11449| [60017] Slackware Advisory SSA:2007-348-01 mysql
11450| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
11451| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
11452| [58863] FreeBSD Ports: freeradius, freeradius-mysql
11453| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
11454| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
11455| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
11456| [57725] FreeBSD Ports: proftpd, proftpd-mysql
11457| [57576] FreeBSD Ports: proftpd, proftpd-mysql
11458| [57527] FreeBSD Ports: mysql-server
11459| [57526] FreeBSD Ports: mysql-server
11460| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
11461| [57257] FreeBSD Ports: mysql-server
11462| [57167] Slackware Advisory SSA:2006-211-01 mysql
11463| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
11464| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
11465| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
11466| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
11467| [56861] Slackware Advisory SSA:2006-155-01 mysql
11468| [56850] FreeBSD Ports: mysql-server
11469| [56849] FreeBSD Ports: mysql-server
11470| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
11471| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
11472| [56788] Debian Security Advisory DSA 1071-1 (mysql)
11473| [56730] Slackware Advisory SSA:2006-129-02 mysql
11474| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
11475| [56714] FreeBSD Ports: mysql-server
11476| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
11477| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
11478| [55493] Debian Security Advisory DSA 829-1 (mysql)
11479| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
11480| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
11481| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
11482| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
11483| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
11484| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
11485| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
11486| [54483] FreeBSD Ports: proftpd, proftpd-mysql
11487| [54201] FreeBSD Ports: mysql-server
11488| [53776] Debian Security Advisory DSA 013-1 (mysql)
11489| [53755] Debian Security Advisory DSA 483-1 (mysql)
11490| [53750] Debian Security Advisory DSA 707-1 (mysql)
11491| [53666] Debian Security Advisory DSA 381-1 (mysql)
11492| [53595] Debian Security Advisory DSA 303-1 (mysql)
11493| [53585] Debian Security Advisory DSA 212-1 (mysql)
11494| [53481] Debian Security Advisory DSA 647-1 (mysql)
11495| [53251] Debian Security Advisory DSA 562-1 (mysql)
11496| [53230] Debian Security Advisory DSA 540-1 (mysql)
11497| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
11498| [52459] FreeBSD Ports: mysql-client
11499| [52419] FreeBSD Ports: mysql-scripts
11500| [52406] FreeBSD Ports: mysql-server
11501| [52375] FreeBSD Ports: mysql-server, mysql-client
11502| [52274] FreeBSD Ports: mysql-server
11503| [52273] FreeBSD Ports: mysql-server
11504| [52272] FreeBSD Ports: mysql-server
11505| [52271] FreeBSD Ports: mysql-server
11506| [52270] FreeBSD Ports: mysql-server
11507| [52233] FreeBSD Ports: mysql-scripts
11508| [52158] FreeBSD Ports: mysql-server
11509| [16093] MySQL Eventum Multiple flaws
11510| [12639] MySQL Authentication bypass through a zero-length password
11511| [10783] PCCS-Mysql User/Password Exposure
11512|
11513| SecurityTracker - https://www.securitytracker.com:
11514| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
11515| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
11516| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
11517| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
11518| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
11519| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
11520| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
11521| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
11522| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
11523| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
11524| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
11525| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
11526| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
11527| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
11528| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
11529| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
11530| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
11531| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
11532| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
11533| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
11534| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
11535| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
11536| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
11537| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
11538| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
11539| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
11540| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
11541| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
11542| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
11543| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
11544| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
11545| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
11546| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
11547| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
11548| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
11549| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
11550| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
11551| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
11552| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
11553| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
11554| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
11555| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
11556| [1016790] MySQL Replication Error Lets Local Users Deny Service
11557| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
11558| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
11559| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
11560| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
11561| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
11562| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
11563| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
11564| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
11565| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
11566| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
11567| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
11568| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
11569| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
11570| [1014172] xMySQLadmin Lets Local Users Delete Files
11571| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
11572| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
11573| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
11574| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
11575| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
11576| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
11577| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
11578| [1012500] mysql_auth Memory Leak Has Unspecified Impact
11579| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
11580| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
11581| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
11582| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
11583| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
11584| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
11585| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
11586| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
11587| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
11588| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
11589| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
11590| [1007518] DWebPro Discloses MySQL Database Password to Local Users
11591| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
11592| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
11593| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
11594| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
11595| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
11596| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
11597| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
11598| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
11599| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
11600| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
11601| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
11602| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
11603| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
11604|
11605| OSVDB - http://www.osvdb.org:
11606| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
11607| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
11608| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11609| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
11610| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
11611| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
11612| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
11613| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
11614| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
11615| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
11616| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
11617| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11618| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
11619| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
11620| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
11621| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
11622| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
11623| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
11624| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
11625| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
11626| [93174] MySQL Crafted Derived Table Handling DoS
11627| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
11628| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
11629| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
11630| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
11631| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
11632| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
11633| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
11634| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
11635| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
11636| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
11637| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
11638| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
11639| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
11640| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
11641| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
11642| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
11643| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
11644| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
11645| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
11646| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
11647| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
11648| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
11649| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
11650| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
11651| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
11652| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
11653| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
11654| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
11655| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
11656| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
11657| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
11658| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
11659| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
11660| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
11661| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
11662| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
11663| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
11664| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
11665| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
11666| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
11667| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
11668| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
11669| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
11670| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
11671| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
11672| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
11673| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
11674| [89042] ViciBox Server MySQL cron Service Default Credentials
11675| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
11676| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
11677| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
11678| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
11679| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
11680| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
11681| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
11682| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
11683| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
11684| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
11685| [87480] MySQL Malformed XML Comment Handling DoS
11686| [87466] MySQL SSL Certificate Revocation Weakness
11687| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
11688| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
11689| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
11690| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
11691| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
11692| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
11693| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
11694| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
11695| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
11696| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
11697| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
11698| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
11699| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11700| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
11701| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
11702| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
11703| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
11704| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
11705| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
11706| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
11707| [84719] MySQLDumper index.php page Parameter XSS
11708| [84680] MySQL Squid Access Report access.log File Path XSS
11709| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
11710| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
11711| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
11712| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
11713| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
11714| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
11715| [83661] Oracle MySQL Unspecified Issue (59533)
11716| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
11717| [82803] Oracle MySQL Unspecified Issue (59387)
11718| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
11719| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
11720| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
11721| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
11722| [81614] MySQLDumper File Upload PHP Code Execution
11723| [81613] MySQLDumper main.php Multiple Function CSRF
11724| [81612] MySQLDumper restore.php filename Parameter XSS
11725| [81611] MySQLDumper sql.php Multiple Parameter XSS
11726| [81610] MySQLDumper install.php Multiple Parameter XSS
11727| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
11728| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
11729| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
11730| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
11731| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
11732| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
11733| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
11734| [81059] Oracle MySQL Server Multiple Unspecified Issues
11735| [79038] Webmin Process Listing MySQL Password Local Disclosure
11736| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
11737| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
11738| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
11739| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
11740| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
11741| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
11742| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
11743| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
11744| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
11745| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
11746| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
11747| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
11748| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
11749| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
11750| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
11751| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
11752| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
11753| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
11754| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
11755| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
11756| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
11757| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
11758| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
11759| [78375] Oracle MySQL Server Unspecified Local DoS
11760| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
11761| [78373] Oracle MySQL Server Unspecified Local Issue
11762| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
11763| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
11764| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
11765| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
11766| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
11767| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
11768| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
11769| [77040] DBD::mysqlPP Unspecified SQL Injection
11770| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
11771| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
11772| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
11773| [73387] Zend Framework PDO_MySql Character Set Security Bypass
11774| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
11775| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
11776| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
11777| [71368] Accellion File Transfer Appliance Weak MySQL root Password
11778| [70967] MySQL Eventum Admin User Creation CSRF
11779| [70966] MySQL Eventum preferences.php full_name Parameter XSS
11780| [70961] MySQL Eventum list.php Multiple Parameter XSS
11781| [70960] MySQL Eventum forgot_password.php URI XSS
11782| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
11783| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
11784| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
11785| [69395] MySQL Derived Table Grouping DoS
11786| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
11787| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
11788| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
11789| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
11790| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
11791| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
11792| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
11793| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
11794| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
11795| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
11796| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
11797| [68996] MySQL EXPLAIN EXTENDED Statement DoS
11798| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
11799| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
11800| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
11801| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
11802| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
11803| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
11804| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
11805| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
11806| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
11807| [67381] MySQL InnoDB Temporary Table Handling DoS
11808| [67380] MySQL BINLOG Statement Unspecified Argument DoS
11809| [67379] MySQL Multiple Operation NULL Argument Handling DoS
11810| [67378] MySQL Unique SET Column Join Statement Remote DoS
11811| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
11812| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
11813| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
11814| [66731] PHP Bundled MySQL Library Unspecified Issue
11815| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
11816| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
11817| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
11818| [65085] MySQL Enterprise Monitor Unspecified CSRF
11819| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
11820| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
11821| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
11822| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
11823| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
11824| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
11825| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
11826| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
11827| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
11828| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
11829| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
11830| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
11831| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
11832| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
11833| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
11834| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
11835| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
11836| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
11837| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
11838| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
11839| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
11840| [59907] MySQL on Windows bind-address Remote Connection Weakness
11841| [59906] MySQL on Windows Default Configuration Logging Weakness
11842| [59616] MySQL Hashed Password Weakness
11843| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
11844| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
11845| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
11846| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
11847| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
11848| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
11849| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
11850| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
11851| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
11852| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
11853| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
11854| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
11855| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11856| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
11857| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
11858| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
11859| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
11860| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11861| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
11862| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
11863| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
11864| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11865| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
11866| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
11867| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
11868| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
11869| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
11870| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
11871| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
11872| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
11873| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
11874| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
11875| [52464] MySQL charset Column Truncation Weakness
11876| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
11877| [52378] Cisco ANM MySQL root Account Default Password
11878| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
11879| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
11880| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
11881| [50892] MySQL Calendar index.php username Parameter SQL Injection
11882| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
11883| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
11884| [48710] MySQL Command Line Client HTML Output XSS
11885| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
11886| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
11887| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
11888| [47789] mysql-lists Unspecified XSS
11889| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
11890| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
11891| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
11892| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
11893| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
11894| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
11895| [43179] MySQL Server BINLOG Statement Rights Checking Failure
11896| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
11897| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
11898| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
11899| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
11900| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
11901| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
11902| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
11903| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
11904| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
11905| [39279] PHP mysql_error() Function XSS
11906| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
11907| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
11908| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
11909| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
11910| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
11911| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
11912| [37782] MySQL Community Server External Table View Privilege Escalation
11913| [37781] MySQL ALTER TABLE Information Disclosure
11914| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
11915| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
11916| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
11917| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
11918| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
11919| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
11920| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
11921| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
11922| [36251] Associated Press (AP) Newspower Default MySQL root Password
11923| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
11924| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
11925| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
11926| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
11927| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
11928| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
11929| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
11930| [33974] MySQL information_schema Table Subselect Single-Row DoS
11931| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
11932| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
11933| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
11934| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
11935| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
11936| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
11937| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
11938| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
11939| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
11940| [32056] BTSaveMySql Direct Request Config File Disclosure
11941| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
11942| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
11943| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
11944| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
11945| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
11946| [29696] MySQLDumper sql.php db Parameter XSS
11947| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
11948| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
11949| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
11950| [28288] MySQL Instance_options::complete_initialization Function Overflow
11951| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
11952| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
11953| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
11954| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
11955| [28012] MySQL Case Sensitivity Unauthorized Database Creation
11956| [27919] MySQL VIEW Access information_schema.views Information Disclosure
11957| [27703] MySQL MERGE Table Privilege Persistence
11958| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
11959| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
11960| [27416] MySQL Server time.cc date_format Function Format String
11961| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
11962| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
11963| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
11964| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
11965| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
11966| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
11967| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
11968| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
11969| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
11970| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
11971| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
11972| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
11973| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
11974| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
11975| [25595] Apple Mac OS X MySQL Manager Blank root Password
11976| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
11977| [25227] MySQL COM_TABLE_DUMP Packet Overflow
11978| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
11979| [24245] Cholod Mysql Based Message Board Unspecified XSS
11980| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
11981| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
11982| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
11983| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
11984| [23526] MySQL Query NULL Charcter Logging Bypass
11985| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
11986| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
11987| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
11988| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
11989| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
11990| [22479] PHP mysqli Extension Error Message Format String
11991| [22232] PHP Pipe Variable mysql_connect() Function Overflow
11992| [21685] MySQL Auction Search Module keyword XSS
11993| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
11994| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
11995| [19457] aMember Pro mysql.inc.php Remote File Inclusion
11996| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
11997| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
11998| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
11999| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
12000| [18896] MySQL User-Defined Function init_syms() Function Overflow
12001| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
12002| [18894] MySQL drop database Request Remote Overflow
12003| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
12004| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
12005| [18406] MySQL Eventum releases.php SQL Injection
12006| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
12007| [18404] MySQL Eventum custom_fields.php SQL Injection
12008| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
12009| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
12010| [18401] MySQL Eventum list.php release Parameter XSS
12011| [18400] MySQL Eventum view.php id Parameter XSS
12012| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
12013| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
12014| [17223] xMySQLadmin Symlink Arbitrary File Deletion
12015| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
12016| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
12017| [16056] Plans Unspecified mySQL Remote Password Disclosure
12018| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
12019| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
12020| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
12021| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
12022| [14748] MySQL MS-DOS Device Names Request DoS
12023| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
12024| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
12025| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
12026| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
12027| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
12028| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
12029| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
12030| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
12031| [12919] MySQL MaxDB WebAgent websql Remote Overflow
12032| [12779] MySQL User Defined Function Privilege Escalation
12033| [12609] MySQL Eventum projects.php Multiple Parameter XSS
12034| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
12035| [12607] MySQL Eventum forgot_password.php email Parameter XSS
12036| [12606] MySQL Eventum index.php email Parameter XSS
12037| [12605] MySQL Eventum Default Vendor Account
12038| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
12039| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
12040| [11689] Roxen Web Server MySQL Socket Permission Weakness
12041| [10985] MySQL MATCH..AGAINST Query DoS
12042| [10959] MySQL GRANT ALL ON Privilege Escalation
12043| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
12044| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
12045| [10658] MySQL mysql_real_connect() Function Remote Overflow
12046| [10532] MySQL MaxDB webdbm Server Field DoS
12047| [10491] AWS MySQLguest AWSguest.php Script Insertion
12048| [10244] MySQL libmysqlclient Prepared Statements API Overflow
12049| [10226] MySQLGuest AWSguest.php Multiple Field XSS
12050| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
12051| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
12052| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
12053| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
12054| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
12055| [9907] MySQL SELECT Statement String Handling Overflow
12056| [9906] MySQL GRANT Privilege Arbitrary Password Modification
12057| [9509] teapop MySQL Authentication Module SQL Injection
12058| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
12059| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
12060| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
12061| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
12062| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
12063| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
12064| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
12065| [8886] MySQL libmysqlclient Library read_one_row Overflow
12066| [8885] MySQL libmysqlclient Library read_rows Overflow
12067| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
12068| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
12069| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
12070| [7128] MySQL show database Database Name Exposure
12071| [6716] MySQL Database Engine Weak Authentication Information Disclosure
12072| [6605] MySQL mysqld Readable Log File Information Disclosure
12073| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
12074| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
12075| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
12076| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
12077| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
12078| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
12079| [520] MySQL Database Name Traversal Arbitrary File Modification
12080| [380] MySQL Server on Windows Default Null Root Password
12081| [261] MySQL Short Check String Authentication Bypass
12082|_
1208318765/tcp open ssh Linksys WRT45G modified dropbear sshd (protocol 2.0)
12084| vulscan: VulDB - https://vuldb.com:
12085| [138250] Linksys RE6300/RE6400 up to 1.2.04.022 Web UI privilege escalation
12086| [136594] Linksys WRT1900ACS 1.0.3.187766 Webserver setup.js.localized information disclosure
12087| [136363] Linksys WAG54G2 1.00.10 setup.cgi Shell Metacharacter command injection
12088| [131845] Dropbear GSSAPI User information disclosure
12089| [130671] gsi-openssh-server 7.9p1 on Fedora /etc/gsissh/sshd_config weak authentication
12090| [125698] Linksys E1200/E2500 Network Configuration apply.cgi command injection
12091| [125697] Linksys E1200/E2500 Web Portal apply.cgi machine_name POST Parameter command injection
12092| [125696] Linksys E1200/E2500 Web Portal apply.cgi start_lltd POST Parameter command injection
12093| [125076] Auto-Maskin DCU 210E Dropbear SSH Server Default Credentials weak authentication
12094| [124268] Linksys Velop 1.1.2.187020 Web Interface cgi-bin/zbtest.cgi cross site request forgery
12095| [124190] Apache Karaf up to 4.1.x sshd privilege escalation
12096| [123901] Undertow File Descriptor URLResource.getLastModified() denial of service
12097| [123110] Dropbear up to 2018.76 svr-auth.c recv_msg_userauth_request Messages information disclosure
12098| [121209] FreeSSHD 1.3.1 Access Control freesshd.exe privilege escalation
12099| [112267] OpenSSH up to 7.3 sshd kex.c/packet.c NEWKEYS Message denial of service
12100| [110846] Linksys WVBR0 command injection
12101| [107578] Intel Puma 5/6/7 on Linksys Packet denial of service
12102| [104882] Linksys EA4500 up to 2.1.41 apply.cgi cross site request forgery
12103| [101509] Dropbear up to 2017.74 TCP Listener Double-Free privilege escalation
12104| [100721] F5 BIG-IP/Enterprise Manager sshd denial of service
12105| [97511] Dropbear SSH up to 2016 dbclient privilege escalation
12106| [97510] Dropbear SSH up to 2016 dropbearconvert privilege escalation
12107| [97509] Dropbear SSH up to 2016 Format String
12108| [90405] OpenSSH up to 7.2p2 sshd information disclosure
12109| [90404] OpenSSH up to 7.2p2 sshd information disclosure
12110| [90403] OpenSSH up to 7.2p2 sshd CPU Exhaustion denial of service
12111| [81407] Dropbear SSH up to 2016.71 Shell Command Restriction CRLF privilege escalation
12112| [68100] Linksys EA up to 2.0.14294 SMART WiFi Firmware HTTP POST Request information disclosure
12113| [68099] Linksys EA up to 2.0.14294 SMART WiFi Firmware .htpasswd information disclosure
12114| [71634] Linksys EA6500 -/1.1.28.147876 Firmware information disclosure
12115| [12573] Cisco Linksys WRT120N Firmware 1.0.07 fprintf memory corruption
12116| [12362] Cisco Linksys Router up to E4200 tmUnblock.cgi privilege escalation
12117| [11124] OpenSSH 6.2/6.3 Post Authentication sshd process initialize mm_newkeys_from_blob privilege escalation
12118| [65355] Matt Johnston Dropbear SSH Server up to 0.36 Error Message denial of service
12119| [65354] Matt Johnston Dropbear SSH Server up to 0.36 packet.c buf_decompress denial of service
12120| [9848] Linksys WVC54GCA/WVC80N img/snapshot.cgi sub_AE64 information disclosure
12121| [10497] Cisco Linksys EA6500 cross site scripting
12122| [10482] Linksys EA6500 -/1.1.28.147876 Redirect unsecured.html spoofing
12123| [10481] Linksys EA6500 Configuration Validator privilege escalation
12124| [9860] Simon Tatham PuTTY up to 2010-06-01 SSH Handshake Message Length sshrsa.c/sshdss.c getstring memory corruption
12125| [9528] Cisco Linksys WRT110 Web Interface URL cross site request forgery
12126| [9326] Cisco Linksys Router E4200/EA2700/EA3500/EA4500 Backdoor weak authentication
12127| [9261] Linksys X3000 1.0.03 build 001 apply.cgi ping_ip/Add_Account_Password memory corruption
12128| [9260] Cisco Linksys X3000 1.0.03 build 001 apply.cgi cross site scripting
12129| [9368] FFmpeg up to 1.2.1 libavcodec/sonic.c modified_levinson_durbin memory corruption
12130| [8629] Cisco Linksys E4200 L 1.10 HTML Charset Request memory corruption
12131| [8628] Cisco Linksys E4200 L 1.10 Network information disclosure
12132| [8626] Cisco Linksys E4200 L 1.10 information disclosure
12133| [8625] Cisco Linksys E4200 L 1.10 cross site scripting
12134| [8624] Cisco Linksys E4200 L 1.10 apply.cgi cross site scripting
12135| [8623] Cisco Linksys E4200 L 1.10 /storage/apply.cgi cross site scripting
12136| [8463] Linksys WRT310N 2.0.0.1 Management Interface apply.cgi cross site request forgery
12137| [12069] Cisco Linksys EA6500 Restore Router Configuration Backup File privilege escalation
12138| [9972] Cisco Linksys WRT54GL 4.30.16 (build 4) cross site scripting
12139| [8247] Cisco Linksys EA2700 URL Slash Character information disclosure
12140| [7697] Linksys WRT160N 2.0.03 build 009 apply.cgi information disclosure
12141| [7696] Linksys WRT160N up to 2.0.03 build 009 apply.cgi memory corruption
12142| [7695] Linksys WRT160N 2.0.03 build 009 Parameter apply.cgi cross site scripting
12143| [7686] Linksys WAG200G Firmware 1.01.06 setup.cgi privilege escalation
12144| [7685] Linksys WAG200G Firmware 1.01.06 setup.cgi cross site scripting
12145| [7611] Cisco Linksys E1500/E2500 Password Reset weak authentication
12146| [7610] Cisco Linksys E1500/E2500 apply.cgi cross site request forgery
12147| [7609] Cisco Linksys E1500/E2500 apply.cgi cross site scripting
12148| [7608] Cisco Linksys Router E1500/E2500 apply.cgi spoofing
12149| [7056] FreeSSHD 1.2.1/1.2.2/1.2.6 on Windows Authentication freeSSHd.exe privilege escalation
12150| [6827] Cisco Linksys WRT54GX cross site request forgery
12151| [61340] Cisco Linksys PlayerPT ActiveX control 1.0.0.15 ActiveX Control PlayerPT.ocx memory corruption
12152| [5620] Cisco Linksys Router EA2700/EA3500/EA4500 Cloud Connect Service information disclosure
12153| [5512] F5 BIG-IP up to 11.1.0 sshd misconfiguration
12154| [5511] F5 FirePass up to 7.0.0 sshd unknown vulnerability
12155| [60899] Matt Johnston Dropbear SSH Server up to 0.53 Use-After-Free memory corruption
12156| [5015] Cisco Linksys WAG54GS 1.01.03 Admin Password Setting /setup.cgi cross site request forgery
12157| [5249] Oracle Solaris up to 11 Express sshd denial of service
12158| [4563] Oracle Solaris up to 11 sshd denial of service
12159| [4495] Mozilla Firefox 8.0 SVG Element DOMAttrModified memory corruption
12160| [59475] Linksys WRT54GX 2.00.05 Firmware unknown vulnerability
12161| [59474] Cisco Linksys Wrt54gs Router up to 1.06 Stack-Based unknown vulnerability
12162| [4256] Linksys WRT54GC 1.02.5/1.02.8/1.05.7 Web Management Interface memory corruption
12163| [53845] Cisco Linksys WAP54G 3.05.03 debug.cgi cross site scripting
12164| [53533] Linksys WAP54Gv3 3.04.03/3.05.03 Firmware Debug_command_page.asp privilege escalation
12165| [53528] Linksys WAP54Gv3 3.04.03/3.05.03 Debug Interface Debug_command_page.asp privilege escalation
12166| [50800] Linksys WAP4400N 1.2.17 Wireless Driver memory corruption
12167| [50192] Linksys WRT54GL up to 8.10 memory corruption
12168| [50191] FreeSSHD 1.2.4 denial of service
12169| [49275] FreeSSHD 1.2.1 FTP Command memory corruption
12170| [44740] FreeSSHD 1.2.1 Stack-based memory corruption
12171| [44564] Linksys Wap400n 1.2.14 Firmware unknown vulnerability
12172| [44471] Linksys Wap400n 1.2.14 Firmware denial of service
12173| [44228] Cisco Linksys WRT350N 1.0.3.7 Default Password weak authentication
12174| [42712] Cisco Linksys Wrh54g Router 1.01.03 Management Interface memory corruption
12175| [42691] FreeSSHD 1.2.1 Stack-based memory corruption
12176| [42257] Linksys SPA-2102 Phone Adapter 3.3.6 Crash denial of service
12177| [41425] Linksys WRT54G 7 privilege escalation
12178| [41422] Linksys WRT54G denial of service
12179| [41421] Linksys WRT54G nvram.cfg weak authentication
12180| [41420] Linksys WRT54G Cleartext information disclosure
12181| [41404] Linksys WRT54g 1.00.9 privilege escalation
12182| [41400] Linksys WRT300N 2.00.20 cross site scripting
12183| [41142] FreeSSHD 1.2 NULL Pointer Dereference denial of service
12184| [3543] Linksys WRT54GL 4.30.9 apply.cgi cross site scripting
12185| [40396] Pragma Systems FortressSSH 5.0 Build 4 R 293 sshd.exe denial of service
12186| [86488] Linksys WAG54GS setup.cgi cross site request forgery
12187| [41501] Linksys WAG54GS Firmware 1.01.03 Default Password weak authentication
12188| [41500] Linksys WAG54GS Firmware 1.01.03 User Account setup.cgi cross site request forgery
12189| [41499] Linksys WAG54GS Firmware 1.01.03 cross site scripting
12190| [39210] Linksys SPA941 5.1.8 cross site scripting
12191| [3327] Xitami HTTP Server HTTP Request If-Modified-Since Stack-Based memory corruption
12192| [85736] InterWorx NodeWorx sshd.php cross site scripting
12193| [37742] OpenLD 1.1 Modified3/1.1.9/1.2.2 index.php sql injection
12194| [86343] Linksys WAG54GS setup.cgi cross site request forgery
12195| [37650] Linksys WAG54GS 1.00.06 setup.cgi cross site scripting
12196| [36729] OpenLD 1.1 Modified2/1.1.8 Search Feature cross site scripting
12197| [36407] Linksys SPA941 denial of service
12198| [35766] Linksys WAG200G 1.01.01 Firmware information disclosure
12199| [35213] Matt Johnston Dropbear SSH Server up to 0.48 unknown vulnerability
12200| [85266] Dropbear unknown vulnerability
12201| [33722] Linksys WIP 330 Wireless-G IP Phone 1.00.06a phonectrl.exe denial of service
12202| [33242] Linksys WPC300N Wireless-n Notebook Adapter Driver Device Driver Stack-based memory corruption
12203| [32658] Linksys WRT54g 1.00.9 Firmware unknown vulnerability
12204|
12205| MITRE CVE - https://cve.mitre.org:
12206| [CVE-2012-6066] freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.
12207| [CVE-2006-2559] Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
12208| [CVE-2013-4787] Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving multiple entries in a Zip file with the same name in which one entry is validated but the other entry is installed, aka Android security bug 8219321 and the "Master Key" vulnerability.
12209| [CVE-2013-1834] notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field.
12210| [CVE-2013-0456] IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path.
12211| [CVE-2013-0306] The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service (memory consumption) or trigger server errors via a modified max_num parameter.
12212| [CVE-2013-0118] CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.
12213| [CVE-2012-6067] freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.
12214| [CVE-2012-5975] The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.
12215| [CVE-2012-5479] The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
12216| [CVE-2012-5472] lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
12217| [CVE-2012-5332] at32 Reverse Proxy 1.060.310 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a long string in an HTTP header field, as demonstrated using the If-Unmodified-Since field.
12218| [CVE-2012-4999] Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (2) If-None-Match, or (3) If-Unmodified-Since. NOTE: some of these details are obtained from third party information.
12219| [CVE-2012-4975] editrequestuser.asp in Layton Helpbox 4.4.0 allows remote authenticated users to change arbitrary support-ticket data via a modified sys_request_id parameter.
12220| [CVE-2012-4974] Layton Helpbox 4.4.0 allows remote authenticated users to change the login context and gain privileges via a modified (1) loggedinenduser, (2) loggedinendusername, (3) loggedinuserusergroup, (4) loggedinuser, or (5) loggedinusername cookie.
12221| [CVE-2012-4684] The alert functionality in bitcoind and Bitcoin-Qt before 0.7.0 supports different character representations of the same signature data, but relies on a hash of this signature, which allows remote attackers to cause a denial of service (resource consumption) via a valid modified signature for a circulating alert.
12222| [CVE-2012-4594] McAfee ePolicy Orchestrator (ePO) 4.6.1 and earlier allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information from arbitrary reporting panels, via a modified ID value in a console URL.
12223| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
12224| [CVE-2012-4064] Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id.
12225| [CVE-2012-2991] The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setting the recipient to one's self.
12226| [CVE-2012-2603] The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client.
12227| [CVE-2012-2354] Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to bypass the moodle/site:readallmessages capability requirement and read arbitrary messages by using the "Recent conversations" feature with a modified parameter in a URL.
12228| [CVE-2012-2206] The Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier allows remote authenticated users to read files of arbitrary users via vectors involving a username in a URI, as demonstrated by a modified metadata=fteSamplesUser field to the /transfer URI.
12229| [CVE-2012-2055] GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a modified URL for the public-key update form, related to a "mass assignment" vulnerability.
12230| [CVE-2012-2054] Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the (1) Comment, (2) Document, (3) IssueCategory, (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8) Version, (9) Wiki, (10) UserPreference, or (11) Board model via a modified URL, related to a "mass assignment" vulnerability, a different vulnerability than CVE-2012-0327.
12231| [CVE-2012-1463] The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12232| [CVE-2012-1455] The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12233| [CVE-2012-1454] The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12234| [CVE-2012-1453] The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12235| [CVE-2012-1452] The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a CAB file with a modified reserved1 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12236| [CVE-2012-1451] The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved2 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12237| [CVE-2012-1450] The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12238| [CVE-2012-1449] The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMajor field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12239| [CVE-2012-1448] The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote attackers to bypass malware detection via a CAB file with a modified cbCabinet field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
12240| [CVE-2012-1447] The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12241| [CVE-2012-1446] The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12242| [CVE-2012-1445] The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abi field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12243| [CVE-2012-1444] The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abiversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12244| [CVE-2012-1442] The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12245| [CVE-2012-1441] The Microsoft EXE file parser in eSafe 7.0.17.0 and Prevx 3.0 allows remote attackers to bypass malware detection via an EXE file with a modified value in any of several e_ fields. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different EXE parser implementations.
12246| [CVE-2012-1440] The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12247| [CVE-2012-1439] The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified padding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
12248| [CVE-2012-1367] The MallocLite implementation in Cisco IOS 12.0, 12.2, 15.0, 15.1, and 15.2 allows remote attackers to cause a denial of service (Route Processor crash) via a BGP UPDATE message with a modified local-preference (aka LOCAL_PREF) attribute length, aka Bug ID CSCtq06538.
12249| [CVE-2012-1256] The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to bypass authentication via a modified url_account parameter, in conjunction with a valid login name in the SSPI_HEADER parameter, to index.php.
12250| [CVE-2012-0920] Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels concurrency."
12251| [CVE-2012-0814] The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
12252| [CVE-2012-0284] Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the first argument (aka the sURL argument).
12253| [CVE-2012-0241] Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory corruption) via a modified stream identifier to a function.
12254| [CVE-2012-0151] The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."
12255| [CVE-2012-0143] Microsoft Excel 2003 SP3 and Office 2008 for Mac do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Memory Corruption Using Various Modified Bytes Vulnerability."
12256| [CVE-2012-0099] Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to sshd.
12257| [CVE-2012-0030] Nova 2011.3 and Essex, when using the OpenStack API, allows remote authenticated users to bypass access restrictions for tenants of other users via an OSAPI request with a modified project_id URI parameter.
12258| [CVE-2011-4500] The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests.
12259| [CVE-2011-4499] The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
12260| [CVE-2011-3658] The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
12261| [CVE-2011-3645] Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified FolderRights parameter to doccab/doclist.jsp, which leads to arbitrary permission changes
12262| [CVE-2011-3638] fs/ext4/extents.c in the Linux kernel before 3.0 does not mark a modified extent as dirty in certain cases of extent splitting, which allows local users to cause a denial of service (system crash) via vectors involving ext4 umount and mount operations.
12263| [CVE-2011-3265] popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter.
12264| [CVE-2011-3188] The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
12265| [CVE-2011-2907] Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBS_O_HOST variable to the qsub program.
12266| [CVE-2011-2774] The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.
12267| [CVE-2011-2763] The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) and 4.7.18 allows remote attackers to execute arbitrary commands via a modified request to the LSRoom_Remoting.doCommand function in gateway.php.
12268| [CVE-2011-2648] Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file.
12269| [CVE-2011-2647] Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files.
12270| [CVE-2011-2646] Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files.
12271| [CVE-2011-1829] APT before 0.8.15.2 does not properly validate inline GPG signatures, which allows man-in-the-middle attackers to install modified packages via vectors involving lack of an initial clearsigned message.
12272| [CVE-2011-1765] Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578 and CVE-2011-1587.
12273| [CVE-2011-1607] Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603.
12274| [CVE-2011-1587] Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? (question mark) in a query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1578.
12275| [CVE-2011-1578] Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at the end of the query string, in conjunction with a modified URI path that has a %2E sequence in place of the . (dot) character.
12276| [CVE-2011-0949] Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.
12277| [CVE-2011-0902] Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified (1) PATH or (2) LD_LIBRARY_PATH environment variable.
12278| [CVE-2011-0701] wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
12279| [CVE-2011-0679] IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remote attackers to obtain sensitive information via a "modified message."
12280| [CVE-2011-0633] The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated. NOTE: it could be argued that this is a design limitation of the Net::HTTPS API, and separate implementations should be independently assigned CVE identifiers for not working around this limitation. However, because this API was modified within LWP, a single CVE identifier has been assigned.
12281| [CVE-2011-0536] Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has $ORIGIN in (a) RPATH or (b) RUNPATH within the program itself or a referenced library. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847.
12282| [CVE-2011-0352] Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause a denial of service (device crash) via a long string in a POST request.
12283| [CVE-2010-5065] popup.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to bypass intended member restrictions and read news posts via a modified newsid parameter in a printnews action.
12284| [CVE-2010-4602] The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows remote authenticated users to bypass "restricted user" limitations, and read arbitrary records, via a modified record number in the URL for a RECORD action, as demonstrated by a modified bookmark.
12285| [CVE-2010-4573] The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password.
12286| [CVE-2010-4236] Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges via an ES_LIBRARY_PATH environment variable and a modified PATH environment variable, which is used during execution of the estasklight program, a different vulnerability than CVE-2010-3895.
12287| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
12288| [CVE-2010-3764] The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL.
12289| [CVE-2010-3698] The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
12290| [CVE-2010-3280] The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which allows remote attackers to monitor or reconfigure Contact Center operations via a modified client application.
12291| [CVE-2010-3272] accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, via a modified (1) Hide_Captcha or (2) quesList parameter in a validateAll action.
12292| [CVE-2010-3244] BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml file that contains an encrypted password in the <Server> field.
12293| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
12294| [CVE-2010-2929] Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the (1) route, (2) mv, and (3) cp programs, a different vulnerability than CVE-2010-1671.
12295| [CVE-2010-2506] Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter.
12296| [CVE-2010-2270] Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
12297| [CVE-2010-2261] Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
12298| [CVE-2010-2025] Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to hijack the authentication of administrators for requests that (1) reset the modem, (2) erase the firmware, (3) change the administrative password, (4) install modified firmware, or (5) change the access level, as demonstrated by a request to goform/_aslvl.
12299| [CVE-2010-1637] The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.
12300| [CVE-2010-1573] Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi.
12301| [CVE-2010-1283] Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record.
12302| [CVE-2010-0928] OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."
12303| [CVE-2010-0840] Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to improper checks when executing privileged methods in the Java Runtime Environment (JRE), which allows attackers to execute arbitrary code via (1) an untrusted object that extends the trusted class but has not modified a certain method, or (2) "a similar trust issue with interfaces," aka "Trusted Methods Chaining Remote Code Execution Vulnerability."
12304| [CVE-2010-0696] Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
12305| [CVE-2010-0682] WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
12306| [CVE-2010-0487] The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows remote attackers to execute arbitrary code via a modified cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "Cabview Corruption Validation Vulnerability."
12307| [CVE-2010-0486] The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly use unspecified fields in a file digest, which allows user-assisted remote attackers to execute arbitrary code via a modified (1) Portable Executable (PE) or (2) cabinet (aka .CAB) file that incorrectly appears to have a valid signature, aka "WinVerifyTrust Signature Validation Vulnerability."
12308| [CVE-2010-0441] Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP FaxMaxDatagram field that is (1) missing, (2) modified to contain a negative number, or (3) modified to contain a large number.
12309| [CVE-2010-0227] Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
12310| [CVE-2010-0224] SanDisk Cruzer Enterprise USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
12311| [CVE-2010-0221] Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program.
12312| [CVE-2010-0187] Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
12313| [CVE-2010-0142] MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.
12314| [CVE-2010-0141] MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935.
