· 6 years ago · Oct 29, 2019, 09:24 PM
1#######################################################################################################################################
2=======================================================================================================================================
3Hostname www.metro.cl ISP POWER HOST E.I.R.L.
4Continent South America Flag
5CL
6Country Chile Country Code CL
7Region Unknown Local time 29 Oct 2019 13:06 -03
8City Unknown Postal Code Unknown
9IP Address 201.217.241.118 Latitude -33.438
10 Longitude -70.65
11=======================================================================================================================================
12######################################################################################################################################
13> www.metro.cl
14Server: 38.132.106.139
15Address: 38.132.106.139#53
16
17Non-authoritative answer:
18www.metro.cl canonical name = www.metrosantiago.cl.
19Name: www.metrosantiago.cl
20Address: 201.217.241.118
21>
22######################################################################################################################################
23Domain name: metro.cl
24Registrant name: Metro S.A. Rep por Silva
25Registrant organisation:
26Registrar name: NIC Chile
27Registrar URL: https://www.nic.cl
28Creation date: 2008-07-04 16:49:24 CLST
29Expiration date: 2021-07-20 13:06:02 CLST
30Name server: ns0.ifxnetworks.com
31Name server: ns1.ifxnetworks.com
32######################################################################################################################################
33[+] Target : www.metro.cl
34
35[+] IP Address : 201.217.241.118
36
37[+] Headers :
38
39[+] Connection : Keep-Alive
40[+] Set-Cookie : metro=q4flnvdfcfeof0d48rbdnj2i82; path=/; domain=.metro.cl; secure; HttpOnly
41[+] Expires : Thu, 19 Nov 1981 08:52:00 GMT
42[+] Cache-Control : no-store, no-cache, must-revalidate, post-check=0, pre-check=0
43[+] Pragma : no-cache
44[+] Content-Type : text/html; charset=UTF-8
45[+] Transfer-Encoding : chunked
46[+] Content-Encoding : gzip
47[+] Vary : Accept-Encoding
48[+] Date : Tue, 29 Oct 2019 16:10:43 GMT
49[+] Server : LiteSpeed
50[+] Access-Control-Allow-Origin : http://www.metro.cl, http://metro.cl, http://www.metrosantiago.cl, http://metrosantiago.cl, http://metrodesantiago.cl, https://www.metro.cl, https://metro.cl, https://www.metrosantiago.cl, https://metrosantiago.cl, https://metrodesantiago.cl
51[+] X-Frame-Options : SAMEORIGIN
52[+] X-Content-Type-Options : nosniff
53[+] X-XSS-Protection : 1; mode=block
54[+] Referrer-Policy : strict-origin-when-cross-origin
55[+] Strict-Transport-Security : max-age=31536000; includeSubDomains
56[+] X-UA-Compatible : IE=edge
57[+] Alt-Svc : quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-22=":443"; ma=2592000
58
59[+] SSL Certificate Information :
60
61[-] SSL is not Present on Target URL...Skipping...
62
63[+] Whois Lookup :
64
65[+] NIR : None
66[+] ASN Registry : lacnic
67[+] ASN : 263237
68[+] ASN CIDR : 201.217.240.0/23
69[+] ASN Country Code : CL
70[+] ASN Date : 2014-05-22
71[+] ASN Description : POWER HOST E.I.R.L., CL
72[+] cidr : 201.217.240.0/22
73[+] name : None
74[+] handle : RIR33
75[+] range : 201.217.240/22
76[+] description : PowerHost Telecom SPA
77[+] country : CL
78[+] state : None
79[+] city : None
80[+] address : None
81[+] postal_code : None
82[+] emails : ['operaciones@POWERHOST.CL']
83[+] created : 20140522
84[+] updated : 20140522
85
86[+] Crawling Target...
87
88[+] Looking for robots.txt........[ Not Found ]
89[+] Looking for sitemap.xml.......[ Not Found ]
90[+] Extracting CSS Links..........[ 9 ]
91[+] Extracting Javascript Links...[ 11 ]
92[+] Extracting Internal Links.....[ 20 ]
93[+] Extracting External Links.....[ 14 ]
94[+] Extracting Images.............[ 37 ]
95
96[+] Total Links Extracted : 91
97
98[+] Dumping Links in /opt/FinalRecon/dumps/www.metro.cl.dump
99[+] Completed!
100#######################################################################################################################################
101[i] Scanning Site: https://www.metro.cl
102
103
104
105B A S I C I N F O
106====================
107
108
109[+] Site Title:
110[+] IP address: 201.217.241.118
111[+] Web Server: LiteSpeed
112[+] CMS: Could Not Detect
113[+] Cloudflare: Not Detected
114[+] Robots File: Could NOT Find robots.txt!
115
116
117
118
119W H O I S L O O K U P
120========================
121
122 %%
123%% This is the NIC Chile Whois server (whois.nic.cl).
124%%
125%% Rights restricted by copyright.
126%% See https://www.nic.cl/normativa/politica-publicacion-de-datos-cl.pdf
127%%
128
129Domain name: metro.cl
130Registrant name: Metro S.A. Rep por Silva
131Registrant organisation:
132Registrar name: NIC Chile
133Registrar URL: https://www.nic.cl
134Creation date: 2008-07-04 16:49:24 CLST
135Expiration date: 2021-07-20 13:06:02 CLST
136Name server: ns0.ifxnetworks.com
137Name server: ns1.ifxnetworks.com
138
139%%
140%% For communication with domain contacts please use website.
141%% See https://www.nic.cl/registry/Whois.do?d=metro.cl
142%%
143
144
145
146
147G E O I P L O O K U P
148=========================
149
150[i] IP Address: 201.217.241.118
151[i] Country: Chile
152[i] State:
153[i] City:
154[i] Latitude: -33.4378
155[i] Longitude: -70.6503
156
157
158
159
160H T T P H E A D E R S
161=======================
162
163
164[i] HTTP/1.0 200 OK
165[i] Connection: close
166[i] Set-Cookie: metro=mvudjg89suu7dectbse66874o6; path=/; domain=.metro.cl; secure; HttpOnly
167[i] Expires: Thu, 19 Nov 1981 08:52:00 GMT
168[i] Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
169[i] Pragma: no-cache
170[i] Content-Type: text/html; charset=UTF-8
171[i] Date: Tue, 29 Oct 2019 16:12:18 GMT
172[i] Server: LiteSpeed
173[i] Access-Control-Allow-Origin: http://www.metro.cl
174[i] Access-Control-Allow-Origin: http://metro.cl
175[i] Access-Control-Allow-Origin: http://www.metrosantiago.cl
176[i] Access-Control-Allow-Origin: http://metrosantiago.cl
177[i] Access-Control-Allow-Origin: http://metrodesantiago.cl
178[i] Access-Control-Allow-Origin: https://www.metro.cl
179[i] Access-Control-Allow-Origin: https://metro.cl
180[i] Access-Control-Allow-Origin: https://www.metrosantiago.cl
181[i] Access-Control-Allow-Origin: https://metrosantiago.cl
182[i] Access-Control-Allow-Origin: https://metrodesantiago.cl
183[i] X-Frame-Options: SAMEORIGIN
184[i] X-Content-Type-Options: nosniff
185[i] X-XSS-Protection: 1; mode=block
186[i] Referrer-Policy: strict-origin-when-cross-origin
187[i] Strict-Transport-Security: max-age=31536000; includeSubDomains
188[i] X-UA-Compatible: IE=edge
189
190
191
192
193D N S L O O K U P
194===================
195
196metro.cl. 21599 IN SOA ns0.ifxnetworks.com. hostmaster.ifxcorp.com. 2019083002 10800 3600 604800 38400
197metro.cl. 21599 IN NS ns1.ifxnetworks.com.
198metro.cl. 21599 IN NS ns0.ifxnetworks.co.
199metro.cl. 21599 IN NS ns1.ifxnetworks.co.
200metro.cl. 21599 IN NS ns0.ifxnetworks.com.
201metro.cl. 21599 IN A 201.217.241.118
202metro.cl. 21599 IN MX 5 server.metro.cl.
203metro.cl. 21599 IN MX 0 server2.metro.cl.
204metro.cl. 3599 IN TXT "7U6fHwsk4mp0WqV74sTkJ2a2gL82wd99P2K35MCH1KhTZw6eIEAS79njCOrm/JoRF/mOPLZWIMhUf5YmurvbGQ=="
205metro.cl. 3599 IN TXT "_globalsign-domain-verification=_MHFKlo2vBdZ0e3tXlkUdX7mLRdSwlMV1y-UZ_ZagY"
206metro.cl. 3599 IN TXT "MS=ms97938520"
207metro.cl. 3599 IN TXT "v=spf1 ip4:200.73.13.132/32 ip4:200.73.13.131/32 ip4:201.217.241.118/32 ip4:200.91.40.0/24 ip4:200.91.41.0/24 ip4:200.91.44.0/24 ip4:200.91.45.0/24 include:spf.protection.outlook.com include:_spf-all.mcnet.cl ~all"
208metro.cl. 3599 IN TXT "MS=B86ECCC674B9DF4721E05510729CC0ABD7AC5290"
209
210
211
212
213S U B N E T C A L C U L A T I O N
214====================================
215
216Address = 201.217.241.118
217Network = 201.217.241.118 / 32
218Netmask = 255.255.255.255
219Broadcast = not needed on Point-to-Point links
220Wildcard Mask = 0.0.0.0
221Hosts Bits = 0
222Max. Hosts = 1 (2^0 - 0)
223Host Range = { 201.217.241.118 - 201.217.241.118 }
224
225
226
227N M A P P O R T S C A N
228============================
229
230Starting Nmap 7.70 ( https://nmap.org ) at 2019-10-29 16:12 UTC
231Nmap scan report for metro.cl (201.217.241.118)
232Host is up (0.65s latency).
233rDNS record for 201.217.241.118: servidor.agenciacatedral.com
234
235PORT STATE SERVICE
23621/tcp filtered ftp
23722/tcp closed ssh
23823/tcp filtered telnet
23980/tcp open http
240110/tcp closed pop3
241143/tcp closed imap
242443/tcp open https
2433389/tcp filtered ms-wbt-server
244
245Nmap done: 1 IP address (1 host up) scanned in 4.96 seconds
246
247
248
249S U B - D O M A I N F I N D E R
250==================================
251
252
253[i] Total Subdomains Found : 15
254
255[+] Subdomain: server2.metro.cl
256[-] IP: 200.73.13.132
257
258[+] Subdomain: ptr3.metro.cl
259[-] IP: 200.73.13.135
260
261[+] Subdomain: sipconsola.metro.cl
262[-] IP: 200.73.13.145
263
264[+] Subdomain: sipec.metro.cl
265[-] IP: 54.233.70.125
266
267[+] Subdomain: ticket-viaje.metro.cl
268[-] IP: 190.96.79.198
269
270[+] Subdomain: mail.metro.cl
271[-] IP: 200.73.13.136
272
273[+] Subdomain: sapmovil.metro.cl
274[-] IP: 200.27.105.5
275
276[+] Subdomain: mdm.metro.cl
277[-] IP: 200.73.13.169
278
279[+] Subdomain: anden.metro.cl
280[-] IP: 209.88.205.18
281
282[+] Subdomain: vpn.metro.cl
283[-] IP: 200.73.13.253
284
285[+] Subdomain: cargatubip.metro.cl
286[-] IP: 190.96.79.198
287
288[+] Subdomain: app.metro.cl
289[-] IP: 200.73.13.147
290
291[+] Subdomain: ftp.metro.cl
292[-] IP: 200.73.13.143
293
294[+] Subdomain: server.metro.cl
295[-] IP: 200.73.13.131
296
297[+] Subdomain: proveedores.metro.cl
298[-] IP: 200.73.13.142
299#######################################################################################################################################
300[+] Starting At 2019-10-29 12:12:50.846815
301[+] Collecting Information On: https://www.metro.cl/
302[#] Status: 200
303--------------------------------------------------
304[#] Web Server Detected: LiteSpeed
305[+] Xss Protection Detected !
306- Connection: Keep-Alive
307- Set-Cookie: metro=l1c7ll92kvu0ovmu923bil4s25; path=/; domain=.metro.cl; secure; HttpOnly
308- Expires: Thu, 19 Nov 1981 08:52:00 GMT
309- Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
310- Pragma: no-cache
311- Content-Type: text/html; charset=UTF-8
312- Transfer-Encoding: chunked
313- Content-Encoding: gzip
314- Vary: Accept-Encoding
315- Date: Tue, 29 Oct 2019 16:13:05 GMT
316- Server: LiteSpeed
317- Access-Control-Allow-Origin: http://www.metro.cl, http://metro.cl, http://www.metrosantiago.cl, http://metrosantiago.cl, http://metrodesantiago.cl, https://www.metro.cl, https://metro.cl, https://www.metrosantiago.cl, https://metrosantiago.cl, https://metrodesantiago.cl
318- X-Frame-Options: SAMEORIGIN
319- X-Content-Type-Options: nosniff
320- X-XSS-Protection: 1; mode=block
321- Referrer-Policy: strict-origin-when-cross-origin
322- Strict-Transport-Security: max-age=31536000; includeSubDomains
323- X-UA-Compatible: IE=edge
324- Alt-Svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-22=":443"; ma=2592000
325--------------------------------------------------
326[#] Finding Location..!
327[#] status: success
328[#] country: Chile
329[#] countryCode: CL
330[#] region: RM
331[#] regionName: Santiago Metropolitan
332[#] city: Nunoa
333[#] zip: 7750000
334[#] lat: -33.4479
335[#] lon: -70.6199
336[#] timezone: America/Santiago
337[#] isp: PowerHost Telecom SPA
338[#] org: Power Host E.I.R.L.
339[#] as: AS263237 PowerHost Telecom SPA
340[#] query: 201.217.241.118
341--------------------------------------------------
342[x] Didn't Detect WAF Presence on: https://www.metro.cl/
343--------------------------------------------------
344[#] Starting Reverse DNS
345[!] Found 2 any Domain
346- metro.cl
347- operaciones.metrosantiago.cl
348--------------------------------------------------
349[!] Scanning Open Port
350[#] 53/tcp open domain
351[#] 80/tcp open http
352[#] 443/tcp open https
353[#] 3306/tcp open mysql
354--------------------------------------------------
355[+] Collecting Information Disclosure!
356[#] Detecting sitemap.xml file
357[-] sitemap.xml file not Found!?
358[#] Detecting robots.txt file
359[-] robots.txt file not Found!?
360[#] Detecting GNU Mailman
361[-] GNU Mailman App Not Detected!?
362--------------------------------------------------
363[+] Crawling Url Parameter On: https://www.metro.cl/
364--------------------------------------------------
365[#] Searching Html Form !