12315| [CVE-2010-0137] Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.
12316| [CVE-2010-0055] xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
12317| [CVE-2010-0007] net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traffic filtering via a modified ebtables application.
12318| [CVE-2009-5077] CRE Loaded before 6.2.14 allows remote attackers to bypass authentication and gain administrator privileges via vectors related to a modified PHP_SELF variable, which is not properly handled by (1) includes/application_top.php and (2) admin/includes/application_top.php.
12319| [CVE-2009-5064] ** DISPUTED ** ldd in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LD_TRACE_LOADED_OBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion other ways to introduce code if people are downloading arbitrary binaries and install them in appropriate directories or set LD_LIBRARY_PATH etc."
12320| [CVE-2009-5008] Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file.
12321| [CVE-2009-4927] WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1.
12322| [CVE-2009-4674] admin/admin.php in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script allows remote attackers to change an arbitrary password via a modified user_id field.
12323| [CVE-2009-4655] The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
12324| [CVE-2009-4315] Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magic_quotes_gpc is disabled, allows remote attackers to create or modify arbitrary files via a .. (dot dot) in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php file to execute arbitrary PHP code.
12325| [CVE-2009-4174] The editnews module in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b, when magic_quotes_gpc is disabled, allows remote authenticated users with Journalist or Editor access to bypass administrative moderation and edit previously submitted articles via a modified id parameter in a doeditnews action.
12326| [CVE-2009-4147] The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1 and 8.0 does not clear the (1) LD_LIBMAP, (2) LD_LIBRARY_PATH, (3) LD_LIBMAP_DISABLE, (4) LD_DEBUG, and (5) LD_ELF_HINTS_PATH environment variables, which allows local users to gain privileges by executing a setuid or setguid program with a modified variable containing an untrusted search path that points to a Trojan horse library, different vectors than CVE-2009-4146.
12327| [CVE-2009-4146] The _rtld function in the Run-Time Link-Editor (rtld) in libexec/rtld-elf/rtld.c in FreeBSD 7.1, 7.2, and 8.0 does not clear the LD_PRELOAD environment variable, which allows local users to gain privileges by executing a setuid or setguid program with a modified LD_PRELOAD variable containing an untrusted search path that points to a Trojan horse library, a different vector than CVE-2009-4147.
12328| [CVE-2009-4089] telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and (1) delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or (2) delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php.
12329| [CVE-2009-4075] Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread."
12330| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
12331| [CVE-2009-3341] Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
12332| [CVE-2009-3340] Unspecified vulnerability in FreeSSHD 1.2.4 allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
12333| [CVE-2009-3287] lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header.
12334| [CVE-2009-3180] Anantasoft Gazelle CMS 1.0 allows remote attackers to conduct a password reset for other users via a modified user parameter to renew.php.
12335| [CVE-2009-2904] A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
12336| [CVE-2009-2543] Multiple unspecified vulnerabilities in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allow remote attackers to bypass detection of malware via a modified (1) ZIP or (2) CAB archive, a related issue to CVE-2009-1240.
12337| [CVE-2009-2165] SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
12338| [CVE-2009-2161] Directory traversal vulnerability in backend/admin-functions.php in TorrentTrader Classic 1.09, when used on a case-insensitive web site, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the ss_uri parameter, in conjunction with a modified component name.
12339| [CVE-2009-2146] Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name.
12340| [CVE-2009-2073] Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wireless router hardware 1 and firmware 1.02.2 allows remote attackers to hijack the authentication of other users for unspecified requests via unknown vectors, as demonstrated using administrator privileges and actions.
12341| [CVE-2009-1948] Multiple directory traversal vulnerabilities in forum.php in Unclassified NewsBoard (UNB) 1.6.4, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to (1) read arbitrary recently-modified files via a .. (dot dot) in the GLOBALS[filename] parameter or (2) include and execute arbitrary local files via a .. (dot dot) in the GLOBALS[UTE][__tplCollection][a][file] parameter.
12342| [CVE-2009-1780] admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user password is changed, which allows remote attackers to gain administrative privileges via modified form_admin_user and form_admin_pass parameters.
12343| [CVE-2009-1774] Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the file parameter to example/index.php. NOTE: this was originally reported as an issue affecting the do parameter, but traversal with that parameter might depend on a modified example/index.php. NOTE: some of these details are obtained from third party information.
12344| [CVE-2009-1710] WebKit in Apple Safari before 4.0 allows remote attackers to spoof the browser's display of (1) the host name, (2) security indicators, and unspecified other UI elements via a custom cursor in conjunction with a modified CSS3 hotspot property.
12345| [CVE-2009-1665] myaccount.php in Easy Scripts Answer and Question Script allows remote attackers to remove arbitrary user accounts via a modified userid parameter without specifying any additional fields.
12346| [CVE-2009-1664] myaccount.php in Easy Scripts Answer and Question Script does not verify the original password before changing passwords, which allows remote attackers to change the password of other users and gain privileges via modified userid, txtpassword, and txtRpassword parameters.
12347| [CVE-2009-1595] The jabber:iq:auth implementation in IQAuthHandler.java in Ignite Realtime Openfire before 3.6.4 allows remote authenticated users to change the passwords of arbitrary accounts via a modified username element in a passwd_change action.
12348| [CVE-2009-1593] Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, does not properly implement the "negative model," which allows remote attackers to conduct cross-site scripting (XSS) attacks via a modified end tag of a SCRIPT element.
12349| [CVE-2009-1561] Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters.
12350| [CVE-2009-1560] The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 stores passwords and wireless-network keys in cleartext in (1) pass_wd.htm and (2) Wsecurity.htm, which allows remote attackers to obtain sensitive information by reading the HTML source code.
12351| [CVE-2009-1559] Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the this_file parameter. NOTE: traversal via a .. (dot dot) is probably also possible.
12352| [CVE-2009-1558] Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
12353| [CVE-2009-1557] Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the next_file parameter to (1) main.cgi, (2) img/main.cgi, or (3) adm/file.cgi
12354| [CVE-2009-1556] img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the next_file parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerability than CVE-2004-2507.
12355| [CVE-2009-1555] The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by reading the SetupWizard.exe process memory, a related issue to CVE-2008-4390.
12356| [CVE-2009-1289] private/login.ssi in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allows remote attackers to discover the access roles and scopes of arbitrary user accounts via a modified WEBINDEX parameter.
12357| [CVE-2009-1241] Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
12358| [CVE-2009-1240] Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
12359| [CVE-2009-1211] Blue Coat ProxySG, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
12360| [CVE-2009-0813] Insecure method vulnerability in the ImeraIEPlugin ActiveX control (ImeraIEPlugin.dll 1.0.2.54) in Imera TeamLinks Client allows remote attackers to force the download and execution of arbitrary URLs via modified DownloadProtocol, DownloadHost, DownloadPort, and DownloadURI parameters.
12361| [CVE-2009-0804] Ziproxy 2.6.0, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
12362| [CVE-2009-0803] SmoothWall SmoothGuardian, as used in SmoothWall Firewall, NetworkGuardian, and SchoolGuardian 2008, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
12363| [CVE-2009-0802] Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
12364| [CVE-2009-0801] Squid, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
12365| [CVE-2009-0700] Plunet BusinessManager 4.1 and earlier allows remote authenticated users to bypass access restrictions and (1) read sensitive Customer or Order data via a modified Pfad parameter to pagesUTF8/Sys_DirAnzeige.jsp, or (2) list sensitive Jobs via a direct request to pagesUTF8/auftrag_job.jsp.
12366| [CVE-2009-0657] Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook user.
12367| [CVE-2009-0656] Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook user.
12368| [CVE-2009-0647] msnmsgr.exe in Windows Live Messenger (WLM) 2009 build 14.0.8064.206, and other 14.0.8064.x builds, allows remote attackers to cause a denial of service (application crash) via a modified header in a packet, as possibly demonstrated by a UTF-8.0 value of the charset field in the Content-Type header line. NOTE: this has been reported as a format string vulnerability by some sources, but the provenance of that information is unknown.
12369| [CVE-2009-0588] agent/request/op.cgi in the Registration Authority (RA) component in Red Hat Certificate System (RHCS) 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field.
12370| [CVE-2009-0376] Heap-based buffer overflow in a DLL file in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corruption, related to use of RealPlayer through a Windows Explorer plugin.
12371| [CVE-2009-0360] Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
12372| [CVE-2009-0247] The server for 53KF Web IM 2009 Home, Professional, and Enterprise editions relies on client-side protection mechanisms against cross-site scripting (XSS), which allows remote attackers to conduct XSS attacks by using a modified client to send a crafted IM message, related to the msg variable.
12373| [CVE-2009-0240] listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote authenticated users to read changelogs or diffs for restricted projects via a modified repname parameter.
12374| [CVE-2009-0216] GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module.
12375| [CVE-2009-0108] PHPAuctions (aka PHPAuctionSystem) allows remote attackers to bypass authentication and gain administrative access via modified (1) PHPAUCTION_RM_ID, (2) PHPAUCTION_RM_NAME, (3) PHPAUCTION_RM_USERNAME, and (4) PHPAUCTION_RM_EMAIL cookies.
12376| [CVE-2008-7310] Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability.
12377| [CVE-2008-7309] Insoshi before 20080920 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the ForumPost user_id value via a modified URL, related to a "mass assignment" vulnerability.
12378| [CVE-2008-7215] The Image Manager in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameters in a FileUpload command, which are used to modify equivalent variables in $_FILES that are accessed when the is_uploaded_file check fails.
12379| [CVE-2008-7188] ClipShare 2.6 does not properly restrict access to certain functionality, which allows remote attackers to change the profile of arbitrary users via a modified uid variable to siteadmin/useredit.php. NOTE: this can be used to recover the password of the user by using the modified e-mail address in the email parameter to recoverpass.php.
12380| [CVE-2008-7181] Butterfly Organizer 2.0.0 allows remote attackers to (1) delete arbitrary categories via a modified tablehere parameter to category-delete.php with the is_js_confirmed parameter set to 1, or (2) delete arbitrary accounts via the mytable parameter to delete.php.
12381| [CVE-2008-7180] del_query1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable.
12382| [CVE-2008-7109] The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.
12383| [CVE-2008-7066] OpenForum 0.66 Beta allows remote attackers to bypass authentication and reset passwords of other users via a direct request with the update parameter set to 1 and modified user and password parameters.
12384| [CVE-2008-7019] Esqlanelapse 2.6.1 and 2.6.2 allows remote attackers to bypass authentication and gain privileges via modified (1) enombre and (2) euri cookies.
12385| [CVE-2008-7012] courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters.
12386| [CVE-2008-6899] Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command.
12387| [CVE-2008-6844] The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.
12388| [CVE-2008-6822] Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request, as demonstrated by an upload with an image/jpeg content type. NOTE: some of these details are obtained from third party information.
12389| [CVE-2008-6790] The admin module in MindDezign Photo Gallery 2.2 allows remote attackers to add administrative users and gain privileges via a modified username parameter in an edit account action to index.php.
12390| [CVE-2008-6765] ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to access the contents of an arbitrary shopping cart via a modified cart_name parameter.
12391| [CVE-2008-6752] adminlogin/password.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging does not verify the original password before changing passwords, which allows remote attackers to change the administrator's password and gain privileges via a direct request with modified newpass1 and newpass2 parameters in a Change operation.
12392| [CVE-2008-6674] mailPage.asp in QuickerSite 1.8.5 allows remote attackers to flood e-mail accounts with messages via a large number of requests with a modified sEmail parameter.
12393| [CVE-2008-6650] del.php in miniBloggie 1.0 allows remote attackers to delete arbitrary posts via a direct request with a modified post_id parameter, a different vulnerability than CVE-2008-4628.
12394| [CVE-2008-6592] thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
12395| [CVE-2008-6540] DotNetNuke before 4.8.2, during installation or upgrade, does not warn the administrator when the default (1) ValidationKey and (2) DecryptionKey values cannot be modified in the web.config file, which allows remote attackers to bypass intended access restrictions by using the default keys.
12396| [CVE-2008-6535] admin/settings.php in PayPal eStores allows remote attackers to bypass intended access restrictions and change the administrative password via a direct request with a modified NewAdmin parameter.
12397| [CVE-2008-6524] resetpass.php in openInvoice 0.90 beta and earlier allows remote authenticated users to change the passwords of arbitrary users via a modified uid parameter. NOTE: this can be leveraged with a separate vulnerability in auth.php to modify passwords without authentication.
12398| [CVE-2008-6480] Cross-site request forgery (CSRF) vulnerability in engine/modules/imagepreview.php in Datalife Engine 6.7 allows remote attackers to hijack the authentication of arbitrary users for requests that use a modified image parameter.
12399| [CVE-2008-6473] _blogadata/include/init_pass2.php in Blogator-script 0.95 allows remote attackers to change the password for arbitrary users via a modified "a" parameter with a "%" wildcard symbol in the b parameter.
12400| [CVE-2008-6280] Cross-site scripting (XSS) vulnerability in apply.cgi on the Linksys WRT160N allows remote attackers to inject arbitrary web script or HTML via the action parameter in a DHCP_Static operation.
12401| [CVE-2008-6143] OwenPoll 1.0 allows remote attackers to bypass authentication and obtain administrative access via a modified account name in the username cookie.
12402| [CVE-2008-6000] The GDTdiIcpt.sys driver in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 populates kernel registers with IOCTL 0x8317001c input values, which allows local users to cause a denial of service (system crash) or gain privileges via a crafted IOCTL request, as demonstrated by execution of the KeSetEvent function with modified register contents.
12403| [CVE-2008-5809] futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional 4.11.3 and earlier use a predictable session id, which makes it easier for remote attackers to hijack sessions, and obtain sensitive information about analysis results, via a modified id.
12404| [CVE-2008-5621] Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: other unspecified pages are also reachable, but they have the same root cause. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code.
12405| [CVE-2008-5221] The account_save action in admin/userinfo.php in wPortfolio 0.3 and earlier does not require authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified password and password_retype parameters.
12406| [CVE-2008-5219] The password change feature (admin/cp.php) in VideoScript 4.0.1.50 and earlier does not check for administrative authentication and does not require knowledge of the original password, which allows remote attackers to change the admin account password via modified npass and npass1 parameters.
12407| [CVE-2008-4792] The core BlogAPI module in Drupal 5.x before 5.11 and 6.x before 6.5 does not properly validate unspecified content fields of an internal Drupal form, which allows remote authenticated users to bypass intended access restrictions via modified field values.
12408| [CVE-2008-4762] Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.
12409| [CVE-2008-4714] Atomic Photo Album 1.1.0 pre4 does not properly handle the apa_cookie_login and apa_cookie_password cookies, which probably allows remote attackers to bypass authentication and gain administrative access via modified cookies.
12410| [CVE-2008-4688] core/string_api.php in Mantis before 1.1.3 does not check the privileges of the viewer before composing a link with issue data in the source anchor, which allows remote attackers to discover an issue's title and status via a request with a modified issue number.
12411| [CVE-2008-4644] hits.php in myWebland myStats allows remote attackers to bypass IP address restrictions via a modified X-Forwarded-For HTTP header.
12412| [CVE-2008-4640] The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
12413| [CVE-2008-4594] Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote.
12414| [CVE-2008-4493] Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
12415| [CVE-2008-4441] The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197.
12416| [CVE-2008-4394] Multiple untrusted search path vulnerabilities in Portage before 2.1.4.5 include the current working directory in the Python search path, which allows local users to execute arbitrary code via a modified Python module that is loaded by the (1) ys-apps/portage, (2) net-mail/fetchmail, (3) app-editors/leo ebuilds, and other ebuilds.
12417| [CVE-2008-4391] Stack-based buffer overflow in the SetSource method in the NetCamPlayerWeb11gv2 ActiveX control in NetCamPlayerWeb11gv2.ocx on the Cisco Linksys WVC54GC wireless video camera before firmware 1.25 allows remote attackers to execute arbitrary code via long invalid arguments.
12418| [CVE-2008-4390] The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by sniffing the network.
12419| [CVE-2008-4296] The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
12420| [CVE-2008-4147] Cross-site scripting (XSS) vulnerability in the Mailsave module 5.x before 5.x-3.3 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an attached file that has a modified Content-Type.
12421| [CVE-2008-4146] Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve web-site additions via a modified approved field and (2) change the visit-counter value via a modified counter field.
12422| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
12423| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
12424| [CVE-2008-4047] Unspecified vulnerability in Novell Forum (formerly SiteScape Forum) 7.0, 7.1, 7.2, 7.3, and 8.0 allows remote attackers to execute arbitrary TCL code via a modified URL. NOTE: this might overlap CVE-2007-6515.
12425| [CVE-2008-3866] The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, relies on client-side password protection implemented in the configuration GUI, which allows local users to bypass intended access restrictions and change firewall settings by using a modified client to send crafted packets.
12426| [CVE-2008-3825] pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
12427| [CVE-2008-3234] sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
12428| [CVE-2008-3203] js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform authentication, which allows remote attackers to add, edit, and delete web content via a modified id parameter.
12429| [CVE-2008-2682] _RealmAdmin/login.asp in Realm CMS 2.3 and earlier allows remote attackers to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID.
12430| [CVE-2008-2636] The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many instances of a "front_page" sequence, and ends with a ".asp" sequence.
12431| [CVE-2008-2573] Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.
12432| [CVE-2008-2524] BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2) comments as an arbitrary user, via a modified blogphp_username field in a cookie.
12433| [CVE-2008-2469] Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.
12434| [CVE-2008-2294] Pet Grooming Management System 2.0 allows remote attackers to gain privileges via a direct request to useradded.php with a modified user name for "admin."
12435| [CVE-2008-2134] The Journal module in Tru-Zone Nuke ET 3.x allows remote attackers to obtain access to arbitrary user accounts, and alter or delete data, via a modified username in an unspecified cookie.
12436| [CVE-2008-2092] Linksys SPA-2102 Phone Adapter 3.3.6 allows remote attackers to cause a denial of service (crash) via a long ping packet ("ping of death"). NOTE: the severity of this issue has been disputed since there are limited attack scenarios.
12437| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
12438| [CVE-2008-1992] Acidcat CMS 3.4.1 does not properly restrict access to (1) default_mail_aspemail.asp, (2) default_mail_cdosys.asp or (3) default_mail_jmail.asp, which allows remote attackers to bypass restrictions and relay email messages with modified From, FromName, and To fields.
12439| [CVE-2008-1904] Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to an authenticated session, which allows remote attackers to obtain access to the "admin area" via a modified this_cookie cookie.
12440| [CVE-2008-1900] option_Update.asp in Carbon Communities 2.4 and earlier allows remote attackers to edit arbitrary member information via a modified ID field.
12441| [CVE-2008-1883] The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and instead sends an arbitrary MD5 string.
12442| [CVE-2008-1856] plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settings action that modifies the configuration file, which allows remote attackers to conduct directory traversal attacks and execute arbitrary local files by placing directory traversal sequences into the maps_type configuration setting, and then sending a request to maps_view.php, which causes plugins/maps/map.main.class.php to use the modified configuration.
12443| [CVE-2008-1810] Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable.
12444| [CVE-2008-1802] Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.
12445| [CVE-2008-1785] delete.php in Prozilla Top 100 1.2 allows remote authenticated users to delete statistics and accounts of arbitrary users via a modified s parameter.
12446| [CVE-2008-1783] Prozilla Reviews 1.0 allows remote attackers to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php.
12447| [CVE-2008-1710] Untrusted search path vulnerability in chnfsmnt in IBM AIX 6.1 allows local users to gain privileges via a modified PATH environment variable.
12448| [CVE-2008-1657] OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
12449| [CVE-2008-1627] CDS Invenio 0.92.1 and earlier allows remote authenticated users to delete email notification alerts of arbitrary users via a modified internal UID.
12450| [CVE-2008-1544] The setRequestHeader method of the XMLHttpRequest object in Microsoft Internet Explorer 5.01, 6, and 7 does not block dangerous HTTP request headers when certain 8-bit character sequences are appended to a header name, which allows remote attackers to (1) conduct HTTP request splitting and HTTP request smuggling attacks via an incorrect Content-Length header, (2) access arbitrary virtual hosts via a modified Host header, (3) bypass referrer restrictions via an incorrect Referer header, and (4) bypass the same-origin policy and obtain sensitive information via a crafted request header.
12451| [CVE-2008-1495] Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by (1) image/gif and (2) application/pdf.
12452| [CVE-2008-1415] Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.
12453| [CVE-2008-1369] A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.
12454| [CVE-2008-1319] Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.
12455| [CVE-2008-1268] The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
12456| [CVE-2008-1265] The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.
12457| [CVE-2008-1264] The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file.
12458| [CVE-2008-1263] The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI.
12459| [CVE-2008-1247] The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202.
12460| [CVE-2008-1243] Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI.
12461| [CVE-2008-1134] OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports authentication with a cookie that lacks a shared secret, which allows remote attackers to login as an arbitrary user via a modified cookie.
12462| [CVE-2008-1118] Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified (1) computer name, (2) user name, and (3) IP address fields.
12463| [CVE-2008-0852] freeSSHd 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a SSH2_MSG_NEWKEYS packet to TCP port 22, which triggers a NULL pointer dereference.
12464| [CVE-2008-0807] lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book.
12465| [CVE-2008-0610] Stack-based buffer overflow in the ClientConnection::NegotiateProtocolVersion function in vncviewer/ClientConnection.cpp in vncviewer for UltraVNC 1.0.2 and 1.0.4 before 01252008, when in LISTENING mode or when using the DSM plugin, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a modified size value.
12466| [CVE-2008-0581] Geert Moernaut LSrunasE allows local users to gain privileges by obtaining the encrypted password from a batch file, and constructing a modified batch file that specifies this password in the /password switch and specifies an arbitrary program in the /command switch.
12467| [CVE-2008-0391] inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote attackers to add an arbitrary user account via a modified lilil parameter, in conjunction with the ubild and pa parameters.
12468| [CVE-2008-0314] Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.
12469| [CVE-2008-0303] The FTP print feature in multiple Canon printers, including imageRUNNER and imagePRESS, allow remote attackers to use the server as an inadvertent proxy via a modified PORT command, aka FTP bounce.
12470| [CVE-2008-0228] Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators.
12471| [CVE-2008-0132] Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote attackers to cause a denial of service (connection slot exhaustion) via a flood of SSH connections with long data objects, as demonstrated by (1) a long list of keys and (2) a long username.
12472| [CVE-2008-0097] Format string vulnerability in the log function in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username field, as demonstrated by a certain LoginPassword message.
12473| [CVE-2008-0096] Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in the log function
12474| [CVE-2008-0032] Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.
12475| [CVE-2007-6709] The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access.
12476| [CVE-2007-6708] Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi.
12477| [CVE-2007-6707] Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574.
12478| [CVE-2007-6618] JIRA Enterprise Edition before 3.12.1 allows remote attackers to delete another user's shared filter via a modified filter ID.
12479| [CVE-2007-6546] RunCMS before 1.6.1 uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id.
12480| [CVE-2007-6528] Directory traversal vulnerability in tiki-listmovies.php in TikiWiki before 1.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) and modified filename in the movie parameter.
12481| [CVE-2007-6505] Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.
12482| [CVE-2007-6497] Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote attackers to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters
12483| [CVE-2007-6495] inc_newuser.asp in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to change the permissions of directories named (1) db, (2) www, (3) Special, and (4) log at arbitrary locations under the web root via a modified Dirroot parameter in an AddUser action to accounts/AccountActions.asp. NOTE: this can be leveraged for remote code execution by changing the permissions of \Forum\db, which is configured for execution of ASP scripts with administrative privileges, and then uploading a script to \Forum\db.
12484| [CVE-2007-6348] SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code.
12485| [CVE-2007-6329] Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fields, as demonstrated by the (1) LastModifiedBy and (2) creator fields in docProps/core.xml in the OOXML ZIP container.
12486| [CVE-2007-6237] cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. NOTE: this can be leveraged for administrative access by requesting password-reset e-mail through a lostpw action to misc.php.
12487| [CVE-2007-6056] frame.html in Aida-Web (Aida Web) allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the (1) Mehr and (2) SUPER parameters.
12488| [CVE-2007-6026] Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
12489| [CVE-2007-6019] Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly.
12490| [CVE-2007-6018] IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2) "purge" deleted emails via a crafted email message.
12491| [CVE-2007-5988] blocks/shoutbox_block.php in BtiTracker 1.4.4 does not verify user accounts, which allows remote attackers to post shoutbox entries as arbitrary users via a modified nick field.
12492| [CVE-2007-5956] Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable.
12493| [CVE-2007-5936] dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
12494| [CVE-2007-5918] Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an arbitrary user via a modified uname value in an edit action to modules.php.
12495| [CVE-2007-5863] Software Update in Apple Mac OS X 10.5.1 allows remote attackers to execute arbitrary commands via a man-in-the-middle (MITM) attack between the client and the server, using a modified distribution definition file with the "allow-external-scripts" option.
12496| [CVE-2007-5757] Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.
12497| [CVE-2007-5752] adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
12498| [CVE-2007-5738] The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions, which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html.
12499| [CVE-2007-5715] DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detection and blocking when making invalid login attempts with a username not present in AllowUsers, as demonstrated by the root username, a different vulnerability than CVE-2007-4323.
12500| [CVE-2007-5686] initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.
12501| [CVE-2007-5593] install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
12502| [CVE-2007-5475] Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements.
12503| [CVE-2007-5474] The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long.
12504| [CVE-2007-5440] ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in CRS Manager allow remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter to (1) index.php or (2) login.php. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker.
12505| [CVE-2007-5411] Cross-site scripting (XSS) vulnerability in the Linksys SPA941 VoIP Phone with firmware 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the From header in a SIP message.
12506| [CVE-2007-5231] Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.
12507| [CVE-2007-5113] report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information (web server logs) via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-5112.
12508| [CVE-2007-5109] Cross-site request forgery (CSRF) vulnerability in index.php in FlatNuke 2.6, and possibly 3, allows remote attackers to change the password and privilege level of arbitrary accounts via the user parameter and modified (1) regpass and (2) level parameters in a none_Login action, as demonstrated by using a Flash object to automatically make the request.
12509| [CVE-2007-5067] Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitrary code via a long If-Modified-Since header to (1) xigui32.exe or (2) xitami.exe.
12510| [CVE-2007-5032] Cross-site request forgery (CSRF) vulnerability in admin.php in Francisco Burzi PHP-Nuke allows remote attackers to add administrative accounts via an AddAuthor action with modified add_name and add_radminsuper parameters.
12511| [CVE-2007-4950] ** DISPUTED ** PHP remote file inclusion vulnerability in form/db_form/employee.php in PHPortal 0.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter. NOTE: this issue is disputed by CVE, since DOCUMENT_ROOT cannot be modified by an attacker.
12512| [CVE-2007-4893] wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a does not properly verify the unfiltered_html privilege, which allows remote attackers to conduct cross-site scripting (XSS) attacks via modified data to (1) post.php or (2) page.php with a no_filter field.
12513| [CVE-2007-4787] The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.
12514| [CVE-2007-4432] Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables.
12515| [CVE-2007-4415] Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
12516| [CVE-2007-4357] Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.
12517| [CVE-2007-4323] DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
12518| [CVE-2007-4322] BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
12519| [CVE-2007-4321] fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
12520| [CVE-2007-4246] Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
12521| [CVE-2007-4143] user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.
12522| [CVE-2007-4037] ** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled.
12523| [CVE-2007-3974] admin/ajoutaut.php in JBlog 1.0 does not require authentication, which allows remote attackers to create arbitrary accounts via modified mot and droit parameters.
12524| [CVE-2007-3968] index.php in dirLIST before 0.1.1 allows remote attackers to list the contents of an excluded folder via a modified URL containing the folder name.
12525| [CVE-2007-3690] The Forward module before 4.7-1.1 and 5.x before 5.x-1.0 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.
12526| [CVE-2007-3689] The Print module before 4.7-1.0 and 5.x before 5.x-1.2 for Drupal allows remote attackers to read restricted posts in (1) Organic Groups, (2) Taxonomy Access Control, (3) Taxonomy Access Lite, and other unspecified node access modules, via modified URL arguments.
12527| [CVE-2007-3676] IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests, which triggers memory corruption or other invalid memory access. NOTE: this might be the same issue as CVE-2008-0698.
12528| [CVE-2007-3630] changePW.php in AV Tutorial Script (avtutorial) 1.0 does not require authentication or knowledge of an old password for password changes, which allows remote attackers to change passwords for arbitrary users via a modified password parameter.
12529| [CVE-2007-3598] index.php in vtiger CRM before 5.0.3 allows remote authenticated users to obtain all users' names and e-mail addresses, and possibly change user settings, via a modified record parameter in a DetailView action to the Users module. NOTE: the vendor disputes the changing of settings, reporting that the attack vector results in a "You are not permitted to execute this Operation" error message in a 5.0.3 demo.
12530| [CVE-2007-3592] PM.php in Elite Bulletin Board before 1.0.10 allows remote authenticated users to delete arbitrary PM messages and conduct other attacks via modified id fields.
12531| [CVE-2007-3574] Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter.
12532| [CVE-2007-3571] The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address.
12533| [CVE-2007-3500] Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.
12534| [CVE-2007-3365] MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information (script source code) via a modified extension, as demonstrated by post.mscgI.
12535| [CVE-2007-3123] unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which triggers a heap-based buffer overflow.
12536| [CVE-2007-3026] Integer overflow in Panda Software AdminSecure allows remote attackers to execute arbitrary code via crafted packets with modified length values to TCP ports 19226 or 19227, resulting in a heap-based buffer overflow.
12537| [CVE-2007-2860] user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a modified id parameter, as demonstrated by an edit_post action.
12538| [CVE-2007-2850] The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a modified address:port string.
12539| [CVE-2007-2785] manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, new_pass, new_pass2, status, super, and certain other parameters in an add action.
12540| [CVE-2007-2730] Check Point ZoneAlarm Pro before 6.5.737.000 does not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
12541| [CVE-2007-2729] Comodo Firewall Pro 2.4.18.184 and Comodo Personal Firewall 2.3.6.81, and probably older Comodo Firewall versions, do not properly test for equivalence of process identifiers for certain Microsoft Windows API functions in the NT kernel 5.0 and greater, which allows local users to call these functions, and bypass firewall rules or gain privileges, via a modified identifier that is one, two, or three greater than the canonical identifier.
12542| [CVE-2007-2612] SQL injection vulnerability in libs/Wakka.class.php in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to execute arbitrary SQL commands via the limit parameter. NOTE: this issue only applies to a "modified installation."
12543| [CVE-2007-2610] Cross-site scripting (XSS) vulnerability in OpenLD before 1.1.9, and 1.1-modified before 1.1-modified3, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the Search feature, possibly the term parameter.
12544| [CVE-2007-2422] ** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Modules Builder (modbuild) 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter to (1) config-bak.php or (2) config.php. NOTE: CVE disputes this vulnerability because the unmodified scripts set the applicable variable to the empty string
12545| [CVE-2007-2339] Multiple SQL injection vulnerabilities in Phorum before 5.1.22 allow remote attackers to execute arbitrary SQL commands via (1) a modified recipients parameter name in (a) pm.php
12546| [CVE-2007-2270] The Linksys SPA941 VoIP Phone allows remote attackers to cause a denial of service (device reboot) via a 0377 (0xff) character in the From header, and possibly certain other locations, in a SIP INVITE request.
12547| [CVE-2007-2249] include/controlcenter/users.php in Phorum before 5.1.22 allows remote authenticated moderators to gain privileges via a modified (1) user_ids POST parameter or (2) userdata array.
12548| [CVE-2007-2053] Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a long LastModified value in an S3 XML response in lib/s3.cpp
12549| [CVE-2007-1925] The borrado function in modules/Your_Account/index.php in Tru-Zone Nuke ET 3.4 before fix 7 does not verify that account deletion requests come from the account owner, which allows remote authenticated users to delete arbitrary accounts via a modified cookie.
12550| [CVE-2007-1898] formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters.
12551| [CVE-2007-1799] Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
12552| [CVE-2007-1585] The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information.
12553| [CVE-2007-1553] admin/configuration.php in Guestbara 1.2 and earlier allows remote attackers to modify the e-mail, name, and password of the admin account by setting the zapis parameter to "ok" and providing modified admin_mail, login, and pass parameters.
12554| [CVE-2007-1432] Grayscale Blog 0.8.0, and possibly earlier versions, allows remote attackers to gain privileges via direct requests with modified arguments in (1) the user_permissions parameter to add_users.php, and unspecified parameters to (2) addblog.php, (3) editblog.php, (4) editlinks.php, (5) edit_users.php, and (6) add_links.php.
12555| [CVE-2007-1381] The wddx_deserialize function in wddx.c 1.119.2.10.2.12 and 1.119.2.10.2.13 in PHP 5, as modified in CVS on 20070224 and fixed on 20070304, calls strlcpy where strlcat was intended and uses improper arguments, which allows context-dependent attackers to execute arbitrary code via a WDDX packet with a malformed overlap of a STRING element, which triggers a buffer overflow.
12556| [CVE-2007-1368] The Project issue tracking module before 4.7.x-1.3, 4.7.x-2.* before 4.7.x-2.3, and 5 before 5.x-0.2-beta for Drupal allows remote authenticated users, with "access project issues" permission, to read the contents of a private node via a URL with a modified node identifier.
12557| [CVE-2007-1343] includes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant vulnerabilities that probably include remote file inclusion and other issues.
12558| [CVE-2007-1099] dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks.
12559| [CVE-2007-1051] Comodo Firewall Pro (formerly Comodo Personal Firewall) 2.4.17.183 and earlier uses a weak cryptographic hashing function (CRC32) to identify trusted modules, which allows local users to bypass security protections by substituting modified modules that have the same CRC32 value.
12560| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
12561| [CVE-2007-0912] Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.
12562| [CVE-2007-0819] HP Network Node Manager (NNM) Remote Console 7.50, 7.51, and 7.53 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.
12563| [CVE-2007-0697] index2.php in ACGVannu 1.3 and earlier allows remote attackers to change the password or profile of a user via a modified id parameter, related to templates/modif.html. NOTE: some of these details are obtained from third party information.
12564| [CVE-2007-0681] profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php.
12565| [CVE-2007-0366] Untrusted search path vulnerability in Rumpus 5.1 and earlier allows local users to gain privileges via a modified PATH that points to a malicious ipfw program.
12566| [CVE-2007-0068] IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.
12567| [CVE-2007-0049] Geckovich TaskTracker Pro 1.5 and earlier allows remote attackers to add administrative or other accounts via an Add action with a modified GroupID in a direct request to Customize.asp.
12568| [CVE-2007-0022] Untrusted search path vulnerability in writeconfig in Apple Mac OS X 10.4.8 allows local users to gain privileges via a modified PATH that points to a malicious launchctl program.
12569| [CVE-2007-0014] ChainKey Java Code Protection allows attackers to decompile Java class files via a Java class loader with a modified defineClass method that saves the bytecode to a file before it is passed to the JVM.
12570| [CVE-2006-7223] PreviewAction in XWiki 0.9.543 through 0.9.1252 does not set the Author field to the identity of the user who last modified a document, which allows remote authenticated users without programming rights to execute arbitrary code by selecting a document whose author has programming rights, modifying this document to contain a script, and previewing without saving the document.
12571| [CVE-2006-7191] Untrusted search path vulnerability in lamdaemon.pl in LDAP Account Manager (LAM) before 1.0.0 allows local users to gain privileges via a modified PATH that points to a malicious rm program.
12572| [CVE-2006-7145] edit_user.php in Call Center Software 0.93 and earlier allows remote attackers to obtain sensitive information such as account passwords via a modified user_id parameter.
12573| [CVE-2006-7121] The HTTP server in Linksys SPA-921 VoIP Desktop Phone allows remote attackers to cause a denial of service (reboot) via (1) a long URL, or a long (2) username or (3) password during Basic Authentication.
12574| [CVE-2006-7086] The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain sensitive information and download the database via a direct request with a modified dl parameter.
12575| [CVE-2006-7013] ** DISPUTED ** QueryString.php in Simple Machines Forum (SMF) 1.0.7 and earlier, and 1.1rc2 and earlier, allows remote attackers to more easily spoof the IP address and evade banning via a modified X-Forwarded-For HTTP header, which is preferred instead of other more reliable sources for the IP address. NOTE: the original researcher claims that the vendor has disputed this issue.
12576| [CVE-2006-6999] attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files by providing the file number in a modified id parameter.
12577| [CVE-2006-6995] mycontacts.php in V3 Chat allows remote authenticated users to gain privileges as other users via a modified membername parameter.
12578| [CVE-2006-6822] myprofile.asp in Enthrallweb eClassifieds does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
12579| [CVE-2006-6821] myprofile.asp in Enthrallweb eNews does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
12580| [CVE-2006-6820] myprofile.asp in Enthrallweb eCoupons does not properly validate the MM_recordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MM_recordId parameter.
12581| [CVE-2006-6537] IBM WebSphere Host On-Demand 6.0, 7.0, 8.0, 9.0, and possibly 10, allows remote attackers to bypass authentication via a modified pnl parameter, related to hod/HODAdmin.html and hod/frameset.html.