366[+] Html Form Discovered
367[#] action: None
368[#] class: ['form-sm']
369[#] id: formLogin
370[#] method: None
371--------------------------------------------------
372[!] Found 15 dom parameter
373[#] https://www.metro.cl//#
374[#] https://www.metro.cl//#
375[#] https://www.metro.cl//#
376[#] https://www.metro.cl//#
377[#] https://www.metro.cl//#
378[#] https://www.metro.cl//#
379[#] https://www.metro.cl//#
380[#] https://www.metro.cl//#
381[#] https://www.metro.cl//#
382[#] https://www.metro.cl//#
383[#] https://www.metro.cl//#
384[#] https://www.metro.cl//#
385[#] https://www.metro.cl//#
386[#] https://www.metro.cl//#carouselHome
387[#] https://www.metro.cl//#carouselHome
388--------------------------------------------------
389[!] 1 Internal Dynamic Parameter Discovered
390[+] https://www.metro.cl///css/base.css?v=1.2019042601
391--------------------------------------------------
392[!] 2 External Dynamic Parameter Discovered
393[#] https://www.facebook.com/pages/Metro-de-Santiago-Chile/171538782666?ref=stream
394[#] https://twitter.com/intent/user?screen_name=metrodesantiago
395--------------------------------------------------
396[!] 146 Internal links Discovered
397[+] https://www.metro.cl///css/bootstrap.min.css
398[+] https://www.metro.cl///css/bootstrap-helpers.css
399[+] https://www.metro.cl///css/iconos-bootstrap.css
400[+] https://www.metro.cl///css/ekko-lightbox.css
401[+] https://www.metro.cl///css/select2.min.css
402[+] https://www.metro.cl///css/slicebox.css
403[+] https://www.metro.cl///css/datatables.css
404[+] https://www.metro.cl///css/daterangepicker.css
405[+] https://www.metro.cl///
406[+] https://www.metro.cl///planificador
407[+] https://www.metro.cl///tu-viaje/conexiones
408[+] https://www.metro.cl///tu-viaje/plano-de-red
409[+] https://www.metro.cl///estacion/
410[+] https://www.metro.cl///tu-viaje/tarifas
411[+] https://www.metro.cl///tu-viaje/horarios
412[+] https://cargatubip.metro.cl/CargaTuBipV2/
413[+] https://www.metro.cl///tu-viaje/estado-red
414[+] https://www.metro.cl///tu-viaje/ruta-expresa
415[+] https://www.metro.cl///noticias/sala-de-prensa
416[+] https://www.metro.cl///historias-de-metro
417[+] https://www.metro.cl///buen-viajero
418[+] https://www.metro.cl///buen-viajero/que-hacer-en-casos-de-contingencia
419[+] https://www.metro.cl///ticket-viaje
420[+] https://www.metro.cl///buen-viajero/medidas-operacionales
421[+] https://www.metro.cl///porsantiago/toponimia-biobio
422[+] https://www.metro.cl///buen-viajero/chaje-kat-bip-ou
423[+] https://www.metro.cl///atencion-cliente/oficinas
424[+] https://www.metro.cl///atencion-cliente/consulta-objetos-perdidos
425[+] https://www.metro.cl///atencion-cliente/tarjeta-adulto-mayor
426[+] https://www.metro.cl///atencion-cliente/sugerencias-reclamos
427[+] https://www.metro.cl///atencion-cliente/preguntas-frecuentes
428[+] https://www.metro.cl///registro
429[+] https://www.metro.cl///corporativo/mision-vision
430[+] https://www.metro.cl///corporativo/nuestros-valores
431[+] https://www.metro.cl///corporativo/marco-normativo
432[+] https://www.metro.cl///corporativo/objetivo-giro-empresa
433[+] https://www.metro.cl///corporativo/filiales
434[+] https://www.metro.cl///corporativo/estructura-organizacional
435[+] https://www.metro.cl///corporativo/remuneraciones
436[+] https://www.metro.cl///corporativo/informacion-financiera
437[+] https://www.metro.cl///corporativo/informe-financiero-anual
438[+] https://www.metro.cl///corporativo/canal-de-denuncias
439[+] https://www.metro.cl///corporativo/reporte-operacional
440[+] https://www.metro.cl///corporativo/memoria
441[+] https://www.metro.cl///corporativo/reporte-de-sostenibilidad
442[+] https://www.metro.cl///corporativo/historia
443[+] https://www.metro.cl///corporativo/mapa-del-sitio
444[+] https://www.metro.cl///corporativo/informacion-de-interes
445[+] https://www.metro.cl///licitaciones
446[+] https://bazarmetro.cl
447[+] https://www.metro.cl///registro
448[+] https://www.metro.cl///licitaciones
449[+] https://bazarmetro.cl
450[+] https://www.metro.cl///
451[+] https://www.metro.cl///planificador/interactivo
452[+] https://www.metro.cl///tu-viaje/conexiones
453[+] https://www.metro.cl///tu-viaje/plano-de-red
454[+] https://www.metro.cl///estacion/
455[+] https://www.metro.cl///tu-viaje/tarifas
456[+] https://www.metro.cl///tu-viaje/horarios
457[+] https://www.metro.cl///tu-viaje/estado-red
458[+] https://cargatubip.metro.cl/CargaTuBipV2/
459[+] https://www.metro.cl///tu-viaje/ruta-expresa
460[+] https://www.metro.cl///noticias/sala-de-prensa
461[+] https://www.metro.cl///historias-de-metro
462[+] https://www.metro.cl///buen-viajero
463[+] https://www.metro.cl///buen-viajero/que-hacer-en-casos-de-contingencia
464[+] https://www.metro.cl///ticket-viaje
465[+] https://www.metro.cl///buen-viajero/medidas-operacionales
466[+] https://www.metro.cl///porsantiago/toponimia-biobio
467[+] https://www.metro.cl///buen-viajero/chaje-kat-bip-ou
468[+] https://www.metro.cl///atencion-cliente/oficinas
469[+] https://www.metro.cl///atencion-cliente/consulta-objetos-perdidos
470[+] https://www.metro.cl///atencion-cliente/tarjeta-adulto-mayor
471[+] https://www.metro.cl///atencion-cliente/sugerencias-reclamos
472[+] https://www.metro.cl///atencion-cliente/preguntas-frecuentes
473[+] https://www.metro.cl///corporativo
474[+] https://www.metro.cl///tu-viaje/plano-de-red
475[+] https://www.metro.cl///tu-viaje/estado-red
476[+] https://cargatubip.metro.cl/CargaTuBipV2/
477[+] https://www.metro.cl///noticias/historial
478[+] https://bazarmetro.cl/
479[+] https://www.metro.cl///noticias/agradecemos-a-nuestros-trabajadores-por-su-entrega
480[+] https://www.metro.cl///noticias/agradecemos-a-todos-nuestros-vecinos-su-ayuda
481[+] https://www.metro.cl///noticias/agradecemos-sus-muestras-de-apoyo
482[+] https://www.metro.cl///tu-viaje/estado-red
483[+] https://www.metro.cl///ticket-viaje
484[+] https://www.metro.cl///noticias/metro-de-santiago-iniciara-su-operacion-a-las-6-de-la-manana-el-martes-29-y-miercoles-30
485[+] https://www.metro.cl/porstgo/LE
486[+] https://www.metro.cl/porstgo/FR
487[+] https://www.metro.cl/porstgo/QN
488[+] https://www.metro.cl/porstgo/CA
489[+] https://www.metro.cl/porstgo
490[+] https://www.metro.cl///historias-de-metro/gracias-a-la-fabrica-de-boleto-dejo-de-funcionar-tras-42-anos-de-historia
491[+] https://www.metro.cl///historias-de-metro/amor-sin-limites
492[+] https://www.metro.cl///historias-de-metro/seis-espacios-que-tio-metro-recomienda-para-tomar-buenas-fotos
493[+] https://www.metro.cl///historias-de-metro/music-is-coming
494[+] https://www.metro.cl///historias-de-metro
495[+] https://www.metro.cl/minisitio/linea-3-y-6/linea-3
496[+] https://www.metro.cl/minisitio/linea-3-y-6/linea-6
497[+] https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-7
498[+] https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-8
499[+] https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-9
500[+] https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-2
501[+] https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-3
502[+] https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-4
503[+] https://www.metro.cl/minisitio/linea-3-y-6/
504[+] https://www.metro.cl/registro/
505[+] https://www.metro.cl/clubmetro/actividades-gratuitas
506[+] https://www.metro.cl/clubmetro/que-es
507[+] https://www.metro.cl/clubmetro
508[+] https://www.metro.cl///noticias/metro-de-santiago-iniciara-su-operacion-a-las-6-de-la-manana-el-martes-29-y-miercoles-30
509[+] https://www.metro.cl///noticias/metro-de-santiago-sumara-en-operacion-un-tramo-de-linea-4-a-partir-del-lunes
510[+] https://www.metro.cl///noticias/sala-de-prensa
511[+] https://bazarmetro.cl
512[+] https://bazarmetro.cl
513[+] https://www.metro.cl/minisitio/finanzas/es
514[+] https://www.metro.cl/minisitio/finanzas/es
515[+] https://www.metro.cl/red-clientes/
516[+] https://www.metro.cl/red-clientes/
517[+] https://www.metro.cl///buen-viajero/que-hacer-en-casos-de-contingencia
518[+] https://www.metro.cl///buen-viajero/que-hacer-en-casos-de-contingencia
519[+] https://www.metro.cl///corporativo/canal-de-denuncias
520[+] https://www.metro.cl///corporativo/canal-de-denuncias
521[+] https://www.metro.cl///corporativo/
522[+] https://www.metro.cl///corporativo/
523[+] https://www.metro.cl///atencion-cliente/sugerencias-reclamos
524[+] https://www.metro.cl///atencion-cliente/sugerencias-reclamos
525[+] https://www.metro.cl///corporativo/mapa-del-sitio
526[+] https://www.metro.cl///corporativo/privacidad
527[+] https://www.metro.cl///corporativo/normas-redes-sociales
528[+] https://www.metro.cl//mailto:aariztia@metro-chile.cl
529[+] https://www.metro.cl///planificador/interactivo
530[+] https://www.metro.cl///estacion
531[+] https://www.metro.cl///tu-viaje/horarios
532[+] https://www.metro.cl///tu-viaje/ruta-expresa
533[+] https://www.metro.cl///atencion-cliente/oficinas
534[+] https://www.metro.cl///atencion-cliente/preguntas-frecuentes
535[+] https://www.metro.cl///atencion-cliente/sugerencias-reclamos
536[+] https://www.metro.cl///corporativo
537[+] https://www.metro.cl///corporativo/canal-de-denuncias
538[+] https://www.metro.cl///licitaciones
539[+] https://www.metro.cl///actividad-comercial
540[+] https://mail.metro.cl/
541[+] https://www.metro.cl///corporativo/documentos
542[+] https://www.metro.cl///recuperar-clave
543--------------------------------------------------
544[!] 10 External links Discovered
545[#] http://metro.trabajando.cl/
546[#] http://metro.trabajando.cl/
547[#] https://www.facebook.com/Metrostgo/
548[#] https://twitter.com/metrodesantiago
549[#] https://www.instagram.com/metrodesantiago
550[#] http://www.youtube.com/user/metrodesantiagochile
551[#] http://metro.trabajando.cl/
552[#] http://www.transantiago.cl/
553[#] http://www.mac.uchile.cl/
554[#] http://www.ccplm.cl/
555--------------------------------------------------
556[#] Mapping Subdomain..
557[!] Found 16 Subdomain
558- metro.cl
559- server2.metro.cl
560- ptr3.metro.cl
561- sipconsola.metro.cl
562- sipec.metro.cl
563- ticket-viaje.metro.cl
564- mail.metro.cl
565- sapmovil.metro.cl
566- mdm.metro.cl
567- anden.metro.cl
568- vpn.metro.cl
569- cargatubip.metro.cl
570- app.metro.cl
571- ftp.metro.cl
572- server.metro.cl
573- proveedores.metro.cl
574--------------------------------------------------
575[!] Done At 2019-10-29 12:14:58.522664
576########################################################################################################################################
577[INFO] ------TARGET info------
578[*] TARGET: https://www.metro.cl/
579[*] TARGET IP: 201.217.241.118
580[INFO] NO load balancer detected for www.metro.cl...
581[*] DNS servers: www.metrosantiago.cl. ns0.ifxnetworks.com.
582[*] TARGET server: LiteSpeed
583[*] CC: CL
584[*] Country: Chile
585[*] RegionCode: RM
586[*] RegionName: Santiago Metropolitan
587[*] City: Nunoa
588[*] ASN: AS263237
589[*] BGP_PREFIX: 201.217.240.0/22
590[*] ISP: POWER HOST E.I.R.L., CL
591[INFO] SSL/HTTPS certificate detected
592[*] Issuer: issuer=C = US, ST = TX, L = Houston, O = "cPanel, Inc.", CN = "cPanel, Inc. Certification Authority"
593[*] Subject: subject=CN = metro.cl
594[INFO] DNS enumeration:
595[*] app.metro.cl 200.73.13.147
596[*] ftp.metro.cl 200.73.13.143
597[*] mail.metro.cl 200.73.13.136
598[*] vpn.metro.cl 200.73.13.253
599[INFO] Possible abuse mails are:
600[*] abuse@metro.cl
601[*] abuse@www.metro.cl
602[INFO] NO PAC (Proxy Auto Configuration) file FOUND
603[INFO] Starting FUZZing in http://www.metro.cl/FUzZzZzZzZz...
604[INFO] Status code Folders
605[*] 302 http://www.metro.cl/images
606[ALERT] Look in the source code. It may contain passwords
607[INFO] Links found from https://www.metro.cl/ http://201.217.241.118/:
608[*] http://metro.trabajando.cl/
609[*] https://bazarmetro.cl/
610[*] https://cargatubip.metro.cl/CargaTuBipV2/
611[*] https://mail.metro.cl/
612[*] https://twitter.com/intent/user?screen_name=metrodesantiago
613[*] https://twitter.com/metrodesantiago
614[*] https://www.facebook.com/Metrostgo/
615[*] https://www.facebook.com/pages/Metro-de-Santiago-Chile/171538782666?ref=stream
616[*] https://www.instagram.com/metrodesantiago
617[*] https://www.metro.cl/
618[*] https://www.metro.cl/actividad-comercial
619[*] https://www.metro.cl/atencion-cliente/consulta-objetos-perdidos
620[*] https://www.metro.cl/atencion-cliente/oficinas
621[*] https://www.metro.cl/atencion-cliente/preguntas-frecuentes
622[*] https://www.metro.cl/atencion-cliente/sugerencias-reclamos
623[*] https://www.metro.cl/atencion-cliente/tarjeta-adulto-mayor
624[*] https://www.metro.cl/buen-viajero
625[*] https://www.metro.cl/buen-viajero/chaje-kat-bip-ou
626[*] https://www.metro.cl/buen-viajero/medidas-operacionales
627[*] https://www.metro.cl/buen-viajero/que-hacer-en-casos-de-contingencia
628[*] https://www.metro.cl/#carouselHome
629[*] https://www.metro.cl/clubmetro
630[*] https://www.metro.cl/clubmetro/actividades-gratuitas
631[*] https://www.metro.cl/clubmetro/que-es
632[*] https://www.metro.cl/corporativo
633[*] https://www.metro.cl/corporativo/
634[*] https://www.metro.cl/corporativo/canal-de-denuncias
635[*] https://www.metro.cl/corporativo/documentos
636[*] https://www.metro.cl/corporativo/estructura-organizacional
637[*] https://www.metro.cl/corporativo/filiales
638[*] https://www.metro.cl/corporativo/historia
639[*] https://www.metro.cl/corporativo/informacion-de-interes
640[*] https://www.metro.cl/corporativo/informacion-financiera
641[*] https://www.metro.cl/corporativo/informe-financiero-anual
642[*] https://www.metro.cl/corporativo/mapa-del-sitio
643[*] https://www.metro.cl/corporativo/marco-normativo
644[*] https://www.metro.cl/corporativo/memoria
645[*] https://www.metro.cl/corporativo/mision-vision
646[*] https://www.metro.cl/corporativo/normas-redes-sociales
647[*] https://www.metro.cl/corporativo/nuestros-valores
648[*] https://www.metro.cl/corporativo/objetivo-giro-empresa
649[*] https://www.metro.cl/corporativo/privacidad
650[*] https://www.metro.cl/corporativo/remuneraciones
651[*] https://www.metro.cl/corporativo/reporte-de-sostenibilidad
652[*] https://www.metro.cl/corporativo/reporte-operacional
653[*] https://www.metro.cl/estacion
654[*] https://www.metro.cl/estacion/
655[*] https://www.metro.cl/historias-de-metro
656[*] https://www.metro.cl/historias-de-metro/amor-sin-limites
657[*] https://www.metro.cl/historias-de-metro/gracias-a-la-fabrica-de-boleto-dejo-de-funcionar-tras-42-anos-de-historia
658[*] https://www.metro.cl/historias-de-metro/music-is-coming
659[*] https://www.metro.cl/historias-de-metro/seis-espacios-que-tio-metro-recomienda-para-tomar-buenas-fotos
660[*] https://www.metro.cl/licitaciones
661[*] https://www.metro.cl/minisitio/finanzas/es
662[*] https://www.metro.cl/minisitio/linea-3-y-6/
663[*] https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-2
664[*] https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-3
665[*] https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-4
666[*] https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-7
667[*] https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-8
668[*] https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-9
669[*] https://www.metro.cl/minisitio/linea-3-y-6/linea-3
670[*] https://www.metro.cl/minisitio/linea-3-y-6/linea-6
671[*] https://www.metro.cl/noticias/agradecemos-a-nuestros-trabajadores-por-su-entrega
672[*] https://www.metro.cl/noticias/agradecemos-a-todos-nuestros-vecinos-su-ayuda
673[*] https://www.metro.cl/noticias/agradecemos-sus-muestras-de-apoyo
674[*] https://www.metro.cl/noticias/historial
675[*] https://www.metro.cl/noticias/metro-de-santiago-iniciara-su-operacion-a-las-6-de-la-manana-el-martes-29-y-miercoles-30
676[*] https://www.metro.cl/noticias/metro-de-santiago-sumara-en-operacion-un-tramo-de-linea-4-a-partir-del-lunes
677[*] https://www.metro.cl/noticias/sala-de-prensa
678[*] https://www.metro.cl/planificador
679[*] https://www.metro.cl/planificador/interactivo
680[*] https://www.metro.cl/porsantiago/toponimia-biobio
681[*] https://www.metro.cl/porstgo
682[*] https://www.metro.cl/porstgo/CA
683[*] https://www.metro.cl/porstgo/FR
684[*] https://www.metro.cl/porstgo/LE
685[*] https://www.metro.cl/porstgo/QN
686[*] https://www.metro.cl/recuperar-clave
687[*] https://www.metro.cl/red-clientes/
688[*] https://www.metro.cl/registro
689[*] https://www.metro.cl/registro/
690[*] https://www.metro.cl/ticket-viaje
691[*] https://www.metro.cl/tu-viaje/conexiones
692[*] https://www.metro.cl/tu-viaje/estado-red
693[*] https://www.metro.cl/tu-viaje/horarios
694[*] https://www.metro.cl/tu-viaje/plano-de-red
695[*] https://www.metro.cl/tu-viaje/ruta-expresa
696[*] https://www.metro.cl/tu-viaje/tarifas
697[*] http://www.ccplm.cl/
698[*] http://www.mac.uchile.cl/
699[*] http://www.transantiago.cl/
700[*] http://www.youtube.com/user/metrodesantiagochile
701[INFO] GOOGLE has 137,000,000 results (0.22 seconds) about http://www.metro.cl/
702[INFO] BING shows 201.217.241.118 is shared with 71 hosts/vhosts
703[INFO] Shodan detected the following opened ports on 201.217.241.118:
704[*] 1
705[*] 2
706[*] 2082
707[*] 2083
708[*] 2086
709[*] 2087
710[*] 2095
711[*] 3306
712[*] 443
713[*] 53
714[*] 80
715[INFO] ------VirusTotal SECTION------
716[INFO] VirusTotal passive DNS only stores address records. The following domains resolved to the given IP address:
717[INFO] Latest URLs hosted in this IP address detected by at least one URL scanner or malicious URL dataset:
718[INFO] Latest files that are not detected by any antivirus solution and were downloaded by VirusTotal from the IP address provided:
719[INFO] ------Alexa Rank SECTION------
720[INFO] Percent of Visitors Rank in Country:
721[INFO] Percent of Search Traffic:
722[INFO] Percent of Unique Visits:
723[INFO] Total Sites Linking In:
724[*] Total Sites
725[INFO] Useful links related to www.metro.cl - 201.217.241.118:
726[*] https://www.virustotal.com/pt/ip-address/201.217.241.118/information/
727[*] https://www.hybrid-analysis.com/search?host=201.217.241.118
728[*] https://www.shodan.io/host/201.217.241.118
729[*] https://www.senderbase.org/lookup/?search_string=201.217.241.118
730[*] https://www.alienvault.com/open-threat-exchange/ip/201.217.241.118
731[*] http://pastebin.com/search?q=201.217.241.118
732[*] http://urlquery.net/search.php?q=201.217.241.118
733[*] http://www.alexa.com/siteinfo/www.metro.cl
734[*] http://www.google.com/safebrowsing/diagnostic?site=www.metro.cl
735[*] https://censys.io/ipv4/201.217.241.118
736[*] https://www.abuseipdb.com/check/201.217.241.118
737[*] https://urlscan.io/search/#201.217.241.118
738[*] https://github.com/search?q=201.217.241.118&type=Code
739[INFO] Useful links related to AS263237 - 201.217.240.0/22:
740[*] http://www.google.com/safebrowsing/diagnostic?site=AS:263237
741[*] https://www.senderbase.org/lookup/?search_string=201.217.240.0/22
742[*] http://bgp.he.net/AS263237
743[*] https://stat.ripe.net/AS263237
744[INFO] Date: 29/10/19 | Time: 12:19:49
745[INFO] Total time: 7 minute(s) and 4 second(s)
746#######################################################################################################################################
747Trying "metro.cl"
748Trying "metro.cl"
749;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43527
750;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 4, ADDITIONAL: 6
751
752;; QUESTION SECTION:
753;metro.cl. IN ANY
754
755;; ANSWER SECTION:
756metro.cl. 38400 IN SOA ns0.ifxnetworks.com. hostmaster.ifxcorp.com. 2019083002 10800 3600 604800 38400
757metro.cl. 38400 IN MX 0 server2.metro.cl.
758metro.cl. 38400 IN MX 5 server.metro.cl.
759metro.cl. 38400 IN A 201.217.241.118
760metro.cl. 3600 IN TXT "MS=B86ECCC674B9DF4721E05510729CC0ABD7AC5290"
761metro.cl. 3600 IN TXT "MS=ms97938520"
762metro.cl. 3600 IN TXT "7U6fHwsk4mp0WqV74sTkJ2a2gL82wd99P2K35MCH1KhTZw6eIEAS79njCOrm/JoRF/mOPLZWIMhUf5YmurvbGQ=="
763metro.cl. 3600 IN TXT "v=spf1 ip4:200.73.13.132/32 ip4:200.73.13.131/32 ip4:201.217.241.118/32 ip4:200.91.40.0/24 ip4:200.91.41.0/24 ip4:200.91.44.0/24 ip4:200.91.45.0/24 include:spf.protection.outlook.com include:_spf-all.mcnet.cl ~all"
764metro.cl. 3600 IN TXT "_globalsign-domain-verification=_MHFKlo2vBdZ0e3tXlkUdX7mLRdSwlMV1y-UZ_ZagY"
765metro.cl. 3597 IN NS ns1.ifxnetworks.co.
766metro.cl. 3597 IN NS ns1.ifxnetworks.com.
767metro.cl. 3597 IN NS ns0.ifxnetworks.com.
768metro.cl. 3597 IN NS ns0.ifxnetworks.co.
769
770;; AUTHORITY SECTION:
771metro.cl. 3597 IN NS ns0.ifxnetworks.co.
772metro.cl. 3597 IN NS ns1.ifxnetworks.com.
773metro.cl. 3597 IN NS ns1.ifxnetworks.co.
774metro.cl. 3597 IN NS ns0.ifxnetworks.com.
775
776;; ADDITIONAL SECTION:
777ns1.ifxnetworks.com. 28750 IN A 40.76.14.208
778ns1.ifxnetworks.com. 3599 IN AAAA 2607:5580:0:f::5
779ns0.ifxnetworks.com. 28750 IN A 200.62.2.178
780ns0.ifxnetworks.com. 3599 IN AAAA 2607:5580:0:f::6
781ns0.ifxnetworks.co. 731 IN A 200.62.2.178
782ns1.ifxnetworks.co. 731 IN A 40.76.14.208
783
784Received 917 bytes from 2001:18c0:121:6900:724f:b8ff:fefd:5b6a#53 in 46 ms
785######################################################################################################################################
786; <<>> DiG 9.11.5-P4-5.1+b1-Debian <<>> +trace metro.cl
787;; global options: +cmd
788. 85705 IN NS g.root-servers.net.
789. 85705 IN NS j.root-servers.net.
790. 85705 IN NS h.root-servers.net.
791. 85705 IN NS m.root-servers.net.
792. 85705 IN NS b.root-servers.net.
793. 85705 IN NS i.root-servers.net.
794. 85705 IN NS f.root-servers.net.
795. 85705 IN NS c.root-servers.net.
796. 85705 IN NS l.root-servers.net.
797. 85705 IN NS e.root-servers.net.
798. 85705 IN NS d.root-servers.net.
799. 85705 IN NS k.root-servers.net.
800. 85705 IN NS a.root-servers.net.
801. 85705 IN RRSIG NS 8 0 518400 20191111050000 20191029040000 22545 . KDsdYZ8nBWqQPSNnwFM9cHWGfsiK+WXoep364RJxPawoiRqAEIRXovCR DZm17uy4Q5aqb0taDhXenyr0wqBO171pFilGFq6DrdVcoA3tZiTVaPp3 OG7jQzXXUb11KoihH8qB2eHxfa5dlxQpL6/RY7/AEqLDhFkGSbD2jIwk tAaNz43H2l8r06wt+NEo1Dpq0T1T0lKfi54IwSveiHZeRJ8KHS8vJdvA AmXahHhAfEq2Uou80abfOUoa4QgMGeLmVMjttOVPZDMhyvGjYgOl1dui E9nnASsj2hO+NWrx+YOMNDzKcqkUQznLANgVOGa2uKsDrAXcgNfxfvCD Wdqv9A==
802;; Received 525 bytes from 185.93.180.131#53(185.93.180.131) in 177 ms
803
804cl. 172800 IN NS b.nic.cl.
805cl. 172800 IN NS a.nic.cl.
806cl. 172800 IN NS c.nic.cl.
807cl. 172800 IN NS cl-ns.anycast.pch.net.
808cl. 172800 IN NS cl2-tld.d-zone.ca.
809cl. 172800 IN NS cl1-tld.d-zone.ca.
810cl. 172800 IN NS cl1.dnsnode.net.
811cl. 86400 IN DS 21199 8 2 7D756DFFAB6D3CD9C786FF5C659954C22944FAEF9433EEE26F1D84EB 5370B394
812cl. 86400 IN RRSIG DS 8 1 86400 20191111050000 20191029040000 22545 . Uv1iWumGe0euu/GvUionlKAO20zdBam2vHzOnMdsH+ZCuZW1T/zmyzhr dU6UeZUfCde1KGgPc8SkeVlB5+5KJjEAC3xffAdsqe6XbhvJYHc/cNAg ISPN32Sclm1IS1cQ63MyKWNLI/Qj5KDhr5UDlkuweqFCXiWQKpaZQwyK f8prNTx/odFqc27GCLO1aoWAaZkl+65QGV/i0F0xSc0gD1bCIWzSahV8 f58lCwiERebUAUTB5WVsOHRmYQyOmGTadmXDUXMikUpNVyf/rkWwgUX6 yoV16BPnuFpk8w1olkTgaTn3HDwweZhXiQQI0wRVXBPcBr395rbK0B0r 7lAHgg==
813;; Received 818 bytes from 2001:dc3::35#53(m.root-servers.net) in 87 ms
814
815metro.cl. 3600 IN NS ns0.ifxnetworks.com.
816metro.cl. 3600 IN NS ns1.ifxnetworks.com.
817v6gcor3s6vtm1o5ojso19tld95ibmpms.cl. 900 IN NSEC3 1 1 2 123BF8539CD33DC2BF7018B188DEFE84 V8J04V4IP4F3T3V1E032N3FNGE87K30O NS SOA TXT RRSIG DNSKEY NSEC3PARAM
818ebdla80pdhkjudfo626pr8k65nacc9aq.cl. 900 IN NSEC3 1 1 2 123BF8539CD33DC2BF7018B188DEFE84 EFPAPAM8Q3CJEKF615LRSA05F48A31ID NS DS RRSIG
819v6gcor3s6vtm1o5ojso19tld95ibmpms.cl. 900 IN RRSIG NSEC3 8 2 900 20191210142723 20191029150025 12363 cl. fZzTp53EqHe0XNgz/WeF2xxNAK2QV53Y+nMCc4JA1zqdog8s5wGMYezY +LOehc0XP0aBH7di+rPGWvZWir1EseTnlKCdNvKaVi+F2jx4FMpFEPRX kDQZbz9kWMWn6VH5Dwe8G1EiwfL0rFWl2mdrPu7nRqE7MYZy2mvuJt0Z QbM=
820ebdla80pdhkjudfo626pr8k65nacc9aq.cl. 900 IN RRSIG NSEC3 8 2 900 20191211075827 20191029150025 12363 cl. sb9f4GoG+B3xZb5eWVCVri+NrYtI7wI163TBvnnCgvd5zUgmw7qJ5iN2 0QR0kqEcfKlmIviRks67G5pFCrI6TVv7cmNMBCUPKRuH8qddxp7e0j8T aaOmZnt+amNCml4syV6Rc6Suhmkf0E217hPPi3flPJNUBdATBWBn/A5Z l88=
821;; Received 603 bytes from 200.16.112.16#53(c.nic.cl) in 180 ms
822
823metro.cl. 38400 IN A 201.217.241.118
824metro.cl. 38400 IN NS ns0.ifxnetworks.com.
825metro.cl. 38400 IN NS ns1.ifxnetworks.co.
826metro.cl. 38400 IN NS ns1.ifxnetworks.com.
827metro.cl. 38400 IN NS ns0.ifxnetworks.co.
828;; Received 330 bytes from 200.62.2.178#53(ns0.ifxnetworks.com) in 288 ms
829######################################################################################################################################
830[*] NS ns1.ifxnetworks.com 40.76.14.208
831[*] Bind Version for 40.76.14.208 IFX DNS system
832[*] NS ns1.ifxnetworks.com 2607:5580:0:f::5
833[*] Bind Version for 2607:5580:0:f::5 BIND
834[*] NS ns1.ifxnetworks.co 40.76.14.208
835[*] Bind Version for 40.76.14.208 IFX DNS system
836[*] NS ns1.ifxnetworks.co 2607:5580:0:f::5
837[*] Bind Version for 2607:5580:0:f::5 BIND
838[*] NS ns0.ifxnetworks.com 200.62.2.178
839[*] Bind Version for 200.62.2.178 BIND
840[*] NS ns0.ifxnetworks.com 2607:5580:0:f::6
841[*] Bind Version for 2607:5580:0:f::6 BIND
842[*] NS ns0.ifxnetworks.co 200.62.2.178
843[*] Bind Version for 200.62.2.178 BIND
844[*] NS ns0.ifxnetworks.co 2607:5580:0:f::6
845[*] Bind Version for 2607:5580:0:f::6 BIND
846[*] MX server2.metro.cl 200.73.13.132
847[*] MX server.metro.cl 200.73.13.131
848[*] TXT metro.cl MS=B86ECCC674B9DF4721E05510729CC0ABD7AC5290
849[*] TXT metro.cl MS=ms97938520
850[*] TXT metro.cl v=spf1 ip4:200.73.13.132/32 ip4:200.73.13.131/32 ip4:201.217.241.118/32 ip4:200.91.40.0/24 ip4:200.91.41.0/24 ip4:200.91.44.0/24 ip4:200.91.45.0/24 include:spf.protection.outlook.com include:_spf-all.mcnet.cl ~all
851[*] TXT metro.cl 7U6fHwsk4mp0WqV74sTkJ2a2gL82wd99P2K35MCH1KhTZw6eIEAS79njCOrm/JoRF/mOPLZWIMhUf5YmurvbGQ==
852[*] TXT metro.cl _globalsign-domain-verification=_MHFKlo2vBdZ0e3tXlkUdX7mLRdSwlMV1y-UZ_ZagY
853[*] Enumerating SRV Records
854[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 52.112.192.11 443 1
855[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:4::b 443 1
856[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:7::b 443 1
857[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:3::b 443 1
858[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:9::b 443 1
859[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:2::b 443 1
860[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:8::b 443 1
861[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027:0:1::b 443 1
862[*] SRV _sip._tls.metro.cl sipdir.online.lync.com 2603:1027::b 443 1
863[*] SRV _sipfederationtls._tcp.metro.cl sipfed.online.lync.com 52.112.194.75 5061 1
864[*] SRV _sipfederationtls._tcp.metro.cl sipfed.online.lync.com 2603:1027:0:9::b 5061 1
865[+] 11 Records Found
866######################################################################################################################################
867[*] Processing domain metro.cl
868[*] Using system resolvers ['185.93.180.131', '194.187.251.67', '38.132.106.139', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
869[+] Getting nameservers
87040.76.14.208 - ns1.ifxnetworks.com
87140.76.14.208 - ns1.ifxnetworks.co
872200.62.2.178 - ns0.ifxnetworks.com
873[-] Getting nameservers failed
874[-] Zone transfer failed
875
876[*] Scanning metro.cl for A records
877201.217.241.118 - metro.cl
878200.73.13.147 - app.metro.cl
879200.73.13.136 - autodiscover.metro.cl
880200.73.13.139 - extranet.metro.cl
881200.73.13.143 - ftp.metro.cl
882200.73.13.136 - mail.metro.cl
883190.196.13.157 - mailing.metro.cl
884200.73.13.169 - mdm.metro.cl
885200.73.13.173 - movil.metro.cl
886200.73.13.131 - server.metro.cl
887200.73.13.132 - server2.metro.cl
88852.112.194.75 - sip.metro.cl
889200.73.13.253 - vpn.metro.cl
890201.217.241.118 - www.metro.cl
891#######################################################################################################################################
892 AVAILABLE PLUGINS
893 -----------------
894
895 CertificateInfoPlugin
896 OpenSslCipherSuitesPlugin
897 CompressionPlugin
898 HeartbleedPlugin
899 RobotPlugin
900 FallbackScsvPlugin
901 OpenSslCcsInjectionPlugin
902 HttpHeadersPlugin
903 SessionRenegotiationPlugin
904 SessionResumptionPlugin
905 EarlyDataPlugin
906
907
908
909 CHECKING HOST(S) AVAILABILITY
910 -----------------------------
911
912 201.217.241.118:443 => 201.217.241.118
913
914
915
916
917 SCAN RESULTS FOR 201.217.241.118:443 - 201.217.241.118
918 ------------------------------------------------------
919
920 * Deflate Compression:
921 OK - Compression disabled
922
923 * Certificate Information:
924 Content
925 SHA1 Fingerprint: d7d6a245d9c2935aa0ae7f05f982dfbca13d8519
926 Common Name: metro.cl
927 Issuer: cPanel, Inc. Certification Authority
928 Serial Number: 142059406898371920580238792964538963117
929 Not Before: 2019-08-27 00:00:00
930 Not After: 2019-11-25 23:59:59
931 Signature Algorithm: sha256
932 Public Key Algorithm: RSA
933 Key Size: 2048
934 Exponent: 65537 (0x10001)
935 DNS Subject Alternative Names: ['metro.cl', 'cpanel.metro.cl', 'mail.metro.cl', 'webdisk.metro.cl', 'webmail.metro.cl', 'www.metro.cl']
936
937 Trust
938 Hostname Validation: FAILED - Certificate does NOT match 201.217.241.118
939 Apple CA Store (iOS 12, macOS 10.14, watchOS 5, and tvOS 12):OK - Certificate is trusted
940 Java CA Store (jdk-12.0.1): OK - Certificate is trusted
941 Mozilla CA Store (2019-03-14): OK - Certificate is trusted
942 Windows CA Store (2019-05-27): OK - Certificate is trusted
943 Android CA Store (9.0.0_r9): ERROR: timeout - timed out
944 Symantec 2018 Deprecation: WARNING: Certificate distrusted by Google and Mozilla on September 2018
945 Received Chain: metro.cl --> cPanel, Inc. Certification Authority --> COMODO RSA Certification Authority
946 Verified Chain: metro.cl --> cPanel, Inc. Certification Authority --> COMODO RSA Certification Authority
947 Received Chain Contains Anchor: OK - Anchor certificate not sent
948 Received Chain Order: OK - Order is valid
949 Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain
950
951 Extensions
952 OCSP Must-Staple: NOT SUPPORTED - Extension not found
953 Certificate Transparency: WARNING - Only 2 SCTs included but Google recommends 3 or more
954
955 OCSP Stapling
956 OCSP Response Status: successful
957 Validation w/ Mozilla Store: OK - Response is trusted
958 Responder Id: 7E035A65416BA77E0AE1B89D08EA1D8E1D6AC765
959 Cert Status: good
960 Cert Serial Number: 6ADFA58522DB172EED3F24C492C514AD
961 This Update: Oct 27 00:09:32 2019 GMT
962 Next Update: Nov 3 00:09:32 2019 GMT
963
964 * OpenSSL Heartbleed:
965 OK - Not vulnerable to Heartbleed
966
967 * TLSV1_1 Cipher Suites:
968 Server rejected all cipher suites.
969 Undefined - An unexpected error happened:
970 TLS_DH_RSA_WITH_AES_256_CBC_SHA timeout - timed out
971
972 * Session Renegotiation:
973 Client-initiated Renegotiation: OK - Rejected
974 Secure Renegotiation: OK - Supported
975
976 * TLSV1_2 Cipher Suites:
977 Forward Secrecy OK - Supported
978 RC4 OK - Not Supported
979
980 Preferred:
981 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
982 Accepted:
983 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 256 bits HTTP 200 OK
984 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 bits HTTP 200 OK
985 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 bits HTTP 200 OK
986 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 bits HTTP 200 OK
987
988 * TLSV1 Cipher Suites:
989 Server rejected all cipher suites.
990 Undefined - An unexpected error happened:
991 TLS_ECDH_RSA_WITH_NULL_SHA timeout - timed out
992
993 * Downgrade Attacks:
994 TLS_FALLBACK_SCSV: OK - Supported
995
996 * OpenSSL CCS Injection:
997 OK - Not vulnerable to OpenSSL CCS injection
998
999 * SSLV3 Cipher Suites:
1000 Server rejected all cipher suites.
1001 Undefined - An unexpected error happened:
1002 TLS_ECDH_anon_WITH_AES_128_CBC_SHA timeout - timed out
1003 TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA timeout - timed out
1004 TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA timeout - timed out
1005 TLS_DH_DSS_WITH_AES_128_CBC_SHA timeout - timed out
1006
1007 * SSLV2 Cipher Suites:
1008 Server rejected all cipher suites.
1009 Undefined - An unexpected error happened:
1010 SSL_CK_DES_64_CBC_WITH_MD5 timeout - timed out
1011
1012 * ROBOT Attack:
1013 OK - Not vulnerable, RSA cipher suites not supported
1014
1015 * TLS 1.2 Session Resumption Support:
1016 With Session IDs: PARTIALLY SUPPORTED (2 successful, 3 failed, 0 errors, 5 total attempts).
1017 With TLS Tickets: OK - Supported
1018
1019 * TLSV1_3 Cipher Suites:
1020 Server rejected all cipher suites.
1021
1022
1023 SCAN COMPLETED IN 65.33 S
1024 -------------------------
1025#######################################################################################################################################
1026Domains still to check: 1
1027 Checking if the hostname metro.cl. given is in fact a domain...
1028
1029Analyzing domain: metro.cl.