12582| [CVE-2006-6411] PhoneCtrl.exe in Linksys WIP 330 Wireless-G IP Phone 1.00.06A allows remote attackers to cause a denial of service (crash) via a TCP SYN scan, as demonstrated using TCP ports 1-65535 with nmap.
12583| [CVE-2006-6302] fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address.
12584| [CVE-2006-6301] DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address, which is not properly handled by a regular expression.
12585| [CVE-2006-6016] wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.
12586| [CVE-2006-6007] save_profile.asp in WebEvents (Online Event Registration Template) 2.0 and earlier allows remote attackers to change the profiles, passwords, and other information for arbitrary users via a modified UserID parameter.
12587| [CVE-2006-5882] Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field.
12588| [CVE-2006-5852] Untrusted search path vulnerability in openexec in OpenBase SQL before 10.0.1 allows local users to gain privileges via a modified PATH that references a malicious helper binary, as demonstrated by (1) cp, (2) rm, and (3) killall, different vectors than CVE-2006-5327.
12589| [CVE-2006-5820] The LinkSBIcons method in the SuperBuddy ActiveX control (Sb.SuperBuddy.1) in America Online 9.0 Security Edition dereferences an arbitrary function pointer, which allows remote attackers to execute arbitrary code via a modified pointer value.
12590| [CVE-2006-5794] Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.
12591| [CVE-2006-5630] Hosting Controller 6.1 before Hotfix 3.3 allows remote attackers to (1) delete the virtual directory of an arbitrary site via a modified ForumID parameter in a disableforum action in DisableForum.asp and (2) create an arbitrary forum virtual directory via an empty ForumID parameter in an enableforum action in EnableForum.asp.
12592| [CVE-2006-5610] PHP remote file inclusion vulnerability in player/includes/common.php in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
12593| [CVE-2006-5607] Directory traversal vulnerability in /cgi-bin/webcm in INCA IM-204 allows remote attackers to read arbitrary files via a "/./." (modified dot dot) sequences in the getpage parameter.
12594| [CVE-2006-5597] join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters.
12595| [CVE-2006-5526] Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing, as modified in Fully Modded phpBB (phpbbfm) 2021.4.40 and earlier, allow remote attackers to execute arbitrary PHP code via a URL in the foing_root_path parameter in (a) faq.php, (b) index.php, (c) list.php, (d) login.php, (e) playlist.php, (f) song.php, (g) gen_m3u.php, (h) view_artist.php, (i) view_song.php, (j) flash/set_na.php, (k) flash/initialise.php, (l) flash/get_song.php, (m) includes/common.php, (n) admin/nav.php, (o) admin/main.php, (p) admin/list_artists.php, (q) admin/index.php, (r) admin/genres.php, (s) admin/edit_artist.php, (t) admin/edit_album.php, (u) admin/config.php, and (v) admin/admin_status.php in player/, different vectors than CVE-2006-3045. NOTE: CVE analysis as of 20061026 indicates that files in the admin/ and flash/ directories define foing_root_path before use.
12596| [CVE-2006-5424] Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326.
12597| [CVE-2006-5421] WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file inclusion, but that label only applies to the attack, not the underlying vulnerability.
12598| [CVE-2006-5414] Barry Nauta BRIM before 1.2.1 allows remote authenticated users to read information from other users via a modified URL.
12599| [CVE-2006-5327] Untrusted search path vulnerability in OpenBase SQL 10.0 and earlier, as used in Apple Xcode 2.2 2.2 and earlier and possibly other products, allows local users to execute arbitrary code via a modified PATH that references a malicious gzip program, which is executed by gnutar with certain TAR_OPTIONS environment variable settings, when gnutar is invoked by OpenBase.
12600| [CVE-2006-5212] Trend Micro OfficeScan 6.0 in Client/Server/Messaging (CSM) Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition (OSCE) 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP request that invokes the OfficeScan CGI program.
12601| [CVE-2006-5202] Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.
12602| [CVE-2006-5185] Eval injection vulnerability in Template.php in HAMweather 3.9.8.4 and earlier allows remote attackers to execute arbitrary code via a modified query string, which is supplied to an eval function call within the do_parse_code function.
12603| [CVE-2006-5086] Blog Pixel Motion 2.1.1 allows remote attackers to change the username and password for the admin user via a direct request to insere_base.php with modified (1) login and (2) pass parameters. NOTE: this issue was claimed to be SQL injection by the original researcher, but it is not.
12604| [CVE-2006-4979] Direct static code injection vulnerability in cfgphpquiz/install.php in Walter Beschmout PhpQuiz 1.2 and earlier allows remote attackers to inject arbitrary PHP code in config.inc.php via modified configuration settings.
12605| [CVE-2006-4924] sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
12606| [CVE-2006-4895] IDevSpot NexieAffiliate 1.9 and earlier allows remote attackers to delete arbitrary affiliates via a modified id parameter to delete.php.
12607| [CVE-2006-4782] src/index.php in WebSPELL 4.01.01 and earlier, when register_globals is enabled, allows remote attackers to bypass authentication and gain sensitive information stored in the database via a modified userID parameter in a write action to admin/database.php.
12608| [CVE-2006-4588] vtiger CRM 4.2.4, and possibly earlier, allows remote attackers to bypass authentication and access administrative modules via a direct request to index.php with a modified module parameter, as demonstrated using the Settings module.
12609| [CVE-2006-4549] CHXO Feedsplitter 2006-01-21 allows remote attackers to read the source code of feedsplitter.php via the showsource function. NOTE: this issue is not a vulnerability in standard distributions, but could be an issue if the source has been modified.
12610| [CVE-2006-4546] Lyris ListManager 8.95 allows remote authenticated users, who have administrative privileges for at least one list on the server, to add new administrators to any list via a modified MEMBERS_.List_ parameter.
12611| [CVE-2006-4511] Messenger Agents (nmma.exe) in Novell GroupWise 2.0.2 and 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted HTTP POST request to TCP port 8300 with a modified val parameter, which triggers a null dereference related to "zero-size strings in blowfish routines."
12612| [CVE-2006-4316] SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges.
12613| [CVE-2006-4210] nu_mail.inc.php in Andreas Kansok phPay 2.02 and 2.02.1, when register_globals is enabled, allows remote attackers to use the server as an open mail relay via modified mail_text2, user_row[5], nu_mail_1, and shop_mail parameters. NOTE: some of these details are obtained from third party information.
12614| [CVE-2006-4140] Directory traversal vulnerability in IPCheck Server Monitor before 5.3.3.639/640 allows remote attackers to read arbitrary files via modified .. (dot dot) sequences in the URL, including (1) "..%2f" (encoded "/" slash), "..../" (multiple dot), and "..%255c../" (double-encoded "\" backslash).
12615| [CVE-2006-4122] Simple one-file guestbook 1.0 and earlier allows remote attackers to bypass authentication and delete guestbook entries via a modified id parameter to guestbook.php.
12616| [CVE-2006-3968] The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified.
12617| [CVE-2006-3833] index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite existing entries and establish new passwords for the overwritten entries via a URL with a modified entry ID.
12618| [CVE-2006-3740] Integer overflow in the scan_cidfont function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted (1) CMap and (2) CIDFont font data with modified item counts in the (a) begincodespacerange, (b) cidrange, and (c) notdefrange sections.
12619| [CVE-2006-3739] Integer overflow in the CIDAFM function in X.Org 6.8.2 and XFree86 X server allows local users to execute arbitrary code via crafted Adobe Font Metrics (AFM) files with a modified number of character metrics (StartCharMetrics), which leads to a heap-based buffer overflow.
12620| [CVE-2006-3610] index.php in Orbitcoders OrbitMATRIX 1.0 allows remote attackers to obtain sensitive information (partial database schema) via a modified page_name parameter, which reflects portions of an SQL query in the result. NOTE: it is not clear whether the information is target-specific. If not, then this issue is not an exposure.
12621| [CVE-2006-3531] includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters.
12622| [CVE-2006-3479] Cross-site request forgery (CSRF) vulnerability in the del_block function in modules/Admin/block.php in Nuked-Klan 1.7.5 and earlier and 1.7 SP4.2 allows remote attackers to delete arbitrary "blocks" via a link with a modified bid parameter in a del_block op on the block page in index.php.
12623| [CVE-2006-3455] The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3, allows local users to execute arbitrary code via a modified address for the output buffer argument to the DeviceIOControl function.
12624| [CVE-2006-3425] FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.
12625| [CVE-2006-3420] Cross-site request forgery (CSRF) vulnerability in editpost.php in MyBulletinBoard (MyBB) before 1.1.5 allows remote attackers to perform unauthorized actions as a logged in user and delete arbitrary forum posts via a bbcode IMG tag with a modified delete parameter in a deletepost action. NOTE: the provenance of this information is unknown
12626| [CVE-2006-3207] Directory traversal vulnerability in newpost.php in Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence and trailing null (%00) byte in the id parameter, as demonstrated by injecting a Perl CGI script using "[NR]" sequences in the message parameter, then calling close.php with modified id and t_id parameters to chmod the script. NOTE: this issue might be resultant from dynamic variable evaluation.
12627| [CVE-2006-3205] Ultimate PHP Board (UPB) 1.9.6 and earlier allows remote attackers to gain access via modified user_env, pass_env, power_env, and id_env parameters in a cookie, which comprise a persistent logon that does not vary across sessions.
12628| [CVE-2006-3092] PhpMyFactures 1.2 and earlier allows remote attackers to bypass authentication and modify data via direct requests with modified parameters to (1) /tva/ajouter_tva.php, (2) /remises/ajouter_remise.php, (3) /pays/ajouter_pays.php, (4) /pays/modifier_pays.php, (5) /produits/ajouter_cat.php, (6) /produits/ajouter_produit.php, (7) /clients/ajouter_client.php, (8) /clients/modifier_client.php. NOTE: the provenance of this information is unknown
12629| [CVE-2006-2947] Dmx Forum 2.1a allows remote attackers to obtain username and password information via a direct request to pops/edit.php with a modified membre parameter.
12630| [CVE-2006-2942] TWiki 4.0.0, 4.0.1, and 4.0.2 allows remote attackers to gain Twiki administrator privileges via a TWiki.TWikiRegistration form with a modified action attribute that references the Sandbox web instead of the user web, which can then be used to associate the user's login name with the WikiName of a member of the TWikiAdminGroup.
12631| [CVE-2006-2896] profile.php in FunkBoard CF0.71 allows remote attackers to change arbitrary passwords via a modified uid hidden form field in an Edit Profile action.
12632| [CVE-2006-2848] links.asp in aspWebLinks 2.0 allows remote attackers to change the administrative password, possibly via a direct request with a modified txtAdministrativePassword field.
12633| [CVE-2006-2828] Global variable overwrite vulnerability in PHP-Nuke allows remote attackers to conduct remote PHP file inclusion attacks via a modified phpbb_root_path parameter to the admin scripts (1) index.php, (2) admin_ug_auth.php, (3) admin_board.php, (4) admin_disallow.php, (5) admin_forumauth.php, (6) admin_groups.php, (7) admin_ranks.php, (8) admin_styles.php, (9) admin_user_ban.php, (10) admin_words.php, (11) admin_avatar.php, (12) admin_db_utilities.php, (13) admin_forum_prune.php, (14) admin_forums.php, (15) admin_mass_email.php, (16) admin_smilies.php, (17) admin_ug_auth.php, and (18) admin_users.php, which overwrites $phpbb_root_path when the import_request_variables function is executed after $phpbb_root_path has been initialized to a static value.
12634| [CVE-2006-2807] ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.
12635| [CVE-2006-2794] Hesabim.asp in ASPSitem 2.0 and earlier allows remote attackers to read private messages of other users via a modified id parameter.
12636| [CVE-2006-2771] admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter.
12637| [CVE-2006-2737] utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.
12638| [CVE-2006-2727] home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter.
12639| [CVE-2006-2717] Unspecified vulnerability in Secure Elements Class 5 AVR client and server (aka C5 EVM) before 2.8.1 allows authenticated attackers to overwrite arbitrary files (1) on a server during an update or (2) on a client via modified pathnames, possibly due to a directory traversal issue.
12640| [CVE-2006-2708] Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER messages, which leads to a buffer overflow (probably an over-read).
12641| [CVE-2006-2631] phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfox_user parameter.
12642| [CVE-2006-2562] ZyXEL P-335WT router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
12643| [CVE-2006-2561] Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter (possibly within NewInternalClient), which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
12644| [CVE-2006-2560] Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
12645| [CVE-2006-2478] Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified back_url during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of the term.
12646| [CVE-2006-2407] Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
12647| [CVE-2006-2356] NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter.
12648| [CVE-2006-2183] Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.
12649| [CVE-2006-1973] Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages.
12650| [CVE-2006-1909] Directory traversal vulnerability in index.php in Coppermine 1.4.4 allows remote attackers to read arbitrary files via a .//./ (modified dot dot slash) in the file parameter, which causes a regular expression to collapse the sequences into standard "../" sequences.
12651| [CVE-2006-1686] Unspecified vulnerability in modules.php in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to access unspecified files via a modified warp parameter.
12652| [CVE-2006-1620] admin/accounts/AccountActions.asp in Hosting Controller 2002 RC 1 allows remote attackers to modify passwords of other users, probably via an "Update User" ActionType with a modified UserName parameter and the PassCheck parameter set to TRUE. It was later reported that the vulnerability is present in 6.1 Hotfix 3.3 and earlier.
12653| [CVE-2006-1463] Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a H.264 (M4V) video format file with a certain modified size value.
12654| [CVE-2006-1283] opiepasswd in One-Time Passwords in Everything (OPIE) in FreeBSD 4.10-RELEASE-p22 through 6.1-STABLE before 20060322 uses the getlogin function to determine the invoking user account, which might allow local users to configure OPIE access to the root account and possibly gain root privileges if a root shell is permitted by the configuration of the wheel group or sshd.
12655| [CVE-2006-1206] Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30.
12656| [CVE-2006-1126] Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For (X_FORWARDED_FOR) HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTE_ADDR.
12657| [CVE-2006-1067] Linksys WRT54G routers version 5 (running VXWorks) allow remote attackers to cause a denial of service by sending a malformed DCC SEND string to an IRC channel, which causes an IRC connection reset, possibly related to the masquerading code for NAT environments, and as demonstrated via (1) a DCC SEND with a single long argument, or (2) a DCC SEND with IP, port, and filesize arguments with a 0 value.
12658| [CVE-2006-1026] JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.
12659| [CVE-2006-0922] CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php (aka upload.php) that allows remote attackers to upload arbitrary files via a modified CurrentFolder parameter in a direct request to admin/filemanager/upload.php.
12660| [CVE-2006-0859] Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter.
12661| [CVE-2006-0842] Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote attackers to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail message, as demonstrated by "java	
12662| [CVE-2006-0818] Absolute path directory traversal vulnerability in (1) MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and (2) VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname in the lang_settings parameter to mail/index.html, which is not properly sanitized by the validatefolder PHP function, possibly due to an incomplete fix for CVE-2005-4558.
12663| [CVE-2006-0810] Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrators to execute arbitrary PHP code by causing certain variables in config.php to be modified, possibly due to XSS or direct static code injection.
12664| [CVE-2006-0799] Microsoft Internet Explorer allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page with an anchor element with a legitimate "href" attribute, a form whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL. NOTE: this issue is very similar to CVE-2004-1104, although the manipulations are slightly different.
12665| [CVE-2006-0766] ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions and bypass Windows security warnings via a filename that ends in an assumed-safe extension such as JPG, and possibly containing other modified properties such as company name, icon, and description, which could trick a user into executing arbitrary programs.
12666| [CVE-2006-0724] profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.
12667| [CVE-2006-0722] settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.
12668| [CVE-2006-0701] readfolder.php in imageVue 16.1 allows remote attackers to list directories via modified path and ext parameters.
12669| [CVE-2006-0687] process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable.
12670| [CVE-2006-0576] Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing opcontrol using sudo. In such a context, this is a vulnerability.
12671| [CVE-2006-0547] Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB18 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0265.
12672| [CVE-2006-0473] Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
12673| [CVE-2006-0472] Cross-site scripting (XSS) vulnerability in guestbook.php in my little homepage my little guestbook, as last modified in March 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
12674| [CVE-2006-0471] Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
12675| [CVE-2006-0309] Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length.
12676| [CVE-2006-0230] Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
12677| [CVE-2006-0203] membership.asp in Mini-Nuke CMS System 1.8.2 and earlier does not verify the old password when changing a password, which allows remote attackers to change the passwords of other members via a lostpassnew action with a modified x parameter.
12678| [CVE-2006-0173] Hummingbird Collaboration (aka Hummingbird Enterprise Collaboration) 5.21 and earlier allows remote attackers to misrepresent the type and name of a file via modified doc_ext and id parameters, which might trick a user into downloading dangerous or unexpected content.
12679| [CVE-2006-0144] The proxy server feature in go-pear.php in PHP PEAR 0.2.2, as used in Apache2Triad, allows remote attackers to execute arbitrary PHP code by redirecting go-pear.php to a malicious proxy server that provides a modified version of Tar.php with a malicious extractModify function.
12680| [CVE-2006-0139] The send-private-message functionality (send-private-message.asp) in PD9 Software MegaBBS 2.1 allows remote attackers to read private messages of other users via a modified replyid parameter.
12681| [CVE-2006-0031] Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption.
12682| [CVE-2006-0014] Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.
12683| [CVE-2005-4687] PunBB 1.2.9, used alone or with F-ART BLOG:CMS, may trust a client's IP address as specified in the X-Forwarded-For HTTP header rather than the TCP/IP stack, which allows remote attackers to misrepresent their IP address by sending a modified header.
12684| [CVE-2005-4558] IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include arbitrary PHP code via a URL in a modified lang_settings parameter to mail/index.html.
12685| [CVE-2005-4532] scponlyc in scponly 4.1 and earlier, when the operating system supports LD_PRELOAD mechanisms, allows local users to execute arbitrary code with root privileges by creating a chroot directory in their home directory, hard linking to a system setuid application, and using a modified LD_PRELOAD to modify expected function calls in the setuid application.
12686| [CVE-2005-4441] The PVLAN protocol allows remote attackers to bypass network segmentation and spoof PVLAN traffic via a PVLAN message with a target MAC address that is set to a gateway router, which causes the packet to be sent to the router, where the source MAC is modified, aka "Modification of the MAC spoofing PVLAN jumping attack," as demonstrated by pvlan.c.
12687| [CVE-2005-4337] The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.
12688| [CVE-2005-4257] Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown
12689| [CVE-2005-4206] Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.
12690| [CVE-2005-4178] Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations.
12691| [CVE-2005-4159] ** DISPUTED ** NOTE: this issue has been disputed by the vendor and third parties. SQL injection vulnerability in Memberlist.php in Simple Machines Forum (SMF) 1.1 rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the start parameter. NOTE: the vendor says that since only one character can be modified, there is no SQL injection. Thus this might be an "invalid SQL syntax error." Multiple followups support the vendor.
12692| [CVE-2005-4092] Multiple heap-based buffer overflows in QuickTime.qts in Apple QuickTime Player 7.0.3 and iTunes 6.0.1 (3) and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a .mov file with (1) a Movie Resource atom with a large size value, or (2) an stsd atom with a modified Sample Description Table size value, and possibly other vectors involving media files. NOTE: item 1 was originally identified by CVE-2005-4127 for a pre-patch announcement, and item 2 was originally identified by CVE-2005-4128 for a pre-patch announcement.
12693| [CVE-2005-3961] export_handler.php in WebCalendar 1.0.1 allows remote attackers to overwrite WebCalendar data files via a modified id parameter.
12694| [CVE-2005-3777] MyBulletinBoard (MyBB) 1.0 PR2 Rev 686 allows remote attackers to delete or move private messages (PM) via modified fields in the inbox form.
12695| [CVE-2005-3756] Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.
12696| [CVE-2005-3711] Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified (1) "strips" (StripByteCounts) or (2) "bands" (StripOffsets) values.
12697| [CVE-2005-3710] Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via a TIFF image file with modified image height and width (ImageWidth) tags.
12698| [CVE-2005-3687] cancel_account.php in WHM AutoPilot 2.5.30 and earlier allows remote attackers to cancel requests for arbitrary accounts via a modified c parameter.
12699| [CVE-2005-3502] attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter.
12700| [CVE-2005-3405] ATutor 1.4.1 through 1.5.1-pl1 allows remote attackers to execute arbitrary PHP functions via a direct request to forum.inc.php with a modified addslashes parameter with either the (1) asc or (2) desc parameters set, possibly due to an eval injection vulnerability.
12701| [CVE-2005-3327] Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity.
12702| [CVE-2005-3321] chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.
12703| [CVE-2005-3184] Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
12704| [CVE-2005-3110] Race condition in ebtables netfilter module (ebtables.c) in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service (crash) via a series of packets that cause a value to be modified after it has been read but before it has been locked.
12705| [CVE-2005-2916] Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.
12706| [CVE-2005-2915] ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914.
12707| [CVE-2005-2914] ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration.
12708| [CVE-2005-2912] Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value.
12709| [CVE-2005-2799] Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.
12710| [CVE-2005-2798] sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
12711| [CVE-2005-2790] BFCommand & Control Server Manager BFCC 1.22_A and earlier, and BFVCC 2.14_B and earlier, relies on the client to enforce permissions and perform actions such as disconnections, which allows remote attackers to bypass administrative restrictions via a modified client.
12712| [CVE-2005-2628] Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
12713| [CVE-2005-2600] FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter.
12714| [CVE-2005-2589] Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption.
12715| [CVE-2005-2483] Eval injection vulnerability in Karrigell before 2.1.8 allows remote attackers to execute arbitrary Python code via modified arguments to a Karrigell services (.ks) script, which can reference functions from libraries that are used by that script.
12716| [CVE-2005-2434] Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information.
12717| [CVE-2005-2403] The login protocol in RealChat 3.5.1b does not use authentication, which allows remote attackers to log on as other users by sniffing the beginning of a chat session and replaying it via a modified username.
12718| [CVE-2005-2148] Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.
12719| [CVE-2005-2128] QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value.
12720| [CVE-2005-2052] Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an .avi file with a modified strf structure value.
12721| [CVE-2005-2036] modifyUser.asp in Cool Cafe (Cool Caf\xDA) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickname value.
12722| [CVE-2005-1997] show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modified host parameter.
12723| [CVE-2005-1957] mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified base64-encoded file parameter and (1) read arbitrary files via the "view" action or (2) delete arbitrary files via the del action.
12724| [CVE-2005-1817] Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified parameters.
12725| [CVE-2005-1784] Hosting Controller 6.1 HotFix 2.0 and earlier allows remote attackers to steal passwords and gain privileges via a modified emailaddress parameter in an updateprofile action for UserProfile.asp.
12726| [CVE-2005-1746] The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote attackers to cause a denial of service (cluster slowdown) via modified cookies.
12727| [CVE-2005-1181] ** DISPUTED ** NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the ariadne parameter to reference a URL on a remote web server that contains the code. NOTE: the vendor has disputed this issue, saying that loader.php first requires the "ariadne.inc" file, which defines the $ariadne variable, and thus it cannot be modified by an attacker. In addition, CVE personnel have partially verified the dispute via source code inspection of Ariadne 2.4 as available on July 5, 2005.
12728| [CVE-2005-1059] Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html.
12729| [CVE-2005-1009] Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbitrary code via a modified computer name and length that leads to a heap-based buffer overflow, or (2) local users to execute arbitrary code via a long Name entry in the configure.cfg file.
12730| [CVE-2005-1002] logwebftbs2000.exe in Logics Software File Transfer (LOG-FT) allows remote attackers to read arbitrary files via modified (1) VAR_FT_LANG and (2) VAR_FT_TMPL parameters.
12731| [CVE-2005-0795] HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
12732| [CVE-2005-0739] The IAPP dissector (packet-iapp.c) for Ethereal 0.9.1 to 0.10.9 does not properly use certain routines for formatting strings, which could leave it vulnerable to buffer overflows, as demonstrated using modified length values that are not properly handled by the dissect_pdus and pduval_to_str functions.
12733| [CVE-2005-0701] Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.frename.
12734| [CVE-2005-0504] Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.
12735| [CVE-2005-0440] ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.
12736| [CVE-2005-0334] Linksys PSUS4 running firmware 6032 allows remote attackers to cause a denial of service (device crash) via an HTTP POST request containing an unknown parameter without a value.
12737| [CVE-2005-0327] pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php.
12738| [CVE-2005-0318] useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.
12739| [CVE-2005-0296] ** DISPUTED ** NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue.
12740| [CVE-2005-0287] Bottomline Webseries Payment Application allows remote attackers to read arbitrary files on the network via a report template with modified ReportPath or ReportName values.
12741| [CVE-2005-0039] Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address.
12742| [CVE-2005-0023] gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed.
12743| [CVE-2004-2760] sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. NOTE: it could be argued that in most environments, this does not cross privilege boundaries without requiring leverage of a separate vulnerability.
12744| [CVE-2004-2699] deleteicon.aspx in AspDotNetStorefront 3.3 allows remote attackers to delete arbitrary product images via a modified ProductID parameter.
12745| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
12746| [CVE-2004-2606] The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled.
12747| [CVE-2004-2592] Quake II server before R1Q2, as used in multiple products, allows remote attackers cause a denial of service (application crash) via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines.
12748| [CVE-2004-2565] Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp.
12749| [CVE-2004-2563] Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.
12750| [CVE-2004-2508] Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter.
12751| [CVE-2004-2507] Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter.
12752| [CVE-2004-2489] Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename.
12753| [CVE-2004-2486] The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access.
12754| [CVE-2004-2254] SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.
12755| [CVE-2004-2102] Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote attackers to inject arbitrary web script or HTML via the test parameter.
12756| [CVE-2004-2073] Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command.
12757| [CVE-2004-2069] sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
12758| [CVE-2004-1943] PHP remote file inclusion vulnerability in album_portal.php in phpBB modified by Przemo 1.8 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.
12759| [CVE-2004-1707] The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.
12760| [CVE-2004-1357] The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
12761| [CVE-2004-1104] Microsoft Internet Explorer 6.0 SP2 allows remote attackers to spoof a legitimate URL in the status bar and conduct a phishing attack via a web page that contains a BASE element that points to the legitimate site, followed by an anchor (a) element with an empty "href" attribute, and a FORM whose action points to a malicious URL, and an INPUT submit element that is modified to look like a legitimate URL.
12762| [CVE-2004-1080] The WINS service (wins.exe) on Microsoft Windows NT Server 4.0, Windows 2000 Server, and Windows Server 2003 allows remote attackers to write to arbitrary memory locations and possibly execute arbitrary code via a modified memory pointer in a WINS replication packet to TCP port 42, aka the "Association Context Vulnerability."
12763| [CVE-2004-1038] A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to exploit. NOTE: this was reported in 2008 to affect Windows Vista, but some Linux-based operating systems have protection mechanisms against this attack.
12764| [CVE-2004-1008] Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
12765| [CVE-2004-0959] rfc1867.c in PHP before 5.0.2 allows local users to upload files to arbitrary locations via a PHP script with a certain MIME header that causes the "$_FILES" array to be modified.
12766| [CVE-2004-0921] AFP Server on Mac OS X 10.3.x to 10.3.5, when a guest has mounted an AFP volume, allows the guest to "terminate authenticated user mounts" via modified SessionDestroy packets.
12767| [CVE-2004-0826] Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
12768| [CVE-2004-0580] DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
12769| [CVE-2004-0529] The modified suexec program in cPanel, when configured for mod_php and compiled for Apache 1.3.31 and earlier without mod_phpsuexec, allows local users to execute untrusted shared scripts and gain privileges, as demonstrated using untainted scripts such as (1) proftpdvhosts or (2) addalink.cgi, a different vulnerability than CVE-2004-0490.
12770| [CVE-2004-0528] Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
12771| [CVE-2004-0527] KDE Konqueror 2.1.1 and 2.2.2 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
12772| [CVE-2004-0526] Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
12773| [CVE-2004-0312] Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.
12774| [CVE-2004-0208] The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.
12775| [CVE-2004-0091] ** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in register.php for unknown versions of vBulletin allows remote attackers to inject arbitrary HTML or web script via the reg_site (or possibly regsite) parameter. NOTE: the vendor has disputed this issue, saying "There is no hidden field called 'reg_site', nor any $reg_site variable anywhere in the vBulletin 2 or vBulletin 3 source code or templates, nor has it ever existed. We can only assume that this vulnerability was found in a site running code modified from that supplied by Jelsoft."
12776| [CVE-2003-1572] Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.
12777| [CVE-2003-1562] sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190.
12778| [CVE-2003-1505] Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved.
12779| [CVE-2003-1497] Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.
12780| [CVE-2003-1424] message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie.
12781| [CVE-2003-1291] VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.
12782| [CVE-2003-1255] add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter.
12783| [CVE-2003-1161] exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.
12784| [CVE-2003-1041] Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475.
12785| [CVE-2003-1033] The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program.
12786| [CVE-2003-0849] Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
12787| [CVE-2003-0848] Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
12788| [CVE-2003-0834] Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
12789| [CVE-2003-0818] Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings.
12790| [CVE-2003-0754] nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.
12791| [CVE-2003-0752] SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter.
12792| [CVE-2003-0731] CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
12793| [CVE-2003-0715] Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528.
12794| [CVE-2003-0666] Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file.
12795| [CVE-2003-0655] rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is running with privileges.
12796| [CVE-2003-0621] The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument.
12797| [CVE-2003-0520] Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified.
12798| [CVE-2003-0494] password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id.
12799| [CVE-2003-0417] Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files via ".|." (modified dot-dot) sequences.
12800| [CVE-2003-0131] The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."
12801| [CVE-2002-2371] Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header.
12802| [CVE-2002-2221] Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639.
12803| [CVE-2002-2159] Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers go gain access.
12804| [CVE-2002-2137] GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.
12805| [CVE-2002-2049] configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system.
12806| [CVE-2002-1865] Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header.
12807| [CVE-2002-1650] The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspell_command parameter.
12808| [CVE-2002-1648] Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows remote attackers to send email as other users via an IMG URL with modified send_to and subject parameters.
12809| [CVE-2002-1472] Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs, allows local users to gain root privileges via a modified LD_PRELOAD environment variable that points to a malicious module.
12810| [CVE-2002-1417] Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.
12811| [CVE-2002-1412] Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
12812| [CVE-2002-1371] filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
12813| [CVE-2002-1312] Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.
12814| [CVE-2002-1245] Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
12815| [CVE-2002-1236] The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments.
12816| [CVE-2002-1224] Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to read arbitrary files as the kpf user via a URL with a modified icon parameter.
12817| [CVE-2002-1223] Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
12818| [CVE-2002-1211] Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.php, (2) install.php, or (3) various test_*.php scripts.
12819| [CVE-2002-1110] Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php.
12820| [CVE-2002-1019] The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp.
12821| [CVE-2002-0978] Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to upload or download arbitrary files to arbitrary locations via a man-in-the-middle attack with modified TGT and TGN parameters in a call to the "Persist" function.
12822| [CVE-2002-0893] Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.
12823| [CVE-2002-0787] Cross-site scripting vulnerabilities in iCon administrative web server for Critical Path inJoin Directory Server 4.0 allow remote attackers to execute script as the administrator via administrator URLs with modified (1) LOCID or (2) OC parameters.
12824| [CVE-2002-0784] Directory traversal vulnerability in Lysias Lidik web server 0.7b allows remote attackers to list directories via an HTTP request with a ... (modified dot dot).
12825| [CVE-2002-0765] sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
12826| [CVE-2002-0751] CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters.
12827| [CVE-2002-0640] Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).
12828| [CVE-2002-0639] Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
12829| [CVE-2002-0611] Directory traversal vulnerability in FileSeek.cgi allows remote attackers to read arbitrary files via a ....// (modified dot dot) in the (1) head or (2) foot parameters, which are not properly filtered.
12830| [CVE-2002-0460] Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of incomplete connections that are not properly terminated, which are not properly freed by SSHd.
12831| [CVE-2002-0426] VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys.
12832| [CVE-2002-0325] Directory traversal vulnerability in BadBlue before 1.6.1 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the URL.
12833| [CVE-2002-0261] Directory traversal vulnerability in InstantServers MiniPortal 1.1.5 and earlier allows remote authenticated users to read arbitrary files via a ... (modified dot dot) in the GET command.
12834| [CVE-2002-0204] Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command.
12835| [CVE-2002-0160] The administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to read HTML, Java class, and image files outside the web root via a ..\.. (modified ..) in the URL to port 2002.
12836| [CVE-2002-0109] Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query.
12837| [CVE-2002-0010] Bugzilla before 2.14.1 allows remote attackers to inject arbitrary SQL code and create files or gain privileges via (1) the sql parameter in buglist.cgi, (2) invalid field names from the "boolean chart" query in buglist.cgi, (3) the mybugslink parameter in userprefs.cgi, (4) a malformed bug ID in the buglist parameter in long_list.cgi, and (5) the value parameter in editusers.cgi, which allows groupset privileges to be modified by attackers with blessgroupset privileges.
12838| [CVE-2001-1581] The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-mail attachment filtering policies via a modified name in a Content-Type header.
12839| [CVE-2001-1471] prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be modified by the user and later used in an eval statement.
12840| [CVE-2001-1469] The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
12841| [CVE-2001-1401] Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi.
12842| [CVE-2001-1335] Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (such as anonymous) to read arbitrary files via a GET with a filename that contains a ...%5c (modified dot dot).
12843| [CVE-2001-1193] Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... (modified dot dot) in the CWD command.
12844| [CVE-2001-1168] Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers to read arbitrary files via a ..%2F (modified dot dot) in the chemin parameter.
12845| [CVE-2001-1131] Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.
12846| [CVE-2001-1117] LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm.
12847| [CVE-2001-1026] Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.
12848| [CVE-2001-0976] Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables.
12849| [CVE-2001-0963] Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.
12850| [CVE-2001-0784] Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
12851| [CVE-2001-0734] Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
12852| [CVE-2001-0553] SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.
12853| [CVE-2001-0514] SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network.
12854| [CVE-2001-0480] Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands.
12855| [CVE-2001-0471] SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
12856| [CVE-2001-0467] Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a \... (modified dot dot) in an HTTP URL request.
12857| [CVE-2001-0454] Directory traversal vulnerability in SlimServe HTTPd 1.1a allows remote attackers to read arbitrary files via a ... (modified dot dot) in the HTTP request.
12858| [CVE-2001-0364] SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections.
12859| [CVE-2001-0308] UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
12860| [CVE-2001-0205] Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack.
12861| [CVE-2001-0042] PHP 3.x (PHP3) on Apache 1.3.6 allows remote attackers to read arbitrary files via a modified .. (dot dot) attack containing "%5c" (encoded backslash) sequences.
12862| [CVE-2000-1138] Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.
12863| [CVE-2000-0992] Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
12864| [CVE-2000-0920] Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "."
12865| [CVE-2000-0784] sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.
12866| [CVE-2000-0775] Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers.
12867| [CVE-2000-0678] PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in the signed portion of a public certificate, which allows an attacker who can modify a victim's public certificate to decrypt any data that has been encrypted with the modified certificate.
12868| [CVE-2000-0664] AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots.
12869| [CVE-2000-0595] libedit searches for the .editrc file in the current directory instead of the user's home directory, which may allow local users to execute arbitrary commands by installing a modified .editrc in another directory.
12870| [CVE-2000-0359] Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.
12871| [CVE-2000-0288] Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable.
12872| [CVE-2000-0143] The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
12873| [CVE-2000-0094] procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr.
12874| [CVE-1999-1263] Metamail before 2.7-7.2 allows remote attackers to overwrite arbitrary files via an e-mail message containing a uuencoded attachment that specifies the full pathname for the file to be modified, which is processed by uuencode in Metamail scripts such as sun-audio-file.
12875| [CVE-1999-1232] Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program.
12876| [CVE-1999-1082] Directory traversal vulnerability in Jana proxy web server 1.40 allows remote attackers to ready arbitrary files via a "......" (modified dot dot) attack.
12877| [CVE-1999-1040] Vulnerabilities in (1) ipxchk and (2) ipxlink in NetWare Client 1.0 on IRIX 6.3 and 6.4 allows local users to gain root access via a modified IFS environmental variable.
12878| [CVE-1999-1029] SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.
12879| [CVE-1999-0820] FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands.
12880| [CVE-1999-0663] A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
12881| [CVE-1999-0248] A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
12882|
12883| SecurityFocus - https://www.securityfocus.com/bid/:
12884| [102212] Linksys WVBR0-25 CVE-2017-17411 Remote Command Injection Vulnerability
12885| [92974] Dropbear SSH CVE-2016-7406 Format String Vulnerability
12886| [92973] Dropbear SSH CVE-2016-7409 Information Disclosure Vulnerability
12887| [92972] Dropbear CVE-2016-7407 Local Code Execution Vulnerability
12888| [92970] Dropbear SSH CVE-2016-7408 Remote Code Execution Vulnerability
12889| [86952] Modified eCommerce Shopsoftware CVE-2016-3694 Multiple SQL Injection Vulnerabilities
12890| [85099] Linksys WRT54G Router CVE-2008-1265 Denial-Of-Service Vulnerability
12891| [85075] Linksys WRT54G Router CVE-2008-1264 Remote Security Vulnerability
12892| [85074] Linksys WRT54G Router CVE-2008-1263 Information Disclosure Vulnerability
12893| [84938] Linksys Wrh54g Router CVE-2008-2636 Denial-Of-Service Vulnerability
12894| [84819] Linksys Wrt350n CVE-2008-4296 Remote Security Vulnerability
12895| [84322] Dropbear SSH CVE-2016-3116 Security Bypass Vulnerability
12896| [79327] Freesshd CVE-2009-3340 Denial-Of-Service Vulnerability
12897| [78616] Linksys EA6100 and EA6300 Routers Unauthorized Access Vulnerability
12898| [73603] Linksys Firmware CVE-2010-2506 Cross-Site Scripting Vulnerability
12899| [72821] Dropbear SSH Multiple Local Security Bypass Vulnerabilities
12900| [70864] Multiple Linksys EA Series Routers CVE-2014-8244 Information Disclosure Vulnerability
12901| [70860] Multiple Linksys EA Series Routers CVE-2014-8243 Information Disclosure Vulnerability
12902| [70291] Linksys EA6500 CVE-2013-3065 HTML Injection Vulnerability
12903| [70287] Linksys EA6500 CVE-2013-3064 Open Redirection Vulnerability
12904| [65860] Linksys WRT120N 'fprintf()' Function Remote Stack Buffer Overflow Vulnerability
12905| [65585] Multiple Linksys Devices Multiple Remote Code Execution Vulnerabilities
12906| [65562] LXC 'sshd' Template Remote Privilege Escalation Vulnerability
12907| [63605] OpenSSH 'sshd' Process Remote Memory Corruption Vulnerability
12908| [62993] Dropbear SSH 'svr-auth.c' User Enumeration Weakness
12909| [62958] Dropbear SSH 'buf_decompress()' Function Denial of Service Vulnerability
12910| [62110] MikroTik RouterOS 'sshd' Component Multiple Heap Memory Corruption Vulnerabilities
12911| [61644] PuTTY Private Key 'putty/sshdss.c' Multiple Information Disclosure Vulnerabilities
12912| [61151] Linksys WRT110 Cross Site Request Forgery and Command Injection Vulnerabilities
12913| [60897] Multiple Cisco Linksys Products Security Bypass Vulnerability
12914| [60736] Cisco Linksys X3000 Router Multiple Security Vulnerabilities
12915| [59717] Cisco Linksys E4200 Router CVE-2013-2682 Clickjacking Vulnerability
12916| [59716] Cisco Linksys E4200 Router CVE-2013-2684 Cross Site Scripting Vulnerability
12917| [59715] Cisco Linksys E4200 Router CVE-2013-2679 Multiple Cross Site Scripting Vulnerabilities
12918| [59714] Cisco Linksys E4200 Router CVE-2013-2681 Security Bypass Vulnerability
12919| [59713] Cisco Linksys E4200 Router CVE-2013-2683 Information Disclosure Vulnerability
12920| [59712] Cisco Linksys E4200 Router CVE-2013-2680 Password Disclosure Vulnerability
12921| [59710] Cisco Linksys E4200 Router CVE-2013-2678 Local File Include Vulnerability
12922| [59558] Cisco Linksys E1200 N300 Router 'submit_button' Parameter Cross Site Scripting Vulnerability
12923| [59447] Cisco Linksys WRT310N Router CVE-2013-3067 Unspecified Cross Site Scripting Vulnerability
12924| [59445] Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities
12925| [59444] Cisco Linksys WRT310N Router CVE-2013-3068 Cross Site Request Forgery Vulnerability
12926| [59263] Cisco Linksys WRT54GL Router Cross Site Request Forgery Vulnerability
12927| [59054] Cisco Linksys EA2700 Router Multiple Security Vulnerabilities
12928| [57887] Cisco Linksys WRT160N Multiple Security Vulnerabilities
12929| [57879] Linksys WAG200G Multiple Security Vulnerabilities
12930| [57760] Cisco Linksys E1500/E2500 Router Multiple Security Vulnerabilities
12931| [57459] Cisco Linksys WRT54GL Router Multiple Security Vulnerabilities
12932| [57257] Cisco Linksys Routers Unauthenticated Root Access Security Vulnerability
12933| [56785] freeSSHd Authentication Mechanism Authentication Bypass Vulnerability
12934| [56356] Linksys WAP4400N SNMPv3 Component Unspecified Security Vulnerability
12935| [54615] Cisco Linksys WMB54G Remote Command Injection Vulnerability
12936| [54588] Cisco Linksys PlayerPT ActiveX Control 'SetSource()' Buffer Overflow Vulnerability
12937| [53427] Linksys WRT54GL Wireless Router Cross-Site Request Forgery Vulnerability
12938| [52159] Dropbear SSH Server Use After Free Remote Code Execution Vulnerability
12939| [52105] Linksys WAG54GS Wireless Router Cross-Site Request Forgery Vulnerability
12940| [46681] xtcModified Multiple HTML Injection and Cross Site Scripting Vulnerabilities
12941| [46571] Linksys WAG120N Wireless Router Cross-Site Request Forgery Vulnerability
12942| [46305] Linksys WAP610N Unauthenticated Root Access Security Vulnerability
12943| [45943] Linksys WRT54GC Remote Buffer Overflow Vulnerability
12944| [45658] Linksys BEFSR41 Multiple HTML Injection Vulnerabilities
12945| [42560] Serveez 'If-Modified-Since' Header Stack Buffer Overflow Vulnerability
12946| [41061] Linksys WAP54Gv3 Wireless Router 'debug.cgi' Cross-Site Scripting Vulnerability
12947| [40648] Linksys WAP54Gv3 Wireless Router Debug Credentials Security Bypass Vulnerability
12948| [38887] freeSSHd SSH2 Connection Data Remote Buffer Overflow Vulnerability
12949| [38487] ProSSHD 'scp_get()' Buffer Overflow Vulnerability
12950| [37116] Sun Solaris 'sshd(1M)' Timeout Mechanism Remote Denial Of Service Vulnerability
12951| [37017] Linksys WAP4400N Association Request Remote Denial of Service Vulnerability
12952| [36599] Linksys WRT54GC Router Cross-Site Request Forgery Vulnerability
12953| [36262] Linksys WRT54GL Unspecified Remote Buffer Overflow Vulnerability
12954| [36235] freeSSHd Pre Authentication Error Remote Denial of Service Vulnerability
12955| [35142] Linksys WAG54G2 Web Management Console Remote Arbitrary Shell Command Injection Vulnerability
12956| [34714] Linksys WVC54GCA Wireless-G Multiple Cross Site Scripting Vulnerabilities
12957| [34713] Linksys WVC54GCA Wireless-G 'adm/file.cgi' Multiple Directory Traversal Vulnerabilities
12958| [34629] Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure Vulnerability
12959| [34616] Linksys WRT54GC 'administration.cgi' Access Validation Vulnerability
12960| [34596] Linksys WVC54GCA Wireless-G 'SetupWizard.exe' Information Disclosure Vulnerability
12961| [34448] Linksys WRT160N Wireless Router Cross-Site Request Forgery Vulnerability
12962| [32972] freeSSHd SFTP Commands Multiple Remote Buffer Overflow Vulnerabilities
12963| [32949] Linksys Wireless-G ADSL Gateway WAG54GS V2.0 Remote Buffer Overflow Vulnerability
12964| [32666] Linksys WVC54GC Wireless-G Internet Video Camera Information Disclosure Vulnerability
12965| [32665] Linksys WVC54GC 'NetCamPlayerWeb11gv2.ocx' ActiveX Control Buffer Overflow Vulnerability
12966| [32496] Linksys WRT160N 'apply.cgi' Cross-Site Scripting Vulnerability
12967| [32274] Linksys WRT160N DHCP Client Table HTML Injection Vulnerability
12968| [31872] freeSSHd SFTP 'rename' Remote Buffer Overflow Vulnerability
12969| [31742] Linksys WAP4400N Marvell Wireless Chipset Driver Remote Denial of Service Vulnerability
12970| [29570] Linksys WRH54G Wireless-G Router Malformed HTTP Request Denial of Service Vulnerability
12971| [29453] freeSSHd SFTP 'opendir' Buffer Overflow Vulnerability
12972| [28414] Linksys SPA-2102 Phone Adapter Packet Handling Denial of Service Vulnerability
12973| [28381] Linksys WRT54G Wireless-G Router Multiple Remote Authentication Bypass Vulnerabilities
12974| [27845] freeSSHd 'SSH2_MSG_NEWKEYS' Packet Remote Denial of Service Vulnerability
12975| [25987] Linksys SPA941 SIP From Field HTML Injection Vulnerability
12976| [25772] iMatix Xitami If-Modified-Since Remote Buffer Overflow Vulnerability
12977| [24682] Linksys Wireless-G ADSL Gateway WAG54GS Setup.CGI Cross-Site Scripting Vulnerabilities
12978| [23857] LDAP Account Manager Modified Path Local Privilege Escalation Vulnerability
12979| [23695] AFFLIB LastModified Remote Buffer Overflow Vulnerability
12980| [23619] Linksys SPA941 \377 Character Denial of Service Vulnerability
12981| [23063] Linksys WAG200G DSL Router/Gateway Information Disclosure Vulnerability
12982| [22761] Dropbear Hostkey Mismatch Warning Weakness
12983| [21475] Linksys WIP330 PhoneCtrl.exe Denial Of Service Vulnerability
12984| [20415] Linksys WRT54GX V2.0 WAN Port UPnP Vulnerability
12985| [20346] Linksys SPA921 VoIP Phone HTTP Server Denial Of Service Vulnerabilities
12986| [19347] Linksys WRT54GS POST Request Configuration Change Authentication Bypass Vulnerability
12987| [17631] Linksys RT31P2 Remote Malformed SIP Packet Denial Of Service Vulnerabilities
12988| [17024] Dropbear Remote Denial Of Service Vulnerability
12989| [16307] Linksys BEFVP41 IP Options Remote Denial Of Service Vulnerability
12990| [15923] Dropbear SSH Server Remote Buffer Overflow Vulnerability
12991| [15861] Multiple Linksys Routers LanD Packet Denial Of Service Vulnerability
12992| [14822] Linksys WRT54G Wireless Router Multiple Remote Vulnerabilities
12993| [14566] Linksys WRT54GS Wireless Authentication Bypass Vulnerability
12994| [14407] Linksys WRT54G Wireless Router Default SSL Certificate and Private Key Vulnerability
12995| [13051] Linksys WET11 Password Update Remote Authentication Bypass Vulnerability
12996| [12443] Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial Of Service
12997| [10803] Dropbear SSH Server Digital Signature Standard Unspecified Authentication Vulnerability
12998| [10533] Linksys Web Camera Software Next_file Parameter Cross-Site Scripting Vulnerability
12999| [10476] Linksys Web Camera Software Next_file Parameter File Disclosure Vulnerability
13000| [10453] Multiple Linksys Routers Gozila.CGI Denial Of Service Vulnerabilities
13001| [10441] Linksys WRT54G Router World Accessible Remote Administration Service Weakness
13002| [10384] CVS Malformed Entry Modified and Unchanged Flag Insertion Heap Overflow Vulnerability
13003| [10329] Multiple Linksys Devices DHCP Information Disclosure and Denial of Service Vulnerability
13004| [9688] Linksys WAP55AG SNMP Community String Insecure Configuration Vulnerability
13005| [9152] Linksys WRT54G Router Blank HTTP GET Request Denial Of Service Vulnerability
13006| [8834] Linksys BEFSX41 EtherFast Router Log Viewer Denial Of Service Vulnerability
13007| [8439] Dropbear SSH Server Username Format String Vulnerability
13008| [7317] Linksys BEFVP4 SNMP Community String Information Disclosure Vulnerability
13009| [6304] Multiple Linksys Devices Heap Corruption Denial Of Service
13010| [6303] Multiple Linksys Devices strcat() Buffer Overflow Vulnerability
13011| [6301] Multiple Linksys Devices GET Request Buffer Overflow Vulnerability
13012| [6208] Multiple Linksys Devices Password Field Buffer Overflow Vulnerability
13013| [6201] Linksys Router Unauthorized Management Access Vulnerability
13014| [6086] Linksys BEFSR41 Gozila.CGI Denial Of Service Vulnerability
13015| [6046] Linksys WET11 Denial Of Service Vulnerability
13016| [4803] OpenBSD sshd BSD Authentication Implementation Error Vulnerability
13017| [4300] BitVise WinSSHD Numerous Connections DoS Vulnerability
13018| [4250] Linksys BEFVP41 Key Truncation Encryption Weakening Vulnerability
13019| [3797] Linksys DSL Router Default SNMP Community String Vulnerability
13020| [3795] Linksys DSL Router SNMP Trap System Arbitrary Sending Vulnerability
13021| [3494] SSHD CPU utilization bug
13022| [3141] LinkSys EtherFast Router Password HTML Source Revealing Vulnerability
13023| [797] Sshd RSAREF Buffer Overflow Vulnerability
13024| [233] NT Pass the Hash with Modified SMB Client Vulnerability
13025|
13026| IBM X-Force - https://exchange.xforce.ibmcloud.com:
13027| [86268] PuTTY putty/sshdss.c information disclosure
13028| [85642] Cisco Linksys WRT110 CVE-2013-3568 cross-site request forgery
13029| [85519] Linksys lighttpd security bypass
13030| [85187] Cisco Linksys X3000 Router apply.cgi command execution
13031| [85186] Cisco Linksys X3000 Router apply.cgi cross-site scripting
13032| [84988] Linksys E1200 N300 Router cross-site scripting
13033| [84073] Cisco Linksys E4200 information disclosure
13034| [84072] Cisco Linksys E4200 file include
13035| [84071] Cisco Linksys E4200 clickjacking
13036| [84070] Cisco Linksys E4200 cross-site scripting
13037| [84069] Cisco Linksys E4200 cross-site scripting
13038| [84068] Cisco Linksys E4200 security bypass
13039| [84067] Cisco Linksys E4200 information disclosure
13040| [83922] Cisco Linksys E1200 N300 router submit_button cross-site scripting
13041| [83758] Cisco Linksys WRT310N cross-site scripting
13042| [83757] Cisco Linksys WRT310N apply.cgi cross-site request forgery
13043| [83756] Cisco Linksys WRT310N denial of service
13044| [83630] Cisco Linksys WRT54GL Upgrade firmware page cross-site request forgery
13045| [83410] Cisco Linksys EA2700 routers cross-site request forgery
13046| [83409] Cisco Linksys EA2700 routers cross-site scripting
13047| [83408] Cisco Linksys EA2700 routers security bypass
13048| [83167] Linksys apply.cgi command execution
13049| [82004] Linksys WRT160N http_passwd cross-site request forgery
13050| [82003] Linksys WRT160N multiple cross-site scripting
13051| [82002] Linksys WRT160N next_page directory traversal
13052| [82001] Linksys WRT160N ping_size command execution
13053| [82000] Linksys WAG200G policy_name cross-site scripting
13054| [81999] Linksys WAG200G security bypass
13055| [81998] Linksys WAG200G timer_interval command execution
13056| [81885] Linksys submit_button parameter redirection
13057| [81884] Linksys wait_time parameter cross-site scripting
13058| [81883] Linksys change password cross-site request forgery
13059| [81882] Linksys change password security bypass
13060| [81881] Linksys next_page parameter directory traversal
13061| [81880] Linksys ping_size parameter command execution
13062| [81407] Cisco Linksys routers code execution
13063| [81387] Cisco Linksys WRT54GL f_name cross-site scripting
13064| [81386] Cisco Linksys WRT54GL submit_button cross-site scripting
13065| [81385] Cisco Linksys WRT54GL password cross-site request forgery
13066| [81384] Cisco Linksys WRT54GL command execution
13067| [80476] FreeSSHd security bypass
13068| [77096] Cisco Linksys WMB54G TFTP command execution
13069| [77085] Cisco Linksys PlayerPT ActiveX control buffer overflow
13070| [75475] Cisco Linksys WRT54GL password cross-site request forgery
13071| [74224] Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX control buffer overflow
13072| [73444] Dropbear SSH Server code execution
13073| [73345] Cisco Linksys WAG54GS cross-site request forgery
13074| [71964] FreeSSHd packet denial of service
13075| [71910] Mozilla Firefox, Thunderbird, and SeaMonkey DOMAttrModified code execution
13076| [71440] Cisco Linksys WRT54G UPnP security bypass
13077| [71439] Cisco Linksys WRT54GX UPnP security bypass
13078| [67057] Linksys BEFSR41 multiple cross-site scripting
13079| [65906] xtcModified customers.php and configuration.php cross-site request forgery
13080| [65905] xtcModified categories.php and orders.php cross-site scripting
13081| [65717] Cisco Linksys Wag120N cross-site request forgery
13082| [65340] Cisco Linksys Wireless-N Access Point WET610N privilege escalation
13083| [64850] Linksys WRT54GC interface buffer overflow
13084| [63676] Linksys WRT54G2 and BEFSR41 routers cross-site request forgery
13085| [61486] Novell Netware SSHD.NLM and SFTP-SVR.NLM buffer overflow
13086| [59699] Linksys WAP54Gv3 debug.cgi cross-site scripting
13087| [59286] Linksys WAP54Gv3 debug scripts command execution
13088| [56626] ProSSHD scp_get() buffer overflow
13089| [54401] Sun Solaris sshd(1M) denial of service
13090| [54271] Linksys WAP4400N association requests denial of service
13091| [53656] Linksys WRT54GC diagnostics.cgi cross-site request forgery
13092| [53611] FreeSSHd string denial of service
13093| [53610] Linksys WRT54GL unspecified buffer overflow
13094| [53004] Kyocera Mita Scanner File Utility modified program file upload
13095| [52434] freeSSHd open buffer overflow
13096| [52360] Serveez If-Modified-Since buffer overflow
13097| [50845] Linksys WAG54G2 router unspecified command execution
13098| [50518] Linksys WVC54GCA this_file directory traversal
13099| [50410] Linksys WVC54GCA pass_wd.htm and Wsecurity.htm information disclosure
13100| [50231] Linksys WVC54GCA /adm/file.cgi directory traversal
13101| [50224] Linksys WVC54GCA next_file cross-site scripting
13102| [50099] Linksys WRT54GC cross-site request forgery
13103| [50097] Linksys WVC54GCA /img/main.cgi password dislcosure
13104| [50070] Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera SetupWizard.exe information disclosure
13105| [49775] Linksys WRT160N unspecified cross-site request forgery
13106| [48568] RealNetworks RealPlayer IVR modified field code execution
13107| [47746] Linksys WRT160N DHCP client cross-site scripting
13108| [47547] Linksys WAG54GS Wireless-G ADSL Gateway httpd buffer overflow
13109| [47142] Linksys WVC54GC packet information disclosure
13110| [47139] Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX control buffer overflow
13111| [46980] Linksys WRT160N apply.cgi cross-site scripting
13112| [46046] freeSSHd rename and realpath parameters buffer overflow
13113| [45842] Linksys WAP4400N unspecified
13114| [45841] Linksys WAP4400N request denial of service
13115| [45588] Cisco Linksys WRT350N admin default password
13116| [44279] OpenSSH sshd weak security
13117| [44037] OpenSSH sshd SELinux role unauthorized access
13118| [42890] Cisco Linksys WRH54G router HTTP denial of service
13119| [42764] freeSSHd SFTP buffer overflow
13120| [41935] Blackboard Academic Suite modified client information disclosure
13121| [41438] OpenSSH sshd session hijacking
13122| [41436] Linksys SPA2102 Phone Adapter ping denial of service
13123| [41270] Linksys WAG54GS Wireless-G ADSL Gateway setup.cgi cross-site scripting
13124| [41269] Linksys WAG54GS Wireless-G ADSL Gateway setup.cgi cross-site request forgery
13125| [41268] Linksys WAG54GS Wireless-G ADSL Gateway default admin account
13126| [41127] Linksys WRT54G FTP interface denial of service
13127| [41126] Linksys WRT54G router FTP default password
13128| [41121] Linksys WRT300N router dyndns_domain parameter cross-site scripting
13129| [41119] Linksys WRT54G 7 router FTP server security bypass
13130| [41118] Linksys WRT54g router security bypass
13131| [41115] Linksys WRT54GL router Config.bin information disclosure
13132| [40612] FreeSSHd SSH server denial of service
13133| [39502] Linksys WRT54GL apply.cgi cross-site request forgery
13134| [39354] FortressSSH sshd.exe denial of service
13135| [37199] DenyHosts sshd log files denial of service
13136| [37022] Linksys SPA941 VoIP Phone firmware SIP cross-site scripting
13137| [35125] Linksys WAG54GS Wireless-G ADSL Gateway with SpeedBooster router HTTP interface cross-site request forgery
13138| [35123] Linksys WAG54GS Wireless-G ADSL Gateway with SpeedBooster multiple parameters cross-site scripting
13139| [34122] FIM file realtime modified
13140| [34096] FIM file modified
13141| [33856] Linksys SPA941 VoIP Phone SIP denial of service
13142| [33251] Linksys WAG200G UDP packet information disclosure
13143| [32762] Dropbear SSH client hostkey mismatch weak security
13144| [30771] Linksys WIP 330 PhoneCtrl.exe denial of service
13145| [29349] Linksys SPA921 long username denial of service
13146| [28237] Linksys WRT54g authentication bypass
13147| [26707] Linksys WRT54G UPnP AddPortMapping security bypass
13148| [25915] Linksys RT31P2 SIP message denial of service
13149| [25075] Dropbear SSH Server connection denial of service
13150| [24834] ICQ modified file properties code execution
13151| [24125] Linksys EtherFast null length IP option denial of service
13152| [24068] Hummingbird Enterprise - Collaboration modified file name downloading
13153| [23672] Dropbear SSH Server svr-chansession.c buffer overflow
13154| [22267] Linksys WRT54G and WRT54GS ezconfig.asp handler router modification
13155| [22259] Linksys WRT54G and WRT54GS apply.cgi handler buffer overflow
13156| [22255] Linksys WRT54G and WRT54GS restore and upgrade router modification
13157| [22253] Linksys WRT54G and WRT54GS management interface POST method handlers denial of service
13158| [21915] Linksys WRT54GS bypass security
13159| [21780] Linksys WLAN Monitor allows attacker elevated privileges
13160| [21635] Linksys WRT54G wireless router allows attacker to decrypt management session
13161| [20930] OpenSSH sshd.c LoginGraceTime denial of service
13162| [20008] Linksys WET11 security bypass
13163| [19222] Linksys PSUS4 HTTP POST denial of service
13164| [17749] SalesLogix modified cookie could allow administrative access
13165| [17275] Site News allows messages to be added or modified
13166| [17217] MailWorks modified cookies could allow administrative access
13167| [16810] Dropbear DSS verification code execution
13168| [16460] Linksys BEFSR41 connection denial of service
13169| [16415] Linksys Web Camera main.cgi cross-site scripting
13170| [16339] Linksys Web Camera file include
13171| [16305] Linksys DomainName buffer overflow
13172| [16302] Linksys Gozila.cgi denial of service
13173| [16300] Linksys BEFSR41 remote administration function security bypass
13174| [16274] Linksys WRT54G remote administration function security bypass
13175| [16142] Linksys EtherFast routers BOOTP packet denial of service
13176| [15257] Linksys WAP55AG SNMP strings disclosure
13177| [13900] Linksys WRT54G wireless router blank GET request denial of service
13178| [13436] Linksys EtherFast Log_Page_Num denial of service BEFSX41
13179| [13135] KokeshCMS edit.php script allows content to be modified without authentication
13180| [12927] Dropbear login using format specifier causes format string
13181| [11781] Linksys WAP11 transmits administrator`s password in plain text
13182| [11775] Linksys default SNMP community string
13183| [10793] Linksys EtherFast Web management interface multiple heap buffer overflows
13184| [10792] Linksys EtherFast Web management interface multiple stack buffer overflows
13185| [10654] Linksys EtherFast long password denial of service
13186| [10651] Linksys client-supplied XML data could be used to gain administrative access
13187| [10514] Linksys EtherFast gozila.cgi remote management interface denial of service
13188| [10472] Linksys WET11 spoofed Ethernet frame denial of service
13189| [9330] Linksys EtherFast routers enable remote administration upon firmware upgrade
13190| [9215] OpenBSD sshd authentication error on systems using YP with netgroups could allow unauthorized access
13191| [9156] mcNews modified cookies could allow administrative access
13192| [8470] WinSSHD incomplete connections denial of service
13193| [8397] Linksys EtherFast BEFVP41 Cable/DSL VPN Router weak key encryption
13194| [7827] Linksys EtherFast routers default SNMP community string information leak
13195| [7049] PhpMyExplorer modified "
13196| [7035] PHProjekt modified ID numbers can be used to used to manipulate other user`s files
13197| [6949] Linksys EtherFast routers could reveal passwords in HTML source of administrative interface
13198| [6005] AOL Instant Messenger execution of code in modified images
13199| [4852] thttpd If-Modified-Since header buffer overflow
13200| [4813] Security enabled universal group membership modified - member removed
13201| [4812] Security enabled universal group membership modified - member added
13202| [4808] Universal distribution group membership modified - member removed
13203| [4807] Universal distribution group membership modified - member added
13204| [4801] Local distribution group membership modified - member removed
13205| [4800] Local distribution group membership modified - member added
13206| [4797] Global distribution group membership modified - member added
13207| [4794] Global distribution group membership modified - member removed
13208| [4706] Mindstorm Networks SmartFTP allows modified configuration files to be uploaded and used
13209| [2680] Modified teardrop denial of service
13210| [2248] Citrix Winframe client under Unix could expose sensitive configuration information or allow it to be modified
13211| [1657] Wrappers have been modified by an intruder and contain a Trojan horse
13212| [1601] Executable, system file, or other file modified
13213| [1557] User account modified
13214| [1554] Local group membership modified - user removed
13215| [1552] Local group membership modified - user added
13216| [1535] Local group access or privileges modified
13217| [1529] Global group membership modified - user removed
13218| [1528] Global group membership modified - user added
13219| [1526] Global group access or privileges modified
13220| [1249] Sshd version 1.2.23 obsolete
13221| [343] Modified teardrop denial of service
13222| [316] Sshd advertises information
13223| [314] Sshd version 1.2.17 obsolete
13224| [103] RIP tables modified
13225|
13226| Exploit-DB - https://www.exploit-db.com:
13227| [30650] Linksys SPA941 SIP From Field HTML Injection Vulnerability
13228| [30254] Linksys Wireless-G ADSL Gateway WAG54GS 1.0.6 Setup.CGI Cross-Site Scripting Vulnerabilities
13229| [28856] Linksys WRT110 Remote Command Execution
13230| [28484] Linksys WRT110 Remote Command Execution
13231| [28056] Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption
13232| [26825] Multiple Linksys Routers LanD Packet Denial of Service Vulnerability
13233| [26415] Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities
13234| [25608] Linksys WRT160nv2 - apply.cgi Remote Command Injection
13235| [25359] Linksys WET11 Password Update Remote Authentication Bypass Vulnerability
13236| [25292] Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
13237| [25082] Linksys PSUS4 PrintServer Malformed HTTP POST Request Denial of Service
13238| [24945] Linksys WRT54GL apply.cgi Command Execution
13239| [24936] Linksys E1500/E2500 apply.cgi Remote Command Injection
13240| [24478] Linksys WRT160N - Multiple Vulnerabilities
13241| [24476] Linksys WAG200G - Multiple Vulnerabilities
13242| [24475] Linksys E1500/E2500 - Multiple Vulnerabilities
13243| [24202] linksys wrt54gl firmware 4.30.15 build 2 - Multiple Vulnerabilities
13244| [24197] Linksys Web Camera Software 2.10 Next_file Parameter Cross-Site Scripting Vulnerability
13245| [24175] Linksys Web Camera Software 2.10 Next_file Parameter File Disclosure Vulnerability
13246| [24133] Freesshd Authentication Bypass
13247| [24115] Multiple Linksys Devices DHCP Information Disclosure
13248| [23721] Linksys WAP55AG 1.0.7 SNMP Community String Insecure Configuration Vulnerability
13249| [23080] FreeSSHD Remote Authentication Bypass Zeroday Exploit
13250| [22480] Linksys BEFVP4 SNMP Community String Information Disclosure Vulnerability
13251| [22062] Linksys Devices 1.42/1.43 GET Request Buffer Overflow Vulnerability
13252| [21978] Linksys WAP11 1.3/1.4,D-Link DI-804 4.68/Dl-704 2.56 b5 Embedded HTTP Server DoS Vulnerability
13253| [21975] Linksys BEFSR41 1.4x Gozila.CGI Denial of Service Vulnerability
13254| [20202] Cisco Linksys PlayerPT ActiveX Control SetSource sURL argument Buffer Overflow
13255| [20112] Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
13256| [19197] "Microsoft Windows NT <= 4.0 SP5,Terminal Server 4.0 ""Pass the Hash"" with Modified SMB Client Vulnerability"
13257| [18641] Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability
13258| [18503] Cisco Linksys WAG54GS CSRF Change Admin Password
13259| [18268] FreeSSHd Crash PoC
13260| [16854] Linksys WRT54 Access Point apply.cgi Buffer Overflow
13261| [16753] Xitami 2.5c2 Web Server If-Modified-Since Overflow
13262| [16461] FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow
13263| [16252] Linksys Cisco WAG120N CSRF Vulnerability
13264| [16149] Linksys WAP610N Unauthenticated Root Access Security Vulnerability
13265| [15675] Multiple Linksys Router CSRF Vulnerabilities
13266| [13299] linux/mips (Linksys WRT54G/GL) execve shellcode 60 bytes
13267| [13298] linux/mips (Linksys WRT54G/GL) port bind shellcode 276 bytes
13268| [12495] ProSSHD 1.2 - Remote Post-Auth Exploit (ASLR and DEP bypass)
13269| [11842] FreeSSHD 1.2.4 - Remote Buffer Overflow DoS
13270| [11618] ProSSHD 1.2 20090726 - Buffer Overflow Exploit
13271| [10028] Linksys WRT54G < 4.20.7 , WRT54GS < 1.05.2 apply.cgi Buffer Overflow
13272| [8833] Linksys WAG54G2 Web Management Console Arbitrary Command Exec
13273| [8295] FreeSSHd 1.2.1 (rename) Remote Buffer Overflow Exploit (SEH)
13274| [7535] Linksys Wireless ADSL Router (WAG54G V.2) httpd DoS Exploit
13275| [6812] freeSSHd 1.2.1 sftp realpath Remote Buffer Overflow PoC (auth)
13276| [6800] freeSSHd 1.2.1 sftp rename Remote Buffer Overflow PoC (auth)
13277| [5926] Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities (2)
13278| [5751] freeSSHd 1.2.1 (Post Auth) Remote SEH Overflow Exploit
13279| [5709] freeSSHd 1.2.1 - Remote Stack Overflow PoC (auth)
13280| [5313] Linksys WRT54G (firmware 1.00.9) - Security Bypass Vulnerabilities
13281| [4450] Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)
13282| [3792] Linksys SPA941 (remote reboot) Remote Denial of Service Exploit
13283| [3791] Linksys SPA941 \377 character Remote Denial of Service Exploit
13284| [1787] freeSSHd <= 1.0.9 Key Exchange Algorithm Buffer Overflow Exploit
13285| [1572] Dropbear / OpenSSH Server (MAX_UNAUTH_CLIENTS) Denial of Service
13286| [387] Dropbear SSH <= 0.34 Remote Root Exploit
13287|
13288| OpenVAS (Nessus) - http://www.openvas.org:
13289| [902803] FreeSSHd Remote Denial of Service Vulnerability
13290| [902779] Mozilla Products DOMAttrModified Memory Corruption Vulnerability (MAC OS X)
13291| [902774] Mozilla Products DOMAttrModified Memory Corruption Vulnerability (Windows)
13292| [902488] OpenSSH 'sshd' GSSAPI Credential Disclosure Vulnerability
13293| [900960] freeSSHd Pre-Authentication Error Remote DoS Vulnerability
13294| [900959] freeSSHd Version Detection
13295| [900165] freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
13296| [864567] Fedora Update for dropbear FEDORA-2012-10934
13297| [855776] Solaris Update for sshd 141742-04
13298| [855759] Solaris Update for sshd 140119-11
13299| [855653] Solaris Update for sshd 141742-02
13300| [855648] Solaris Update for sshd 140119-09
13301| [855646] Solaris Update for sshd 140119-07
13302| [855380] Solaris Update for sshd 140119-06
13303| [802407] OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
13304| [802025] Xitami Web Server If-Modified-Since Buffer Overflow Vulnerability
13305| [200012] FreeSSHD Key Exchange Buffer Overflow
13306| [103080] Linksys WAP610N Unauthenticated Root Access Security Vulnerability
13307| [100547] freeSSHd SSH2 Connection Data Remote Buffer Overflow Vulnerability
13308| [100289] CVS Malformed Entry Modified and Unchanged Flag Insertion Heap Overflow Vulnerability
13309| [80070] Default password (admin) for Linksys Router
13310| [71162] FreeBSD Ports: dropbear
13311| [56070] Gentoo Security Advisory GLSA 200512-13 (dropbear)
13312| [56051] Debian Security Advisory DSA 923-1 (dropbear)
13313| [20096] Linksys multiple remote vulnerabilities
13314| [13636] Linksys Wireless Internet Camera File Disclosure
13315| [11941] Linksys WRT54G DoS
13316| [11891] LinkSys EtherFast Router Denial of Service Attack
13317| [11773] Linksys Gozila CGI denial of service
13318| [11215] Flaw in SMB Signing Could Enable Group Policy to be Modified (329170)
13319| [10999] Linksys Router Default Password
13320|
13321| SecurityTracker - https://www.securitytracker.com:
13322| [1027969] Linksys Router Unspecified Flaw Lets Remote Users Execute Arbitrary Code
13323| [1027826] freeSSHd Bug Lets Remote Users Gain Access to the Target System
13324| [1026743] Dropbear SSH Server Use-After-Free Lets Remote Authenticated Users Execute Arbitrary Code
13325| [1026094] Ubuntu apt apt-key Key Verification Flaw Lets Certain Remote Users Install Modified Packages
13326| [1024167] Cisco Content Services Switch HTTP and ClientCert Headers Can Be Spoofed or Modified By Remote USers
13327| [1023828] Adobe Reader and Acrobat '/launch' Command Warning Dialog Message Can Be Modified By Remote Users
13328| [1023235] Solaris sshd Timeout Mechanism Lets Remote Users Deny Service
13329| [1022827] Linksys WRT54GL Router Buffer Overflow Lets Remote Users Execute Arbitrary Code
13330| [1022811] freeSSHd Unspecified Flaw Lets Remote Users Deny Service
13331| [1022718] Apple Safari Top Sites View Can Be Modified By Remote Users
13332| [1022305] Linksys WAG54G2 Router Lets Remote Authenticated Users Execute Shell Commands
13333| [1021096] freeSSHd Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
13334| [1020237] Linksys WRH54G Router Management Interface Can Be Crashed By Remote Users
13335| [1020212] freeSSHd Stack Overflow in Processing Directory Name Lets Remote Users Execute Arbitrary Code
13336| [1019443] WebLogic Servlets May Grant Access to Remote Users Based on Modified HTTP Request Header Values
13337| [1019094] Websense Enterprise Lets Remote Users Bypass Web Filtering With Modified User-Agent Values
13338| [1017957] Linksys SPA941 Phone Can Be Crashed By Remote Users
13339| [1017722] Novell Access Manager SSL VPN 'policy.txt' File Can By Modified By Remote Authenticated Users to Bypass VPN Network Access Controls
13340| [1017416] Mozilla Firefox IMG SRC Tag Can Be Modified to Bypass Cross-Site Scripting Protections
13341| [1017415] Mozilla Thunderbird IMG SRC Tag Can Be Modified to Bypass Cross-Site Scripting Protections
13342| [1017414] Mozilla Seamonkey IMG SRC Tag Can Be Modified to Bypass Cross-Site Scripting Protections
13343| [1016638] Linksys WRT54g Router Lets Remote Users Modify the Configuration
13344| [1016401] F-Secure Anti-Virus May Not Scan Files With Modified Filenames
13345| [1016400] F-Secure Internet Security May Not Scan Files With Modified Filenames
13346| [1016134] Linksys WRT54GS UPnP Bug Lets Remote Internal Users Cause Packets to Be Forwarded to External Systems
13347| [1015742] Dropbear SSH Server Authorization-Pending Limit Lets Remote Users Deny Service
13348| [1015490] Linksys BEFVP41 VPN Router Can Be Crashed By Remote Users
13349| [1015027] Symantec AntiVirus May Fail to Detect Viruses in Modified Archives
13350| [1015026] Computer Associates eTrust Antivirus May Fail to Detect Viruses in Modified Archives
13351| [1015025] Sophos Anti-Virus May Fail to Detect Viruses in Modified Archives
13352| [1015024] Kaspersky Anti-Virus May Fail to Detect Viruses in Modified Archives
13353| [1015023] Clam VirusScan May Fail to Detect Viruses in Modified Archives
13354| [1015022] McAfee VirusScan May Fail to Detect Viruses in Modified Archives
13355| [1014894] Linksys WRT54G Router Administration Interface Bugs Let Remote Users Modify the Configuration, Execute Arbitrary Code, or Deny Service
13356| [1014721] Linksys WRT54GS Lets Remote Users Bypass WPA Wireless Encryption
13357| [1014666] Linksys WLAN Monitor Allows Local Users to Gain Elevated Privileges
13358| [1014596] Linksys WRT54G Common SSL Certificate and Private Key Lets Remote Users Decrypt Management Sessions
13359| [1010785] Dropbear SSH Server DSS Verification Memory Error May Let Remote Users Execute Arbitrary Code
13360| [1010552] Linksys BEFSR41 Lets Remote Users Deny Administrative Access
13361| [1010489] Linksys Video Camera Input Validation Hole Permits Cross-Site Scripting Attacks
13362| [1010424] Linksys Video Camera Discloses Host Files to Remote Users
13363| [1010382] Linksys Routers Can Be Crashed With Specially Crafted sysPasswd and sysPasswdConfirm or DomainName Values
13364| [1010357] Linksys BEFSR41 EtherFast Router Lets Remote Users Access the Administration Page Even When Remote Administration is Disabled
13365| [1010350] Linksys WRT54G Lets Remote Users Access the Administration Page Even When Remote Administration is Disabled
13366| [1010288] Linksys Routers May Disclose Kernel Memory Contents in Response to BOOTP Packets
13367| [1009708] Sun Solaris sshd May Fail to Log SSH Client IP Addresses
13368| [1009523] Linksys WAP55AG Discloses Private SNMP Strings to Remote Users
13369| [1007930] Linksys BEFSX41 Can Be Crashed With a Long Log_Page_Num Admin Interface Parameter
13370| [1007523] Dropbear SSH Server Format String Flaw Lets Remote Users Execute Arbitrary Code
13371| [1006568] Linksys WAP11 Wireless Access Point Transmits Administrator Password in Clear Text
13372| [1006559] Linksys BEFVP41 VPN Router Discloses Internal Host Information to Remote Users
13373| [1005744] Linksys BEFW11S4 Wireless Router Buffer Overflows and Parsing Bugs Let Remote Users Take Full Control of the Router
13374| [1005661] Linksys Cable/DSL Routers Can Be Crashed By Remote Users Sending Long Password Strings
13375| [1005655] Linksys Router Web Management Access Flaw Gives Remote Users Administrative Access to the Device
13376| [1005509] Linksys BEFSR41 EtherFast Cable/DSL Router Can Be Crashed By Remote Users Via the Web Management Port
13377| [1005484] Linksys WET11 Wireless Ethernet Bridge Can Be Crashed By Remote Users
13378| [1005246] Microsoft Remote Desktop Protocol (RDP) Design Flaw May Disclose Information About the Unencrypted Data to Remote Users and May Let Data Be Modified During Transmission
13379| [1005242] Microsoft Windows XP Remote Desktop Can Be Crashed By Remote Users Sending a Modified RDP Packet
13380| [1004604] Linksys EtherFast Cable/DSL Routers May Allow Remote Administration Even When This Feature is Disabled
13381| [1003840] Bitvise WinSSHD Protocol State Error Allows Remote Users to Cause the Secure Shell Server to Stop Accepting Incoming Connections
13382| [1003792] Linksys Cable/DSL VPN Router Uses Weak IPSec Encryption Keys
13383| [1003136] Linksys Cable/DSL Routers Disclose Information to Remote Users via SNMP Traps
13384| [1003065] ELSA Lancom Router Discloses the Administrator Password to Remote Users, Allowing Them to Change the Router's Configuration and Upload Modified Firmware
13385| [1003035] Linksys Wireless Access Point SNMP Port Can Be Locked Out By Remote Users
13386| [1002748] OpenSSH 3.0 Denial of Service Condition May Allow Remote Users to Crash the sshd Daemon and KerberosV Configuration Error May Allow Remote Users to Partially Authenticate When Authentication Should Not Be Permitted
13387| [1002615] Webmin Creates Insecure Temporary Files That Can Be Modified By Local Users to Cause Webmin to Execute Arbitrary Commands with Root Level Privileges
13388| [1002140] Linksys EtherFast Router Discloses Usernames and Passwords Via the Network
13389| [1001796] Linksys Instant Network Wireless Access Point Does Not Restrict SNMP Access, Allowing Remote Users to Control the Device
13390|
13391| OSVDB - http://www.osvdb.org:
13392| [96153] Cisco Linksys WRT54GL Wireless Router SSL/TLS Renegotiation Unspecified Issue
13393| [96152] Cisco Linksys WRT610N Simultaneous Dual-N Band Wireless Router DNS Unspecified Issue
13394| [96151] Cisco Linksys WRT610N Simultaneous Dual-N Band Wireless Router Unspecified Issues
13395| [96150] Cisco Linksys WRT54GS Wireless-G BroadBand Router UPnP Unspecified Issue
13396| [95970] PuTTY sshrsa.c / sshdss.c getstring() Function SSH Handshake Message Length Handling Multiple Remote Integer Overflows
13397| [95935] Cisco Linksys WVC80N / WVC54GCA img/snapshot.cgi Query String Handling Remote Buffer Overflow
13398| [95760] Cisco Linksys WRT54G Router Unspecified XSS
13399| [95759] Cisco Linksys WRT54G Router UPnP Unspecified Issue
13400| [95755] Cisco Linksys WRT100 / WRT110 DNS Cache Unspecified Issue
13401| [95754] Cisco Linksys WRT54G UPnP Unspecified DoS
13402| [95752] Cisco Linksys WRT350N Router dyndns_domain Parameter XSS
13403| [95751] Cisco Linksys WRT350N Router Invalid Atheros Vendor IE Handling DUT DoS
13404| [95748] Cisco Linksys Multiple Routers DNS Unspecified Issue
13405| [95747] Cisco Linksys WRT310N Wireless-N Gigabit Router Invalid DHCP Message Handling Unspecified Issue