1030 Checking NameServers using system default resolver...
1031 IP: 40.76.14.208 (United States)
1032 HostName: ns1.ifxnetworks.com Type: NS
1033 IP: 40.76.14.208 (United States)
1034 HostName: ns1.ifxnetworks.com Type: NS
1035 HostName: ns1.ifxnetworks.co Type: NS
1036 IP: 200.62.2.178 (United States)
1037 HostName: ns0.ifxnetworks.com Type: NS
1038 HostName: ns0.ifxnetworks.com Type: PTR
1039 IP: 200.62.2.178 (United States)
1040 HostName: ns0.ifxnetworks.com Type: NS
1041 HostName: ns0.ifxnetworks.com Type: PTR
1042 HostName: ns0.ifxnetworks.co Type: NS
1043
1044 Checking MailServers using system default resolver...
1045 IP: 200.73.13.132 (Chile)
1046 HostName: server2.metro.cl Type: MX
1047 HostName: server2.metro.cl Type: PTR
1048 IP: 200.73.13.131 (Chile)
1049 HostName: server.metro.cl Type: MX
1050 HostName: server.metro.cl Type: PTR
1051
1052 Checking the zone transfer for each NS... (if this takes more than 10 seconds, just hit CTRL-C and it will continue. Bug in the libs)
1053 No zone transfer found on nameserver 200.62.2.178
1054 No zone transfer found on nameserver 200.62.2.178
1055 No zone transfer found on nameserver 40.76.14.208
1056 No zone transfer found on nameserver 40.76.14.208
1057
1058 Checking SPF record...
1059 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.73.13.132/32, but only the network IP
1060 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.73.13.131/32, but only the network IP
1061 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 201.217.241.118/32, but only the network IP
1062 New IP found: 201.217.241.118
1063 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.40.0/24, but only the network IP
1064 New IP found: 200.91.40.0
1065 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.41.0/24, but only the network IP
1066 New IP found: 200.91.41.0
1067 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.44.0/24, but only the network IP
1068 New IP found: 200.91.44.0
1069 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.45.0/24, but only the network IP
1070 New IP found: 200.91.45.0
1071
1072 Checking SPF record...
1073 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 40.92.0.0/15, but only the network IP
1074 New IP found: 40.92.0.0
1075 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 40.107.0.0/16, but only the network IP
1076 New IP found: 40.107.0.0
1077 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 52.100.0.0/14, but only the network IP
1078 New IP found: 52.100.0.0
1079 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 104.47.0.0/17, but only the network IP
1080 New IP found: 104.47.0.0
1081 There are no IPv4 addresses in the SPF. Maybe IPv6.
1082 There are no IPv4 addresses in the SPF. Maybe IPv6.
1083
1084 Checking SPF record...
1085 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.40.0/24, but only the network IP
1086 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.41.0/24, but only the network IP
1087 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.44.0/24, but only the network IP
1088 WARNING! SPF record allows an entire network to send mails. Probably an ISP network. We are not going to check the entire network by now: 200.91.45.0/24, but only the network IP
1089
1090 Checking 192 most common hostnames using system default resolver...
1091 IP: 201.217.241.118 (Chile)
1092 Type: SPF
1093 HostName: www.metro.cl. Type: A
1094 HostName: servidor.agenciacatedral.com Type: PTR
1095 IP: 200.73.13.143 (Chile)
1096 HostName: ftp.metro.cl. Type: A
1097 IP: 200.73.13.136 (Chile)
1098 HostName: mail.metro.cl. Type: A
1099 IP: 200.73.13.131 (Chile)
1100 HostName: server.metro.cl Type: MX
1101 HostName: server.metro.cl Type: PTR
1102 Type: SPF
1103 HostName: server.metro.cl. Type: A
1104
1105 Checking with nmap the reverse DNS hostnames of every <ip>/24 netblock using system default resolver...
1106 Checking netblock 52.100.0.0
1107 Checking netblock 200.62.2.0
1108 Checking netblock 200.91.44.0
1109 Checking netblock 200.73.13.0
1110 Checking netblock 104.47.0.0
1111 Checking netblock 201.217.241.0
1112 Checking netblock 40.76.14.0
1113 Checking netblock 200.91.41.0
1114 Checking netblock 40.107.0.0
1115 Checking netblock 200.91.45.0
1116 Checking netblock 200.91.40.0
1117 Checking netblock 40.92.0.0
1118
1119 Searching for metro.cl. emails in Google
1120 last@metro.cl
1121
1122 Checking 15 active hosts using nmap... (nmap -sn -n -v -PP -PM -PS80,25 -PA -PY -PU53,40125 -PE --reason <ip> -oA <output_directory>/nmap/<ip>.sn)
1123 Host 52.100.0.0 is up (reset ttl 64)
1124 Host 200.62.2.178 is up (reset ttl 64)
1125 Host 200.91.44.0 is up (reset ttl 64)
1126 Host 200.73.13.136 is up (reset ttl 64)
1127 Host 200.73.13.132 is up (reset ttl 64)
1128 Host 200.73.13.131 is up (reset ttl 64)
1129 Host 200.73.13.143 is up (reset ttl 64)
1130 Host 104.47.0.0 is up (reset ttl 64)
1131 Host 201.217.241.118 is up (reset ttl 64)
1132 Host 40.76.14.208 is up (reset ttl 64)
1133 Host 200.91.41.0 is up (reset ttl 64)
1134 Host 40.107.0.0 is up (reset ttl 64)
1135 Host 200.91.45.0 is up (reset ttl 64)
1136 Host 200.91.40.0 is up (reset ttl 64)
1137 Host 40.92.0.0 is up (reset ttl 64)
1138
1139 Checking ports on every active host using nmap... (nmap -O --reason --webxml --traceroute -sS -sV -sC -Pn -n -v -F <ip> -oA <output_directory>/nmap/<ip>)
1140 Scanning ip 52.100.0.0 ():
1141 Scanning ip 200.62.2.178 (ns0.ifxnetworks.co):
1142 53/tcp open domain syn-ack ttl 49 (unknown banner: BIND)
1143 | dns-nsid:
1144 |_ bind.version: BIND
1145 | fingerprint-strings:
1146 | DNSVersionBindReqTCP:
1147 | version
1148 | bind
1149 |_ BIND
1150 179/tcp open tcpwrapped syn-ack ttl 240
1151 Scanning ip 200.91.44.0 ():
1152 Scanning ip 200.73.13.136 (mail.metro.cl.):
1153 80/tcp open http syn-ack ttl 110 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
1154 443/tcp open ssl/https? syn-ack ttl 110
1155 |_ssl-date: 2019-10-29T16:42:19+00:00; -1s from scanner time.
1156 587/tcp open smtp syn-ack ttl 110 Microsoft Exchange smtpd
1157 | smtp-commands: PR-CAS01.metrodom.cl Hello [94.242.54.114], SIZE 41943040, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, AUTH GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING,
1158 |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT
1159 | smtp-ntlm-info:
1160 | Target_Name: METRO_DOM
1161 | NetBIOS_Domain_Name: METRO_DOM
1162 | NetBIOS_Computer_Name: PR-CAS01
1163 | DNS_Domain_Name: metrodom.cl
1164 | DNS_Computer_Name: PR-CAS01.metrodom.cl
1165 | DNS_Tree_Name: metrodom.cl
1166 |_ Product_Version: 6.1.7601
1167 |_ssl-date: 2019-10-29T16:42:20+00:00; 0s from scanner time.
1168 OS Info: Service Info: Host: PR-CAS01.metrodom.cl; OS: Windows; CPE: cpe:/o:microsoft:windows
1169 Scanning ip 200.73.13.132 (server2.metro.cl (PTR)):
1170 Scanning ip 200.73.13.131 (server.metro.cl.):
1171 Scanning ip 200.73.13.143 (ftp.metro.cl.):
1172 21/tcp open ftp syn-ack ttl 111 FileZilla ftpd 0.9.41 beta
1173 | ftp-syst:
1174 |_ SYST: UNIX emulated by FileZilla
1175 OS Info: Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
1176 Scanning ip 104.47.0.0 ():
1177 Scanning ip 201.217.241.118 (servidor.agenciacatedral.com (PTR)):
1178 53/tcp open domain syn-ack ttl 49 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
1179 | dns-nsid:
1180 |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
1181 80/tcp open http syn-ack ttl 50 LiteSpeed httpd
1182 | http-cookie-flags:
1183 | /:
1184 | PHPSESSID:
1185 |_ httponly flag not set
1186 | http-methods:
1187 |_ Supported Methods: GET HEAD POST OPTIONS
1188 |_http-server-header: LiteSpeed
1189 |_http-title: Metro
1190 443/tcp open ssl/https? syn-ack ttl 50
1191 | http-methods:
1192 |_ Supported Methods: HEAD POST
1193 |_http-title: Did not follow redirect to https://201.217.241.118/
1194 | ssl-cert: Subject: commonName=metro.cl
1195 | Subject Alternative Name: DNS:metro.cl, DNS:cpanel.metro.cl, DNS:mail.metro.cl, DNS:webdisk.metro.cl, DNS:webmail.metro.cl, DNS:www.metro.cl
1196 | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
1197 | Public Key type: rsa
1198 | Public Key bits: 2048
1199 | Signature Algorithm: sha256WithRSAEncryption
1200 | Not valid before: 2019-08-27T00:00:00
1201 | Not valid after: 2019-11-25T23:59:59
1202 | MD5: 52bd 5920 8e17 bb83 8936 e7d8 6754 57ce
1203 |_SHA-1: d7d6 a245 d9c2 935a a0ae 7f05 f982 dfbc a13d 8519
1204 3306/tcp open mysql syn-ack ttl 49 MySQL (unauthorized)
1205 OS Info: Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
1206 Scanning ip 40.76.14.208 (ns1.ifxnetworks.co):
1207 53/tcp open tcpwrapped syn-ack ttl 53
1208 | dns-nsid:
1209 |_ bind.version: IFX DNS system
1210 Device type: general purpose|storage-misc
1211 Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (85%)
1212 Scanning ip 200.91.41.0 ():
1213 80/tcp open http syn-ack ttl 54 nginx
1214 | http-methods:
1215 |_ Supported Methods: GET HEAD POST OPTIONS
1216 |_http-title: Did not follow redirect to https://200.91.41.0/
1217 443/tcp open ssl/http syn-ack ttl 54 nginx
1218 |_http-title: 400 The plain HTTP request was sent to HTTPS port
1219 | ssl-cert: Subject: commonName=www.integramedica.pe
1220 | Subject Alternative Name: DNS:www.integramedica.pe
1221 | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
1222 | Public Key type: rsa
1223 | Public Key bits: 2048
1224 | Signature Algorithm: sha256WithRSAEncryption
1225 | Not valid before: 2019-10-08T19:08:47
1226 | Not valid after: 2020-01-06T19:08:47
1227 | MD5: ff6f 1933 1fe2 f4bb 661c baee f657 22c1
1228 |_SHA-1: 6036 cda6 4473 e77b 8b5b f918 3457 faec 2be5 42a7
1229 |_ssl-date: TLS randomness does not represent time
1230 | tls-alpn:
1231 | h2
1232 |_ http/1.1
1233 | tls-nextprotoneg:
1234 | h2
1235 |_ http/1.1
1236 Device type: general purpose|storage-misc|broadband router|WAP
1237 Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), HP embedded (91%)
1238 Scanning ip 40.107.0.0 ():
1239 Scanning ip 200.91.45.0 ():
1240 Scanning ip 200.91.40.0 ():
1241 Scanning ip 40.92.0.0 ():
1242 WebCrawling domain's web servers... up to 50 max links.
1243
1244 + URL to crawl: http://mail.metro.cl.
1245 + Date: 2019-10-29
1246
1247 + Crawling URL: http://mail.metro.cl.:
1248 + Links:
1249 + Crawling http://mail.metro.cl. (400 Bad Request)
1250 + Searching for directories...
1251 + Searching open folders...
1252
1253
1254 + URL to crawl: http://www.metro.cl.
1255 + Date: 2019-10-29
1256
1257 + Crawling URL: http://www.metro.cl.:
1258 + Links:
1259 + Crawling http://www.metro.cl.
1260 + Crawling http://www.metro.cl./css/base.css?v=1.2019042601 (File! Not crawling it.)
1261 + Crawling http://www.metro.cl./planificador (404 Not Found)
1262 + Crawling http://www.metro.cl./tu-viaje/conexiones
1263 + Crawling http://www.metro.cl./tu-viaje/plano-de-red
1264 + Crawling http://www.metro.cl./estacion/
1265 + Crawling http://www.metro.cl./tu-viaje/tarifas
1266 + Crawling http://www.metro.cl./tu-viaje/horarios
1267 + Crawling http://www.metro.cl./tu-viaje/estado-red
1268 + Crawling http://www.metro.cl./tu-viaje/ruta-expresa
1269 + Crawling http://www.metro.cl./noticias/sala-de-prensa
1270 + Crawling http://www.metro.cl./historias-de-metro
1271 + Crawling http://www.metro.cl./buen-viajero
1272 + Crawling http://www.metro.cl./buen-viajero/que-hacer-en-casos-de-contingencia
1273 + Crawling http://www.metro.cl./ticket-viaje
1274 + Crawling http://www.metro.cl./buen-viajero/medidas-operacionales
1275 + Crawling http://www.metro.cl./porsantiago/toponimia-biobio
1276 + Crawling http://www.metro.cl./buen-viajero/chaje-kat-bip-ou
1277 + Crawling http://www.metro.cl./atencion-cliente/oficinas
1278 + Crawling http://www.metro.cl./atencion-cliente/consulta-objetos-perdidos
1279 + Crawling http://www.metro.cl./atencion-cliente/tarjeta-adulto-mayor
1280 + Crawling http://www.metro.cl./atencion-cliente/sugerencias-reclamos
1281 + Crawling http://www.metro.cl./atencion-cliente/preguntas-frecuentes
1282 + Crawling http://www.metro.cl./registro
1283 + Crawling http://www.metro.cl./corporativo/mision-vision
1284 + Crawling http://www.metro.cl./corporativo/nuestros-valores
1285 + Crawling http://www.metro.cl./corporativo/marco-normativo
1286 + Crawling http://www.metro.cl./corporativo/objetivo-giro-empresa
1287 + Crawling http://www.metro.cl./corporativo/filiales
1288 + Crawling http://www.metro.cl./corporativo/estructura-organizacional
1289 + Crawling http://www.metro.cl./corporativo/remuneraciones
1290 + Crawling http://www.metro.cl./corporativo/informacion-financiera
1291 + Crawling http://www.metro.cl./corporativo/informe-financiero-anual
1292 + Crawling http://www.metro.cl./corporativo/canal-de-denuncias
1293 + Crawling http://www.metro.cl./corporativo/reporte-operacional
1294 + Crawling http://www.metro.cl./corporativo/memoria
1295 + Crawling http://www.metro.cl./corporativo/reporte-de-sostenibilidad
1296 + Crawling http://www.metro.cl./corporativo/historia
1297 + Crawling http://www.metro.cl./corporativo/mapa-del-sitio
1298 + Crawling http://www.metro.cl./corporativo/informacion-de-interes
1299 + Crawling http://www.metro.cl./licitaciones
1300 + Crawling http://www.metro.cl./planificador/interactivo
1301 + Crawling http://www.metro.cl./corporativo
1302 + Crawling http://www.metro.cl./noticias/historial
1303 + Crawling http://www.metro.cl./noticias/agradecemos-a-nuestros-trabajadores-por-su-entrega
1304 + Crawling http://www.metro.cl./noticias/agradecemos-a-todos-nuestros-vecinos-su-ayuda
1305 + Crawling http://www.metro.cl./noticias/agradecemos-sus-muestras-de-apoyo
1306 + Crawling http://www.metro.cl./noticias/metro-de-santiago-iniciara-su-operacion-a-las-6-de-la-manana-el-martes-29-y-miercoles-30
1307 + Crawling http://www.metro.cl./historias-de-metro/gracias-a-la-fabrica-de-boleto-dejo-de-funcionar-tras-42-anos-de-historia
1308 + Crawling http://www.metro.cl./historias-de-metro/amor-sin-limites
1309 + Crawling http://www.metro.cl./historias-de-metro/seis-espacios-que-tio-metro-recomienda-para-tomar-buenas-fotos
1310 + Searching for directories...
1311 - Found: http://www.metro.cl./tu-viaje/
1312 - Found: http://www.metro.cl./estacion/
1313 - Found: http://www.metro.cl./noticias/
1314 - Found: http://www.metro.cl./buen-viajero/
1315 - Found: http://www.metro.cl./porsantiago/
1316 - Found: http://www.metro.cl./atencion-cliente/
1317 - Found: http://www.metro.cl./corporativo/
1318 - Found: http://www.metro.cl./planificador/
1319 - Found: http://www.metro.cl./historias-de-metro/
1320 - Found: http://www.metro.cl./css/
1321 - Found: http://www.metro.cl./images/
1322 - Found: http://www.metro.cl./images/carrusel/
1323 - Found: http://www.metro.cl./images/clima/
1324 - Found: http://www.metro.cl./images/links/
1325 - Found: http://www.metro.cl./js/
1326 - Found: http://www.metro.cl./js/zoom/
1327 - Found: http://www.metro.cl./documentos/
1328 - Found: http://www.metro.cl./img/
1329 - Found: http://www.metro.cl./img/noticias/
1330 - Found: http://www.metro.cl./images/toponimias/
1331 - Found: http://www.metro.cl./audio/
1332 - Found: http://www.metro.cl./audio/toponimias/
1333 - Found: http://www.metro.cl./images/carga/
1334 - Found: http://www.metro.cl./images/directores/
1335 - Found: http://www.metro.cl./planificador/images/
1336 - Found: http://www.metro.cl./images/full/
1337 - Found: http://www.metro.cl./images/thumbs/
1338 + Searching open folders...
1339 - http://www.metro.cl./tu-viaje/ (404 Not Found)
1340 - http://www.metro.cl./estacion/ (No Open Folder)
1341 - http://www.metro.cl./noticias/ (No Open Folder)
1342 - http://www.metro.cl./buen-viajero/ (No Open Folder)
1343 - http://www.metro.cl./porsantiago/ (No Open Folder)
1344 - http://www.metro.cl./atencion-cliente/ (No Open Folder)
1345 - http://www.metro.cl./corporativo/ (No Open Folder)
1346 - http://www.metro.cl./planificador/ (No Open Folder)
1347 - http://www.metro.cl./historias-de-metro/ (No Open Folder)
1348 - http://www.metro.cl./css/ (403 Forbidden)
1349 - http://www.metro.cl./images/ (403 Forbidden)
1350 - http://www.metro.cl./images/carrusel/ (403 Forbidden)
1351 - http://www.metro.cl./images/clima/ (403 Forbidden)
1352 - http://www.metro.cl./images/links/ (403 Forbidden)
1353 - http://www.metro.cl./js/ (403 Forbidden)
1354 - http://www.metro.cl./js/zoom/ (403 Forbidden)
1355 - http://www.metro.cl./documentos/ (403 Forbidden)
1356 - http://www.metro.cl./img/ (403 Forbidden)
1357 - http://www.metro.cl./img/noticias/ (403 Forbidden)
1358 - http://www.metro.cl./images/toponimias/ (403 Forbidden)
1359 - http://www.metro.cl./audio/ (403 Forbidden)
1360 - http://www.metro.cl./audio/toponimias/ (403 Forbidden)
1361 - http://www.metro.cl./images/carga/ (403 Forbidden)
1362 - http://www.metro.cl./images/directores/ (403 Forbidden)
1363 - http://www.metro.cl./planificador/images/ (403 Forbidden)
1364 - http://www.metro.cl./images/full/ (403 Forbidden)
1365 - http://www.metro.cl./images/thumbs/ (403 Forbidden)
1366 + Crawl finished successfully.
1367----------------------------------------------------------------------
1368Summary of http://http://www.metro.cl.
1369----------------------------------------------------------------------
1370+ Links crawled:
1371 - http://www.metro.cl.