13406| [95746] Cisco Linksys WRT54G Router Linux Kernel Unspecified Issue
13407| [95745] Cisco Linksys WRT54G Router UPnP Unspecified Issue
13408| [95735] Cisco Linksys Multiple BEFSR EtherFast Cable/DSL Routers CGI String Handling Unspecified Issue
13409| [95734] Cisco Linksys BEFSR41 EtherFast Cable/DSL Router Unspecified URL Commands Issue
13410| [95732] Cisco Linksys Multiple BEFSR EtherFast Cable/DSL Routers CGI Script XML Extension Handling Authentication Bypass
13411| [95731] Cisco Linksys Multiple BEFSR EtherFast Cable/DSL Routers Multicast Handling DoS
13412| [95678] Cisco Linksys WET610N / WES610N Remote Management Unspecified Authentication Bypass
13413| [95186] Cisco Linksys WRT110 Ping Target Manipulation Arbitrary Command Execution CSRF
13414| [94917] FFmpeg / Libav libavcodec/sonic.c modified_levinson_durbin Function Off-by-one Out-of-array Access Issue
13415| [94768] Cisco Linksys Multiple Router Unspecified Unauthenticated Remote Administration Access
13416| [94518] Cisco Linksys X3000 /apply.cgi Multiple Parameter Arbitrary Command Execution
13417| [94517] Cisco Linksys X3000 /apply.cgi Multiple Parameter XSS
13418| [93065] Cisco Linksys E4200 Missing HTML Charset Specification XSS
13419| [93064] Cisco Linksys E4200 Cleartext Password Disclosure
13420| [93063] Cisco Linksys E4200 Password Field Autocomplete Weakness
13421| [93062] Cisco Linksys E4200 Unspecified Private IP Address Disclosure
13422| [93061] Cisco Linksys E4200 Unspecified Clickjacking Issue
13423| [93060] Cisco Linksys E4200 /apply.cgi Multiple Parameter XSS
13424| [93059] Cisco Linksys E4200 /storage/apply.cgi new_group Parameter XSS
13425| [92833] Cisco Linksys WRT310N index.asp Setup Form Multiple Parameter Remote DoS
13426| [92559] Cisco Linksys WRT310N Router Unspecified XSS
13427| [92552] Cisco Linksys WRT310N Router HTML Forms CSRF
13428| [92232] Cisco Linksys EA2700 Appended / Character Handling Source Code Disclosure
13429| [90092] Cisco Linksys WRT160N /apply.cgi Multiple Parameter XSS
13430| [90077] Cisco Linksys WAG200G /setup.cgi timer_interval Parameter Remote Command Execution
13431| [90076] Cisco Linksys WAG200G /setup.cgi policy_name Parameter XSS
13432| [89916] Cisco Linksys Multiple Router Insecure Password Reset Functionality Weakness
13433| [89915] Cisco Linksys Multiple Router /apply.cgi Password Manipulation CSRF
13434| [89914] Cisco Linksys Multiple Router /apply.cgi wait_time Parameter XSS
13435| [89913] Cisco Linksys Multiple Router /apply.cgi submit_button Parameter Arbitrary Site Redirect
13436| [89912] Cisco Linksys Multiple Router /apply.cgi ping_size Parameter Remote Command Execution
13437| [89911] Cisco Linksys Multiple Router /apply.cgi next_page Parameter Traversal Arbitrary File Access
13438| [89421] Cisco Linksys WRT54GL /apply.cgi wan_hostname Parameter Remote Command Execution
13439| [89420] Cisco Linksys WRT54GL /apply.cgi Multiple Function CSRF
13440| [89419] Cisco Linksys Multiple Router /apply.cgi Multiple Parameter XSS
13441| [88006] freeSSHd Login Failure Remote Authentication Bypass
13442| [87468] Jetty Malformed If-Modified-Since Header Handling Remote DoS
13443| [86969] Cisco Linksys Multiple Router Hardcoded SSL Private Key SSL Traffic Decryption Weakness
13444| [86689] Cisco Linksys WRT54GX Password Manipulation CSRF
13445| [85401] WebKit CharacterData::setData Text Node DOMCharacterDataModified Event Handling Use-after-free Issue
13446| [84309] Cisco Linksys PlayerPT ActiveX (PlayerPT.ocx) SetSource() Method sURL Argument String Parsing Remote Overflow
13447| [84230] Cisco Linksys WMB54G TFTP Service Firmware Update Functionality Remote Shell Command Execution
13448| [83397] Cisco Linksys Multiple Router Cloud Connect Information Disclosure
13449| [82595] freeSSHd Malformed Packet Handling Remote DoS
13450| [81978] W3C XML Encryption Standard Multiple Algorithm CBC Mode Modified Ciphertext Injection Cryptanalysis Weakness
13451| [81726] Microsoft Office Excel Modified Bytes Excel File Handling Memory Corruption
13452| [80809] Cisco Linksys WAG54GS Admin Password Manipulation CSRF
13453| [80297] Cisco Linksys WVC200 PlayerPT ActiveX (PlayerPT.ocx) SetSource() Method base64string Argument Parsing Remote Overflow
13454| [79590] Dropbear SSH Server Channel Concurrency Use-after-free Remote Code Execution
13455| [78706] OpenSSH auth-options.c sshd auth_parse_options Function authorized_keys Command Option Debug Message Information Disclosure
13456| [78425] Oracle Solaris sshd Component Unspecified Remote DoS
13457| [77953] Mozilla Multiple Products DOMAttrModified nsSVGValue Observer Handling Out-of-bounds Memory Access Remote Code Execution
13458| [77431] Cisco Linksys WRT54GX UPnP IGD SOAP Request Parsing Remote Firewall Manipulation
13459| [77329] Cisco Linksys Multiple Router Broadcomp UPnP IGD AddPortMapping Action Remote Port Mapping Addition
13460| [75691] Cisco Linksys WRT54G Admin Screen Filters.asp Website Blocking by Keyword Field XSS
13461| [75505] Cisco Linksys WRT54G FTP Default Security Weakness Password Disclosure
13462| [75184] xtcModified eCommerce Shopsoftware Arbitrary Admin User Creation CSRF
13463| [75183] xtcModified eCommerce Shopsoftware admin/orders.php URI XSS
13464| [75182] xtcModified eCommerce Shopsoftware admin/categories.php URI XSS
13465| [75146] Cisco Linksys BEFSR41 Gozila.cgi Admin Password Manipulation CSRF
13466| [75145] Cisco Linksys WRT54G manage.tri Admin Password Manipulation CSRF
13467| [75144] Cisco Linksys WRT54G2 Manage.tri Admin Password Manipulation CSRF
13468| [74764] Kiwi Modified File Filter Unspecified Arbitrary Code Execution
13469| [74763] Kiwi Testdrive Modified Files List Crafted Archive Name Remote Code Execution
13470| [74762] Kiwi Testdrive Modified Files List Crafted Filename Remote Code Execution
13471| [74278] GNU C Library (glibc) ldd LD_TRACE_LOADED_OBJECTS Check Modified Executable Loader Local Privilege Escalation
13472| [72171] Cisco Linksys BEFSR41 Admin Interface Multiple Fields XSS
13473| [71032] Cisco Linksys WAG120N setup.cgi Multiple Admin Function CSRF
13474| [70879] Cisco Linksys WAP610N Telnet Unauthenticated Root Access
13475| [70688] IBM WebSphere Portal Modified Message Unspecified Information Disclosure
13476| [70624] Cisco Linksys WRT54GC HTTP POST Request Remote Overflow
13477| [69624] Cisco Linksys WRT54G2 / BEFSR41 Multiple Admin Function CSRF
13478| [67743] Novell NetWare OpenSSH SSHD.NLM Absolute Path Handling Remote Overflow
13479| [67623] freeSSHd SSH Key Exchange NULL Dereference Remote DoS
13480| [65854] Cisco Linksys WAP54Gv3 debug.cgi data1 Parameter XSS
13481| [65696] SquirrelMail Mail Fetch Plugin Modified POP3 Port Number Access Restriction Bypass
13482| [65443] Cisco Linksys WAP54Gv3 debug.cgi Multiple Parameter Shell Metacharacter Arbitrary Command Execution
13483| [65442] Cisco Linksys WAP54Gv3 Debug_command_page.asp Multiple Parameter Shell Metacharacter Arbitrary Command Execution
13484| [65269] Cisco Linksys WAP54Gv3 Debug Interface Hardcoded Credentials Remote Command Execution
13485| [61907] Cisco IOS XR SSH Server sshd_child_handler Process Crafted Packet Remote DoS
13486| [61573] Cisco Linksys WAG54G2 setup.cgi c4_ping_ipaddr Parameter Arbitrary Shell Command Execution
13487| [60498] Solaris sshd(1M) Timeout Mechanism Unspecified Remote DoS
13488| [60447] Linksys WAP11 gstsearch Remote Information Disclosure
13489| [60408] Cisco Linksys WRT54G Malformed DCC IRC SEND String Handling Remote DoS
13490| [60229] Linksys WET11 Router Crafted DLC Header Remote DoS
13491| [60101] Linksys BEFSR Series Router Persistent WAN Access Weakness
13492| [59966] Cisco Linksys WAP4400N Association Request Unspecified Remote DoS
13493| [59904] Linksys BEFW11S4 Embedded Web Server HTTP Header Handling Remote Overflow DoS
13494| [59353] OpenSSH sshd Local TCP Redirection Connection Masking Weakness
13495| [59352] SSH sshd Local TCP Redirection Connection Masking Weakness
13496| [59032] Cisco Linksys WVC11B Internet Video Camera main.cgi next_file Parameter XSS
13497| [58612] Cisco Linksys WRT54GC Multiple Parameter CSRF
13498| [58495] OpenSSH sshd ChrootDirectory Feature SetUID Hard Link Local Privilege Escalation
13499| [57927] freeSSHd Unspecified Pre-authentication Remote DoS
13500| [57801] Cisco Linksys WRT54GL Unspecified Remote Overflow
13501| [57379] Cisco Linksys WRT160N UPNP ForceTermination Action WAN Connection DoS
13502| [57378] Cisco Linksys WRT160N DHCP Request Host Name XSS
13503| [56862] Serveez src/http_server/http-core.c http_parse_date() Function If-Modified-Since HTTP Header Handling Remote Overflow
13504| [56398] Cisco Linksys WVC54GCA IP Camera Wsecurity.htm Cleartext Password / Keys Disclosure
13505| [56397] Cisco Linksys WVC54GCA IP Camera pass_wd.htm Cleartext Password / Keys Disclosure
13506| [55134] Cisco Linksys WVC54GCA IP Camera adm/file.cgi Multiple Parameter Traversal Arbitrary File Access
13507| [54362] freeSSHd SFTP Command Handling Multiple Remote Overflows
13508| [54210] Cisco Linksys WVC54GCA IP Camera /adm/file.cgi Multiple Parameter XSS
13509| [54209] Cisco Linksys WVC54GCA IP Camera main.cgi next_file Parameter XSS
13510| [54208] Cisco Linksys WVC54GCA IP Camera /img/main.cgi next_file Parameter Encoded Traversal Arbitrary File Access
13511| [54207] Cisco Linksys WVC54GCA IP Camera img/main.cgi admpw Cleartext Admin Password Disclosure
13512| [54206] Cisco Linksys WVC54GCA IP Camera SetupWizard.exe Cleartext Admin Credential Disclosure
13513| [54092] Cisco Linksys WRT54GC administration.cgi Crafted HTTP Request Handling Admin Password Manipulation
13514| [53965] Mozilla Multiple Products nsStyleContext::Destroy() DOMAttrModified Window Handling Memory Corruption
13515| [53414] Cisco Linksys WRT160N Admin Interface CSRF
13516| [53107] Cisco Linksys WAG54G HTTP Server Long Request Remote DoS
13517| [52289] Cisco Linksys WRT350N Unpassworded Hardcoded Guest Account
13518| [51489] Linksys WRT54G Empty GET Request Remote DoS
13519| [51488] Linksys BEFSX41 System Log Viewer Log_Page_Num Variable Overflow DoS
13520| [50631] Cisco Linksys WVC54GC NetCamPlayerWeb11gv2 ActiveX (NetCamPlayerWeb11gv2.ocx) SetSource Method Arbitrary Code Execution
13521| [50630] Cisco Linksys WVC54GC Setup Wizard Remote Management Command Remote Information Disclosure
13522| [50368] Cisco Linksys WRT160N apply.cgi action Parameter XSS
13523| [50057] freeSSHd Multiple Parameters Remote Overflow
13524| [49477] Mantis core/string_api.php Modified Issue Number Remote Information Disclosure
13525| [49386] OpenSSH sshd TCP Connection State Remote Account Enumeration
13526| [49100] Cisco Linksys WRT350N Default Admin Account Password
13527| [49067] Cisco Linksys WAP4400N SNMPv3 Unspecified Issue
13528| [49066] Cisco Linksys WAP4400N Crafted Association Request Remote DoS
13529| [48791] OpenSSH on Debian sshd Crafted Username Arbitrary Remote SELinux Role Access
13530| [47958] Cisco Linksys WRT350N Crafted Association Request Handling Remote Overflow DoS
13531| [46042] Cisco Linksys WRH54G Crafted HTTP Request Remote DoS
13532| [45867] freeSSHd SFTP Command Name Handling Overflow
13533| [44602] Cisco Linksys SPA2102 Phone Adapter Crafted Ping Packet DoS
13534| [43539] Cisco Linksys WAG54GS ADSL Gateway Unspecified XSS
13535| [43538] Cisco Linksys WAG54GS ADSL Gateway setup.cgi sysname Variable User Account Creation CSRF
13536| [43537] Cisco Linksys WAG54GS ADSL Gateway setup.cgi Restore Factory Defaults Action mtenRestore Parameter CSRF
13537| [43536] Cisco Linksys WAG54GS ADSL Gateway Default Admin Account Password
13538| [43278] FortressSSH sshd.exe Data Object Handling Remote DoS
13539| [43034] Cisco Linksys WRT54G Router Config.bin Cleartext Password Information Disclosure
13540| [43031] Cisco Linksys WRT54G 7 Router FTP Server Arbitrary Credentials Authentication Bypass
13541| [43024] Cisco Linksys WRT54G Router FTP Interface Username / Password Remote DoS
13542| [43022] Cisco Linksys WRT54G Router Default Password Remote File Access
13543| [43016] Cisco Linksys WRT54G Router Multiple Admin Script Direct Request Authentication Bypass
13544| [43009] Cisco Linksys WRT300N Router dyndns_domain Parameter XSS
13545| [42766] Georgia SoftWorks SSH2 Server (GSW_SSHD) username Field Remote Format String
13546| [42765] Georgia SoftWorks SSH2 Server (GSW_SSHD) Multiple Authentication Fields Remote Overflow
13547| [42484] Fail2ban Crafted Client Version sshd Log File Parsing Arbitrary Host Addition DoS
13548| [42482] DenyHosts Crafted Client Version sshd Log File Parsing Arbitrary Host Addition DoS
13549| [41849] freeSSHd SSH Server Crafted Packet NULL Pointer Dereference Remote DoS
13550| [41622] IBM Informix Dynamic Server (IDS) Modified NLS Message File Request DBLANG Variable Local Traversal Privilege Escalation
13551| [40878] Cisco Linksys WAG54GS setup.cgi CSRF
13552| [40877] Cisco Linksys WAG54GS setup.cgi Multiple Parameter XSS
13553| [40722] Apple Mac OS X Software Update Modified Distribution Definition File Remote Code Execution
13554| [40595] Xitami Web Server xitami.exe If-Modified-Since Header Remote Overflow
13555| [40594] Xitami Web Server xigui32.exe If-Modified-Since Header Remote Overflow
13556| [40105] Cisco Linksys WRT54GL apply.cgi Multiple Admin Action CSRF
13557| [37719] Cisco Linksys SPA-941 SIP Message From Field XSS
13558| [36758] InterWorx-CP NodeWorx sshd.php PATH_INFO Parameter XSS
13559| [36515] BlockHosts sshd/vsftpd hosts.allow Arbitrary Deny Entry Manipulation
13560| [35766] IBM Lotus Domino Web Server If_Modified-Since Header Overflow
13561| [35613] AFFLIB lib/s3.cpp S3 XML Response LastModified Value Overflow
13562| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
13563| [34481] Cisco Linksys SPA941 VoIP Phone Malformed SIP INVITE Request DoS
13564| [33814] Dropbear dbclient hostkey Mismatch Warning Weakness
13565| [32088] Dropbear SSH dbclient Hostkey Mismatch Weakness
13566| [31842] Cisco Linksys WIP 330 PhoneCtrl.exe TCP Port Scan DoS
13567| [31795] Fail2ban sshd Log File Parsing Arbitrary Host Denial DoS
13568| [29671] Cisco Linksys SPA921 Long HTTP Request DoS
13569| [29582] Cisco Linksys WRT54GXv2 Universal Plug and Play AddPortMapping Remote Port Manipulation
13570| [28159] SSH Tectia Management Agent sshd Restart Local Privilege Escalation
13571| [27808] Cisco Linksys WRT54G Web Admin Console CSRF
13572| [27807] Cisco Linksys WRT54G Security.tri Unauthenticated Configuration Modification
13573| [26323] Verizon Voicewing Linksys PAP2-VN Account Credential Hijack
13574| [25463] freeSSHd Key Exchange Algorithm String Remote Overflow
13575| [24810] Cisco Linksys RT31P2 SIP Message Unspecified Remote DoS
13576| [23960] Dropbear SSH Authorization-pending Connection Saturation DoS
13577| [22514] Linksys BEFVP41 Malfored IP Packet Option #0xE4 Null Length Remote DoS
13578| [21847] Dropbear SSH Server svr_ses.childpidsize Remote Overflow
13579| [19991] Cisco Linksys WRT54G apply.cgi Traversal File Existence Enumeration
13580| [19390] Cisco Linksys WRT54G ezconfig.asp Encryption Weakness Authentication Issue
13581| [19389] Cisco Linksys WRT54G apply.cgi POST Request Overflow
13582| [19388] Cisco Linksys WRT54G restore.cgi Arbitrary Configuration Upload
13583| [19387] Cisco Linksys WRT54G upgrade.cgi Arbitrary Configuration Upload
13584| [19386] Cisco Linksys WRT54G POST Request Malformed Content Length DoS
13585| [18803] Cisco Linksys WRT54GS WPA/TKIP Authentication Bypass
13586| [18692] Cisco Linksys WLAN Monitor Help Topics Local Privilege Escalation
13587| [18471] Cisco Linksys WRT54G Router Common SSL Private Key Disclosure
13588| [18470] Linksys Multiple Router Web Management Interface Password Field Overflow
13589| [16979] phpBB album_portal.php (Modified) phpbb_root_path Variable Arbitrary Code Injection
13590| [15969] Multiple Browser HREF Tag Modified alt Value Status Bar Spoofing
13591| [15311] Cisco Linksys WET11 changepw.html Unauthenticated Password Modification
13592| [14464] System-Critical File Integrity Modified
13593| [13467] Cisco Linksys PSUS4 Print Server Malformed HTTP POST Request DoS
13594| [8982] CesarFTP GET Modified Triple Dot Traversal Arbitrary File Access
13595| [8945] KDE kpf Modified Icon Parameter Arbitrary File Access
13596| [8138] Dropbear SSH Server buffer.c Overflow Issue
13597| [8137] Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation
13598| [8040] sshd Authentication Agent Mechanism Arbitrary User Credential Disclosure
13599| [8039] Bitvise WinSSHD Incomplete Connection Saturation DoS
13600| [8037] Rapidstream VPN sshd Default Hardcoded Admin Account
13601| [8035] SSH Server sshd2 Failed Login Attempt Logging Failure
13602| [7188] Cisco Linksys BEFSR41 Web Admin Connection DoS
13603| [7112] Cisco Linksys Internet Video Camera main.cgi next_file Parameter Traversal Arbitrary File Access
13604| [6741] Cisco Linksys BEFSR41 DHCP Network Data Information Disclosure
13605| [6740] Linksys BEFSR41 Gozila.cgi No Argument Remote DoS
13606| [6739] Linksys EtherFast VPN Router Encryption Key Implementation Weakness
13607| [6738] Linksys EtherFast SNMP Query Information Disclosure
13608| [6655] Cisco Linksys BEF Series Routers Gozila.cgi Multiple Parameter Remote DoS
13609| [6577] Cisco Linksys Routers Administrative Web Interface Access
13610| [6325] Cisco Linksys BOOTP Remote Memory Information Disclosure
13611| [6261] Symantec Norton Anti-Virus Modified MIME Email Scan Bypass
13612| [6113] Cisco Linksys BEF Series Routers BOOTP DoS
13613| [5728] Modified Teardrop IP Fragment Re-Assembly DoS
13614| [5467] Linksys EtherFast Passwd.htm Administrator Password Disclosure
13615| [5010] Solaris SSHD Client IP Logging Failure
13616| [4002] Cisco Linksys WAP55AG SNMP Community Strings Disclosure
13617| [2429] Dropbear SSH Server Username Remote Format String
13618| [2109] OpenSSH sshd Root Login Timing Side-Channel Weakness
13619| [1920] Linksys EtherFast index.htm DSL Username/Password Disclosure
13620| [1773] SSH sshd Connection Saturation DoS
13621| [1586] sshd scp Traversal Arbitrary File Overwrite
13622| [821] Linksys Router Default Password
13623| [225] thttpd If-Modified-Since Header Remote Overflow
13624Running (JUST GUESSING): Linux 2.6.X|4.X|3.X (92%)
13625OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:3
13626Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (92%), Linux 4.4 (87%), Linux 3.10 - 4.11 (86%), Linux 3.10 - 3.12 (86%), Linux 4.9 (85%), Linux 3.2 - 4.9 (85%), Linux 2.6.18 (85%)
13627No exact OS matches for host (test conditions non-ideal).
13628Uptime guess: 17.134 days (since Mon Oct 7 08:44:01 2019)
13629Network Distance: 17 hops
13630TCP Sequence Prediction: Difficulty=258 (Good luck!)
13631IP ID Sequence Generation: All zeros
13632Service Info: Device: router
13633
13634TRACEROUTE (using port 111/tcp)
13635HOP RTT ADDRESS
136361 299.30 ms 10.231.204.1
136372 299.38 ms 45.131.5.2
136383 299.37 ms 109.236.95.228
136394 299.43 ms bb1-fra1.worldstream.nl (109.236.95.221)
136405 299.42 ms zayo.fra.ecix.net (62.69.146.139)
136416 399.44 ms ae1.cs1.fra9.de.eth.zayo.com (64.125.29.64)
136427 399.47 ms ae0.cs1.fra6.de.eth.zayo.com (64.125.29.54)
136438 399.44 ms ae2.cs1.ams17.nl.eth.zayo.com (64.125.29.59)
136449 399.40 ms ae0.cs1.ams10.nl.eth.zayo.com (64.125.29.80)
1364510 200.48 ms ae2.cs1.lhr15.uk.eth.zayo.com (64.125.29.17)
1364611 296.71 ms ae0.cs1.lhr11.uk.eth.zayo.com (64.125.29.118)
1364712 ... 13
1364814 301.96 ms ae11.er2.ord7.us.zip.zayo.com (64.125.26.251)
1364915 443.05 ms 128.177.108.98.IPYX-142927-900-ZYO.zip.zayo.com (128.177.108.98)
1365016 443.07 ms ggw2.c09c10.r15.s101.chi03.singlehop.net (67.212.190.221)
1365117 341.70 ms c59833.sgvps.net (37.60.233.207)
13652
13653NSE: Script Post-scanning.
13654Initiating NSE at 11:57
13655Completed NSE at 11:57, 0.00s elapsed
13656Initiating NSE at 11:57
13657Completed NSE at 11:57, 0.00s elapsed
13658Read data files from: /usr/bin/../share/nmap
13659######################################################################################################################################
13660Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-24 11:57 EDT
13661NSE: Loaded 47 scripts for scanning.
13662NSE: Script Pre-scanning.
13663Initiating NSE at 11:57
13664Completed NSE at 11:57, 0.00s elapsed
13665Initiating NSE at 11:57
13666Completed NSE at 11:57, 0.00s elapsed
13667Initiating Parallel DNS resolution of 1 host. at 11:57
13668Completed Parallel DNS resolution of 1 host. at 11:57, 0.02s elapsed
13669Initiating UDP Scan at 11:57
13670Scanning c59833.sgvps.net (37.60.233.207) [15 ports]
13671Discovered open port 53/udp on 37.60.233.207
13672Completed UDP Scan at 11:57, 3.00s elapsed (15 total ports)
13673Initiating Service scan at 11:57
13674Scanning 13 services on c59833.sgvps.net (37.60.233.207)
13675Service scan Timing: About 15.38% done; ETC: 12:07 (0:08:59 remaining)
13676Completed Service scan at 11:58, 102.59s elapsed (13 services on 1 host)
13677Initiating OS detection (try #1) against c59833.sgvps.net (37.60.233.207)
13678Retrying OS detection (try #2) against c59833.sgvps.net (37.60.233.207)
13679Initiating Traceroute at 11:58
13680Completed Traceroute at 11:59, 7.16s elapsed
13681Initiating Parallel DNS resolution of 1 host. at 11:59
13682Completed Parallel DNS resolution of 1 host. at 11:59, 0.00s elapsed
13683NSE: Script scanning 37.60.233.207.
13684Initiating NSE at 11:59
13685Completed NSE at 11:59, 11.08s elapsed
13686Initiating NSE at 11:59
13687Completed NSE at 11:59, 1.46s elapsed
13688Nmap scan report for c59833.sgvps.net (37.60.233.207)
13689Host is up (0.24s latency).
13690
13691PORT STATE SERVICE VERSION
1369253/udp open domain ISC BIND 9.10.6
13693| vulners:
13694| cpe:/a:isc:bind:9.10.6:
13695| CVE-2018-5740 5.0 https://vulners.com/cve/CVE-2018-5740
13696| CVE-2018-5734 5.0 https://vulners.com/cve/CVE-2018-5734
13697| CVE-2017-3145 5.0 https://vulners.com/cve/CVE-2017-3145
13698|_ CVE-2018-5741 4.0 https://vulners.com/cve/CVE-2018-5741
13699| vulscan: VulDB - https://vuldb.com:
13700| [129816] ISC BIND up to 9.10.6-S2 badcache.c Malformed Packet Assertion unknown vulnerability
13701| [88752] ISC BIND up to 9.10.4-P1 UPDATE Message Crash denial of service
13702| [88751] ISC BIND up to 9.10.4-P1 IXFR Response Crash denial of service
13703| [88750] ISC BIND up to 9.10.4-P1 AXFR Response Crash denial of service
13704| [81317] ISC BIND up to 9.10.3-P3 named resolver.c Cookie Option denial of service
13705| [80355] ISC BIND up to 9.10.3-P2 Debug Logging Crash denial of service
13706| [69191] ISC BIND up to 9.10.2 Trust Anchor Management Crash denial of service
13707| [68356] ISC BIND 9.10.0 Delegation Crash denial of service
13708| [68355] ISC BIND 9.10.0/9.10.1 GeoIP Crash denial of service
13709| [13581] ISC BIND 9.10.0 EDNS Option denial of service
13710| [13180] ISC BIND 9.10.0 Prefetch denial of service
13711|
13712| MITRE CVE - https://cve.mitre.org:
13713| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
13714| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
13715|
13716| SecurityFocus - https://www.securityfocus.com/bid/:
13717| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
13718| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
13719| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
13720| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
13721| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
13722| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
13723| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
13724| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
13725| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
13726| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
13727| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
13728| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
13729| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
13730| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
13731| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
13732| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
13733| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
13734| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
13735| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
13736| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
13737| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
13738| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
13739| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
13740| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
13741| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
13742| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
13743| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
13744| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
13745| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
13746| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
13747| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
13748| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
13749| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
13750| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
13751| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
13752| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
13753| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
13754| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
13755| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
13756| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
13757| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
13758| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
13759| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
13760| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
13761| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
13762| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
13763| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
13764| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
13765| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
13766| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
13767| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
13768| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
13769| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
13770| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
13771| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
13772| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
13773| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
13774| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
13775| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
13776| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
13777| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
13778| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
13779| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
13780| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
13781| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
13782| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
13783| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
13784| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
13785| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
13786| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
13787| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
13788| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
13789| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
13790| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
13791|
13792| IBM X-Force - https://exchange.xforce.ibmcloud.com:
13793| [85799] Cisco Unified IP Phones 9900 Series directory traversal
13794| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
13795| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
13796| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
13797| [9250] BIND 9 dns_message_findtype() denial of service
13798| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
13799| [539] Microsoft Windows 95 and Internet Explorer password disclosure
13800| [86004] ISC BIND RDATA denial of service
13801| [84767] ISC BIND denial of service
13802| [83066] ISC BIND denial of service
13803| [81504] ISC BIND AAAA denial of service
13804| [80510] ISC BIND DNS64 denial of service
13805| [79121] ISC BIND queries denial of service
13806| [78479] ISC BIND RDATA denial of service
13807| [77185] ISC BIND TCP queries denial of service
13808| [77184] ISC BIND bad cache denial of service
13809| [76034] ISC BIND rdata denial of service
13810| [73053] ISC BIND cache update policy security bypass
13811| [71332] ISC BIND recursive queries denial of service
13812| [68375] ISC BIND UPDATE denial of service
13813| [68374] ISC BIND Response Policy Zones denial of service
13814| [67665] ISC BIND RRSIG Rrsets denial of service
13815| [67297] ISC BIND RRSIG denial of service
13816| [65554] ISC BIND IXFR transfer denial of service
13817| [63602] ISC BIND allow-query security bypass
13818| [63596] ISC BIND zone data security bypass
13819| [63595] ISC BIND RRSIG denial of service
13820| [62072] ISC BIND DNSSEC query denial of service
13821| [62071] ISC BIND ACL security bypass
13822| [61871] ISC BIND anchors denial of service
13823| [60421] ISC BIND RRSIG denial of service
13824| [56049] ISC BIND out-of-bailiwick weak security
13825| [55937] ISC Bind unspecified cache poisoning
13826| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
13827| [54416] ISC BIND DNSSEC cache poisoning
13828| [52073] ISC BIND dns_db_findrdataset() denial of service
13829| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
13830| [45234] ISC BIND UDP denial of service
13831| [39670] ISC BIND inet_network buffer overflow
13832| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
13833| [37128] RHSA update for ISC BIND RRset denial of service not installed
13834| [37127] RHSA update for ISC BIND named service denial of service not installed
13835| [36275] ISC BIND DNS query spoofing
13836| [35575] ISC BIND query ID cache poisoning
13837| [35571] ISC BIND ACL security bypass
13838| [31838] ISC BIND RRset denial of service
13839| [31799] ISC BIND named service denial of service
13840| [29876] HP Tru64 ypbind core dump information disclosure
13841| [28745] ISC BIND DNSSEC RRset denial of service
13842| [28744] ISC BIND recursive INSIST denial of service
13843| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
13844| [18836] BIND hostname disclosure
13845| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
13846| [10333] ISC BIND SIG null pointer dereference denial of service
13847| [10332] ISC BIND OPT resource record (RR) denial of service
13848| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
13849| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
13850| [5814] ISC BIND "
13851| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
13852| [5462] ISC BIND AXFR host command remote buffer overflow
13853|
13854| Exploit-DB - https://www.exploit-db.com:
13855| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
13856|
13857| OpenVAS (Nessus) - http://www.openvas.org:
13858| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
13859| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
13860| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
13861| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
13862| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
13863| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
13864| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
13865| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
13866| [11226] Oracle 9iAS default error information disclosure
13867|
13868| SecurityTracker - https://www.securitytracker.com:
13869| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
13870| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
13871| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
13872| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
13873| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
13874| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13875| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13876| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13877| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13878| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13879| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13880| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13881| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13882| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
13883| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
13884| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
13885| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
13886| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
13887| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
13888| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
13889| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
13890| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
13891| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
13892| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
13893| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
13894| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
13895|
13896| OSVDB - http://www.osvdb.org:
13897| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
13898| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
13899| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
13900| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
13901| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
13902| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
13903| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
13904| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
13905| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
13906| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
13907| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
13908| [18217] Oracle 9iAS echo Sample Application Information Disclosure
13909| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
13910| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
13911| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
13912| [3108] Microsoft Office 98 Macintosh Information Disclosure
13913| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
13914| [665] Microsoft Windows 95 Online Registration Information Disclosure
13915| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
13916| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
13917| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
13918| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
13919| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
13920| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
13921| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
13922| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
13923| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
13924| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
13925| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
13926| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
13927| [77159] ISC BIND Recursive Query Parsing Remote DoS
13928| [73605] ISC BIND UPDATE Request Parsing Remote DoS
13929| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
13930| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
13931| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
13932| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
13933| [69568] ISC BIND named allow-query ACL Restriction Bypass
13934| [69559] ISC BIND named Key Algorithm Rollover Weakness
13935| [69558] ISC BIND named RRSIG Negative Caching DoS
13936| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
13937| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
13938| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
13939| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
13940| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
13941| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
13942| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
13943| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
13944| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
13945| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
13946| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
13947| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
13948| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
13949| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
13950| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
13951| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
13952| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
13953| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
13954| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
13955| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
13956| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
13957| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
13958| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
13959| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
13960| [34752] ISC BIND so_linger Remote DoS
13961| [34751] ISC BIND Malformed SIG Record Remote DoS
13962| [34750] ISC BIND Malformed NAPTR Record Local DoS
13963| [34749] ISC BIND named maxdname DoS
13964| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
13965| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
13966| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
13967| [28558] ISC BIND Recursive Query Saturation DoS
13968| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
13969| [25895] ISC BIND Cached Recursive Query DoS
13970| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
13971| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
13972| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
13973| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
13974| [14795] ISC BIND TSIG Handling Code Remote Overflow
13975| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
13976| [13752] ISC BIND host Command AXFR Response Remote Overflow
13977| [13176] ISC BIND q_usedns Array Remote Overflow DoS
13978| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
13979| [9736] ISC BIND fdmax File Descriptor Consumption DoS
13980| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
13981| [9734] ISC BIND CNAME Record Zone Transfer DoS
13982| [9733] ISC BIND Malformed DNS Message DoS
13983| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
13984| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
13985| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
13986| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
13987| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
13988| [5828] ISC BIND named SRV Remote DoS
13989| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
13990| [2866] ISC BIND Negative Record Cache Poisoning
13991| [1751] ISC BIND Environment Variable Information Disclosure
13992| [1747] ISC BIND 4 nslookupComplain() Remote Format String
13993| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
13994| [913] ISC BIND Inverse-Query Remote Overflow
13995| [869] ISC BIND named SIG Resource Server Response RR Overflow
13996| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
13997| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
13998| [24] ISC BIND NXT Record Overflow
13999|_
1400067/udp open|filtered dhcps
1400168/udp open|filtered dhcpc
1400269/udp open|filtered tftp
1400388/udp open|filtered kerberos-sec
14004123/udp open|filtered ntp
14005137/udp filtered netbios-ns
14006138/udp filtered netbios-dgm
14007139/udp open|filtered netbios-ssn
14008161/udp open|filtered snmp
14009162/udp open|filtered snmptrap
14010389/udp open|filtered ldap
14011500/udp open|filtered isakmp
14012|_ike-version: ERROR: Script execution failed (use -d to debug)
14013520/udp open|filtered route
140142049/udp open|filtered nfs
14015Too many fingerprints match this host to give specific OS details
14016
14017TRACEROUTE (using port 137/udp)
14018HOP RTT ADDRESS
140191 141.10 ms 10.231.204.1
140202 ... 3
140214 101.28 ms 10.231.204.1
140225 738.85 ms 10.231.204.1
140236 738.85 ms 10.231.204.1
140247 738.84 ms 10.231.204.1
140258 738.80 ms 10.231.204.1
140269 640.06 ms 10.231.204.1
1402710 102.82 ms 10.231.204.1
1402811 ... 18
1402919 134.68 ms 10.231.204.1
1403020 99.38 ms 10.231.204.1
1403121 ... 27
1403228 150.37 ms 10.231.204.1
1403329 ...
1403430 103.90 ms 10.231.204.1
14035
14036NSE: Script Post-scanning.
14037Initiating NSE at 11:59
14038Completed NSE at 11:59, 0.00s elapsed
14039Initiating NSE at 11:59
14040Completed NSE at 11:59, 0.00s elapsed
14041#######################################################################################################################################
14042address mac name os_name os_flavor os_sp purpose info comments
14043------- --- ---- ------- --------- ----- ------- ---- --------
1404437.60.233.207 c59833.sgvps.net Linux 2.6.X server
14045
14046Services
14047========
14048
14049host port proto name state info
14050---- ---- ----- ---- ----- ----
1405137.60.233.207 21 tcp ftp open Pure-FTPd
1405237.60.233.207 53 tcp domain open ISC BIND 9.10.6
1405337.60.233.207 53 udp domain open ISC BIND 9.10.6
1405437.60.233.207 67 udp dhcps unknown
1405537.60.233.207 68 udp dhcpc unknown
1405637.60.233.207 69 udp tftp unknown
1405737.60.233.207 80 tcp http open nginx
1405837.60.233.207 88 udp kerberos-sec unknown
1405937.60.233.207 110 tcp pop3 open Dovecot pop3d
1406037.60.233.207 123 udp ntp unknown
1406137.60.233.207 137 udp netbios-ns filtered
1406237.60.233.207 138 udp netbios-dgm filtered
1406337.60.233.207 139 udp netbios-ssn unknown
1406437.60.233.207 143 tcp imap open Dovecot imapd
1406537.60.233.207 161 udp snmp unknown
1406637.60.233.207 162 udp snmptrap unknown
1406737.60.233.207 389 udp ldap unknown
1406837.60.233.207 443 tcp ssl/http open nginx
1406937.60.233.207 465 tcp ssl/smtp open Exim smtpd 4.90devstart-1178-b07e68e5-XX
1407037.60.233.207 500 udp isakmp unknown
1407137.60.233.207 520 udp route unknown
1407237.60.233.207 587 tcp smtp open Exim smtpd 4.90devstart-1178-b07e68e5-XX
1407337.60.233.207 993 tcp ssl/imaps open
1407437.60.233.207 995 tcp ssl/pop3s open
1407537.60.233.207 2049 udp nfs unknown
1407637.60.233.207 2077 tcp tsrmagt open
1407737.60.233.207 2078 tcp ssl/http open cPanel httpd unauthorized
1407837.60.233.207 2082 tcp infowave open
1407937.60.233.207 2083 tcp ssl/radsec open
1408037.60.233.207 2086 tcp gnunet open
1408137.60.233.207 2087 tcp ssl/eli open
1408237.60.233.207 2095 tcp nbx-ser open
1408337.60.233.207 2096 tcp ssl/nbx-dir open
1408437.60.233.207 3306 tcp mysql open MySQL unauthorized
1408537.60.233.207 18765 tcp ssh open Linksys WRT45G modified dropbear sshd protoc
14086######################################################################################################################################
14087[+] URL: https://christianaction.org/
14088[+] Started: Thu Oct 24 10:38:55 2019
14089
14090Interesting Finding(s):
14091
14092[+] https://christianaction.org/
14093 | Interesting Entries:
14094 | - server: nginx
14095 | - x-powered-by: PHP/7.1.30
14096 | - x-proxy-cache: MISS
14097 | - alt-svc: quic=":443"; ma=86400; v="43,39"
14098 | Found By: Headers (Passive Detection)
14099 | Confidence: 100%
14100
14101[+] https://christianaction.org/robots.txt
14102 | Interesting Entries:
14103 | - /wp-admin/
14104 | - /wp-admin/admin-ajax.php
14105 | Found By: Robots Txt (Aggressive Detection)
14106 | Confidence: 100%
14107
14108[+] https://christianaction.org/xmlrpc.php
14109 | Found By: Link Tag (Passive Detection)
14110 | Confidence: 100%
14111 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
14112 | References:
14113 | - http://codex.wordpress.org/XML-RPC_Pingback_API
14114 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
14115 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
14116 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
14117 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
14118
14119[+] https://christianaction.org/readme.html
14120 | Found By: Direct Access (Aggressive Detection)
14121 | Confidence: 100%
14122
14123[+] This site has 'Must Use Plugins': https://christianaction.org/wp-content/mu-plugins/
14124 | Found By: Direct Access (Aggressive Detection)
14125 | Confidence: 80%
14126 | Reference: http://codex.wordpress.org/Must_Use_Plugins
14127
14128[+] Upload directory has listing enabled: https://christianaction.org/wp-content/uploads/
14129 | Found By: Direct Access (Aggressive Detection)
14130 | Confidence: 100%
14131
14132[+] https://christianaction.org/wp-cron.php
14133 | Found By: Direct Access (Aggressive Detection)
14134 | Confidence: 60%
14135 | References:
14136 | - https://www.iplocation.net/defend-wordpress-from-ddos
14137 | - https://github.com/wpscanteam/wpscan/issues/1299
14138
14139[+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
14140 | Detected By: Rss Generator (Passive Detection)
14141 | - https://christianaction.org/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14142 | - https://christianaction.org/comments/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14143 | - https://christianaction.org/keeping-america-christian/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14144
14145[+] WordPress theme in use: Newspaper
14146 | Location: https://christianaction.org/wp-content/themes/Newspaper/
14147 | Readme: https://christianaction.org/wp-content/themes/Newspaper/readme.txt
14148 | Style URL: https://christianaction.org/wp-content/themes/Newspaper/style.css?ver=9.7.2
14149 | Style Name: Newspaper
14150 | Style URI: http://tagdiv.com
14151 | Description: Premium WordPress template, clean and easy to use....
14152 | Author: tagDiv
14153 | Author URI: http://themeforest.net/user/tagDiv/portfolio
14154 |
14155 | Detected By: Css Style (Passive Detection)
14156 |
14157 | Version: 9.7.2 (80% confidence)
14158 | Detected By: Style (Passive Detection)
14159 | - https://christianaction.org/wp-content/themes/Newspaper/style.css?ver=9.7.2, Match: 'Version: 9.7.2'
14160
14161[+] Enumerating All Plugins (via Passive Methods)
14162[+] Checking Plugin Versions (via Passive and Aggressive Methods)
14163
14164[i] Plugin(s) Identified:
14165
14166[+] ecwid-shopping-cart
14167 | Location: https://christianaction.org/wp-content/plugins/ecwid-shopping-cart/
14168 | Latest Version: 6.8.7 (up to date)
14169 | Last Updated: 2019-10-01T04:52:00.000Z
14170 |
14171 | Detected By: Urls In Homepage (Passive Detection)
14172 |
14173 | Version: 6.8.7 (80% confidence)
14174 | Detected By: Readme - Stable Tag (Aggressive Detection)
14175 | - https://christianaction.org/wp-content/plugins/ecwid-shopping-cart/readme.txt
14176
14177[+] js_composer
14178 | Location: https://christianaction.org/wp-content/plugins/js_composer/
14179 |
14180 | Detected By: Urls In Homepage (Passive Detection)
14181 | Confirmed By: Body Tag (Passive Detection)
14182 |
14183 | Version: 6.0.5 (70% confidence)
14184 | Detected By: Body Tag (Passive Detection)
14185 | - https://christianaction.org/, Match: 'js-comp-ver-6.0.5'
14186 | Confirmed By: Query Parameter (Passive Detection)
14187 | - https://christianaction.org/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
14188
14189[+] mailchimp-top-bar
14190 | Location: https://christianaction.org/wp-content/plugins/mailchimp-top-bar/
14191 | Latest Version: 1.5.0 (up to date)
14192 | Last Updated: 2019-10-07T09:35:00.000Z
14193 |
14194 | Detected By: Urls In Homepage (Passive Detection)
14195 |
14196 | Version: 1.5.0 (100% confidence)
14197 | Detected By: Readme - Stable Tag (Aggressive Detection)
14198 | - https://christianaction.org/wp-content/plugins/mailchimp-top-bar/readme.txt
14199 | Confirmed By: Change Log (Aggressive Detection)
14200 | - https://christianaction.org/wp-content/plugins/mailchimp-top-bar/CHANGELOG.md, Match: '#### 1.5.0 - Oct 7, 2019'
14201
14202[+] revslider
14203 | Location: https://christianaction.org/wp-content/plugins/revslider/
14204 |
14205 | Detected By: Urls In Homepage (Passive Detection)
14206 | Confirmed By: Meta Generator (Passive Detection)
14207 |
14208 | Version: 5.4.8 (100% confidence)
14209 | Detected By: Meta Generator (Passive Detection)
14210 | - https://christianaction.org/, Match: 'Powered by Slider Revolution 5.4.8'
14211 | Confirmed By:
14212 | Query Parameter (Passive Detection)
14213 | - https://christianaction.org/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
14214 | - https://christianaction.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
14215 | - https://christianaction.org/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
14216 | Release Log (Aggressive Detection)
14217 | - https://christianaction.org/wp-content/plugins/revslider/release_log.html, Match: 'Version 5.4.8 StarPath (20th June 2018)'
14218
14219[+] social-warfare
14220 | Location: https://christianaction.org/wp-content/plugins/social-warfare/
14221 | Latest Version: 3.6.1 (up to date)
14222 | Last Updated: 2019-06-05T17:33:00.000Z
14223 |
14224 | Detected By: Urls In Homepage (Passive Detection)
14225 | Confirmed By: Comment (Passive Detection)
14226 |
14227 | Version: 3.6.1 (100% confidence)
14228 | Detected By: Comment (Passive Detection)
14229 | - https://christianaction.org/, Match: 'Social Warfare v3.6.1'
14230 | Confirmed By:
14231 | Query Parameter (Passive Detection)
14232 | - https://christianaction.org/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=3.6.1
14233 | - https://christianaction.org/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=3.6.1
14234 | Readme - Stable Tag (Aggressive Detection)
14235 | - https://christianaction.org/wp-content/plugins/social-warfare/readme.txt
14236 | Readme - ChangeLog Section (Aggressive Detection)
14237 | - https://christianaction.org/wp-content/plugins/social-warfare/readme.txt
14238
14239[+] td-cloud-library
14240 | Location: https://christianaction.org/wp-content/plugins/td-cloud-library/
14241 |
14242 | Detected By: Urls In Homepage (Passive Detection)
14243 |
14244 | The version could not be determined.
14245
14246[+] td-composer
14247 | Location: https://christianaction.org/wp-content/plugins/td-composer/
14248 |
14249 | Detected By: Urls In Homepage (Passive Detection)
14250 |
14251 | The version could not be determined.
14252
14253[+] td-newsletter
14254 | Location: https://christianaction.org/wp-content/plugins/td-newsletter/
14255 |
14256 | Detected By: Urls In Homepage (Passive Detection)
14257 |
14258 | The version could not be determined.
14259
14260[+] wordpress-seo
14261 | Location: https://christianaction.org/wp-content/plugins/wordpress-seo/
14262 | Latest Version: 12.3 (up to date)
14263 | Last Updated: 2019-10-15T08:52:00.000Z
14264 |
14265 | Detected By: Comment (Passive Detection)
14266 |
14267 | Version: 12.3 (100% confidence)
14268 | Detected By: Comment (Passive Detection)
14269 | - https://christianaction.org/, Match: 'optimized with the Yoast SEO plugin v12.3 -'
14270 | Confirmed By:
14271 | Readme - Stable Tag (Aggressive Detection)
14272 | - https://christianaction.org/wp-content/plugins/wordpress-seo/readme.txt
14273 | Readme - ChangeLog Section (Aggressive Detection)
14274 | - https://christianaction.org/wp-content/plugins/wordpress-seo/readme.txt
14275
14276[+] wp-super-cache
14277 | Location: https://christianaction.org/wp-content/plugins/wp-super-cache/
14278 | Latest Version: 1.7.0 (up to date)
14279 | Last Updated: 2019-08-16T13:07:00.000Z
14280 |
14281 | Detected By: Comment (Passive Detection)
14282 |
14283 | Version: 1.7.0 (80% confidence)
14284 | Detected By: Readme - Stable Tag (Aggressive Detection)
14285 | - https://christianaction.org/wp-content/plugins/wp-super-cache/readme.txt
14286
14287[+] Enumerating Config Backups (via Passive and Aggressive Methods)
14288 Checking Config Backups - Time: 00:00:04 <=============> (21 / 21) 100.00% Time: 00:00:04
14289
14290[i] No Config Backups Found.
14291
14292[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
14293[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
14294
14295[+] Finished: Thu Oct 24 10:39:50 2019
14296[+] Requests Done: 90
14297[+] Cached Requests: 6
14298[+] Data Sent: 21.613 KB
14299[+] Data Received: 1.538 MB
14300[+] Memory used: 150.926 MB
14301[+] Elapsed time: 00:00:54
14302######################################################################################################################################
14303
14304[+] URL: https://christianaction.org/
14305[+] Started: Thu Oct 24 10:39:00 2019
14306
14307Interesting Finding(s):
14308
14309[+] https://christianaction.org/
14310 | Interesting Entries:
14311 | - server: nginx
14312 | - x-powered-by: PHP/7.1.30
14313 | - x-proxy-cache: MISS
14314 | - alt-svc: quic=":443"; ma=86400; v="43,39"
14315 | Found By: Headers (Passive Detection)
14316 | Confidence: 100%
14317
14318[+] https://christianaction.org/robots.txt
14319 | Interesting Entries:
14320 | - /wp-admin/
14321 | - /wp-admin/admin-ajax.php
14322 | Found By: Robots Txt (Aggressive Detection)
14323 | Confidence: 100%
14324
14325[+] https://christianaction.org/xmlrpc.php
14326 | Found By: Link Tag (Passive Detection)
14327 | Confidence: 100%
14328 | Confirmed By: Direct Access (Aggressive Detection), 100% confidence
14329 | References:
14330 | - http://codex.wordpress.org/XML-RPC_Pingback_API
14331 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
14332 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
14333 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
14334 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
14335
14336[+] https://christianaction.org/readme.html
14337 | Found By: Direct Access (Aggressive Detection)
14338 | Confidence: 100%
14339
14340[+] This site has 'Must Use Plugins': https://christianaction.org/wp-content/mu-plugins/
14341 | Found By: Direct Access (Aggressive Detection)
14342 | Confidence: 80%
14343 | Reference: http://codex.wordpress.org/Must_Use_Plugins
14344
14345[+] Upload directory has listing enabled: https://christianaction.org/wp-content/uploads/
14346 | Found By: Direct Access (Aggressive Detection)
14347 | Confidence: 100%
14348
14349[+] https://christianaction.org/wp-cron.php
14350 | Found By: Direct Access (Aggressive Detection)
14351 | Confidence: 60%
14352 | References:
14353 | - https://www.iplocation.net/defend-wordpress-from-ddos
14354 | - https://github.com/wpscanteam/wpscan/issues/1299
14355
14356[+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
14357 | Detected By: Rss Generator (Passive Detection)
14358 | - https://christianaction.org/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14359 | - https://christianaction.org/comments/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14360 | - https://christianaction.org/keeping-america-christian/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14361
14362[+] WordPress theme in use: Newspaper
14363 | Location: https://christianaction.org/wp-content/themes/Newspaper/
14364 | Readme: https://christianaction.org/wp-content/themes/Newspaper/readme.txt
14365 | Style URL: https://christianaction.org/wp-content/themes/Newspaper/style.css?ver=9.7.2
14366 | Style Name: Newspaper
14367 | Style URI: http://tagdiv.com
14368 | Description: Premium WordPress template, clean and easy to use....
14369 | Author: tagDiv
14370 | Author URI: http://themeforest.net/user/tagDiv/portfolio
14371 |
14372 | Detected By: Css Style (Passive Detection)
14373 |
14374 | Version: 9.7.2 (80% confidence)
14375 | Detected By: Style (Passive Detection)
14376 | - https://christianaction.org/wp-content/themes/Newspaper/style.css?ver=9.7.2, Match: 'Version: 9.7.2'
14377
14378[+] Enumerating Users (via Passive and Aggressive Methods)
14379 Brute Forcing Author IDs - Time: 00:00:17 <==> (10 / 10) 100.00% Time: 00:00:17
14380
14381[i] User(s) Identified:
14382
14383[+] news-editor
14384 | Detected By: Author Posts - Author Pattern (Passive Detection)
14385 | Confirmed By:
14386 | Wp Json Api (Aggressive Detection)
14387 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14388 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14389
14390[+] jerry-skirvin
14391 | Detected By: Author Posts - Author Pattern (Passive Detection)
14392 | Confirmed By: Wp Json Api (Aggressive Detection)
14393 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14394
14395[+] christian_action
14396 | Detected By: Author Posts - Author Pattern (Passive Detection)
14397 | Confirmed By:
14398 | Wp Json Api (Aggressive Detection)
14399 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14400 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14401 | Login Error Messages (Aggressive Detection)
14402
14403[+] News Editor
14404 | Detected By: Rss Generator (Passive Detection)
14405 | Confirmed By:
14406 | Rss Generator (Aggressive Detection)
14407 | Login Error Messages (Aggressive Detection)
14408
14409[+] Jerry Skirvin
14410 | Detected By: Rss Generator (Passive Detection)
14411 | Confirmed By:
14412 | Rss Generator (Aggressive Detection)
14413 | Login Error Messages (Aggressive Detection)
14414
14415[+] 828_Tech
14416 | Detected By: Wp Json Api (Aggressive Detection)
14417 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14418 | Confirmed By: Login Error Messages (Aggressive Detection)
14419
14420[+] david-carroll
14421 | Detected By: Wp Json Api (Aggressive Detection)
14422 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14423 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14424
14425[+] martin-fisher
14426 | Detected By: Wp Json Api (Aggressive Detection)
14427 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14428 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14429
14430[+] pixelnotch
14431 | Detected By: Wp Json Api (Aggressive Detection)
14432 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14433 | Confirmed By:
14434 | Oembed API - Author URL (Aggressive Detection)
14435 | - https://christianaction.org/wp-json/oembed/1.0/embed?url=https://christianaction.org/&format=json
14436 | Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14437
14438[+] shannon
14439 | Detected By: Wp Json Api (Aggressive Detection)
14440 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14441
14442[+] wire-reports
14443 | Detected By: Wp Json Api (Aggressive Detection)
14444 | - https://christianaction.org/wp-json/wp/v2/users/?per_page=100&page=1
14445 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14446
14447[+] patti-pierucci
14448 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14449
14450[+] michaelmmawyer
14451 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14452
14453[+] bonnie-mawyer
14454 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14455
14456[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
14457[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
14458
14459[+] Finished: Thu Oct 24 10:39:55 2019
14460[+] Requests Done: 48
14461[+] Cached Requests: 22
14462[+] Data Sent: 13.62 KB
14463[+] Data Received: 1.956 MB
14464[+] Memory used: 111.641 MB
14465[+] Elapsed time: 00:00:54
14466######################################################################################################################################
14467
14468[+] URL: https://christianaction.org/
14469[+] Started: Thu Oct 24 10:42:40 2019
14470
14471Interesting Finding(s):
14472
14473[+] https://christianaction.org/
14474 | Interesting Entries:
14475 | - server: nginx
14476 | - x-powered-by: PHP/7.1.30
14477 | - x-proxy-cache: MISS
14478 | - alt-svc: quic=":443"; ma=86400; v="43,39"
14479 | Found By: Headers (Passive Detection)
14480 | Confidence: 100%
14481
14482[+] https://christianaction.org/robots.txt
14483 | Interesting Entries:
14484 | - /wp-admin/
14485 | - /wp-admin/admin-ajax.php
14486 | Found By: Robots Txt (Aggressive Detection)
14487 | Confidence: 100%
14488
14489[+] https://christianaction.org/xmlrpc.php
14490 | Found By: Link Tag (Passive Detection)
14491 | Confidence: 30%
14492 | References:
14493 | - http://codex.wordpress.org/XML-RPC_Pingback_API
14494 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner
14495 | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos
14496 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login
14497 | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access
14498
14499[+] https://christianaction.org/readme.html
14500 | Found By: Direct Access (Aggressive Detection)
14501 | Confidence: 100%
14502
14503[+] This site has 'Must Use Plugins': https://christianaction.org/wp-content/mu-plugins/
14504 | Found By: Direct Access (Aggressive Detection)
14505 | Confidence: 80%
14506 | Reference: http://codex.wordpress.org/Must_Use_Plugins
14507
14508[+] Upload directory has listing enabled: https://christianaction.org/wp-content/uploads/
14509 | Found By: Direct Access (Aggressive Detection)
14510 | Confidence: 100%
14511
14512[+] https://christianaction.org/wp-cron.php
14513 | Found By: Direct Access (Aggressive Detection)
14514 | Confidence: 60%
14515 | References:
14516 | - https://www.iplocation.net/defend-wordpress-from-ddos
14517 | - https://github.com/wpscanteam/wpscan/issues/1299
14518
14519[+] WordPress version 5.2.4 identified (Latest, released on 2019-10-14).
14520 | Detected By: Rss Generator (Passive Detection)
14521 | - https://christianaction.org/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14522 | - https://christianaction.org/comments/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14523 | - https://christianaction.org/keeping-america-christian/feed/, <generator>https://wordpress.org/?v=5.2.4</generator>
14524
14525[+] WordPress theme in use: Newspaper
14526 | Location: https://christianaction.org/wp-content/themes/Newspaper/
14527 | Readme: https://christianaction.org/wp-content/themes/Newspaper/readme.txt
14528 | Style URL: https://christianaction.org/wp-content/themes/Newspaper/style.css?ver=9.7.2
14529 | Style Name: Newspaper
14530 | Style URI: http://tagdiv.com
14531 | Description: Premium WordPress template, clean and easy to use....
14532 | Author: tagDiv
14533 | Author URI: http://themeforest.net/user/tagDiv/portfolio
14534 |
14535 | Detected By: Css Style (Passive Detection)
14536 |
14537 | Version: 9.7.2 (80% confidence)
14538 | Detected By: Style (Passive Detection)
14539 | - https://christianaction.org/wp-content/themes/Newspaper/style.css?ver=9.7.2, Match: 'Version: 9.7.2'
14540
14541[+] Enumerating Users (via Passive and Aggressive Methods)
14542 Brute Forcing Author IDs - Time: 00:00:03 <============> (10 / 10) 100.00% Time: 00:00:03
14543
14544[i] User(s) Identified:
14545
14546[+] news-editor
14547 | Detected By: Author Posts - Author Pattern (Passive Detection)
14548 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14549
14550[+] jerry-skirvin
14551 | Detected By: Author Posts - Author Pattern (Passive Detection)
14552
14553[+] christian_action
14554 | Detected By: Author Posts - Author Pattern (Passive Detection)
14555 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14556
14557[+] News Editor
14558 | Detected By: Rss Generator (Passive Detection)
14559 | Confirmed By: Rss Generator (Aggressive Detection)
14560
14561[+] Jerry Skirvin
14562 | Detected By: Rss Generator (Passive Detection)
14563 | Confirmed By: Rss Generator (Aggressive Detection)
14564
14565[+] pixelnotch
14566 | Detected By: Oembed API - Author URL (Aggressive Detection)
14567 | - https://christianaction.org/wp-json/oembed/1.0/embed?url=https://christianaction.org/&format=json
14568 | Confirmed By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14569
14570[+] patti-pierucci
14571 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14572
14573[+] martin-fisher
14574 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14575
14576[+] michaelmmawyer
14577 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14578
14579[+] wire-reports
14580 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14581
14582[+] bonnie-mawyer
14583 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14584
14585[+] david-carroll
14586 | Detected By: Author Id Brute Forcing - Author Pattern (Aggressive Detection)
14587
14588[!] No WPVulnDB API Token given, as a result vulnerability data has not been output.
14589[!] You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/users/sign_up.
14590
14591[+] Finished: Thu Oct 24 10:42:51 2019
14592[+] Requests Done: 15
14593[+] Cached Requests: 50
14594[+] Data Sent: 4.078 KB
14595[+] Data Received: 3.652 KB
14596[+] Memory used: 111.758 MB
14597[+] Elapsed time: 00:00:11
14598######################################################################################################################################
14599[INFO] ------TARGET info------
14600[*] TARGET: https://christianaction.org/
14601[*] TARGET IP: 37.60.233.207
14602[INFO] NO load balancer detected for christianaction.org...
14603[*] DNS servers: NS7.WORLDNIC.COM.
14604[*] TARGET server: nginx
14605[*] CC: US
14606[*] Country: United States
14607[*] RegionCode: IL
14608[*] RegionName: Illinois
14609[*] City: Chicago
14610[*] ASN: AS32475
14611[*] BGP_PREFIX: 37.60.233.0/24
14612[*] ISP: SINGLEHOP-LLC - SingleHop LLC, US
14613[INFO] SSL/HTTPS certificate detected
14614[*] Issuer: issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
14615[*] Subject: subject=CN = christianaction.org
14616[ALERT] Let's Encrypt is commonly used for Phishing
14617[INFO] DNS enumeration:
14618[*] ad.christianaction.org 37.60.233.207
14619[*] admin.christianaction.org 37.60.233.207
14620[*] ads.christianaction.org 37.60.233.207
14621[*] alpha.christianaction.org 37.60.233.207
14622[*] api.christianaction.org 37.60.233.207
14623[*] api-online.christianaction.org 37.60.233.207
14624[*] apolo.christianaction.org 37.60.233.207
14625[*] app.christianaction.org 37.60.233.207
14626[*] beta.christianaction.org 37.60.233.207
14627[*] bi.christianaction.org 37.60.233.207
14628[*] blog.christianaction.org 37.60.233.207
14629[*] cdn.christianaction.org 37.60.233.207
14630[*] events.christianaction.org 37.60.233.207
14631[*] ex.christianaction.org 37.60.233.207
14632[*] files.christianaction.org 37.60.233.207
14633[*] ftp.christianaction.org 37.60.233.207
14634[*] gateway.christianaction.org 37.60.233.207
14635[*] go.christianaction.org 37.60.233.207
14636[*] help.christianaction.org 37.60.233.207
14637[*] ib.christianaction.org 37.60.233.207
14638[*] images.christianaction.org 37.60.233.207
14639[*] internetbanking.christianaction.org 37.60.233.207
14640[*] intranet.christianaction.org 37.60.233.207
14641[*] jobs.christianaction.org 37.60.233.207
14642[*] join.christianaction.org 37.60.233.207
14643[*] live.christianaction.org 37.60.233.207
14644[*] login.christianaction.org 37.60.233.207
14645[*] m.christianaction.org 37.60.233.207
14646[*] mail.christianaction.org 37.60.233.207
14647[*] mail2.christianaction.org 37.60.233.207
14648[*] mobile.christianaction.org 37.60.233.207
14649[*] moodle.christianaction.org 37.60.233.207
14650[*] mx.christianaction.org 37.60.233.207
14651[*] mx2.christianaction.org 37.60.233.207
14652[*] mx3.christianaction.org 37.60.233.207
14653[*] my.christianaction.org 37.60.233.207
14654[*] new.christianaction.org 37.60.233.207
14655[*] news.christianaction.org 37.60.233.207
14656[*] ns1.christianaction.org 37.60.233.207
14657[*] ns2.christianaction.org 37.60.233.207
14658[*] ns3.christianaction.org 37.60.233.207
14659[*] oauth.christianaction.org 37.60.233.207
14660[*] old.christianaction.org 37.60.233.207
14661[*] one.christianaction.org 37.60.233.207
14662[*] open.christianaction.org 37.60.233.207
14663[*] out.christianaction.org 37.60.233.207
14664[*] outlook.christianaction.org 37.60.233.207
14665[*] portfolio.christianaction.org 37.60.233.207
14666[*] raw.christianaction.org 37.60.233.207
14667[*] repo.christianaction.org 37.60.233.207
14668[*] router.christianaction.org 37.60.233.207
14669[*] search.christianaction.org 37.60.233.207
14670[*] siem.christianaction.org 37.60.233.207
14671[*] slack.christianaction.org 37.60.233.207
14672[*] slackbot.christianaction.org 37.60.233.207
14673[*] snmp.christianaction.org 37.60.233.207
14674[*] stream.christianaction.org 37.60.233.207
14675[*] support.christianaction.org 37.60.233.207
14676[*] syslog.christianaction.org 37.60.233.207
14677[*] tags.christianaction.org 37.60.233.207
14678[*] test.christianaction.org 37.60.233.207
14679[*] upload.christianaction.org 37.60.233.207
14680[*] video.christianaction.org 37.60.233.207
14681[*] vpn.christianaction.org 37.60.233.207
14682[*] webconf.christianaction.org 37.60.233.207
14683[*] webmail.christianaction.org 37.60.233.207
14684[*] webportal.christianaction.org 37.60.233.207
14685[*] wiki.christianaction.org 37.60.233.207
14686[*] www2.christianaction.org 37.60.233.207
14687[*] www3.christianaction.org 37.60.233.207
14688[*] zendesk.christianaction.org 37.60.233.207
14689[INFO] Possible abuse mails are:
14690[*] abuse@christianaction.org
14691[*] abuse@singlehop.com
14692[*] abuse@siteground.com
14693[*] abuse@softlayer.com
14694[INFO] NO PAC (Proxy Auto Configuration) file FOUND
14695[ALERT] robots.txt file FOUND in http://christianaction.org/robots.txt
14696[INFO] Checking for HTTP status codes recursively from http://christianaction.org/robots.txt
14697[INFO] Status code Folders
14698[INFO] Starting FUZZing in http://christianaction.org/FUzZzZzZzZz...