1372 - http://www.metro.cl./atencion-cliente/consulta-objetos-perdidos
1373 - http://www.metro.cl./atencion-cliente/oficinas
1374 - http://www.metro.cl./atencion-cliente/preguntas-frecuentes
1375 - http://www.metro.cl./atencion-cliente/sugerencias-reclamos
1376 - http://www.metro.cl./atencion-cliente/tarjeta-adulto-mayor
1377 - http://www.metro.cl./buen-viajero
1378 - http://www.metro.cl./buen-viajero/chaje-kat-bip-ou
1379 - http://www.metro.cl./buen-viajero/medidas-operacionales
1380 - http://www.metro.cl./buen-viajero/que-hacer-en-casos-de-contingencia
1381 - http://www.metro.cl./corporativo
1382 - http://www.metro.cl./corporativo/canal-de-denuncias
1383 - http://www.metro.cl./corporativo/estructura-organizacional
1384 - http://www.metro.cl./corporativo/filiales
1385 - http://www.metro.cl./corporativo/historia
1386 - http://www.metro.cl./corporativo/informacion-de-interes
1387 - http://www.metro.cl./corporativo/informacion-financiera
1388 - http://www.metro.cl./corporativo/informe-financiero-anual
1389 - http://www.metro.cl./corporativo/mapa-del-sitio
1390 - http://www.metro.cl./corporativo/marco-normativo
1391 - http://www.metro.cl./corporativo/memoria
1392 - http://www.metro.cl./corporativo/mision-vision
1393 - http://www.metro.cl./corporativo/nuestros-valores
1394 - http://www.metro.cl./corporativo/objetivo-giro-empresa
1395 - http://www.metro.cl./corporativo/remuneraciones
1396 - http://www.metro.cl./corporativo/reporte-de-sostenibilidad
1397 - http://www.metro.cl./corporativo/reporte-operacional
1398 - http://www.metro.cl./estacion/
1399 - http://www.metro.cl./historias-de-metro
1400 - http://www.metro.cl./historias-de-metro/amor-sin-limites
1401 - http://www.metro.cl./historias-de-metro/gracias-a-la-fabrica-de-boleto-dejo-de-funcionar-tras-42-anos-de-historia
1402 - http://www.metro.cl./historias-de-metro/seis-espacios-que-tio-metro-recomienda-para-tomar-buenas-fotos
1403 - http://www.metro.cl./licitaciones
1404 - http://www.metro.cl./noticias/agradecemos-a-nuestros-trabajadores-por-su-entrega
1405 - http://www.metro.cl./noticias/agradecemos-a-todos-nuestros-vecinos-su-ayuda
1406 - http://www.metro.cl./noticias/agradecemos-sus-muestras-de-apoyo
1407 - http://www.metro.cl./noticias/historial
1408 - http://www.metro.cl./noticias/metro-de-santiago-iniciara-su-operacion-a-las-6-de-la-manana-el-martes-29-y-miercoles-30
1409 - http://www.metro.cl./noticias/sala-de-prensa
1410 - http://www.metro.cl./planificador (404 Not Found)
1411 - http://www.metro.cl./planificador/interactivo
1412 - http://www.metro.cl./porsantiago/toponimia-biobio
1413 - http://www.metro.cl./registro
1414 - http://www.metro.cl./ticket-viaje
1415 - http://www.metro.cl./tu-viaje/conexiones
1416 - http://www.metro.cl./tu-viaje/estado-red
1417 - http://www.metro.cl./tu-viaje/horarios
1418 - http://www.metro.cl./tu-viaje/plano-de-red
1419 - http://www.metro.cl./tu-viaje/ruta-expresa
1420 - http://www.metro.cl./tu-viaje/tarifas
1421 Total links crawled: 50
1422
1423+ Links to files found:
1424 - http://www.metro.cl./audio/toponimias/biobio.mp3
1425 - http://www.metro.cl./css/base.css?v=1.2019042601
1426 - http://www.metro.cl./css/bootstrap-helpers.css
1427 - http://www.metro.cl./css/bootstrap.min.css
1428 - http://www.metro.cl./css/datatables.css
1429 - http://www.metro.cl./css/daterangepicker.css
1430 - http://www.metro.cl./css/ekko-lightbox.css
1431 - http://www.metro.cl./css/iconos-bootstrap.css
1432 - http://www.metro.cl./css/map_ol.css
1433 - http://www.metro.cl./css/select2.min.css
1434 - http://www.metro.cl./css/slicebox.css
1435 - http://www.metro.cl./documentos/2007_anexo.pdf
1436 - http://www.metro.cl./documentos/2007_anexo_ingles.pdf
1437 - http://www.metro.cl./documentos/2007_anuario.pdf
1438 - http://www.metro.cl./documentos/2007_estados.pdf
1439 - http://www.metro.cl./documentos/2007_estados_ingles.pdf
1440 - http://www.metro.cl./documentos/2007_memoria_cultural.pdf
1441 - http://www.metro.cl./documentos/2007_memoria_cultural_ingles.pdf
1442 - http://www.metro.cl./documentos/2007_memoria_metro.pdf
1443 - http://www.metro.cl./documentos/2007_memoria_metro_ingles.pdf
1444 - http://www.metro.cl./documentos/2008-estados.pdf
1445 - http://www.metro.cl./documentos/2008_estados_ingles.pdf
1446 - http://www.metro.cl./documentos/2008_memoria_ingles.pdf
1447 - http://www.metro.cl./documentos/2009-estados-financieros.pdf
1448 - http://www.metro.cl./documentos/2010-estados-financieros.pdf
1449 - http://www.metro.cl./documentos/DEF_0778_EF_Empresa_de_Transporte_de_Pasajeros_Metro_SA_Aud15_EN_FIR.pdf
1450 - http://www.metro.cl./documentos/DFL_N1_1993_Transub.pdf
1451 - http://www.metro.cl./documentos/DTO-Metrociudadano.pdf
1452 - http://www.metro.cl./documentos/DTO_MetroArte.pdf
1453 - http://www.metro.cl./documentos/EEFF-IFRS-METRO-20121231.pdf
1454 - http://www.metro.cl./documentos/EEFF-IFRS-METRO-20131231-EN.pdf
1455 - http://www.metro.cl./documentos/EEFF-IFRS-METRO-20131231.pdf
1456 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_31.12.2014-EN.pdf
1457 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_31.12.2014.pdf
1458 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_31.12.2015.pdf
1459 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_31.12.2016.pdf
1460 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_31.12.2017.pdf
1461 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_31.12.2018.pdf
1462 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_EN_31.12.2016.pdf
1463 - http://www.metro.cl./documentos/EEFF_IFRS_Metro_EN_31.12.2017.pdf
1464 - http://www.metro.cl./documentos/Estatutos_Metro_SpA.pdf
1465 - http://www.metro.cl./documentos/Estatutos_Metropago_S.A..pdf
1466 - http://www.metro.cl./documentos/Inscripcion_Registro_de_Comercio_Metro_SpA.pdf
1467 - http://www.metro.cl./documentos/Inscripcion_extracto_Estatutos_Metropago S.A..pdf
1468 - http://www.metro.cl./documentos/Manual_Politica_de_Habitualidad_MetroPago.pdf
1469 - http://www.metro.cl./documentos/Metro-Reporte-Anual-2015.pdf
1470 - http://www.metro.cl./documentos/Publicacion_Diario_Oficial_Metro_Emisora_de_Medios_de_Pago_S.A..pdf
1471 - http://www.metro.cl./documentos/Publicacion_Diario_Oficial_Metro_SpA.pdf
1472 - http://www.metro.cl./documentos/anuario2008.pdf
1473 - http://www.metro.cl./documentos/anuario2009.pdf
1474 - http://www.metro.cl./documentos/codigo_de_conducta_2019.pdf
1475 - http://www.metro.cl./documentos/infografia_carrusel.pdf
1476 - http://www.metro.cl./documentos/informe_financiero_dic_2011.pdf
1477 - http://www.metro.cl./documentos/informe_operacional_segundo_semestre_2013.pdf
1478 - http://www.metro.cl./documentos/ley_20877_30_nov_2015_1.pdf
1479 - http://www.metro.cl./documentos/ley_20950_29_oct_2016.pdf
1480 - http://www.metro.cl./documentos/memoria-anual-2015.pdf
1481 - http://www.metro.cl./documentos/memoria-anual-2016.pdf
1482 - http://www.metro.cl./documentos/memoria-anual-2017.pdf
1483 - http://www.metro.cl./documentos/memoria-anual-2018.pdf
1484 - http://www.metro.cl./documentos/memoria-institucional-02-04-13.pdf
1485 - http://www.metro.cl./documentos/memoria-institucional-2013-EN.pdf
1486 - http://www.metro.cl./documentos/memoria-institucional-2013.pdf
1487 - http://www.metro.cl./documentos/memoria-institucional-2014.pdf
1488 - http://www.metro.cl./documentos/memoria2008.pdf
1489 - http://www.metro.cl./documentos/memoria2009.pdf
1490 - http://www.metro.cl./documentos/memoria2010.pdf
1491 - http://www.metro.cl./documentos/memoria2011.pdf
1492 - http://www.metro.cl./documentos/metrored_servicios_2019_10.pdf
1493 - http://www.metro.cl./documentos/mn_certificado_estatuto_y_estatutos_octubre_2019.pdf
1494 - http://www.metro.cl./documentos/mn_constitucion_metro_1990.pdf
1495 - http://www.metro.cl./documentos/mn_decreto_910_1975.pdf
1496 - http://www.metro.cl./documentos/mn_decreto_fuerza_ley_1_1993.pdf
1497 - http://www.metro.cl./documentos/mn_diario_oficial_publicacion_19900125.pdf
1498 - http://www.metro.cl./documentos/mn_dl_257_1974.pdf
1499 - http://www.metro.cl./documentos/mn_inscripcion_social_mayo_2017.pdf
1500 - http://www.metro.cl./documentos/mn_ley_18772_28_ene_1989.pdf
1501 - http://www.metro.cl./documentos/reporte-operacional-2012-2dosemestre.pdf
1502 - http://www.metro.cl./documentos/reporte-operacional-2013-primer-semestre.pdf
1503 - http://www.metro.cl./documentos/reporte-operacional.pdf
1504 - http://www.metro.cl./documentos/reporte-sustentabilidad-2009.pdf
1505 - http://www.metro.cl./documentos/reporte_2009.pdf
1506 - http://www.metro.cl./documentos/reporte_2011.pdf
1507 - http://www.metro.cl./documentos/reporte_2012.pdf
1508 - http://www.metro.cl./documentos/reporte_2013.pdf
1509 - http://www.metro.cl./documentos/reporte_2016.pdf
1510 - http://www.metro.cl./documentos/reporte_operacional_tercer_trimestre_2013.pdf
1511 - http://www.metro.cl./documentos/reporte_sostenibilidad_metro_2017.pdf
1512 - http://www.metro.cl./documentos/reporte_sostenibilidad_metro_2018.pdf
1513 - http://www.metro.cl./documentos/reportesostenibilidad2014.pdf
1514 - http://www.metro.cl./images/2019081301_nueva_estructura_organigrama.png
1515 - http://www.metro.cl./images/atencion_clientes_1.jpg
1516 - http://www.metro.cl./images/atencion_clientes_2.jpg
1517 - http://www.metro.cl./images/atencion_clientes_3.jpg
1518 - http://www.metro.cl./images/atencion_clientes_4.jpg
1519 - http://www.metro.cl./images/atencion_clientes_5.jpg
1520 - http://www.metro.cl./images/carga/paso01.png
1521 - http://www.metro.cl./images/carga/paso02.png
1522 - http://www.metro.cl./images/carga/paso03.png
1523 - http://www.metro.cl./images/carga/paso04.png
1524 - http://www.metro.cl./images/carga/paso05.png
1525 - http://www.metro.cl./images/carga/paso06.png
1526 - http://www.metro.cl./images/carga/paso07.png
1527 - http://www.metro.cl./images/carga/paso08.png
1528 - http://www.metro.cl./images/carga/paso09.png
1529 - http://www.metro.cl./images/carga/paso10.png
1530 - http://www.metro.cl./images/carga/paso11.png
1531 - http://www.metro.cl./images/carga/paso12.png
1532 - http://www.metro.cl./images/carga/paso13.png
1533 - http://www.metro.cl./images/carga/paso14.png
1534 - http://www.metro.cl./images/carga/paso15.png
1535 - http://www.metro.cl./images/carga/paso16.png
1536 - http://www.metro.cl./images/carga/paso17.png
1537 - http://www.metro.cl./images/carga/paso18.png
1538 - http://www.metro.cl./images/carga/paso19.png
1539 - http://www.metro.cl./images/carga/paso20.png
1540 - http://www.metro.cl./images/carga/paso21.png
1541 - http://www.metro.cl./images/carga/paso22.png
1542 - http://www.metro.cl./images/carga/paso23.png
1543 - http://www.metro.cl./images/carga/paso24.png
1544 - http://www.metro.cl./images/carga/paso25.png
1545 - http://www.metro.cl./images/carga/paso26.png
1546 - http://www.metro.cl./images/carga/paso27.png
1547 - http://www.metro.cl./images/carrusel/20191021_200141_2085325978.jpg
1548 - http://www.metro.cl./images/carrusel/20191021_200307_492331161.jpg
1549 - http://www.metro.cl./images/carrusel/20191021_200706_1362726454.jpg
1550 - http://www.metro.cl./images/clima/04d.png
1551 - http://www.metro.cl./images/conexiones_bicimetro.jpg
1552 - http://www.metro.cl./images/conexiones_central.jpg
1553 - http://www.metro.cl./images/conexiones_combinacion.jpg
1554 - http://www.metro.cl./images/conexiones_vespucio.jpg
1555 - http://www.metro.cl./images/contacto_boleteria.jpg
1556 - http://www.metro.cl./images/contacto_mas.jpg
1557 - http://www.metro.cl./images/contingencia_evacuacion.png
1558 - http://www.metro.cl./images/contingencia_fuego.png
1559 - http://www.metro.cl./images/contingencia_salud.png
1560 - http://www.metro.cl./images/directores/andrea-solomon.jpg
1561 - http://www.metro.cl./images/directores/andresgomezlobo.jpg
1562 - http://www.metro.cl./images/directores/arturo-gana-2018.jpg
1563 - http://www.metro.cl./images/directores/bernardo-fontaine.jpg
1564 - http://www.metro.cl./images/directores/carlos-mladinic-alonso-director.jpg
1565 - http://www.metro.cl./images/directores/carlos-zepeda.jpg
1566 - http://www.metro.cl./images/directores/carlosmladinic.jpg
1567 - http://www.metro.cl./images/directores/claudio-soto-gamboa-director.jpg
1568 - http://www.metro.cl./images/directores/clemente-perez.jpg
1569 - http://www.metro.cl./images/directores/clementeperez.jpg
1570 - http://www.metro.cl./images/directores/davidduarte.jpg
1571 - http://www.metro.cl./images/directores/domingo-arteaga.jpg
1572 - http://www.metro.cl./images/directores/fernando-aguirre.jpg
1573 - http://www.metro.cl./images/directores/fernando-canas.jpg
1574 - http://www.metro.cl./images/directores/francisco-silva-donoso.jpg
1575 - http://www.metro.cl./images/directores/german-concha-2018.jpg
1576 - http://www.metro.cl./images/directores/ivanvalenzuela.jpg
1577 - http://www.metro.cl./images/directores/jose_luis_dominguez.jpg
1578 - http://www.metro.cl./images/directores/juan-carlos-2018.jpg
1579 - http://www.metro.cl./images/directores/juan-carlos-munoz-abogabir-director.jpg
1580 - http://www.metro.cl./images/directores/karen-poniachik-pollak-directora.jpg
1581 - http://www.metro.cl./images/directores/loius-de-grange-2019.jpg
1582 - http://www.metro.cl./images/directores/louis-de-grange.jpg
1583 - http://www.metro.cl./images/directores/luz-elena-2018.jpg
1584 - http://www.metro.cl./images/directores/marcela_munizaga.jpg
1585 - http://www.metro.cl./images/directores/nicole-keller-2018.jpg
1586 - http://www.metro.cl./images/directores/paulina-soriano-fuenzalida-directora.jpg
1587 - http://www.metro.cl./images/directores/raphael-bergoeing.jpg
1588 - http://www.metro.cl./images/directores/rodrigo-azocar-hidalgo.jpg
1589 - http://www.metro.cl./images/directores/soniatschorne.jpg
1590 - http://www.metro.cl./images/directores/veronica-edwards.jpg
1591 - http://www.metro.cl./images/directores/vicente-pardo-diaz-director.jpg
1592 - http://www.metro.cl./images/directores/vicentepardo.jpg
1593 - http://www.metro.cl./images/enlaces_buzon_sugerencias.jpg
1594 - http://www.metro.cl./images/enlaces_canal_denuncias.jpg
1595 - http://www.metro.cl./images/enlaces_metro_seguro.jpg
1596 - http://www.metro.cl./images/enlaces_metro_transparente_01.jpg
1597 - http://www.metro.cl./images/enlaces_red_clientes.jpg
1598 - http://www.metro.cl./images/enlaces_relacion_inversionistas.jpg
1599 - http://www.metro.cl./images/full/20191021_191805_1553037877.jpg
1600 - http://www.metro.cl./images/full/20191021_191818_630962032.jpg
1601 - http://www.metro.cl./images/full/20191021_191825_1154187059.jpg
1602 - http://www.metro.cl./images/full/20191021_191833_1392395813.jpg
1603 - http://www.metro.cl./images/full/20191021_191839_1282376642.jpg
1604 - http://www.metro.cl./images/full/20191021_191846_1995583591.jpg
1605 - http://www.metro.cl./images/full/20191021_191900_288672984.jpg
1606 - http://www.metro.cl./images/full/20191021_191905_1432097429.jpg
1607 - http://www.metro.cl./images/full/20191021_191911_1135752800.jpg
1608 - http://www.metro.cl./images/full/20191021_191918_187612322.jpg
1609 - http://www.metro.cl./images/full/20191021_191924_1143924684.jpg
1610 - http://www.metro.cl./images/full/20191021_191931_1437559290.jpg
1611 - http://www.metro.cl./images/full/20191021_191937_1932327075.jpg
1612 - http://www.metro.cl./images/full/20191021_191942_1600609957.jpg
1613 - http://www.metro.cl./images/full/20191021_191950_238145410.jpg
1614 - http://www.metro.cl./images/full/20191021_191955_1100805831.jpg
1615 - http://www.metro.cl./images/full/20191021_192001_1949247165.jpg
1616 - http://www.metro.cl./images/full/20191021_192007_261681780.jpg
1617 - http://www.metro.cl./images/full/20191021_192013_1860665348.jpg
1618 - http://www.metro.cl./images/full/20191021_192019_1293536737.jpg
1619 - http://www.metro.cl./images/full/20191021_192154_1356086918.jpg
1620 - http://www.metro.cl./images/full/20191021_192201_1413638985.jpg
1621 - http://www.metro.cl./images/full/20191021_192209_1923767130.jpg
1622 - http://www.metro.cl./images/full/20191021_192220_1731567469.jpg
1623 - http://www.metro.cl./images/full/20191021_192230_2088050050.jpg
1624 - http://www.metro.cl./images/full/20191021_192238_1111633059.jpg
1625 - http://www.metro.cl./images/full/20191021_192246_1976930774.jpg
1626 - http://www.metro.cl./images/full/20191021_192255_1951385623.jpg
1627 - http://www.metro.cl./images/full/20191021_192306_1562813836.jpg
1628 - http://www.metro.cl./images/full/20191021_192314_1167957006.jpg
1629 - http://www.metro.cl./images/full/20191021_192326_1389348992.jpg
1630 - http://www.metro.cl./images/full/20191021_192333_1737449662.jpg
1631 - http://www.metro.cl./images/full/20191021_192343_1234328499.jpg
1632 - http://www.metro.cl./images/full/20191021_192355_15374752.jpg
1633 - http://www.metro.cl./images/full/20191021_192404_1366316133.jpg
1634 - http://www.metro.cl./images/full/20191021_192412_1985061526.jpg
1635 - http://www.metro.cl./images/full/20191021_192425_632821011.jpg
1636 - http://www.metro.cl./images/full/20191021_192436_1447011530.jpg
1637 - http://www.metro.cl./images/full/20191021_192444_326401336.jpg
1638 - http://www.metro.cl./images/full/20191021_192501_1598015253.jpg
1639 - http://www.metro.cl./images/full/20191021_192512_1235042669.jpg
1640 - http://www.metro.cl./images/full/20191021_192525_375177.jpg
1641 - http://www.metro.cl./images/full/20191021_192537_1657131090.jpg
1642 - http://www.metro.cl./images/full/20191021_192543_44386478.jpg
1643 - http://www.metro.cl./images/full/20191021_192551_503322834.jpg
1644 - http://www.metro.cl./images/full/20191021_192559_1911451847.jpg
1645 - http://www.metro.cl./images/full/20191021_192613_1475511096.jpg
1646 - http://www.metro.cl./images/full/20191021_195033_1749460979.jpg
1647 - http://www.metro.cl./images/full/20191021_195041_1000944489.jpg
1648 - http://www.metro.cl./images/full/20191021_195053_857263997.jpg
1649 - http://www.metro.cl./images/full/20191021_195101_896249076.jpg
1650 - http://www.metro.cl./images/full/20191021_195114_70801529.jpg
1651 - http://www.metro.cl./images/full/20191021_195122_175899415.jpg
1652 - http://www.metro.cl./images/full/20191021_195135_1555322199.jpg
1653 - http://www.metro.cl./images/full/20191021_195145_429153709.jpg
1654 - http://www.metro.cl./images/full/20191021_195154_1426046772.jpg
1655 - http://www.metro.cl./images/full/20191021_195202_145232729.jpg
1656 - http://www.metro.cl./images/full/20191021_195211_671312533.jpg
1657 - http://www.metro.cl./images/full/20191021_195225_193438286.jpg
1658 - http://www.metro.cl./images/full/20191021_195236_342021544.jpg
1659 - http://www.metro.cl./images/full/20191021_195245_1622872755.jpg
1660 - http://www.metro.cl./images/full/20191021_195253_365459830.jpg
1661 - http://www.metro.cl./images/full/20191021_195302_499901878.jpg
1662 - http://www.metro.cl./images/full/20191021_195309_1707660799.jpg
1663 - http://www.metro.cl./images/full/20191021_195319_1867395000.jpg
1664 - http://www.metro.cl./images/full/20191021_195335_1897597807.jpg
1665 - http://www.metro.cl./images/full/20191021_195344_968385609.jpg
1666 - http://www.metro.cl./images/full/20191021_195353_1786393552.jpg
1667 - http://www.metro.cl./images/full/20191021_195402_1748037277.jpg
1668 - http://www.metro.cl./images/full/20191021_195410_2146710828.jpg
1669 - http://www.metro.cl./images/full/20191021_195421_67409276.jpg
1670 - http://www.metro.cl./images/full/20191021_195431_1501368265.jpg
1671 - http://www.metro.cl./images/full/20191021_195440_1223183200.jpg
1672 - http://www.metro.cl./images/full/20191021_195449_175273106.jpg
1673 - http://www.metro.cl./images/full/20191021_195502_511851001.jpg
1674 - http://www.metro.cl./images/full/20191021_195515_1169979968.jpg
1675 - http://www.metro.cl./images/full/20191021_195530_2032560250.jpg
1676 - http://www.metro.cl./images/full/20191021_195602_90638924.jpg
1677 - http://www.metro.cl./images/full/20191021_195617_234090815.jpg
1678 - http://www.metro.cl./images/full/20191024_140010_1484428630.jpg
1679 - http://www.metro.cl./images/full/20191024_140017_730935950.jpg
1680 - http://www.metro.cl./images/full/20191024_140024_31247999.jpg
1681 - http://www.metro.cl./images/full/6espacios_1.jpg
1682 - http://www.metro.cl./images/full/6espacios_2.jpg
1683 - http://www.metro.cl./images/full/6espacios_3.jpg
1684 - http://www.metro.cl./images/full/6espacios_4.jpg
1685 - http://www.metro.cl./images/full/6espacios_5.jpg
1686 - http://www.metro.cl./images/full/6espacios_6.jpg
1687 - http://www.metro.cl./images/full/6espacios_7.jpg
1688 - http://www.metro.cl./images/full/6espacios_8.jpg
1689 - http://www.metro.cl./images/full/amorsinlimites-01.jpg
1690 - http://www.metro.cl./images/full/amorsinlimites-02.jpg
1691 - http://www.metro.cl./images/full/amorsinlimites-03.jpg
1692 - http://www.metro.cl./images/full/amorsinlimites-04.jpg
1693 - http://www.metro.cl./images/full/amorsinlimites-05.jpg
1694 - http://www.metro.cl./images/full/amorsinlimites-06.jpg
1695 - http://www.metro.cl./images/full/amorsinlimites-07.jpg
1696 - http://www.metro.cl./images/full/amorsinlimites-08.jpg
1697 - http://www.metro.cl./images/full/amorsinlimites-09.jpg
1698 - http://www.metro.cl./images/full/amorsinlimites-10.jpg
1699 - http://www.metro.cl./images/full/amorsinlimites-11.jpg
1700 - http://www.metro.cl./images/historia_1965.jpg
1701 - http://www.metro.cl./images/historia_1968.jpg
1702 - http://www.metro.cl./images/historia_1975.jpg
1703 - http://www.metro.cl./images/historia_1977.jpg
1704 - http://www.metro.cl./images/historia_1978.jpg
1705 - http://www.metro.cl./images/historia_1980.jpg
1706 - http://www.metro.cl./images/historia_1987.jpg
1707 - http://www.metro.cl./images/historia_1997.jpg
1708 - http://www.metro.cl./images/historia_2000.jpg
1709 - http://www.metro.cl./images/historia_2004.jpg
1710 - http://www.metro.cl./images/historia_2005.jpg
1711 - http://www.metro.cl./images/historia_2006.jpg
1712 - http://www.metro.cl./images/icoInfo.png
1713 - http://www.metro.cl./images/icoNoticias.png
1714 - http://www.metro.cl./images/ico_buscar.png
1715 - http://www.metro.cl./images/ico_ingresar.png
1716 - http://www.metro.cl./images/icono01Off.png
1717 - http://www.metro.cl./images/icono01On.png
1718 - http://www.metro.cl./images/icono02Off.png
1719 - http://www.metro.cl./images/icono02On.png
1720 - http://www.metro.cl./images/icono03Off.png
1721 - http://www.metro.cl./images/icono03On.png
1722 - http://www.metro.cl./images/icono04Off.png
1723 - http://www.metro.cl./images/icono04On.png
1724 - http://www.metro.cl./images/icono05Off.png
1725 - http://www.metro.cl./images/icono05On.png
1726 - http://www.metro.cl./images/icono06Off.png
1727 - http://www.metro.cl./images/icono06On.png
1728 - http://www.metro.cl./images/icono07Off.png
1729 - http://www.metro.cl./images/icono07On.png
1730 - http://www.metro.cl./images/icono08Off.png
1731 - http://www.metro.cl./images/icono08On.png
1732 - http://www.metro.cl./images/imagenNoticia.jpg
1733 - http://www.metro.cl./images/links/banner_bazar_home_metro.jpg
1734 - http://www.metro.cl./images/links/bannerlinea6.jpg
1735 - http://www.metro.cl./images/links/historias_20190917.jpg
1736 - http://www.metro.cl./images/links/imagenClubmetrov2.jpg
1737 - http://www.metro.cl./images/links/santiago_20180504.jpg
1738 - http://www.metro.cl./images/logoFooter.png
1739 - http://www.metro.cl./images/logoMetro.png
1740 - http://www.metro.cl./images/logoMobile.png
1741 - http://www.metro.cl./images/medidas_carrusel.png
1742 - http://www.metro.cl./images/memoria2008.jpg
1743 - http://www.metro.cl./images/memoria2009.jpg
1744 - http://www.metro.cl./images/memoria2010.png
1745 - http://www.metro.cl./images/memoria2011.png
1746 - http://www.metro.cl./images/memoria2012.png
1747 - http://www.metro.cl./images/memoria2013.jpg
1748 - http://www.metro.cl./images/memoria2014.jpg
1749 - http://www.metro.cl./images/memoria2015.png
1750 - http://www.metro.cl./images/memoria2016.png
1751 - http://www.metro.cl./images/memoria2017.png
1752 - http://www.metro.cl./images/memoria2018.jpg
1753 - http://www.metro.cl./images/metrored_servicios_full_2019_10.jpg
1754 - http://www.metro.cl./images/thumbs/20191021_191805_1553037877.jpg
1755 - http://www.metro.cl./images/thumbs/20191021_191818_630962032.jpg
1756 - http://www.metro.cl./images/thumbs/20191021_191825_1154187059.jpg
1757 - http://www.metro.cl./images/thumbs/20191021_191833_1392395813.jpg
1758 - http://www.metro.cl./images/thumbs/20191021_191839_1282376642.jpg
1759 - http://www.metro.cl./images/thumbs/20191021_191846_1995583591.jpg
1760 - http://www.metro.cl./images/thumbs/20191021_191900_288672984.jpg
1761 - http://www.metro.cl./images/thumbs/20191021_191905_1432097429.jpg
1762 - http://www.metro.cl./images/thumbs/20191021_191911_1135752800.jpg
1763 - http://www.metro.cl./images/thumbs/20191021_191918_187612322.jpg
1764 - http://www.metro.cl./images/thumbs/20191021_191924_1143924684.jpg
1765 - http://www.metro.cl./images/thumbs/20191021_191931_1437559290.jpg
1766 - http://www.metro.cl./images/thumbs/20191021_191937_1932327075.jpg
1767 - http://www.metro.cl./images/thumbs/20191021_191942_1600609957.jpg
1768 - http://www.metro.cl./images/thumbs/20191021_191950_238145410.jpg
1769 - http://www.metro.cl./images/thumbs/20191021_191955_1100805831.jpg
1770 - http://www.metro.cl./images/thumbs/20191021_192001_1949247165.jpg
1771 - http://www.metro.cl./images/thumbs/20191021_192007_261681780.jpg
1772 - http://www.metro.cl./images/thumbs/20191021_192013_1860665348.jpg
1773 - http://www.metro.cl./images/thumbs/20191021_192019_1293536737.jpg
1774 - http://www.metro.cl./images/thumbs/20191021_192154_1356086918.jpg
1775 - http://www.metro.cl./images/thumbs/20191021_192201_1413638985.jpg
1776 - http://www.metro.cl./images/thumbs/20191021_192209_1923767130.jpg
1777 - http://www.metro.cl./images/thumbs/20191021_192220_1731567469.jpg
1778 - http://www.metro.cl./images/thumbs/20191021_192230_2088050050.jpg
1779 - http://www.metro.cl./images/thumbs/20191021_192238_1111633059.jpg
1780 - http://www.metro.cl./images/thumbs/20191021_192246_1976930774.jpg
1781 - http://www.metro.cl./images/thumbs/20191021_192255_1951385623.jpg
1782 - http://www.metro.cl./images/thumbs/20191021_192306_1562813836.jpg
1783 - http://www.metro.cl./images/thumbs/20191021_192314_1167957006.jpg
1784 - http://www.metro.cl./images/thumbs/20191021_192326_1389348992.jpg
1785 - http://www.metro.cl./images/thumbs/20191021_192333_1737449662.jpg
1786 - http://www.metro.cl./images/thumbs/20191021_192343_1234328499.jpg
1787 - http://www.metro.cl./images/thumbs/20191021_192355_15374752.jpg
1788 - http://www.metro.cl./images/thumbs/20191021_192404_1366316133.jpg
1789 - http://www.metro.cl./images/thumbs/20191021_192412_1985061526.jpg
1790 - http://www.metro.cl./images/thumbs/20191021_192425_632821011.jpg
1791 - http://www.metro.cl./images/thumbs/20191021_192436_1447011530.jpg
1792 - http://www.metro.cl./images/thumbs/20191021_192444_326401336.jpg
1793 - http://www.metro.cl./images/thumbs/20191021_192501_1598015253.jpg
1794 - http://www.metro.cl./images/thumbs/20191021_192512_1235042669.jpg
1795 - http://www.metro.cl./images/thumbs/20191021_192525_375177.jpg
1796 - http://www.metro.cl./images/thumbs/20191021_192537_1657131090.jpg
1797 - http://www.metro.cl./images/thumbs/20191021_192543_44386478.jpg
1798 - http://www.metro.cl./images/thumbs/20191021_192551_503322834.jpg
1799 - http://www.metro.cl./images/thumbs/20191021_192559_1911451847.jpg
1800 - http://www.metro.cl./images/thumbs/20191021_192613_1475511096.jpg
1801 - http://www.metro.cl./images/thumbs/20191021_195033_1749460979.jpg
1802 - http://www.metro.cl./images/thumbs/20191021_195041_1000944489.jpg
1803 - http://www.metro.cl./images/thumbs/20191021_195053_857263997.jpg
1804 - http://www.metro.cl./images/thumbs/20191021_195101_896249076.jpg
1805 - http://www.metro.cl./images/thumbs/20191021_195114_70801529.jpg
1806 - http://www.metro.cl./images/thumbs/20191021_195122_175899415.jpg
1807 - http://www.metro.cl./images/thumbs/20191021_195135_1555322199.jpg
1808 - http://www.metro.cl./images/thumbs/20191021_195145_429153709.jpg
1809 - http://www.metro.cl./images/thumbs/20191021_195154_1426046772.jpg
1810 - http://www.metro.cl./images/thumbs/20191021_195202_145232729.jpg
1811 - http://www.metro.cl./images/thumbs/20191021_195211_671312533.jpg
1812 - http://www.metro.cl./images/thumbs/20191021_195225_193438286.jpg
1813 - http://www.metro.cl./images/thumbs/20191021_195236_342021544.jpg
1814 - http://www.metro.cl./images/thumbs/20191021_195245_1622872755.jpg
1815 - http://www.metro.cl./images/thumbs/20191021_195253_365459830.jpg
1816 - http://www.metro.cl./images/thumbs/20191021_195302_499901878.jpg
1817 - http://www.metro.cl./images/thumbs/20191021_195309_1707660799.jpg
1818 - http://www.metro.cl./images/thumbs/20191021_195319_1867395000.jpg
1819 - http://www.metro.cl./images/thumbs/20191021_195335_1897597807.jpg
1820 - http://www.metro.cl./images/thumbs/20191021_195344_968385609.jpg
1821 - http://www.metro.cl./images/thumbs/20191021_195353_1786393552.jpg
1822 - http://www.metro.cl./images/thumbs/20191021_195402_1748037277.jpg
1823 - http://www.metro.cl./images/thumbs/20191021_195410_2146710828.jpg
1824 - http://www.metro.cl./images/thumbs/20191021_195421_67409276.jpg
1825 - http://www.metro.cl./images/thumbs/20191021_195431_1501368265.jpg
1826 - http://www.metro.cl./images/thumbs/20191021_195440_1223183200.jpg
1827 - http://www.metro.cl./images/thumbs/20191021_195449_175273106.jpg
1828 - http://www.metro.cl./images/thumbs/20191021_195502_511851001.jpg
1829 - http://www.metro.cl./images/thumbs/20191021_195515_1169979968.jpg
1830 - http://www.metro.cl./images/thumbs/20191021_195530_2032560250.jpg
1831 - http://www.metro.cl./images/thumbs/20191021_195602_90638924.jpg
1832 - http://www.metro.cl./images/thumbs/20191021_195617_234090815.jpg
1833 - http://www.metro.cl./images/thumbs/20191024_140010_1484428630.jpg
1834 - http://www.metro.cl./images/thumbs/20191024_140017_730935950.jpg
1835 - http://www.metro.cl./images/thumbs/20191024_140024_31247999.jpg
1836 - http://www.metro.cl./images/thumbs/6espacios_1.jpg
1837 - http://www.metro.cl./images/thumbs/6espacios_2.jpg
1838 - http://www.metro.cl./images/thumbs/6espacios_3.jpg
1839 - http://www.metro.cl./images/thumbs/6espacios_4.jpg
1840 - http://www.metro.cl./images/thumbs/6espacios_5.jpg
1841 - http://www.metro.cl./images/thumbs/6espacios_6.jpg
1842 - http://www.metro.cl./images/thumbs/6espacios_7.jpg
1843 - http://www.metro.cl./images/thumbs/6espacios_8.jpg
1844 - http://www.metro.cl./images/thumbs/amorsinlimites-01.jpg
1845 - http://www.metro.cl./images/thumbs/amorsinlimites-02.jpg
1846 - http://www.metro.cl./images/thumbs/amorsinlimites-03.jpg
1847 - http://www.metro.cl./images/thumbs/amorsinlimites-04.jpg
1848 - http://www.metro.cl./images/thumbs/amorsinlimites-05.jpg
1849 - http://www.metro.cl./images/thumbs/amorsinlimites-06.jpg
1850 - http://www.metro.cl./images/thumbs/amorsinlimites-07.jpg
1851 - http://www.metro.cl./images/thumbs/amorsinlimites-08.jpg
1852 - http://www.metro.cl./images/thumbs/amorsinlimites-09.jpg
1853 - http://www.metro.cl./images/thumbs/amorsinlimites-10.jpg
1854 - http://www.metro.cl./images/thumbs/amorsinlimites-11.jpg
1855 - http://www.metro.cl./images/tips_accesos.png
1856 - http://www.metro.cl./images/tips_ambulante.png
1857 - http://www.metro.cl./images/tips_apoyo.png
1858 - http://www.metro.cl./images/tips_audifonos.png
1859 - http://www.metro.cl./images/tips_bajar.png
1860 - http://www.metro.cl./images/tips_bicicleta.png
1861 - http://www.metro.cl./images/tips_cierre.png
1862 - http://www.metro.cl./images/tips_freno.png