14699[INFO] Status code Folders
14700[*] 200 http://christianaction.org/index
14701[*] 200 http://christianaction.org/images
14702[*] 200 http://christianaction.org/download
14703[*] 200 http://christianaction.org/2006
14704[*] 200 http://christianaction.org/news
14705[*] 200 http://christianaction.org/crack
14706[*] 200 http://christianaction.org/serial
14707[*] 200 http://christianaction.org/warez
14708[*] 200 http://christianaction.org/full
14709[*] 200 http://christianaction.org/12
14710[ALERT] Look in the source code. It may contain passwords
14711[INFO] SAME content in http://christianaction.org/ AND http://37.60.233.207/
14712[INFO] Links found from https://christianaction.org/:
14713[*] https://christianaction.org/
14714[INFO] GOOGLE has 493,000 results (0.21 seconds) about http://christianaction.org/
14715[INFO] BING shows 37.60.233.207 is shared with 8,960 hosts/vhosts
14716[INFO] Shodan detected the following opened ports on 37.60.233.207:
14717[*] 0
14718[*] 1
14719[*] 110
14720[*] 143
14721[*] 2082
14722[*] 2083
14723[*] 2086
14724[*] 2087
14725[*] 2096
14726[*] 21
14727[*] 3
14728[*] 3306
14729[*] 4
14730[*] 443
14731[*] 465
14732[*] 53
14733[*] 587
14734[*] 6
14735[*] 80
14736[*] 993
14737[INFO] ------VirusTotal SECTION------
14738[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
14739[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
14740[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
14741[INFO] ------Alexa Rank SECTION------
14742[INFO] Percent of Visitors Rank in Country:
14743[INFO] Percent of Search Traffic:
14744[INFO] Percent of Unique Visits:
14745[INFO] Total Sites Linking In:
14746[*] Total Sites
14747[INFO] Useful links related to christianaction.org - 37.60.233.207:
14748[*] https://www.virustotal.com/pt/ip-address/37.60.233.207/information/
14749[*] https://www.hybrid-analysis.com/search?host=37.60.233.207
14750[*] https://www.shodan.io/host/37.60.233.207
14751[*] https://www.senderbase.org/lookup/?search_string=37.60.233.207
14752[*] https://www.alienvault.com/open-threat-exchange/ip/37.60.233.207
14753[*] http://pastebin.com/search?q=37.60.233.207
14754[*] http://urlquery.net/search.php?q=37.60.233.207
14755[*] http://www.alexa.com/siteinfo/christianaction.org
14756[*] http://www.google.com/safebrowsing/diagnostic?site=christianaction.org
14757[*] https://censys.io/ipv4/37.60.233.207
14758[*] https://www.abuseipdb.com/check/37.60.233.207
14759[*] https://urlscan.io/search/#37.60.233.207
14760[*] https://github.com/search?q=37.60.233.207&type=Code
14761[INFO] Useful links related to AS32475 - 37.60.233.0/24:
14762[*] http://www.google.com/safebrowsing/diagnostic?site=AS:32475
14763[*] https://www.senderbase.org/lookup/?search_string=37.60.233.0/24
14764[*] http://bgp.he.net/AS32475
14765[*] https://stat.ripe.net/AS32475
14766[INFO] Date: 24/10/19 | Time: 10:44:43
14767[INFO] Total time: 1 minute(s) and 30 second(s)
14768#####################################################################################################################################
14769[-] Target: https://christianaction.org (37.60.233.207)
14770[I] Server: nginx
14771[I] X-Powered-By: PHP/7.1.30
14772[L] X-Frame-Options: Not Enforced
14773[I] Strict-Transport-Security: Not Enforced
14774[I] X-Content-Security-Policy: Not Enforced
14775[I] X-Content-Type-Options: Not Enforced
14776[L] Robots.txt Found: https://christianaction.org/robots.txt
14777[I] CMS Detection: WordPress
14778[I] Wordpress Version: 5.2.4
14779[I] Wordpress Theme: Newspaper
14780[M] EDB-ID: 39894 "WordPress Theme Newspaper 6.7.1 - Privilege Escalation"
14781[-] WordPress usernames identified:
14782[M] Jerry Skirvin
14783[M] News Editor
14784[M] Pixelnotch
14785[M] pixelnotch
14786[M] XML-RPC services are enabled
14787[I] Autocomplete Off Not Found: https://christianaction.org/wp-login.php
14788[-] Default WordPress Files:
14789[I] https://christianaction.org/license.txt
14790[I] https://christianaction.org/readme.html
14791[I] https://christianaction.org/wp-content/themes/twentyeleven/license.txt
14792[I] https://christianaction.org/wp-content/themes/twentyeleven/readme.txt
14793[I] https://christianaction.org/wp-content/themes/twentyfifteen/genericons/COPYING.txt
14794[I] https://christianaction.org/wp-content/themes/twentyfifteen/genericons/LICENSE.txt
14795[I] https://christianaction.org/wp-content/themes/twentyfifteen/readme.txt
14796[I] https://christianaction.org/wp-content/themes/twentyfourteen/genericons/COPYING.txt
14797[I] https://christianaction.org/wp-content/themes/twentyfourteen/genericons/LICENSE.txt
14798[I] https://christianaction.org/wp-content/themes/twentyfourteen/genericons/README.txt
14799[I] https://christianaction.org/wp-content/themes/twentyfourteen/readme.txt
14800[I] https://christianaction.org/wp-content/themes/twentynineteen/readme.txt
14801[I] https://christianaction.org/wp-content/themes/twentyseventeen/README.txt
14802[I] https://christianaction.org/wp-content/themes/twentysixteen/genericons/COPYING.txt
14803[I] https://christianaction.org/wp-content/themes/twentysixteen/genericons/LICENSE.txt
14804[I] https://christianaction.org/wp-content/themes/twentysixteen/readme.txt
14805[I] https://christianaction.org/wp-content/themes/twentyten/license.txt
14806[I] https://christianaction.org/wp-content/themes/twentyten/readme.txt
14807[I] https://christianaction.org/wp-content/themes/twentythirteen/genericons/COPYING.txt
14808[I] https://christianaction.org/wp-content/themes/twentythirteen/genericons/LICENSE.txt
14809[I] https://christianaction.org/wp-content/themes/twentythirteen/genericons/README.txt
14810[I] https://christianaction.org/wp-content/themes/twentythirteen/readme.txt
14811[I] https://christianaction.org/wp-content/themes/twentytwelve/readme.txt
14812[I] https://christianaction.org/wp-content/themes/twentytwenty/readme.txt
14813[I] https://christianaction.org/wp-includes/ID3/license.commercial.txt
14814[I] https://christianaction.org/wp-includes/ID3/license.txt
14815[I] https://christianaction.org/wp-includes/ID3/readme.txt
14816[I] https://christianaction.org/wp-includes/images/crystal/license.txt
14817[I] https://christianaction.org/wp-includes/js/plupload/license.txt
14818[I] https://christianaction.org/wp-includes/js/swfupload/license.txt
14819[I] https://christianaction.org/wp-includes/js/tinymce/license.txt
14820[-] Searching Wordpress Plugins ...
14821[I] "+plugin+"
14822[I] $plugin
14823[I] 1-flash-gallery
14824[M] EDB-ID: 17801 "WordPress Plugin 1 Flash Gallery 1.30 < 1.5.7a - Arbitrary File Upload (Metasploit)"
14825[I] 1-jquery-photo-gallery-slideshow-flash
14826[M] EDB-ID: 36382 "WordPress Plugin 1-jquery-photo-gallery-Slideshow-flash 1.01 - Cross-Site Scripting"
14827[I] 2-click-socialmedia-buttons
14828[M] EDB-ID: 37178 "WordPress Plugin 2 Click Social Media Buttons 0.32.2 - Multiple Cross-Site Scripting Vulnerabilities"
14829[I] Calendar
14830[M] EDB-ID: 21715 "WordPress Plugin spider Calendar - Multiple Vulnerabilities"
14831[I] Calendar-Script
14832[M] EDB-ID: 38018 "WordPress Plugin PHP Event Calendar - 'cid' SQL Injection"
14833[I] Enigma2.php?boarddir=http:
14834[I] FlagEm
14835[M] EDB-ID: 38674 "WordPress Plugin FlagEm - 'cID' Cross-Site Scripting"
14836[I] Lead-Octopus-Power
14837[M] EDB-ID: 39269 "WordPress Plugin Lead Octopus Power - 'id' SQL Injection"
14838[I] Premium_Gallery_Manager
14839[M] EDB-ID: 34538 "WordPress Plugin Premium Gallery Manager - Configuration Access"
14840[M] EDB-ID: 39111 "WordPress Plugin Premium Gallery Manager - Arbitrary File Upload"
14841[I] Tevolution
14842[M] EDB-ID: 40976 "WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload"
14843[I] a-gallery
14844[M] EDB-ID: 17872 "Multiple WordPress Plugins - 'timthumb.php' File Upload"
14845[I] a-to-z-category-listing
14846[M] EDB-ID: 17809 "WordPress Plugin A to Z Category Listing 1.3 - SQL Injection"
14847[I] abtest
14848[M] EDB-ID: 39577 "WordPress Plugin Abtest - Local File Inclusion"
14849[I] accept-signups
14850[M] EDB-ID: 35136 "WordPress Plugin Accept Signups 0.1 - 'email' Cross-Site Scripting"
14851[I] acf-frontend-display
14852[I] ad-wizz
14853[M] EDB-ID: 35561 "WordPress Plugin WPwizz AdWizz Plugin 1.0 - 'link' Cross-Site Scripting"
14854[I] admin_panel.php?wp_footnotes_current_settings[post_footnotes]=<
14855/bin/sh: 1: lt: not found
14856/bin/sh: 1: [&=/]: not found
14857[I] admin_panel.php?wp_footnotes_current_settings[pre_footnotes]=<
14858/bin/sh: 1: lt: not found
14859/bin/sh: 1: [&=/]: not found
14860[I] adminimize
14861[M] EDB-ID: 36325 "WordPress Plugin Adminimize 1.7.21 - 'page' Cross-Site Scripting"
14862[I] adrotate
14863[M] EDB-ID: 17888 "WordPress Plugin AdRotate 3.6.5 - SQL Injection"
14864[M] EDB-ID: 18114 "WordPress Plugin AdRotate 3.6.6 - SQL Injection"
14865[M] EDB-ID: 31834 "WordPress Plugin AdRotate 3.9.4 - 'clicktracker.ph?track' SQL Injection"
14866[I] ads-box
14867[M] EDB-ID: 38060 "WordPress Plugin Ads Box - 'count' SQL Injection"
14868[I] advanced-dewplayer
14869[M] EDB-ID: 38936 "WordPress Plugin Advanced Dewplayer - 'download-file.php' Script Directory Traversal"
14870[I] advanced-text-widget
14871[M] EDB-ID: 36324 "WordPress Plugin Advanced Text Widget 2.0 - 'page' Cross-Site Scripting"
14872[I] advanced-uploader
14873[M] EDB-ID: 38867 "WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities"
14874[I] advertizer
14875[M] EDB-ID: 17750 "WordPress Plugin Advertizer 1.0 - SQL Injection"
14876[I] age-verification
14877[M] EDB-ID: 18350 "WordPress Plugin Age Verification 0.4 - Open Redirect"
14878[M] EDB-ID: 36540 "WordPress Plugin Age Verification 0.4 - 'redirect_to' Open Redirection"
14879[I] ajax-category-dropdown
14880[M] EDB-ID: 17207 "WordPress Plugin Ajax Category Dropdown 0.1.5 - Multiple Vulnerabilities"
14881[I] ajax-store-locator-wordpress_0
14882[M] EDB-ID: 35493 "WordPress Plugin Ajax Store Locator 1.2 - Arbitrary File Download"
14883[I] ajaxgallery
14884[M] EDB-ID: 17686 "WordPress Plugin Ajax Gallery 3.0 - SQL Injection"
14885[I] akismet
14886[M] EDB-ID: 37826 "WordPress 3.4.2 - Multiple Path Disclosure Vulnerabilities"
14887[M] EDB-ID: 37902 "WordPress Plugin Akismet - Multiple Cross-Site Scripting Vulnerabilities"
14888[I] alert-before-your-post
14889[M] EDB-ID: 36323 "WordPress Plugin Alert Before Your Post - 'name' Cross-Site Scripting"
14890[I] all-in-one-event-calendar
14891[M] EDB-ID: 37075 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget-form.php?title' Cross-Site Scripting"
14892[M] EDB-ID: 37076 "WordPress Plugin All-in-One Event Calendar 1.4 - 'box_publish_button.php?button_value' Cross-Site Scripting"
14893[M] EDB-ID: 37077 "WordPress Plugin All-in-One Event Calendar 1.4 - 'save_successful.php?msg' Cross-Site Scripting"
14894[M] EDB-ID: 37078 "WordPress Plugin All-in-One Event Calendar 1.4 - 'agenda-widget.php' Multiple Cross-Site Scripting Vulnerabilities"
14895[I] all-in-one-wp-security-and-firewall
14896[M] EDB-ID: 34854 "WordPress Plugin All In One WP Security & Firewall 3.8.3 - Persistent Cross-Site Scripting"
14897[I] all-video-gallery
14898[M] EDB-ID: 22427 "WordPress Plugin All Video Gallery 1.1 - SQL Injection"
14899[I] allow-php-in-posts-and-pages
14900[M] EDB-ID: 17688 "WordPress Plugin Allow PHP in Posts and Pages 2.0.0.RC1 - SQL Injection"
14901[I] allwebmenus-wordpress-menu-plugin
14902[M] EDB-ID: 17861 "WordPress Plugin AllWebMenus 1.1.3 - Remote File Inclusion"
14903[M] EDB-ID: 18407 "WordPress Plugin AllWebMenus < 1.1.9 Menu Plugin - Arbitrary File Upload"
14904[I] alo-easymail
14905[I] annonces
14906[M] EDB-ID: 17863 "WordPress Plugin Annonces 1.2.0.0 - Remote File Inclusion"
14907[I] answer-my-question
14908[M] EDB-ID: 40771 "WordPress Plugin Answer My Question 1.3 - SQL Injection"
14909[I] appointment-booking-calendar
14910[M] EDB-ID: 39309 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection"
14911[M] EDB-ID: 39319 "WordPress Plugin Booking Calendar Contact Form 1.1.23 - Shortcode SQL Injection"
14912[M] EDB-ID: 39341 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities"
14913[M] EDB-ID: 39342 "WordPress Plugin Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection"
14914[I] aspose-doc-exporter
14915[M] EDB-ID: 36559 "WordPress Plugin aspose-doc-exporter 1.0 - Arbitrary File Download"
14916[I] asset-manager
14917[M] EDB-ID: 18993 "WordPress Plugin Asset Manager 0.2 - Arbitrary File Upload"
14918[I] audio
14919[M] EDB-ID: 35258 "WordPress Plugin Audio 0.5.1 - 'showfile' Cross-Site Scripting"
14920[I] audio-player
14921[M] EDB-ID: 38300 "WordPress Plugin Audio Player - 'playerID' Cross-Site Scripting"
14922[I] auto-attachments
14923[I] aviary-image-editor-add-on-for-gravity-forms
14924[M] EDB-ID: 37275 "WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload"
14925[I] backwpup
14926[M] EDB-ID: 35400 "WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities"
14927[I] baggage-freight
14928[M] EDB-ID: 46061 "WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload"
14929[I] baggage_shipping
14930[I] bbpress
14931[M] EDB-ID: 22396 "WordPress Plugin bbPress - Multiple Vulnerabilities"
14932[I] bezahlcode-generator
14933[M] EDB-ID: 35286 "WordPress Plugin BezahlCode Generator 1.0 - 'gen_name' Cross-Site Scripting"
14934[I] booking
14935[M] EDB-ID: 27399 "WordPress Plugin Booking Calendar 4.1.4 - Cross-Site Request Forgery"
14936[I] booking-calendar-contact-form
14937[M] EDB-ID: 37003 "WordPress Plugin Booking Calendar Contact Form 1.0.2 - Multiple Vulnerabilities"
14938[I] bookx
14939[M] EDB-ID: 39251 "WordPress Plugin BookX 1.7 - 'bookx_export.php' Local File Inclusion"
14940[I] brandfolder
14941[M] EDB-ID: 39591 "WordPress Plugin Brandfolder 3.0 - Local/Remote File Inclusion"
14942[I] cac-featured-content
14943[I] candidate-application-form
14944[M] EDB-ID: 37754 "WordPress Plugin Candidate Application Form 1.0 - Arbitrary File Download"
14945[I] catalog
14946[M] EDB-ID: 25724 "WordPress Plugin Spider Catalog 1.4.6 - Multiple Vulnerabilities"
14947[M] EDB-ID: 38639 "WordPress Plugin miniBB - SQL Injection / Multiple Cross-Site Scripting Vulnerabilities"
14948[I] category-grid-view-gallery
14949[M] EDB-ID: 38625 "WordPress Plugin Category Grid View Gallery - 'ID' Cross-Site Scripting"
14950[I] category-list-portfolio-page
14951[I] cevhershare
14952[M] EDB-ID: 17891 "WordPress Plugin CevherShare 2.0 - SQL Injection"
14953[I] cforms
14954[M] EDB-ID: 34946 "WordPress Plugin cformsII 11.5/13.1 - 'lib_ajax.php' Multiple Cross-Site Scripting Vulnerabilities"
14955[I] cforms2
14956[M] EDB-ID: 35879 "WordPress Plugin Cforms 14.7 - Remote Code Execution"
14957[I] chenpress
14958[M] EDB-ID: 37522 "WordPress Plugin chenpress - Arbitrary File Upload"
14959[I] church-admin
14960[M] EDB-ID: 37483 "WordPress Plugin church_admin - 'id' Cross-Site Scripting"
14961[I] cimy-counter
14962[M] EDB-ID: 14057 "WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting"
14963[M] EDB-ID: 34195 "WordPress Plugin Cimy Counter 0.9.4 - HTTP Response Splitting / Cross-Site Scripting"
14964[I] clickdesk-live-support-chat
14965[M] EDB-ID: 36338 "WordPress Plugin ClickDesk Live Support 2.0 - 'cdwidget' Cross-Site Scripting"
14966[I] cloudsafe365-for-wp
14967[M] EDB-ID: 37681 "WordPress Plugin Cloudsafe365 - 'file' Remote File Disclosure"
14968[I] cm-download-manager
14969[M] EDB-ID: 35324 "WordPress Plugin CM Download Manager 2.0.0 - Code Injection"
14970[I] cms-pack
14971[I] cnhk-slideshow
14972[M] EDB-ID: 39190 "WordPress Plugin cnhk-Slideshow - Arbitrary File Upload"
14973[I] comicpress-manager
14974[M] EDB-ID: 35393 "WordPress Plugin ComicPress Manager 1.4.9 - 'lang' Cross-Site Scripting"
14975[I] comment-rating
14976[M] EDB-ID: 16221 "WordPress Plugin Comment Rating 2.9.23 - Multiple Vulnerabilities"
14977[M] EDB-ID: 24552 "WordPress Plugin Comment Rating 2.9.32 - Multiple Vulnerabilities"
14978[M] EDB-ID: 36487 "WordPress Plugin Comment Rating 2.9.20 - 'path' Cross-Site Scripting"
14979[I] community-events
14980[M] EDB-ID: 17798 "WordPress Plugin Community Events 1.2.1 - SQL Injection"
14981[I] complete-gallery-manager
14982[M] EDB-ID: 28377 "WordPress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload"
14983[I] contact-form-generator
14984[M] EDB-ID: 38086 "WordPress Plugin Contact Form Generator 2.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities"
14985[I] contact-form-wordpress
14986[M] EDB-ID: 17980 "WordPress Plugin Contact Form 2.7.5 - SQL Injection"
14987[I] contus-hd-flv-player
14988[M] EDB-ID: 17678 "WordPress Plugin Contus HD FLV Player 1.3 - SQL Injection"
14989[M] EDB-ID: 37377 "WordPress Plugin HD FLV Player - 'uploadVideo.php' Arbitrary File Upload"
14990[I] contus-video-gallery
14991[M] EDB-ID: 34161 "WordPress Plugin Video Gallery 2.5 - Multiple Vulnerabilities"
14992[I] contus-video-galleryversion-10
14993[M] EDB-ID: 37373 "WordPress Plugin Contus Video Gallery - 'upload1.php' Arbitrary File Upload"
14994[I] copyright-licensing-tools
14995[M] EDB-ID: 17749 "WordPress Plugin iCopyright(R) Article Tools 1.1.4 - SQL Injection"
14996[I] count-per-day
14997[M] EDB-ID: 17857 "WordPress Plugin Count per Day 2.17 - SQL Injection"
14998[M] EDB-ID: 18355 "WordPress Plugin Count Per Day - Multiple Vulnerabilities"
14999[M] EDB-ID: 20862 "WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting"
15000[I] couponer
15001[M] EDB-ID: 17759 "WordPress Plugin Couponer 1.2 - SQL Injection"
15002[I] cp-polls
15003[M] EDB-ID: 39513 "WordPress Plugin CP Polls 1.0.8 - Multiple Vulnerabilities"
15004[I] cp-reservation-calendar
15005[M] EDB-ID: 38187 "WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection"
15006[I] cpl
15007[M] EDB-ID: 11458 "WordPress Plugin Copperleaf Photolog 0.16 - SQL Injection"
15008[I] crawlrate-tracker
15009[M] EDB-ID: 17755 "WordPress Plugin Crawl Rate Tracker 2.0.2 - SQL Injection"
15010[I] crayon-syntax-highlighter
15011[M] EDB-ID: 37946 "WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion"
15012[I] custom-background
15013[M] EDB-ID: 39135 "WordPress Theme Felici - 'Uploadify.php' Arbitrary File Upload"
15014[I] custom-content-type-manager
15015[M] EDB-ID: 19058 "WordPress Plugin Custom Content Type Manager 0.9.5.13-pl - Arbitrary File Upload"
15016[I] custom-tables
15017[M] EDB-ID: 37482 "WordPress Plugin custom tables - 'key' Cross-Site Scripting"
15018[I] cysteme-finder
15019[M] EDB-ID: 40295 "WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload"
15020[I] daily-maui-photo-widget
15021[M] EDB-ID: 35673 "WordPress Plugin Daily Maui Photo Widget 0.2 - Multiple Cross-Site Scripting Vulnerabilities"
15022[I] db-backup
15023[M] EDB-ID: 35378 "WordPress Plugin DB Backup - Arbitrary File Download"
15024[I] disclosure-policy-plugin
15025[M] EDB-ID: 17865 "WordPress Plugin Disclosure Policy 1.0 - Remote File Inclusion"
15026[I] dm-albums
15027[M] EDB-ID: 9043 "Adobe Flash Selection.SetSelection - Use-After-Free"
15028[M] EDB-ID: 9048 "Adobe Flash TextField.replaceText - Use-After-Free"
15029[I] dmsguestbook
15030[I] downloads-manager
15031[M] EDB-ID: 6127 "Pixel Studio 2.17 - Denial of Service (PoC)"
15032[I] dp-thumbnail
15033[I] drag-drop-file-uploader
15034[M] EDB-ID: 19057 "WordPress Plugin drag and drop file upload 0.1 - Arbitrary File Upload"
15035[I] dukapress
15036[M] EDB-ID: 35346 "WordPress Plugin DukaPress 2.5.2 - Directory Traversal"
15037[I] duplicator
15038[M] EDB-ID: 38676 "WordPress Plugin Duplicator - Cross-Site Scripting"
15039[M] EDB-ID: 44288 "WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting"
15040[I] dzs-videogallery
15041[M] EDB-ID: 29834 "WordPress Plugin dzs-videogallery - Arbitrary File Upload"
15042[M] EDB-ID: 30063 "WordPress Plugin DZS Video Gallery 3.1.3 - Remote File Disclosure / Local File Disclosure"
15043[M] EDB-ID: 39250 "WordPress Plugin DZS-VideoGallery - Cross-Site Scripting / Command Injection"
15044[M] EDB-ID: 39553 "WordPress Plugin DZS Videogallery < 8.60 - Multiple Vulnerabilities"
15045[I] dzs-zoomsounds
15046[M] EDB-ID: 37166 "WordPress Plugin dzs-zoomsounds 2.0 - Arbitrary File Upload"
15047[I] easy-contact-form-lite
15048[M] EDB-ID: 17680 "WordPress Plugin Easy Contact Form Lite 1.0.7 - SQL Injection"
15049[I] easy-contact-forms-exporter
15050[M] EDB-ID: 19013 "WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure"
15051[I] ebook-download
15052[M] EDB-ID: 39575 "WordPress Plugin eBook Download 1.1 - Directory Traversal"
15053[I] eco-annu
15054[M] EDB-ID: 38019 "WordPress Plugin Eco-annu - 'eid' SQL Injection"
15055[I] editormonkey
15056[M] EDB-ID: 17284 "WordPress Plugin EditorMonkey 2.5 - 'FCKeditor' Arbitrary File Upload"
15057[I] email-newsletter
15058[M] EDB-ID: 37356 "WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure"
15059[I] evarisk
15060[M] EDB-ID: 17738 "WordPress Plugin Evarisk 5.1.3.6 - SQL Injection"
15061[M] EDB-ID: 37399 "WordPress Plugin Evarisk - 'uploadPhotoApres.php' Arbitrary File Upload"
15062[I] event-registration
15063[M] EDB-ID: 17751 "WordPress Plugin Event Registration 5.4.3 - SQL Injection"
15064[I] eventify
15065[M] EDB-ID: 17794 "WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection"
15066[I] extend-wordpress
15067[I] facebook-opengraph-meta-plugin
15068[M] EDB-ID: 17773 "WordPress Plugin Facebook Opengraph Meta 1.0 - SQL Injection"
15069[I] fbgorilla
15070[M] EDB-ID: 39283 "WordPress Plugin FB Gorilla - 'game_play.php' SQL Injection"
15071[I] fbpromotions
15072[M] EDB-ID: 17737 "WordPress Plugin Facebook Promotions 1.3.3 - SQL Injection"
15073[I] fcchat
15074[M] EDB-ID: 35289 "WordPress Plugin FCChat Widget 2.1.7 - 'path' Cross-Site Scripting"
15075[M] EDB-ID: 37370 "WordPress Plugin FCChat Widget 2.2.x - 'upload.php' Arbitrary File Upload"
15076[I] feature-slideshow
15077[M] EDB-ID: 35285 "WordPress Plugin Feature Slideshow 1.0.6 - 'src' Cross-Site Scripting"
15078[I] featurific-for-wordpress
15079[M] EDB-ID: 36339 "WordPress Plugin Featurific For WordPress 1.6.2 - 'snum' Cross-Site Scripting"
15080[I] feed
15081[M] EDB-ID: 38624 "WordPress Plugin WP Feed - 'nid' SQL Injection"
15082[I] feedlist
15083[M] EDB-ID: 34973 "WordPress Plugin FeedList 2.61.01 - 'handler_image.php' Cross-Site Scripting"
15084[I] feedweb
15085[M] EDB-ID: 38414 "WordPress Plugin Feedweb - 'wp_post_id' Cross-Site Scripting"
15086[I] fgallery
15087[M] EDB-ID: 4993 "GitList 0.6.0 - Argument Injection (Metasploit)"
15088[I] file-groups
15089[M] EDB-ID: 17677 "WordPress Plugin File Groups 1.1.2 - SQL Injection"
15090[I] filedownload
15091[M] EDB-ID: 17858 "WordPress Plugin Filedownload 0.1 - 'download.php' Remote File Disclosure"
15092[I] finder
15093[M] EDB-ID: 37677 "WordPress Plugin Finder - 'order' Cross-Site Scripting"
15094[I] firestats
15095[M] EDB-ID: 14308 "WordPress Plugin Firestats - Remote Configuration File Download"
15096[M] EDB-ID: 33367 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (1)"
15097[M] EDB-ID: 33368 "WordPress Plugin Firestats 1.0.2 - Multiple Cross-Site Scripting / Authentication Bypass Vulnerabilities (2)"
15098[I] flash-album-gallery
15099[M] EDB-ID: 16947 "WordPress Plugin GRAND Flash Album Gallery 0.55 - Multiple Vulnerabilities"
15100[M] EDB-ID: 36383 "WordPress Plugin flash-album-gallery - 'facebook.php' Cross-Site Scripting"
15101[M] EDB-ID: 36434 "WordPress Plugin GRAND FlAGallery 1.57 - 'flagshow.php' Cross-Site Scripting"
15102[M] EDB-ID: 36444 "WordPress Plugin flash-album-gallery - 'flagshow.php' Cross-Site Scripting"
15103[I] flexible-custom-post-type
15104[M] EDB-ID: 36317 "WordPress Plugin Flexible Custom Post Type - 'id' Cross-Site Scripting"
15105[I] flipbook
15106[M] EDB-ID: 37452 "WordPress Plugin Flip Book - 'PHP.php' Arbitrary File Upload"
15107[I] font-uploader
15108[M] EDB-ID: 18994 "WordPress Plugin Font Uploader 1.2.4 - Arbitrary File Upload"
15109[I] formcraft
15110[M] EDB-ID: 30002 "WordPress Plugin Formcraft - SQL Injection"
15111[I] forum-server
15112[M] EDB-ID: 16235 "WordPress Plugin Forum Server 1.6.5 - SQL Injection"
15113[M] EDB-ID: 17828 "WordPress Plugin Forum Server 1.7 - SQL Injection"
15114[I] foxypress
15115[M] EDB-ID: 18991 "WordPress Plugin Foxypress 0.4.1.1 < 0.4.2.1 - Arbitrary File Upload"
15116[M] EDB-ID: 22374 "WordPress Plugin foxypress 0.4.2.5 - Multiple Vulnerabilities"
15117[I] front-end-upload
15118[M] EDB-ID: 19008 "WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload"
15119[I] front-file-manager
15120[M] EDB-ID: 19012 "WordPress Plugin Front File Manager 0.1 - Arbitrary File Upload"
15121[I] fs-real-estate-plugin
15122[M] EDB-ID: 22071 "WordPress Plugin FireStorm Professional Real Estate 2.06.01 - SQL Injection"
15123[I] gallery-images
15124[M] EDB-ID: 34524 "WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection"
15125[M] EDB-ID: 39807 "WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities"
15126[I] gallery-plugin
15127[M] EDB-ID: 18998 "WordPress Plugin Gallery 3.06 - Arbitrary File Upload"
15128[M] EDB-ID: 38209 "WordPress Plugin Gallery - 'filename_1' Arbitrary File Access"
15129[I] gd-star-rating
15130[M] EDB-ID: 17973 "WordPress Plugin GD Star Rating 1.9.10 - SQL Injection"
15131[M] EDB-ID: 35373 "WordPress Plugin GD Star Rating 1.9.7 - 'wpfn' Cross-Site Scripting"
15132[M] EDB-ID: 35835 "WordPress Plugin GD Star Rating - 'votes' SQL Injection"
15133[I] gift-voucher
15134[M] EDB-ID: 45255 "WordPress Plugin Gift Voucher 1.0.5 - (Authenticated) 'template_id' SQL Injection"
15135[I] global-content-blocks
15136[M] EDB-ID: 17687 "WordPress Plugin Global Content Blocks 1.2 - SQL Injection"
15137[I] global-flash-galleries
15138[M] EDB-ID: 39059 "WordPress Plugin Global Flash Gallery - 'swfupload.php' Arbitrary File Upload"
15139[I] google-document-embedder
15140[M] EDB-ID: 35371 "WordPress Plugin Google Document Embedder 2.5.14 - SQL Injection"
15141[M] EDB-ID: 35447 "WordPress Plugin Google Document Embedder 2.5.16 - 'mysql_real_escpae_string' Bypass SQL Injection"
15142[I] google-mp3-audio-player
15143[M] EDB-ID: 35460 "WordPress Plugin CodeArt Google MP3 Player - File Disclosure Download"
15144[I] gracemedia-media-player
15145[M] EDB-ID: 46537 "WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion"
15146[I] grapefile
15147[M] EDB-ID: 17760 "WordPress Plugin grapefile 1.1 - Arbitrary File Upload"
15148[I] gwolle-gb
15149[M] EDB-ID: 38861 "WordPress Plugin Gwolle Guestbook 1.5.3 - Remote File Inclusion"
15150[I] hb-audio-gallery-lite
15151[M] EDB-ID: 39589 "WordPress Plugin HB Audio Gallery Lite 1.0.0 - Arbitrary File Download"
15152[I] hd-webplayer
15153[M] EDB-ID: 20918 "WordPress Plugin HD Webplayer 1.1 - SQL Injection"
15154[I] history-collection
15155[M] EDB-ID: 37254 "WordPress Plugin History Collection 1.1.1 - Arbitrary File Download"
15156[I] hitasoft_player
15157[M] EDB-ID: 38012 "WordPress Plugin FLV Player - 'id' SQL Injection"
15158[I] html5avmanager
15159[M] EDB-ID: 18990 "WordPress Plugin HTML5 AV Manager 0.2.7 - Arbitrary File Upload"
15160[I] i-dump-iphone-to-wordpress-photo-uploader
15161[M] EDB-ID: 36691 "WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload"
15162[I] iframe-admin-pages
15163[M] EDB-ID: 37179 "WordPress Plugin iFrame Admin Pages 0.1 - 'main_page.php' Cross-Site Scripting"
15164[I] igit-posts-slider-widget
15165[M] EDB-ID: 35392 "WordPress Plugin IGIT Posts Slider Widget 1.0 - 'src' Cross-Site Scripting"
15166[I] image-export
15167[M] EDB-ID: 39584 "WordPress Plugin Image Export 1.1.0 - Arbitrary File Disclosure"
15168[I] image-gallery-with-slideshow
15169[M] EDB-ID: 17761 "WordPress Plugin image Gallery with Slideshow 1.5 - Multiple Vulnerabilities"
15170[I] imdb-widget
15171[M] EDB-ID: 39621 "WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion"
15172[I] inboundio-marketing
15173[M] EDB-ID: 36478 "WordPress Plugin InBoundio Marketing 1.0 - Arbitrary File Upload"
15174[I] indeed-membership-pro
15175[I] inline-gallery
15176[M] EDB-ID: 35418 "WordPress Plugin Inline Gallery 0.3.9 - 'do' Cross-Site Scripting"
15177[I] insert-php
15178[M] EDB-ID: 41308 "WordPress Plugin Insert PHP 3.3.1 - PHP Code Injection"
15179[I] invit0r
15180[M] EDB-ID: 37403 "WordPress Plugin Invit0r - 'ofc_upload_image.php' Arbitrary File Upload"
15181[I] ip-logger
15182[M] EDB-ID: 17673 "WordPress Plugin IP-Logger 3.0 - SQL Injection"
15183[I] is-human
15184[M] EDB-ID: 17299 "WordPress Plugin Is-human 1.4.2 - Remote Command Execution"
15185[I] islidex
15186[I] iwant-one-ihave-one
15187[M] EDB-ID: 16236 "WordPress Plugin IWantOneButton 3.0.1 - Multiple Vulnerabilities"
15188[I] jetpack
15189[M] EDB-ID: 18126 "WordPress Plugin jetpack - 'sharedaddy.php' ID SQL Injection"
15190[I] jibu-pro
15191[M] EDB-ID: 45305 "WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting"
15192[I] joliprint
15193[M] EDB-ID: 37176 "WordPress Plugin PDF & Print Button Joliprint 1.3.0 - Multiple Cross-Site Scripting Vulnerabilities"
15194[I] jquery-mega-menu
15195[M] EDB-ID: 16250 "WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion"
15196[I] jrss-widget
15197[M] EDB-ID: 34977 "WordPress Plugin jRSS Widget 1.1.1 - 'url' Information Disclosure"
15198[I] js-appointment
15199[M] EDB-ID: 17724 "WordPress Plugin Js-appointment 1.5 - SQL Injection"
15200[I] jtrt-responsive-tables
15201[M] EDB-ID: 43110 "WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection"
15202[I] kino-gallery
15203[I] kish-guest-posting
15204[I] kittycatfish
15205[M] EDB-ID: 41919 "WordPress Plugin KittyCatfish 2.2 - SQL Injection"
15206[I] knews
15207[M] EDB-ID: 37484 "WordPress Plugin Knews Multilingual Newsletters - Cross-Site Scripting"
15208[I] knr-author-list-widget
15209[M] EDB-ID: 17791 "WordPress Plugin KNR Author List Widget 2.0.0 - SQL Injection"
15210[I] lanoba-social-plugin
15211[M] EDB-ID: 36326 "WordPress Plugin Lanoba Social 1.0 - 'action' Cross-Site Scripting"
15212[I] lazy-content-slider
15213[M] EDB-ID: 40070 "WordPress Plugin Lazy Content Slider 3.4 - Cross-Site Request Forgery (Add Catetory)"
15214[I] lazy-seo
15215[M] EDB-ID: 28452 "WordPress Plugin Lazy SEO 1.1.9 - Arbitrary File Upload"
15216[I] lazyest-gallery
15217[M] EDB-ID: 35435 "WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting"
15218[I] lb-mixed-slideshow
15219[M] EDB-ID: 37418 "WordPress Plugin LB Mixed Slideshow - 'upload.php' Arbitrary File Upload"
15220[I] leaguemanager
15221[M] EDB-ID: 24789 "WordPress Plugin LeagueManager 3.8 - SQL Injection"
15222[I] leenkme
15223[I] levelfourstorefront
15224[M] EDB-ID: 38158 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php? reqID' SQL Injection"
15225[M] EDB-ID: 38159 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID' SQL Injection"