1863 - http://www.metro.cl./images/tips_linea_amarilla.png
1864 - http://www.metro.cl./images/tips_mascotas.png
1865 - http://www.metro.cl./images/tips_mochila.png
1866 - http://www.metro.cl./images/tips_pasamanos.png
1867 - http://www.metro.cl./images/tips_personal.png
1868 - http://www.metro.cl./images/tips_pertenencias.png
1869 - http://www.metro.cl./images/tips_preferencial.png
1870 - http://www.metro.cl./images/tips_puerta.png
1871 - http://www.metro.cl./images/tips_ruedas.png
1872 - http://www.metro.cl./images/tips_suelo.png
1873 - http://www.metro.cl./images/tituloAtencionCliente.png
1874 - http://www.metro.cl./images/tituloGobiernoCorporativo.png
1875 - http://www.metro.cl./images/tituloHistorias.png
1876 - http://www.metro.cl./images/tituloNoticias.png
1877 - http://www.metro.cl./images/tituloRegistro.png
1878 - http://www.metro.cl./images/tituloToponimias.png
1879 - http://www.metro.cl./images/tituloTuViaje.png
1880 - http://www.metro.cl./images/tituloViajero.png
1881 - http://www.metro.cl./images/toponimias/biobio.jpg
1882 - http://www.metro.cl./images/toponimias/thumb_biobio.jpg
1883 - http://www.metro.cl./img/noticias/20190828_204515_199370525.jpg
1884 - http://www.metro.cl./img/noticias/20190828_204834_1334864200.jpg
1885 - http://www.metro.cl./img/noticias/20190828_205100_275876091.jpg
1886 - http://www.metro.cl./img/noticias/20190917_104136_1132533039.jpg
1887 - http://www.metro.cl./img/noticias/20191021_191751_166747485.jpg
1888 - http://www.metro.cl./img/noticias/20191021_192140_1999090357.jpg
1889 - http://www.metro.cl./img/noticias/20191021_194533_872056730.jpg
1890 - http://www.metro.cl./img/noticias/default_noticia.jpg
1891 - http://www.metro.cl./img/noticias/thumb-20190828_095915_484596817.jpg
1892 - http://www.metro.cl./img/noticias/thumb-20190828_101604_1105987106.jpg
1893 - http://www.metro.cl./img/noticias/thumb-20190828_101654_1222066836.jpg
1894 - http://www.metro.cl./img/noticias/thumb-20190828_125157_449886464.jpg
1895 - http://www.metro.cl./img/noticias/thumb-20190828_125557_926754230.jpg
1896 - http://www.metro.cl./img/noticias/thumb-20190828_131213_185109808.jpg
1897 - http://www.metro.cl./img/noticias/thumb-20190828_131514_1406600935.jpg
1898 - http://www.metro.cl./img/noticias/thumb-20190828_132743_1702120111.jpg
1899 - http://www.metro.cl./img/noticias/thumb-20190828_133341_1411629980.jpg
1900 - http://www.metro.cl./img/noticias/thumb-20190828_192547_566340160.jpg
1901 - http://www.metro.cl./img/noticias/thumb-20190828_193027_1692835427.jpg
1902 - http://www.metro.cl./img/noticias/thumb-20190828_193629_1461219048.jpg
1903 - http://www.metro.cl./img/noticias/thumb-20190828_194001_1804433429.jpg
1904 - http://www.metro.cl./img/noticias/thumb-20190828_194517_770020412.jpg
1905 - http://www.metro.cl./img/noticias/thumb-20190828_195048_1004692849.jpg
1906 - http://www.metro.cl./img/noticias/thumb-20190828_195412_1700945330.jpg
1907 - http://www.metro.cl./img/noticias/thumb-20190828_195821_1506910665.jpg
1908 - http://www.metro.cl./img/noticias/thumb-20190828_200211_1387843722.jpg
1909 - http://www.metro.cl./img/noticias/thumb-20190828_201211_127588594.jpg
1910 - http://www.metro.cl./img/noticias/thumb-20190828_201601_1485980630.jpg
1911 - http://www.metro.cl./img/noticias/thumb-20190828_201839_529336243.jpg
1912 - http://www.metro.cl./img/noticias/thumb-20190828_202341_79802404.jpg
1913 - http://www.metro.cl./img/noticias/thumb-20190828_202622_403538402.jpg
1914 - http://www.metro.cl./img/noticias/thumb-20190828_202942_1389292433.jpg
1915 - http://www.metro.cl./img/noticias/thumb-20190828_203321_1877423661.jpg
1916 - http://www.metro.cl./img/noticias/thumb-20190828_203554_551735631.jpg
1917 - http://www.metro.cl./img/noticias/thumb-20190828_203808_1229809653.jpg
1918 - http://www.metro.cl./img/noticias/thumb-20190828_204225_796999318.jpg
1919 - http://www.metro.cl./img/noticias/thumb-20190828_204515_199370525.jpg
1920 - http://www.metro.cl./img/noticias/thumb-20190828_204834_1334864200.jpg
1921 - http://www.metro.cl./img/noticias/thumb-20190828_205100_275876091.jpg
1922 - http://www.metro.cl./img/noticias/thumb-20190917_104136_1132533039.jpg
1923 - http://www.metro.cl./js/bootstrap.min.js
1924 - http://www.metro.cl./js/datatables.js
1925 - http://www.metro.cl./js/jquery-3.2.1.js
1926 - http://www.metro.cl./js/jquery.jticker.min.js
1927 - http://www.metro.cl./js/jquery.slicebox.js
1928 - http://www.metro.cl./js/modernizr.custom.46884.js
1929 - http://www.metro.cl./js/popper.min.js
1930 - http://www.metro.cl./js/select2.min.js
1931 - http://www.metro.cl./js/zoom/jquery.smoothZoom.min.js
1932 - http://www.metro.cl./planificador/images/167-168.png
1933 - http://www.metro.cl./planificador/images/168-169.png
1934 - http://www.metro.cl./planificador/images/169-170.png
1935 - http://www.metro.cl./planificador/images/170-171.png
1936 - http://www.metro.cl./planificador/images/171-172.png
1937 - http://www.metro.cl./planificador/images/172-173.png
1938 - http://www.metro.cl./planificador/images/173-174.png
1939 - http://www.metro.cl./planificador/images/174-175.png
1940 - http://www.metro.cl./planificador/images/175-176.png
1941 - http://www.metro.cl./planificador/images/176-177.png
1942 - http://www.metro.cl./planificador/images/177-178.png
1943 - http://www.metro.cl./planificador/images/178-179.png
1944 - http://www.metro.cl./planificador/images/179-180.png
1945 - http://www.metro.cl./planificador/images/180-181.png
1946 - http://www.metro.cl./planificador/images/181-182.png
1947 - http://www.metro.cl./planificador/images/182-183.png
1948 - http://www.metro.cl./planificador/images/183-184.png
1949 - http://www.metro.cl./planificador/images/184-185.png
1950 - http://www.metro.cl./planificador/images/185-186.png
1951 - http://www.metro.cl./planificador/images/186-187.png
1952 - http://www.metro.cl./planificador/images/187-188.png
1953 - http://www.metro.cl./planificador/images/188-189.png
1954 - http://www.metro.cl./planificador/images/189-190.png
1955 - http://www.metro.cl./planificador/images/190-271.png
1956 - http://www.metro.cl./planificador/images/191-192.png
1957 - http://www.metro.cl./planificador/images/192-193.png
1958 - http://www.metro.cl./planificador/images/193-194.png
1959 - http://www.metro.cl./planificador/images/194-195.png
1960 - http://www.metro.cl./planificador/images/195-264.png
1961 - http://www.metro.cl./planificador/images/196-197.png
1962 - http://www.metro.cl./planificador/images/197-198.png
1963 - http://www.metro.cl./planificador/images/198-199.png
1964 - http://www.metro.cl./planificador/images/199-200.png
1965 - http://www.metro.cl./planificador/images/200-201.png
1966 - http://www.metro.cl./planificador/images/201-202.png
1967 - http://www.metro.cl./planificador/images/202-203.png
1968 - http://www.metro.cl./planificador/images/203-204.png
1969 - http://www.metro.cl./planificador/images/204-205.png
1970 - http://www.metro.cl./planificador/images/205-206.png
1971 - http://www.metro.cl./planificador/images/206-207.png
1972 - http://www.metro.cl./planificador/images/208-209.png
1973 - http://www.metro.cl./planificador/images/209-210.png
1974 - http://www.metro.cl./planificador/images/210-211.png
1975 - http://www.metro.cl./planificador/images/211-212.png
1976 - http://www.metro.cl./planificador/images/212-268.png
1977 - http://www.metro.cl./planificador/images/213-214.png
1978 - http://www.metro.cl./planificador/images/214-215.png
1979 - http://www.metro.cl./planificador/images/215-216.png
1980 - http://www.metro.cl./planificador/images/216-217.png
1981 - http://www.metro.cl./planificador/images/217-218.png
1982 - http://www.metro.cl./planificador/images/218-219.png
1983 - http://www.metro.cl./planificador/images/219-220.png
1984 - http://www.metro.cl./planificador/images/220-221.png
1985 - http://www.metro.cl./planificador/images/221-222.png
1986 - http://www.metro.cl./planificador/images/222-223.png
1987 - http://www.metro.cl./planificador/images/223-269.png
1988 - http://www.metro.cl./planificador/images/224-225.png
1989 - http://www.metro.cl./planificador/images/225-226.png
1990 - http://www.metro.cl./planificador/images/226-227.png
1991 - http://www.metro.cl./planificador/images/227-228.png
1992 - http://www.metro.cl./planificador/images/228-229.png
1993 - http://www.metro.cl./planificador/images/229-230.png
1994 - http://www.metro.cl./planificador/images/230-231.png
1995 - http://www.metro.cl./planificador/images/231-232.png
1996 - http://www.metro.cl./planificador/images/232-233.png
1997 - http://www.metro.cl./planificador/images/233-234.png
1998 - http://www.metro.cl./planificador/images/234-235.png
1999 - http://www.metro.cl./planificador/images/235-236.png
2000 - http://www.metro.cl./planificador/images/236-237.png
2001 - http://www.metro.cl./planificador/images/237-238.png
2002 - http://www.metro.cl./planificador/images/238-274.png
2003 - http://www.metro.cl./planificador/images/239-240.png
2004 - http://www.metro.cl./planificador/images/240-241.png
2005 - http://www.metro.cl./planificador/images/241-242.png
2006 - http://www.metro.cl./planificador/images/242-243.png
2007 - http://www.metro.cl./planificador/images/243-244.png
2008 - http://www.metro.cl./planificador/images/257-258.png
2009 - http://www.metro.cl./planificador/images/258-259.png
2010 - http://www.metro.cl./planificador/images/259-260.png
2011 - http://www.metro.cl./planificador/images/260-270.png
2012 - http://www.metro.cl./planificador/images/261-262.png
2013 - http://www.metro.cl./planificador/images/262-263.png
2014 - http://www.metro.cl./planificador/images/263-191.png
2015 - http://www.metro.cl./planificador/images/264-265.png
2016 - http://www.metro.cl./planificador/images/265-196.png
2017 - http://www.metro.cl./planificador/images/266-224.png
2018 - http://www.metro.cl./planificador/images/267-257.png
2019 - http://www.metro.cl./planificador/images/268-213.png
2020 - http://www.metro.cl./planificador/images/271-272.png
2021 - http://www.metro.cl./planificador/images/272-273.png
2022 - http://www.metro.cl./planificador/images/274-239.png
2023 - http://www.metro.cl./planificador/images/275-208.png
2024 - http://www.metro.cl./planificador/images/276-275.png
2025 - http://www.metro.cl./planificador/images/277-276.png
2026 - http://www.metro.cl./planificador/images/278-277.png
2027 - http://www.metro.cl./planificador/images/279-278.png
2028 - http://www.metro.cl./planificador/images/280-279.png
2029 - http://www.metro.cl./planificador/images/281-280.png
2030 - http://www.metro.cl./planificador/images/282-281.png
2031 - http://www.metro.cl./planificador/images/283-282.png
2032 - http://www.metro.cl./planificador/images/284-283.png
2033 - http://www.metro.cl./planificador/images/285-284.png
2034 - http://www.metro.cl./planificador/images/286-285.png
2035 - http://www.metro.cl./planificador/images/287-288.png
2036 - http://www.metro.cl./planificador/images/288-289.png
2037 - http://www.metro.cl./planificador/images/289-290.png
2038 - http://www.metro.cl./planificador/images/290-291.png
2039 - http://www.metro.cl./planificador/images/291-292.png
2040 - http://www.metro.cl./planificador/images/292-293.png
2041 - http://www.metro.cl./planificador/images/293-317.png
2042 - http://www.metro.cl./planificador/images/297-298.png
2043 - http://www.metro.cl./planificador/images/298-299.png
2044 - http://www.metro.cl./planificador/images/299-300.png
2045 - http://www.metro.cl./planificador/images/300-301.png
2046 - http://www.metro.cl./planificador/images/301-302.png
2047 - http://www.metro.cl./planificador/images/302-303.png
2048 - http://www.metro.cl./planificador/images/303-304.png
2049 - http://www.metro.cl./planificador/images/304-305.png
2050 - http://www.metro.cl./planificador/images/305-306.png
2051 - http://www.metro.cl./planificador/images/306-307.png
2052 - http://www.metro.cl./planificador/images/307-308.png
2053 - http://www.metro.cl./planificador/images/308-309.png
2054 - http://www.metro.cl./planificador/images/309-310.png
2055 - http://www.metro.cl./planificador/images/310-311.png
2056 - http://www.metro.cl./planificador/images/311-312.png
2057 - http://www.metro.cl./planificador/images/312-313.png
2058 - http://www.metro.cl./planificador/images/313-314.png
2059 - http://www.metro.cl./planificador/images/315-316.png
2060 - http://www.metro.cl./planificador/images/317-315.png
2061 - http://www.metro.cl./planificador/images/planificadorv4.jpg
2062 Total links to files: 638
2063
2064+ Externals links found:
2065 - calendar:T1:12:16
2066 - calendar:T1:13:00
2067 - calendar:T1:13:30
2068 - calendar:T1:15:22
2069 - calendar:T1:20:00
2070 - calendar:T1:6:00
2071 - calendar:T1:6:30
2072 - calendar:T1:8:00
2073 - geo:0,0?q=28 de octubre de 2019
2074 - geo:0,0?q=29 y miércoles 30 de octubre Metro de Santiago volverá
2075 - http://bit.ly/1pdICYM
2076 - http://metro.mapcity.com/tarjeta_bip/
2077 - http://metro.trabajando.cl
2078 - http://metro.trabajando.cl/
2079 - http://sistemagestion.metrosantiago.cl/
2080 - http://www.ccplm.cl/
2081 - http://www.lineacero.cl
2082 - http://www.mac.uchile.cl/
2083 - http://www.metro.cl/files/bicimetro-reglamento.pdf
2084 - http://www.metro.cl/files/bicimetro-tarifario.pdf
2085 - http://www.metro.cl/files/documentos/fecu/01475043aad23189277328513392b844.pdf
2086 - http://www.metro.cl/files/documentos/fecu/0337f2b413a0e504e1dc97322741b73a.pdf
2087 - http://www.metro.cl/files/documentos/fecu/03b299acd619b21c1660570213661a66.pdf
2088 - http://www.metro.cl/files/documentos/fecu/03f067ad4365074f1d84e94f14bf04c9.pdf
2089 - http://www.metro.cl/files/documentos/fecu/064962abef7d2fc3dc97b0263fd52fd5.pdf
2090 - http://www.metro.cl/files/documentos/fecu/069f16444453faddb2b5a1584fb809b3.pdf
2091 - http://www.metro.cl/files/documentos/fecu/08b32cc8765425b688499fe8c327e27b.pdf
2092 - http://www.metro.cl/files/documentos/fecu/092a4dcb3c6ab6e0523a876427368231.pdf
2093 - http://www.metro.cl/files/documentos/fecu/0e4f961b80c650675e05b64962ce0d0c.pdf
2094 - http://www.metro.cl/files/documentos/fecu/114e2bb4ecf7ca776fbb2a4b5e3e1c66.pdf
2095 - http://www.metro.cl/files/documentos/fecu/11505482c4820b4158dd7647d657dddf.pdf
2096 - http://www.metro.cl/files/documentos/fecu/1194155b2e70f166d679c7281cbaa2fa.pdf
2097 - http://www.metro.cl/files/documentos/fecu/1265af5ee332bc98a6e84d11d543fa65.pdf
2098 - http://www.metro.cl/files/documentos/fecu/1927305a11b52f6179efcd36730f76d3.pdf
2099 - http://www.metro.cl/files/documentos/fecu/1b08f30f3097533392bedb27b668fbb9.pdf
2100 - http://www.metro.cl/files/documentos/fecu/1d334659179d0cbb36992ce4cf74b694.pdf
2101 - http://www.metro.cl/files/documentos/fecu/1e0956ca5a175f571bdad50fe4b7f274.pdf
2102 - http://www.metro.cl/files/documentos/fecu/1e8f94035a6df245824bf7570a558a7a.pdf
2103 - http://www.metro.cl/files/documentos/fecu/1f9968b066a2fd25816aa5df9c731c77.pdf
2104 - http://www.metro.cl/files/documentos/fecu/1faa343b000d11a42e93d0d813db71b9.pdf
2105 - http://www.metro.cl/files/documentos/fecu/20350a33a669a93822b828af0ae8a865.pdf
2106 - http://www.metro.cl/files/documentos/fecu/20c721b791a1af073060088dde95c702.pdf
2107 - http://www.metro.cl/files/documentos/fecu/2159031d9e84ce776a13c8fc22d86a92.pdf
2108 - http://www.metro.cl/files/documentos/fecu/221f46f87986c9d64b464bb0f550eebe.pdf
2109 - http://www.metro.cl/files/documentos/fecu/227db91fcdb63ce0b56f098b24e38491.pdf
2110 - http://www.metro.cl/files/documentos/fecu/22d5bd9c05427118c51698536a95b334.pdf
2111 - http://www.metro.cl/files/documentos/fecu/232a6292059dc4efe05d381626bd34ac.pdf
2112 - http://www.metro.cl/files/documentos/fecu/234f8ff324b42d3c8a7b9b170b236ef4.pdf
2113 - http://www.metro.cl/files/documentos/fecu/2357298863ff1e6c6205b13cd962ad44.pdf
2114 - http://www.metro.cl/files/documentos/fecu/28561cfc80fa786f8f78dd32b56401b6.pdf
2115 - http://www.metro.cl/files/documentos/fecu/2a04aee6fd5c0022b558d6fa942b6758.pdf