15226[M] EDB-ID: 38160 "WordPress Plugin Shopping Cart for WordPress - '/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID' SQL Injection"
15227[I] like-dislike-counter-for-posts-pages-and-comments
15228[M] EDB-ID: 34553 "WordPress Plugin Like Dislike Counter 1.2.3 - SQL Injection"
15229[I] link-library
15230[M] EDB-ID: 17887 "WordPress Plugin Link Library 5.2.1 - SQL Injection"
15231[I] lisl-last-image-slider
15232[I] livesig
15233[M] EDB-ID: 17864 "WordPress Plugin Livesig 0.4 - Remote File Inclusion"
15234[I] localize-my-post
15235[M] EDB-ID: 45439 "WordPress Plugin Localize My Post 1.0 - Local File Inclusion"
15236[I] mac-dock-gallery
15237[M] EDB-ID: 19056 "WordPress Plugin Mac Photo Gallery 2.7 - Arbitrary File Upload"
15238[I] madebymilk
15239[M] EDB-ID: 38041 "WordPress Theme Madebymilk - 'id' SQL Injection"
15240[I] mail-masta
15241[M] EDB-ID: 40290 "WordPress Plugin Mail Masta 1.0 - Local File Inclusion"
15242[M] EDB-ID: 41438 "WordPress Plugin Mail Masta 1.0 - SQL Injection"
15243[I] mailz
15244[M] EDB-ID: 17866 "WordPress Plugin Mailing List 1.3.2 - Remote File Inclusion"
15245[M] EDB-ID: 18276 "WordPress Plugin Mailing List - Arbitrary File Download"
15246[I] media-library-categories
15247[M] EDB-ID: 17628 "WordPress Plugin Media Library Categories 1.0.6 - SQL Injection"
15248[I] meenews
15249[M] EDB-ID: 36340 "WordPress Plugin NewsLetter Meenews 5.1 - 'idnews' Cross-Site Scripting"
15250[I] membership-simplified-for-oap-members-only
15251[M] EDB-ID: 41622 "Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download"
15252[I] mingle-forum
15253[M] EDB-ID: 15943 "WordPress Plugin mingle forum 1.0.26 - Multiple Vulnerabilities"
15254[M] EDB-ID: 17894 "WordPress Plugin Mingle Forum 1.0.31 - SQL Injection"
15255[I] mm-forms-community
15256[M] EDB-ID: 17725 "WordPress Plugin MM Forms Community 1.2.3 - SQL Injection"
15257[M] EDB-ID: 18997 "WordPress Plugin MM Forms Community 2.2.6 - Arbitrary File Upload"
15258[I] monsters-editor-10-for-wp-super-edit
15259[M] EDB-ID: 37654 "WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload"
15260[I] mukioplayer-for-wordpress
15261[M] EDB-ID: 38755 "WordPress Plugin mukioplayer4wp - 'cid' SQL Injection"
15262[I] myflash
15263[M] EDB-ID: 3828 "Microsoft Windows Kernel - 'NtGdiStretchBlt' Pool Buffer Overflow (MS15-097)"
15264[I] mystat
15265[M] EDB-ID: 17740 "WordPress Plugin mySTAT 2.6 - SQL Injection"
15266[I] nextgen-gallery
15267[M] EDB-ID: 12098 "WordPress Plugin NextGEN Gallery 1.5.1 - Cross-Site Scripting"
15268[M] EDB-ID: 38178 "WordPress Plugin NextGEN Gallery - 'test-head' Cross-Site Scripting"
15269[M] EDB-ID: 39100 "WordPress Plugin NextGEN Gallery - 'jqueryFileTree.php' Directory Traversal"
15270[I] nextgen-smooth-gallery
15271[M] EDB-ID: 14541 "WordPress Plugin NextGEN Smooth Gallery 0.12 - Blind SQL Injection"
15272[I] ocim-mp3
15273[M] EDB-ID: 39498 "WordPress Plugin Ocim MP3 - SQL Injection"
15274[I] odihost-newsletter-plugin
15275[M] EDB-ID: 17681 "WordPress Plugin OdiHost NewsLetter 1.0 - SQL Injection"
15276[I] old-post-spinner
15277[M] EDB-ID: 16251 "WordPress Plugin OPS Old Post Spinner 2.2.1 - Local File Inclusion"
15278[I] olimometer
15279[M] EDB-ID: 40804 "WordPress Plugin Olimometer 2.56 - SQL Injection"
15280[I] omni-secure-files
15281[M] EDB-ID: 19009 "WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload"
15282[I] oqey-gallery
15283[M] EDB-ID: 17779 "WordPress Plugin oQey Gallery 0.4.8 - SQL Injection"
15284[M] EDB-ID: 35288 "WordPress Plugin oQey-Gallery 0.2 - 'tbpv_domain' Cross-Site Scripting"
15285[I] oqey-headers
15286[M] EDB-ID: 17730 "WordPress Plugin oQey Headers 0.3 - SQL Injection"
15287[I] page-flip-image-gallery
15288[M] EDB-ID: 30084 "WordPress Plugin page-flip-image-gallery - Arbitrary File Upload"
15289[M] EDB-ID: 7543 "Linux Kernel 2.6.x - 'rds_recvmsg()' Local Information Disclosure"
15290[I] paid-downloads
15291[M] EDB-ID: 17797 "WordPress Plugin Paid Downloads 2.01 - SQL Injection"
15292[M] EDB-ID: 36135 "WordPress Plugin Auctions 1.8.8 - 'wpa_id' SQL Injection"
15293[I] participants-database
15294[I] pay-with-tweet.php
15295[M] EDB-ID: 18330 "WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities"
15296[I] paypal-currency-converter-basic-for-woocommerce
15297[M] EDB-ID: 37253 "WordPress Plugin Paypal Currency Converter Basic For WooCommerce - File Read"
15298[I] peugeot-music-plugin
15299[M] EDB-ID: 44737 "WordPress Plugin Peugeot Music - Arbitrary File Upload"
15300[I] photocart-link
15301[M] EDB-ID: 39623 "WordPress Plugin Photocart Link 1.6 - Local File Inclusion"
15302[I] photoracer
15303[M] EDB-ID: 17720 "WordPress Plugin Photoracer 1.0 - SQL Injection"
15304[M] EDB-ID: 17731 "WordPress Plugin Photoracer 1.0 - Multiple Vulnerabilities"
15305[M] EDB-ID: 8961 "WordPress Plugin Photoracer 1.0 - 'id' SQL Injection"
15306[I] photosmash-galleries
15307[M] EDB-ID: 35429 "WordPress Plugin PhotoSmash Galleries 1.0.x - 'action' Cross-Site Scripting"
15308[M] EDB-ID: 38872 "WordPress Plugin PhotoSmash Galleries - 'bwbps-uploader.php' Arbitrary File Upload"
15309[I] php_speedy_wp
15310[I] phpfreechat
15311[M] EDB-ID: 37485 "WordPress Plugin PHPFreeChat - 'url' Cross-Site Scripting"
15312[I] pica-photo-gallery
15313[M] EDB-ID: 19016 "WordPress Plugin PICA Photo Gallery 1.0 - Remote File Disclosure"
15314[M] EDB-ID: 19055 "WordPress Plugin Pica Photo Gallery 1.0 - Arbitrary File Upload"
15315[I] pictpress
15316[M] EDB-ID: 4695 "Karaoke Video Creator 2.2.8 - Denial of Service"
15317[I] picturesurf-gallery
15318[M] EDB-ID: 37371 "WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload"
15319[I] placester
15320[M] EDB-ID: 35562 "WordPress Plugin Placester 0.1 - 'ajax_action' Cross-Site Scripting"
15321[I] player
15322[M] EDB-ID: 38458 "WordPress Plugin Spider Video Player - 'theme' SQL Injection"
15323[I] plg_novana
15324[I] plugin-dir
15325[M] EDB-ID: 22853 "WordPress Plugin Facebook Survey 1.0 - SQL Injection"
15326[I] plugin-newsletter
15327[M] EDB-ID: 19018 "WordPress Plugin NewsLetter 1.5 - Remote File Disclosure"
15328[I] podpress
15329[M] EDB-ID: 38376 "WordPress Plugin podPress - 'playerID' Cross-Site Scripting"
15330[I] portable-phpmyadmin
15331[M] EDB-ID: 23356 "WordPress Plugin Portable phpMyAdmin - Authentication Bypass"
15332[I] post-highlights
15333[M] EDB-ID: 17790 "WordPress Plugin post highlights 2.2 - SQL Injection"
15334[I] post-recommendations-for-wordpress
15335[M] EDB-ID: 37506 "WordPress Plugin Post Recommendations - 'abspath' Remote File Inclusion"
15336[I] powerhouse-museum-collection-image-grid
15337[M] EDB-ID: 35287 "WordPress Plugin Powerhouse Museum Collection Image Grid 0.9.1.1 - 'tbpv_username' Cross-Site Scripting"
15338[I] premium_gallery_manager
15339[I] pretty-link
15340[M] EDB-ID: 36233 "WordPress Plugin Pretty Link 1.4.56 - Multiple Cross-Site Scripting Vulnerabilities"
15341[M] EDB-ID: 36408 "WordPress Plugin Pretty Link 1.5.2 - 'pretty-bar.php' Cross-Site Scripting"
15342[M] EDB-ID: 37196 "WordPress Plugin Pretty Link Lite 1.5.2 - SQL Injection / Cross-Site Scripting"
15343[M] EDB-ID: 38324 "WordPress Plugin Pretty Link - Cross-Site Scripting"
15344[I] profiles
15345[M] EDB-ID: 17739 "WordPress Plugin Profiles 2.0 RC1 - SQL Injection"
15346[I] proplayer
15347[M] EDB-ID: 17616 "WordPress Plugin ProPlayer 4.7.7 - SQL Injection"
15348[M] EDB-ID: 25605 "WordPress Plugin ProPlayer 4.7.9.1 - SQL Injection"
15349[I] pure-html
15350[M] EDB-ID: 17758 "WordPress Plugin PureHTML 1.0.0 - SQL Injection"
15351[I] q-and-a-focus-plus-faq
15352[M] EDB-ID: 39806 "WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities"
15353[I] radykal-fancy-gallery
15354[M] EDB-ID: 19398 "WordPress Plugin Fancy Gallery 1.2.4 - Arbitrary File Upload"
15355[I] rating-widget
15356[I] rb-agency
15357[M] EDB-ID: 40333 "WordPress Plugin RB Agency 2.4.7 - Local File Disclosure"
15358[I] rbxgallery
15359[M] EDB-ID: 19019 "WordPress Plugin RBX Gallery 2.1 - Arbitrary File Upload"
15360[I] real3d-flipbook
15361[M] EDB-ID: 40055 "WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities"
15362[I] really-easy-slider
15363[I] really-simple-guest-post
15364[M] EDB-ID: 37209 "WordPress Plugin Really Simple Guest Post 1.0.6 - Local File Inclusion"
15365[I] recent-backups
15366[M] EDB-ID: 37752 "WordPress Plugin Recent Backups 0.7 - Arbitrary File Download"
15367[I] recipe
15368[M] EDB-ID: 31228 "WordPress Plugin Recipes Blog - 'id' SQL Injection"
15369[I] reciply
15370[M] EDB-ID: 35265 "WordPress Plugin Recip.ly 1.1.7 - 'uploadImage.php' Arbitrary File Upload"
15371[I] reflex-gallery
15372[M] EDB-ID: 36374 "WordPress Plugin Reflex Gallery 3.1.3 - Arbitrary File Upload"
15373[I] rekt-slideshow
15374[I] related-sites
15375[M] EDB-ID: 9054 "Adobe Flash TextField.tabIndex Setter - Use-After-Free"
15376[I] relocate-upload
15377[M] EDB-ID: 17869 "WordPress Plugin Relocate Upload 0.14 - Remote File Inclusion"
15378[I] rent-a-car
15379[I] resume-submissions-job-postings
15380[M] EDB-ID: 19791 "WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload"
15381[I] rich-widget
15382[M] EDB-ID: 37653 "WordPress Plugin Rich Widget - Arbitrary File Upload"
15383[I] ripe-hd-player
15384[M] EDB-ID: 24229 "WordPress Plugin Ripe HD FLV Player - SQL Injection"
15385[I] robotcpa
15386[M] EDB-ID: 37252 "WordPress Plugin RobotCPA V5 - Local File Inclusion"
15387[I] rss-feed-reader
15388[M] EDB-ID: 35261 "WordPress Plugin RSS Feed Reader 0.1 - 'rss_url' Cross-Site Scripting"
15389[I] s3bubble-amazon-s3-html-5-video-with-adverts
15390[M] EDB-ID: 37494 "WordPress Plugin S3Bubble Cloud Video With Adverts & Analytics 0.7 - Arbitrary File Download"
15391[I] scormcloud
15392[M] EDB-ID: 17793 "WordPress Plugin SCORM Cloud 1.0.6.6 - SQL Injection"
15393[I] se-html5-album-audio-player
15394[M] EDB-ID: 37274 "WordPress Plugin SE HTML5 Album Audio Player 1.1.0 - Directory Traversal"
15395[I] search-autocomplete
15396[M] EDB-ID: 17767 "WordPress Plugin SearchAutocomplete 1.0.8 - SQL Injection"
15397[I] securimage-wp
15398[M] EDB-ID: 38510 "WordPress Plugin Securimage-WP - 'siwp_test.php' Cross-Site Scripting"
15399[I] sell-downloads
15400[M] EDB-ID: 38868 "WordPress Plugin Sell Download 1.0.16 - Local File Disclosure"
15401[I] sendit
15402[M] EDB-ID: 17716 "WordPress Plugin SendIt 1.5.9 - Blind SQL Injection"
15403[I] seo-automatic-seo-tools
15404[M] EDB-ID: 34975 "WordPress Plugin SEO Tools 3.0 - 'file' Directory Traversal"
15405[I] seo-watcher
15406[M] EDB-ID: 38782 "WordPress Plugin SEO Watcher - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
15407[I] sermon-browser
15408[M] EDB-ID: 17214 "WordPress Plugin SermonBrowser 0.43 - SQL Injection"
15409[M] EDB-ID: 35657 "WordPress Plugin Sermon Browser 0.43 - Cross-Site Scripting / SQL Injection"
15410[I] sexy-contact-form
15411[M] EDB-ID: 34922 "WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload"
15412[M] EDB-ID: 35057 "WordPress Plugin 0.9.7 / Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload"
15413[I] sf-booking
15414[M] EDB-ID: 43475 "WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure"
15415[I] sfbrowser
15416[M] EDB-ID: 19054 "WordPress Plugin SfBrowser 1.4.5 - Arbitrary File Upload"
15417[I] sfwd-lms
15418[I] sh-slideshow
15419[M] EDB-ID: 17748 "WordPress Plugin SH Slideshow 3.1.4 - SQL Injection"
15420[I] sharebar
15421[M] EDB-ID: 37201 "WordPress Plugin Sharebar 1.2.1 - SQL Injection / Cross-Site Scripting"
15422[I] si-contact-form
15423[M] EDB-ID: 36050 "WordPress Plugin Fast Secure Contact Form 3.0.3.1 - 'index.php' Cross-Site Scripting"
15424[I] simple-ads-manager
15425[M] EDB-ID: 36613 "WordPress Plugin Simple Ads Manager - Multiple SQL Injections"
15426[M] EDB-ID: 36614 "WordPress Plugin Simple Ads Manager 2.5.94 - Arbitrary File Upload"
15427[M] EDB-ID: 36615 "WordPress Plugin Simple Ads Manager - Information Disclosure"
15428[M] EDB-ID: 39133 "WordPress Plugin Simple Ads Manager 2.9.4.116 - SQL Injection"
15429[I] simple-download-button-shortcode
15430[M] EDB-ID: 19020 "WordPress Plugin Simple Download Button ShortCode 1.0 - Remote File Disclosure"
15431[I] simple-fields
15432[M] EDB-ID: 44425 "WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution"
15433[I] simple-forum
15434[I] site-editor
15435[M] EDB-ID: 44340 "Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion"
15436[I] site-import
15437[M] EDB-ID: 39558 "WordPress Plugin Site Import 1.0.1 - Local/Remote File Inclusion"
15438[I] skysa-official
15439[M] EDB-ID: 36363 "WordPress Plugin Skysa App Bar - 'idnews' Cross-Site Scripting"
15440[I] slider-image
15441[M] EDB-ID: 37361 "WordPress Plugin Huge-IT Slider 2.7.5 - Multiple Vulnerabilities"
15442[I] slideshow-gallery-2
15443[M] EDB-ID: 36631 "WordPress Plugin Slideshow Gallery 1.1.x - 'border' Cross-Site Scripting"
15444[I] slideshow-jquery-image-gallery
15445[M] EDB-ID: 37948 "WordPress Plugin Slideshow - Multiple Cross-Site Scripting Vulnerabilities"
15446[I] smart-flv
15447[M] EDB-ID: 38331 "WordPress Plugin Smart Flv - 'jwplayer.swf' Multiple Cross-Site Scripting Vulnerabilities"
15448[I] smart-google-code-inserter
15449[I] sniplets
15450[M] EDB-ID: 5194 "Wansview 1.0.2 - Denial of Service (PoC)"
15451[I] social-discussions
15452[M] EDB-ID: 22158 "WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities"
15453[I] social-slider-2
15454[M] EDB-ID: 17617 "WordPress Plugin Social Slider 5.6.5 - SQL Injection"
15455[I] socialfit
15456[M] EDB-ID: 37481 "WordPress Plugin SocialFit - 'msg' Cross-Site Scripting"
15457[I] sodahead-polls
15458[I] sp-client-document-manager
15459[M] EDB-ID: 35313 "WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection"
15460[M] EDB-ID: 36576 "WordPress Plugin SP Project & Document Manager 2.5.3 - Blind SQL Injection"
15461[I] spicy-blogroll
15462[M] EDB-ID: 26804 "WordPress Plugin Spicy Blogroll - Local File Inclusion"
15463[I] spider-event-calendar
15464[M] EDB-ID: 25723 "WordPress Plugin Spider Event Calendar 1.3.0 - Multiple Vulnerabilities"
15465[I] spiffy
15466[M] EDB-ID: 38441 "WordPress Plugin Spiffy XSPF Player - 'playlist_id' SQL Injection"
15467[I] st_newsletter
15468[M] EDB-ID: 31096 "WordPress Plugin ShiftThis NewsLetter - SQL Injection"
15469[M] EDB-ID: 6777 "Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit)"
15470[I] store-locator-le
15471[M] EDB-ID: 18989 "WordPress Plugin Google Maps via Store Locator 2.7.1 < 3.0.1 - Multiple Vulnerabilities"
15472[I] taggator
15473[I] taggedalbums
15474[M] EDB-ID: 38023 "WordPress Plugin Tagged Albums - 'id' SQL Injection"
15475[I] tagninja
15476[M] EDB-ID: 35300 "WordPress Plugin TagNinja 1.0 - 'id' Cross-Site Scripting"
15477[I] tera-charts
15478[M] EDB-ID: 39256 "WordPress Plugin Tera Charts (tera-charts) - '/charts/treemap.php?fn' Directory Traversal"
15479[M] EDB-ID: 39257 "WordPress Plugin Tera Charts (tera-charts) - '/charts/zoomabletreemap.php?fn' Directory Traversal"
15480[I] the-welcomizer
15481[M] EDB-ID: 36445 "WordPress Plugin The Welcomizer 1.3.9.4 - 'twiz-index.php' Cross-Site Scripting"
15482[I] thecartpress
15483[M] EDB-ID: 17860 "WordPress Plugin TheCartPress 1.1.1 - Remote File Inclusion"
15484[M] EDB-ID: 36481 "WordPress Plugin TheCartPress 1.6 - 'OptionsPostsList.php' Cross-Site Scripting"
15485[M] EDB-ID: 38869 "WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities"
15486[I] thinkun-remind
15487[M] EDB-ID: 19021 "WordPress Plugin Thinkun Remind 1.1.3 - Remote File Disclosure"
15488[I] tinymce-thumbnail-gallery
15489[M] EDB-ID: 19022 "WordPress Plugin TinyMCE Thumbnail Gallery 1.0.7 - Remote File Disclosure"
15490[I] topquark
15491[M] EDB-ID: 19053 "WordPress Plugin Top Quark Architecture 2.10 - Arbitrary File Upload"
15492[I] track-that-stat
15493[M] EDB-ID: 37204 "WordPress Plugin Track That Stat 1.0.8 - Cross-Site Scripting"
15494[I] trafficanalyzer
15495[M] EDB-ID: 38439 "WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting"
15496[I] tune-library
15497[M] EDB-ID: 17816 "WordPress Plugin Tune Library 2.17 - SQL Injection"
15498[I] ucan-post
15499[M] EDB-ID: 18390 "WordPress Plugin ucan post 1.0.09 - Persistent Cross-Site Scripting"
15500[I] ultimate-product-catalogue
15501[M] EDB-ID: 36823 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (1)"
15502[M] EDB-ID: 36824 "WordPress Plugin Ultimate Product Catalogue - SQL Injection (2)"
15503[M] EDB-ID: 36907 "WordPress Plugin Ultimate Product Catalogue 3.1.2 - Multiple Persistent Cross-Site Scripting / Cross-Site Request Forgery / Arbitrary File Upload Vulnerabilities"
15504[M] EDB-ID: 39974 "WordPress Plugin Ultimate Product Catalog 3.8.1 - Privilege Escalation"
15505[M] EDB-ID: 40012 "WordPress Plugin Ultimate Product Catalog 3.8.6 - Arbitrary File Upload"
15506[M] EDB-ID: 40174 "WordPress Plugin Ultimate Product Catalog 3.9.8 - do_shortcode via ajax Blind SQL Injection"
15507[I] ungallery
15508[M] EDB-ID: 17704 "WordPress Plugin UnGallery 1.5.8 - Local File Disclosure"
15509[I] uploader
15510[M] EDB-ID: 35255 "WordPress Plugin Uploader 1.0 - 'num' Cross-Site Scripting"
15511[M] EDB-ID: 38163 "WordPress Plugin Uploader - Arbitrary File Upload"
15512[M] EDB-ID: 38355 "WordPress Plugin Uploader - 'blog' Cross-Site Scripting"
15513[I] uploadify-integration
15514[M] EDB-ID: 37070 "WordPress Plugin Uploadify Integration 0.9.6 - Multiple Cross-Site Scripting Vulnerabilities"
15515[I] uploads
15516[I] upm-polls
15517[M] EDB-ID: 17627 "WordPress Plugin UPM Polls 1.0.3 - SQL Injection"
15518[I] user-avatar
15519[I] user-meta
15520[M] EDB-ID: 19052 "WordPress Plugin User Meta 1.1.1 - Arbitrary File Upload"
15521[I] userpro
15522[M] EDB-ID: 46083 "Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation"
15523[M] EDB-ID: 47304 "WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting"
15524[I] users-ultra
15525[I] verve-meta-boxes
15526[I] videowhisper-live-streaming-integration
15527[M] EDB-ID: 31986 "WordPress Plugin VideoWhisper 4.27.3 - Multiple Vulnerabilities"
15528[I] videowhisper-video-conference-integration
15529[M] EDB-ID: 36617 "WordPress Plugin VideoWhisper Video Presentation 3.31.17 - Arbitrary File Upload"
15530[M] EDB-ID: 36618 "WordPress Plugin VideoWhisper Video Conference Integration 4.91.8 - Arbitrary File Upload"
15531[I] videowhisper-video-presentation
15532[M] EDB-ID: 17771 "WordPress Plugin VideoWhisper Video Presentation 1.1 - SQL Injection"
15533[M] EDB-ID: 37357 "WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload"
15534[I] vk-gallery
15535[I] vodpod-video-gallery
15536[M] EDB-ID: 34976 "WordPress Plugin Vodpod Video Gallery 3.1.5 - 'vodpod_gallery_thumbs.php' Cross-Site Scripting"
15537[I] wassup
15538[I] webinar_plugin
15539[M] EDB-ID: 22300 "WordPress Plugin Easy Webinar - Blind SQL Injection"
15540[I] webplayer
15541[I] website-contact-form-with-file-upload
15542[M] EDB-ID: 36952 "WordPress Plugin N-Media Website Contact Form with File Upload 1.5 - Local File Inclusion"
15543[I] website-faq
15544[M] EDB-ID: 19400 "WordPress Plugin Website FAQ 1.0 - SQL Injection"
15545[I] wechat-broadcast
15546[M] EDB-ID: 45438 "WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion"
15547[I] woocommerce
15548[M] EDB-ID: 43196 "WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal"
15549[I] woopra
15550[M] EDB-ID: 38783 "WordPress Plugin Woopra Analytics - 'ofc_upload_image.php' Arbitrary PHP Code Execution"
15551[I] wordpress-donation-plugin-with-goals-and-paypal-ipn-by-nonprofitcmsorg
15552[M] EDB-ID: 17763 "Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference"
15553[I] wordpress-member-private-conversation
15554[M] EDB-ID: 37353 "WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - 'doupload.php' Arbitrary File Upload"
15555[I] wordpress-processing-embed
15556[M] EDB-ID: 35066 "WordPress Plugin Processing Embed 0.5 - 'pluginurl' Cross-Site Scripting"
15557[I] wordtube
15558[M] EDB-ID: 3825 "GoodiWare GoodReader iPhone - '.XLS' Denial of Service"
15559[I] work-the-flow-file-upload
15560[M] EDB-ID: 36640 "WordPress Plugin Work The Flow File Upload 2.5.2 - Arbitrary File Upload"
15561[I] wp-adserve
15562[I] wp-audio-gallery-playlist
15563[M] EDB-ID: 17756 "WordPress Plugin Audio Gallery Playlist 0.12 - SQL Injection"
15564[I] wp-automatic
15565[M] EDB-ID: 19187 "WordPress Plugin Automatic 2.0.3 - SQL Injection"
15566[I] wp-autosuggest
15567[M] EDB-ID: 45977 "WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection"
15568[I] wp-autoyoutube
15569[M] EDB-ID: 18353 "WordPress Plugin wp-autoyoutube - Blind SQL Injection"
15570[I] wp-bannerize
15571[M] EDB-ID: 17764 "WordPress Plugin Bannerize 2.8.6 - SQL Injection"
15572[M] EDB-ID: 17906 "WordPress Plugin Bannerize 2.8.7 - SQL Injection"
15573[M] EDB-ID: 36193 "WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection"
15574[I] wp-banners-lite
15575[M] EDB-ID: 38410 "WordPress Plugin Banners Lite - 'wpbanners_show.php' HTML Injection"
15576[I] wp-booking-calendar
15577[M] EDB-ID: 44769 "Wordpress Plugin Booking Calendar 3.0.0 - SQL Injection / Cross-Site Scripting"
15578[I] wp-business-intelligence
15579[M] EDB-ID: 36600 "WordPress Plugin Business Intelligence - SQL Injection (Metasploit)"
15580[I] wp-business-intelligence-lite
15581[I] wp-cal
15582[M] EDB-ID: 4992 "Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (Denial of Service) (PoC)"
15583[I] wp-comment-remix
15584[I] wp-content
15585[M] EDB-ID: 37123 "WordPress Plugin WPsc MijnPress - 'rwflush' Cross-Site Scripting"
15586[I] wp-copysafe-pdf
15587[M] EDB-ID: 39254 "WordPress Plugin CopySafe PDF Protection - Arbitrary File Upload"
15588[I] wp-cumulus
15589[M] EDB-ID: 10228 "WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting"
15590[M] EDB-ID: 33371 "WordPress Plugin WP-Cumulus 1.x - 'tagcloud.swf' Cross-Site Scripting"
15591[I] wp-custom-pages
15592[M] EDB-ID: 17119 "WordPress Plugin Custom Pages 0.5.0.1 - Local File Inclusion"
15593[I] wp-ds-faq
15594[M] EDB-ID: 17683 "WordPress Plugin DS FAQ 1.3.2 - SQL Injection"
15595[I] wp-e-commerce
15596[M] EDB-ID: 36018 "WordPress Plugin WP E-Commerce 3.8.6 - 'cart_messages[]' Cross-Site Scripting"
15597[I] wp-easycart
15598[M] EDB-ID: 35730 "WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload"
15599[I] wp-ecommerce-shop-styling
15600[M] EDB-ID: 37530 "WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download"
15601[I] wp-events-calendar
15602[M] EDB-ID: 44785 "WordPress Plugin Events Calendar - SQL Injection"
15603[I] wp-featured-post-with-thumbnail
15604[M] EDB-ID: 35262 "WordPress Plugin WP Featured Post with Thumbnail 3.0 - 'src' Cross-Site Scripting"
15605[I] wp-filebase
15606[M] EDB-ID: 17808 "WordPress Plugin WP-Filebase Download Manager 0.2.9 - SQL Injection"
15607[I] wp-filemanager
15608[M] EDB-ID: 25440 "WordPress Plugin wp-FileManager - Arbitrary File Download"
15609[M] EDB-ID: 38515 "WordPress Plugin wp-FileManager - 'path' Arbitrary File Download"
15610[M] EDB-ID: 4844 "STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution"
15611[I] wp-footnotes
15612[M] EDB-ID: 31092 "WordPress Plugin WP-Footnotes 2.2 - Multiple Remote Vulnerabilities"
15613[I] wp-forum
15614[M] EDB-ID: 7738 "WordPress Plugin WP-Forum 1.7.8 - SQL Injection"
15615[I] wp-glossary
15616[M] EDB-ID: 18055 "WordPress Plugin Glossary - SQL Injection"
15617[I] wp-google-drive
15618[M] EDB-ID: 44435 "WordPress Plugin Google Drive 2.2 - Remote Code Execution"
15619[I] wp-gpx-maps
15620[M] EDB-ID: 19050 "WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload"
15621[I] wp-imagezoom
15622[M] EDB-ID: 37243 "WordPress Plugin Wp-ImageZoom 1.1.0 - Multiple Vulnerabilities"
15623[M] EDB-ID: 37419 "WordPress Plugin Wp-ImageZoom - 'file' Remote File Disclosure"
15624[M] EDB-ID: 38063 "WordPress Theme Wp-ImageZoom - 'id' SQL Injection"
15625[I] wp-livephp
15626[M] EDB-ID: 36483 "WordPress Plugin WP Live.php 1.2.1 - 's' Cross-Site Scripting"
15627[I] wp-lytebox
15628[I] wp-marketplace
15629[I] wp-menu-creator
15630[M] EDB-ID: 17689 "WordPress Plugin Menu Creator 1.1.7 - SQL Injection"
15631[I] wp-mobile-detector
15632[M] EDB-ID: 39891 "WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload"
15633[I] wp-people
15634[M] EDB-ID: 31230 "WordPress Plugin wp-people 2.0 - 'wp-people-popup.php' SQL Injection"
15635[I] wp-polls
15636[M] EDB-ID: 10256 "WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter"
15637[I] wp-property
15638[M] EDB-ID: 18987 "WordPress Plugin WP-Property 1.35.0 - Arbitrary File Upload"
15639[I] wp-publication-archive
15640[M] EDB-ID: 35263 "WordPress Plugin WP Publication Archive 2.0.1 - 'file' Information Disclosure"
15641[I] wp-realty
15642[M] EDB-ID: 29021 "WordPress Plugin Realty - Blind SQL Injection"
15643[M] EDB-ID: 38808 "WordPress Plugin WP-Realty - 'listing_id' SQL Injection"
15644[M] EDB-ID: 39109 "WordPress Plugin Relevanssi - 'category_name' SQL Injection"
15645[I] wp-responsive-thumbnail-slider
15646[M] EDB-ID: 45099 "WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)"
15647[I] wp-safe-search
15648[M] EDB-ID: 35067 "WordPress Plugin Safe Search - 'v1' Cross-Site Scripting"
15649[I] wp-shopping-cart
15650[M] EDB-ID: 6867 "Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow"
15651[I] wp-source-control
15652[M] EDB-ID: 39287 "WordPress Plugin WP Content Source Control - 'download.php' Directory Traversal"
15653[I] wp-spamfree
15654[M] EDB-ID: 17970 "WordPress Plugin WP-SpamFree Spam Plugin - SQL Injection"
15655[I] wp-starsratebox
15656[M] EDB-ID: 35634 "WordPress Plugin WP-StarsRateBox 1.1 - 'j' SQL Injection"
15657[I] wp-stats-dashboard
15658[I] wp-support-plus-responsive-ticket-system
15659[M] EDB-ID: 34589 "SCO UnixWare < 7.1.4 p534589 - 'pkgadd' Local Privilege Escalation"
15660[I] wp-survey-and-quiz-tool
15661[M] EDB-ID: 34974 "WordPress Plugin WP Survey And Quiz Tool 1.2.1 - Cross-Site Scripting"
15662[I] wp-swimteam
15663[M] EDB-ID: 37601 "WordPress Plugin Swim Team 1.44.10777 - Arbitrary File Download"
15664[I] wp-symposium
15665[M] EDB-ID: 17679 "WordPress Plugin Symposium 0.64 - SQL Injection"
15666[M] EDB-ID: 35505 "WordPress Plugin Symposium 14.10 - SQL Injection"
15667[M] EDB-ID: 35543 "WordPress Plugin WP Symposium 14.11 - Arbitrary File Upload"
15668[M] EDB-ID: 37822 "WordPress Plugin WP Symposium 15.1 - Blind SQL Injection"
15669[M] EDB-ID: 37824 "WordPress Plugin WP Symposium 15.1 - 'get_album_item.php' SQL Injection"
15670[I] wp-syntax
15671[M] EDB-ID: 9431 "Adobe Photoshop CC / Bridge CC - '.iff' Parsing Memory Corruption"
15672[I] wp-table
15673[M] EDB-ID: 3824 "Office^2 iPhone - '.XLS' Denial of Service"
15674[I] wp-table-reloaded
15675[M] EDB-ID: 38251 "WordPress Plugin WP-Table Reloaded - 'id' Cross-Site Scripting"
15676[I] wp-twitter-feed
15677[M] EDB-ID: 35084 "WordPress Plugin Twitter Feed - 'url' Cross-Site Scripting"
15678[I] wp-whois
15679[M] EDB-ID: 36488 "WordPress Plugin WHOIS 1.4.2 3 - 'domain' Cross-Site Scripting"
15680[I] wp-with-spritz
15681[M] EDB-ID: 44544 "WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion"
15682[I] wpSS
15683[M] EDB-ID: 39279 "WordPress Plugin wpSS - 'ss_handler.php' SQL Injection"
15684[M] EDB-ID: 5486 "PHP < 5.3.6 'OpenSSL' Extension - 'openssl_encrypt' Plaintext Data Memory Leak Denial of Service"
15685[I] wp_rokintroscroller
15686[M] EDB-ID: 38767 "WordPress Plugin RokIntroScroller - 'thumb.php' Multiple Vulnerabilities"
15687[I] wp_rokmicronews
15688[M] EDB-ID: 38768 "WordPress Plugin RokMicroNews - 'thumb.php' Multiple Vulnerabilities"
15689[I] wp_roknewspager
15690[M] EDB-ID: 38756 "WordPress Plugin RokNewsPager - 'thumb.php' Multiple Vulnerabilities"
15691[I] wp_rokstories
15692[M] EDB-ID: 38757 "WordPress Plugin RokStories - 'thumb.php' Multiple Vulnerabilities"
15693[I] wpeasystats
15694[M] EDB-ID: 17862 "WordPress Plugin WPEasyStats 1.8 - Remote File Inclusion"
15695[I] wpforum
15696[M] EDB-ID: 17684 "WordPress Plugin Forum 1.7.8 - SQL Injection"
15697[I] wpmarketplace
15698[M] EDB-ID: 18988 "WordPress Plugin Marketplace Plugin 1.5.0 < 1.6.1 - Arbitrary File Upload"
15699[I] wpsite-background-takeover
15700[M] EDB-ID: 44417 "WordPress Plugin Background Takeover < 4.1.4 - Directory Traversal"
15701[I] wpstorecart
15702[M] EDB-ID: 19023 "ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions"
15703[I] wptf-image-gallery
15704[M] EDB-ID: 37751 "WordPress Plugin WPTF Image Gallery 1.03 - Arbitrary File Download"
15705[I] wptouch
15706[M] EDB-ID: 18039 "WordPress Plugin wptouch - SQL Injection"
15707[I] x7host-videox7-ugc-plugin
15708[M] EDB-ID: 35257 "WordPress Plugin Videox7 UGC 2.5.3.2 - 'listid' Cross-Site Scripting"
15709[M] EDB-ID: 35264 "WordPress Plugin Featured Content 0.0.1 - 'listid' Cross-Site Scripting"
15710[I] xcloner-backup-and-restore
15711[M] EDB-ID: 16246 "Joomla! Component com_xcloner-backupandrestore - Remote Command Execution"
15712[I] xerte-online
15713[M] EDB-ID: 38157 "WordPress Plugin Xerte Online - 'save.php' Arbitrary File Upload"
15714[I] xml-and-csv-import-in-article-content
15715[M] EDB-ID: 39576 "WordPress Plugin Import CSV 1.0 - Directory Traversal"
15716[I] xorbin-analog-flash-clock
15717[M] EDB-ID: 38608 "WordPress Plugin Xorbin Analog Flash Clock - 'widgetUrl' Cross-Site Scripting"
15718[I] xorbin-digital-flash-clock
15719[M] EDB-ID: 38621 "WordPress Plugin Xorbin Digital Flash Clock - 'widgetUrl' Cross-Site Scripting"
15720[I] yolink-search
15721[M] EDB-ID: 17757 "WordPress Plugin yolink Search 1.1.4 - SQL Injection"
15722[I] yousaytoo-auto-publishing-plugin
15723[M] EDB-ID: 36620 "WordPress Plugin YouSayToo auto-publishing 1.0 - 'submit' Cross-Site Scripting"
15724[I] yt-audio-streaming-audio-from-youtube
15725[M] EDB-ID: 35394 "WordPress Plugin YT-Audio 1.7 - 'v' Cross-Site Scripting"
15726[I] zarzadzanie_kontem
15727[M] EDB-ID: 38050 "WordPress Plugin Zarzadzonie Kontem - 'ajaxfilemanager.php' Script Arbitrary File Upload"
15728[I] zingiri-forum
15729[M] EDB-ID: 38101 "WordPress Plugin Zingiri Forums - 'language' Local File Inclusion"
15730[I] zingiri-web-shop
15731[M] EDB-ID: 17867 "WordPress Plugin Zingiri Web Shop 2.2.0 - Remote File Inclusion"
15732[M] EDB-ID: 37406 "WordPress Plugin Zingiri Web Shop 2.4.3 - 'uploadfilexd.php' Arbitrary File Upload"
15733[M] EDB-ID: 38046 "WordPress Plugin Zingiri Web Shop - 'path' Arbitrary File Upload"
15734[I] zotpress
15735[M] EDB-ID: 17778 "WordPress Plugin Zotpress 4.4 - SQL Injection"
15736[I] Checking for Directory Listing Enabled ...
15737[-] Date & Time: 24/10/2019 11:11:58
15738[-] Completed in: 0:32:53
15739#######################################################################################################################################
15740 Anonymous JTSEC #OpDomesticTerrorism Full Recon #10