2116 - http://www.metro.cl/files/documentos/fecu/2a4b1b0f700a55bfd97ab248be45b496.pdf
2117 - http://www.metro.cl/files/documentos/fecu/2a719424c8f2c0c01cfb4a6a359c92b7.pdf
2118 - http://www.metro.cl/files/documentos/fecu/2ba50e6ea153fab04d8e2007de8290a9.pdf
2119 - http://www.metro.cl/files/documentos/fecu/2c53eaa418ae9205bf982dcf0eb17de1.pdf
2120 - http://www.metro.cl/files/documentos/fecu/2e2c328a49c85a56151980d36d7cb562.pdf
2121 - http://www.metro.cl/files/documentos/fecu/3164d6ca2e7238aec086184055fb162d.pdf
2122 - http://www.metro.cl/files/documentos/fecu/3189564998ea8699896db41ba5df09e9.pdf
2123 - http://www.metro.cl/files/documentos/fecu/33843c5d44e88a335a85306c96fa3dca.pdf
2124 - http://www.metro.cl/files/documentos/fecu/34d36529dbf9da8a4bb9b5e628639856.pdf
2125 - http://www.metro.cl/files/documentos/fecu/35b56d9c131ed67983b9969e1618a703.pdf
2126 - http://www.metro.cl/files/documentos/fecu/36c3e00e5fe74060de6d63b1deb28b23.pdf
2127 - http://www.metro.cl/files/documentos/fecu/36db926db8c01832778c838d2b9d7102.pdf
2128 - http://www.metro.cl/files/documentos/fecu/3753549aad0fc028a7c9961223438052.pdf
2129 - http://www.metro.cl/files/documentos/fecu/39565ed90c4234317b071a6fc4ecb6a7.pdf
2130 - http://www.metro.cl/files/documentos/fecu/3b98cbdaceca715af684a8b7c0ace93f.pdf
2131 - http://www.metro.cl/files/documentos/fecu/3c9cd81ca7b26d34e202c8d7fb42a983.pdf
2132 - http://www.metro.cl/files/documentos/fecu/3caa5036db6ed9f1a037a49fd1cc6e5a.pdf
2133 - http://www.metro.cl/files/documentos/fecu/3e674dcb143c6402de341df21f73d7cd.pdf
2134 - http://www.metro.cl/files/documentos/fecu/3ec42d25bd86e2c622d58b645d28d235.pdf
2135 - http://www.metro.cl/files/documentos/fecu/4150e399d2eddbf527e75c6731594b56.pdf
2136 - http://www.metro.cl/files/documentos/fecu/45171877d3855e5b65d655ebbe334b98.pdf
2137 - http://www.metro.cl/files/documentos/fecu/4579a784c0668bc30040e4df7490d200.pdf
2138 - http://www.metro.cl/files/documentos/fecu/4812b8dd108bf6a6169b3e924ddef39e.pdf
2139 - http://www.metro.cl/files/documentos/fecu/4879c517d680a3802c89591d295bc864.pdf
2140 - http://www.metro.cl/files/documentos/fecu/4a04c0624da5f5899d2fe86c1a9ac52c.pdf
2141 - http://www.metro.cl/files/documentos/fecu/4a3c1b6571a9284cf26a584ef01c8cd5.pdf
2142 - http://www.metro.cl/files/documentos/fecu/4cbc44941fc295781013e40cb0f02ba9.pdf
2143 - http://www.metro.cl/files/documentos/fecu/4ddb40979adc85d009c46a5fb1a13c57.pdf
2144 - http://www.metro.cl/files/documentos/fecu/4ff3d2039042407d58f645f2dedac21e.pdf
2145 - http://www.metro.cl/files/documentos/fecu/51470575a128a9384ea8e0b9c5eb3cb3.pdf
2146 - http://www.metro.cl/files/documentos/fecu/51d09e038ca75b4a18f4d5d6a194e6e5.pdf
2147 - http://www.metro.cl/files/documentos/fecu/53626177048e3e7b8a6808f46fbebcdd.pdf
2148 - http://www.metro.cl/files/documentos/fecu/540b9c297c59955e3befce7fbe9ad521.pdf
2149 - http://www.metro.cl/files/documentos/fecu/54b434275700857f56b28b7d34512dfc.pdf
2150 - http://www.metro.cl/files/documentos/fecu/559d91a24bcc0b322260910afdc2e1b4.pdf
2151 - http://www.metro.cl/files/documentos/fecu/55e88dd895d64ccfdd2f286219a9fd46.pdf
2152 - http://www.metro.cl/files/documentos/fecu/562a12450a1b831ec7eb34862a54ada6.pdf
2153 - http://www.metro.cl/files/documentos/fecu/597db88fa68335ed67515697dd2ffb05.pdf
2154 - http://www.metro.cl/files/documentos/fecu/5aac75bcb9a441259b795a18ff4aaa95.pdf
2155 - http://www.metro.cl/files/documentos/fecu/5b38468f99bf66c2f79632aa4b7c84ed.pdf
2156 - http://www.metro.cl/files/documentos/fecu/5b7ef1335bb3d02f6f9848707fc81a2e.pdf
2157 - http://www.metro.cl/files/documentos/fecu/5b8c496bffcb347f81e2f0d0ea396273.pdf
2158 - http://www.metro.cl/files/documentos/fecu/5d4e161f2876c054a6ff232c69f42d85.pdf
2159 - http://www.metro.cl/files/documentos/fecu/5e822fdb0f1174cef0f00234e4edb74c.pdf
2160 - http://www.metro.cl/files/documentos/fecu/5f4e2ee45232c7bc62cb897092ca808d.pdf
2161 - http://www.metro.cl/files/documentos/fecu/62f8699a003942d6df8e69210ab1ab28.pdf
2162 - http://www.metro.cl/files/documentos/fecu/64aec209a620c519ca970d6b16ed1cf1.pdf
2163 - http://www.metro.cl/files/documentos/fecu/67e2420f1f918ac91d4fa42622ccd4f7.pdf
2164 - http://www.metro.cl/files/documentos/fecu/69b3ddc7e5d53b8560766ddf6073ed2c.pdf
2165 - http://www.metro.cl/files/documentos/fecu/6a29ad036d57fdba0533d6b8f6a21480.pdf
2166 - http://www.metro.cl/files/documentos/fecu/6d06d431186ed85d5e7bcc5a598293c2.pdf
2167 - http://www.metro.cl/files/documentos/fecu/6d47d48051ba2d06615d33c24cd6ac65.pdf
2168 - http://www.metro.cl/files/documentos/fecu/6f4ccc8964ff10e5449a6bcbb7e8399e.pdf
2169 - http://www.metro.cl/files/documentos/fecu/7159d06d5565a3feb1e1a89fa99cfb52.pdf
2170 - http://www.metro.cl/files/documentos/fecu/725f9a9e5ee5ee582b3d7e4d996d02f8.pdf
2171 - http://www.metro.cl/files/documentos/fecu/746d555dc041ec873bba6fd8f17b9668.pdf
2172 - http://www.metro.cl/files/documentos/fecu/749724b27d638a2a1e86f218a3ff06c6.pdf
2173 - http://www.metro.cl/files/documentos/fecu/761f8597186b75f88e1225edd5102071.pdf
2174 - http://www.metro.cl/files/documentos/fecu/76e0ee4248ae5f5eee4dfe56d9a3036b.pdf
2175 - http://www.metro.cl/files/documentos/fecu/78d675790072ac8acd841652301271df.pdf
2176 - http://www.metro.cl/files/documentos/fecu/7917398f9f03c6e7beda66b14af508b3.pdf
2177 - http://www.metro.cl/files/documentos/fecu/79a32eefee007394aefd3dc1c8898de6.pdf
2178 - http://www.metro.cl/files/documentos/fecu/7aa640de85e2f7f6d697fbab0e9b06f4.pdf
2179 - http://www.metro.cl/files/documentos/fecu/7c0766ab2a62557926ac176acf69462a.pdf
2180 - http://www.metro.cl/files/documentos/fecu/7ca6bcafc0e204ff0d07c78ad76ed52f.pdf
2181 - http://www.metro.cl/files/documentos/fecu/7e2100cbdc56e73bf439e7d394185655.pdf
2182 - http://www.metro.cl/files/documentos/fecu/80bf7f15ee2759e35450ecf00d53e19e.pdf
2183 - http://www.metro.cl/files/documentos/fecu/826c81a70112fc3e5025eb3564d5dddf.pdf
2184 - http://www.metro.cl/files/documentos/fecu/85c9dbf0ee33e1af419ad1f3619d3adc.pdf
2185 - http://www.metro.cl/files/documentos/fecu/8869f5c5b8221800ff8fa1139f00a614.pdf
2186 - http://www.metro.cl/files/documentos/fecu/89ec0f85a107c775d1f3df11f83f7f29.pdf
2187 - http://www.metro.cl/files/documentos/fecu/8a8d284ad8b0bf81fb34a5d0bb85ea41.pdf
2188 - http://www.metro.cl/files/documentos/fecu/8b6195ad701b9310b6d740405cbe1108.pdf
2189 - http://www.metro.cl/files/documentos/fecu/8bb340a4e7c66aca5d51d4f81a832c70.pdf
2190 - http://www.metro.cl/files/documentos/fecu/8c7307bbb6f3ae04bf0e3c8c4e5c7423.pdf
2191 - http://www.metro.cl/files/documentos/fecu/8f948a848b30a6fdfa16d482b5b46625.pdf
2192 - http://www.metro.cl/files/documentos/fecu/9000e291c4476997ac717474c738c9a7.pdf
2193 - http://www.metro.cl/files/documentos/fecu/905595a4d6210c56152ccaacb5ae1e5d.pdf
2194 - http://www.metro.cl/files/documentos/fecu/914c18974eabbdd2a305518c93ad99e0.pdf
2195 - http://www.metro.cl/files/documentos/fecu/9355f7528f0b7c180a11c73519ff6b45.pdf
2196 - http://www.metro.cl/files/documentos/fecu/93eaa02631feb3acb24199e956d6bab0.pdf
2197 - http://www.metro.cl/files/documentos/fecu/93f6e3d9d98e7ab87850266c070b0f2e.pdf
2198 - http://www.metro.cl/files/documentos/fecu/942fdca9f4286420538315d6f6fe9075.pdf
2199 - http://www.metro.cl/files/documentos/fecu/945fe07ba3b2d1041403798fc308124b.pdf
2200 - http://www.metro.cl/files/documentos/fecu/94da73763252d341b287eee72c9ac0cb.pdf
2201 - http://www.metro.cl/files/documentos/fecu/95e80e4949cc4e94f3c2baff27ecde5c.pdf
2202 - http://www.metro.cl/files/documentos/fecu/96a7e29f46f7db9a15c84686c589286f.pdf
2203 - http://www.metro.cl/files/documentos/fecu/993dd5a84be36ca76ad98b1d15d24bb4.pdf
2204 - http://www.metro.cl/files/documentos/fecu/99fb9e1d47f973a056a7c908c0caeaba.pdf
2205 - http://www.metro.cl/files/documentos/fecu/9b6fec0670685cf264a7c9acd0258e06.pdf
2206 - http://www.metro.cl/files/documentos/fecu/9d26dc4af55a3e5f401453a98a46ec79.pdf
2207 - http://www.metro.cl/files/documentos/fecu/9e434d33eb5931fcaba3eecc5a785f53.pdf
2208 - http://www.metro.cl/files/documentos/fecu/9e51aa191d8a26e323dff984534aed86.pdf
2209 - http://www.metro.cl/files/documentos/fecu/a2c15d601c9a12bfae527d39a20549ac.pdf
2210 - http://www.metro.cl/files/documentos/fecu/a3759a23b3dd056b627bc03fa4b7122c.pdf
2211 - http://www.metro.cl/files/documentos/fecu/a3821671df1d269c07404e76ef2400d2.pdf
2212 - http://www.metro.cl/files/documentos/fecu/a38e338d96e5d01c8a1c4ff307d4cac0.pdf
2213 - http://www.metro.cl/files/documentos/fecu/a410c16c7e0fdf2fff64c00d03c56d78.pdf
2214 - http://www.metro.cl/files/documentos/fecu/a7302c3a089265e2d4d806e78ead7922.pdf
2215 - http://www.metro.cl/files/documentos/fecu/a7b56c75cbbf014ad646e5d6c3e65021.pdf
2216 - http://www.metro.cl/files/documentos/fecu/a7c89787aa35b4d18705b7716dec2444.pdf
2217 - http://www.metro.cl/files/documentos/fecu/a855ed98e0476f8a854b479b4a3d2200.pdf
2218 - http://www.metro.cl/files/documentos/fecu/a9829f7bf4d8da674f778ea7243bc36e.pdf
2219 - http://www.metro.cl/files/documentos/fecu/abd83ef69234b15172ab2295e800212f.pdf
2220 - http://www.metro.cl/files/documentos/fecu/ac59892ce2d1056c25949f93f1e1b2ad.pdf
2221 - http://www.metro.cl/files/documentos/fecu/aca9a7527357c1e44b91c0896ca0fcf1.pdf
2222 - http://www.metro.cl/files/documentos/fecu/ad651a716d4d621042aa172ac839f37e.pdf
2223 - http://www.metro.cl/files/documentos/fecu/ae17f023a589206a76410908ca23e37a.pdf
2224 - http://www.metro.cl/files/documentos/fecu/b16cc70ec1b9c16b621b96771beba2bd.pdf
2225 - http://www.metro.cl/files/documentos/fecu/b2e326bac74747b447c7fd0a14bea2db.pdf
2226 - http://www.metro.cl/files/documentos/fecu/b47441345e48870d4496a95471a0dc5f.pdf
2227 - http://www.metro.cl/files/documentos/fecu/b4c3b5a9e16b36b59e042e03c7132b57.pdf
2228 - http://www.metro.cl/files/documentos/fecu/b57649961fe4061e26bff822d8e77037.pdf
2229 - http://www.metro.cl/files/documentos/fecu/b5eb9e70a7703140bdf794458fe3c9d9.pdf
2230 - http://www.metro.cl/files/documentos/fecu/b9f64f50fec3d3fdc7bd4584426e509b.pdf
2231 - http://www.metro.cl/files/documentos/fecu/ba0c239be5dafb7285afeb2df8442372.pdf
2232 - http://www.metro.cl/files/documentos/fecu/ba1a207bf43ca5b7b83c436f5048e6cf.pdf
2233 - http://www.metro.cl/files/documentos/fecu/ba3ba75183993d8bc4eb45f637dba39b.pdf
2234 - http://www.metro.cl/files/documentos/fecu/bc6d1010d3c5564c1400488873f3cb38.pdf
2235 - http://www.metro.cl/files/documentos/fecu/bca2b8cfd3e833577d7185abe2c155a2.pdf
2236 - http://www.metro.cl/files/documentos/fecu/bda5a100d24f42a4ad4a25e4a02a7c1b.pdf
2237 - http://www.metro.cl/files/documentos/fecu/c02af99aadfd452056a52b99e88fea62.pdf
2238 - http://www.metro.cl/files/documentos/fecu/c054edbb1271b41bac2c3b662d8bb0c2.pdf
2239 - http://www.metro.cl/files/documentos/fecu/c1bf81a3581522cdb51b1fc2d2cde38d.pdf
2240 - http://www.metro.cl/files/documentos/fecu/c26799665f337a5ca2abfda9e20ea8ca.pdf
2241 - http://www.metro.cl/files/documentos/fecu/c336bb9e4eada4f7485151ee43e86f9c.pdf
2242 - http://www.metro.cl/files/documentos/fecu/c3f39636de81375d7ee8494da0a57ce0.pdf
2243 - http://www.metro.cl/files/documentos/fecu/c58c04da164331137309a382ece646e1.pdf
2244 - http://www.metro.cl/files/documentos/fecu/c5fab593e348606a1964f7184f9b3d22.pdf
2245 - http://www.metro.cl/files/documentos/fecu/c64322ebec754795d42d6b4b54b469f0.pdf
2246 - http://www.metro.cl/files/documentos/fecu/c6a5a3f8b34cfd4f9929aa66efabfd18.pdf
2247 - http://www.metro.cl/files/documentos/fecu/c6afc243162c962f45ec8caafe549f7e.pdf
2248 - http://www.metro.cl/files/documentos/fecu/c6cee689ff9f6d55df2c35cf396f46ee.pdf
2249 - http://www.metro.cl/files/documentos/fecu/c827ad2ba6da85c5ca18e202685327e5.pdf
2250 - http://www.metro.cl/files/documentos/fecu/c9d0b4a29c62fc55316aececcad093da.pdf
2251 - http://www.metro.cl/files/documentos/fecu/cb007e1037ac3a0c6666a5b46704a445.pdf
2252 - http://www.metro.cl/files/documentos/fecu/cc843f4b1849add0b97017df8e4dc39a.pdf
2253 - http://www.metro.cl/files/documentos/fecu/cd673f0971cbda54fc1426232bc4571f.pdf
2254 - http://www.metro.cl/files/documentos/fecu/ce400f29bc6a7dfe6f7aa429fd143639.pdf
2255 - http://www.metro.cl/files/documentos/fecu/ce7d9acfe0929743c197593bd5e4ce6f.pdf
2256 - http://www.metro.cl/files/documentos/fecu/d0d930fb604ef00d118d09fd95954f97.pdf
2257 - http://www.metro.cl/files/documentos/fecu/d183ca03fefffd19feaccf1b940288b7.pdf
2258 - http://www.metro.cl/files/documentos/fecu/d24b12566fec293977c3688800d9e56b.pdf
2259 - http://www.metro.cl/files/documentos/fecu/d4bf30680b43dd491ae2a0e5b28b90b6.pdf
2260 - http://www.metro.cl/files/documentos/fecu/d68999250662ccb30223160e13e752ca.pdf
2261 - http://www.metro.cl/files/documentos/fecu/d9007a8e847baf71136d43a43c9b6b70.pdf
2262 - http://www.metro.cl/files/documentos/fecu/d93c491895562d2cb3d602f9d96021c9.pdf
2263 - http://www.metro.cl/files/documentos/fecu/d956d95c7946d28f4718269a97f5fd34.pdf
2264 - http://www.metro.cl/files/documentos/fecu/d9da69bc5cb653d03082dffc65631047.pdf
2265 - http://www.metro.cl/files/documentos/fecu/da5778905d1ad82fdf655c1a47160bc6.pdf
2266 - http://www.metro.cl/files/documentos/fecu/dac08075284c5b31fa014bc653c93e08.pdf
2267 - http://www.metro.cl/files/documentos/fecu/de0644e8ef15e67b1be04a76dd91af45.pdf
2268 - http://www.metro.cl/files/documentos/fecu/dfa59b66dd5debbbad32e77541c7c04c.pdf
2269 - http://www.metro.cl/files/documentos/fecu/e00bbd42738f6a4fd6a8a3311d72dffe.pdf
2270 - http://www.metro.cl/files/documentos/fecu/e3c2c06393fd3f1dac0c732cff2475b4.pdf
2271 - http://www.metro.cl/files/documentos/fecu/e73dc247b1f9acc4e8448818069d4a6b.pdf
2272 - http://www.metro.cl/files/documentos/fecu/e74b90d760c5df6b706f5351d7c01571.pdf
2273 - http://www.metro.cl/files/documentos/fecu/e7b2c3bc27875456adeaf6e2abf4a70b.pdf
2274 - http://www.metro.cl/files/documentos/fecu/e8b1387508d342780800a16d96c32937.pdf
2275 - http://www.metro.cl/files/documentos/fecu/ea47021ef3f20ad8c85a5131923ac499.pdf
2276 - http://www.metro.cl/files/documentos/fecu/ec1e4c213dab82aecb5d06f097f791b1.pdf
2277 - http://www.metro.cl/files/documentos/fecu/ee8ef4f276b092ca061ff48477200f36.pdf
2278 - http://www.metro.cl/files/documentos/fecu/f02cbfa4d0073e1a3fe688c4253463d1.pdf
2279 - http://www.metro.cl/files/documentos/fecu/f25e1d6ff309044bbaf48ff2fedba6b6.pdf
2280 - http://www.metro.cl/files/documentos/fecu/f439dd30042b24499e75450bbd1836b5.pdf
2281 - http://www.metro.cl/files/documentos/fecu/f46bb6bd2df84f64ee81a18c59fbab9c.pdf
2282 - http://www.metro.cl/files/documentos/fecu/f6f230114b2829ce81bd041b0c743dd9.pdf
2283 - http://www.metro.cl/files/documentos/fecu/f8b3bb83137a5e5e3cafd917954449d3.pdf
2284 - http://www.metro.cl/files/documentos/fecu/f9850465a98dd2484876646bcc1927fa.pdf
2285 - http://www.metro.cl/files/documentos/fecu/fa28e713142319996022f02c27895a1e.pdf
2286 - http://www.metro.cl/minisitio/asesorias/Espanol/sitio_metro.html
2287 - http://www.metrosantiago.cl/minisitio/asesorias/Espanol/sitio_metro.html
2288 - http://www.tarjetabip.cl
2289 - http://www.transantiago.cl/
2290 - http://www.youtube.com/user/metrodesantiagochile
2291 - https://app.metro.cl:5010/Public/Bienvenida.aspx
2292 - https://bazarmetro.cl
2293 - https://bazarmetro.cl/
2294 - https://carga.tarjetabip.cl/
2295 - https://cargatubip.metro.cl/CargaTuBipV2/
2296 - https://extranetmetro.cl/
2297 - https://get.adobe.com/es/reader/
2298 - https://mail.metro.cl/
2299 - https://ticket-viaje.metro.cl/
2300 - https://twitter.com/intent/user?screen_name=metrodesantiago
2301 - https://twitter.com/metrodesantiago
2302 - https://www.facebook.com/Metrostgo/
2303 - https://www.facebook.com/pages/Metro-de-Santiago-Chile/171538782666?ref=stream
2304 - https://www.google.com/recaptcha/api.js?hl=es-419
2305 - https://www.instagram.com/metrodesantiago
2306 - https://www.metro.cl/clubmetro
2307 - https://www.metro.cl/clubmetro/actividades-gratuitas
2308 - https://www.metro.cl/clubmetro/que-es
2309 - https://www.metro.cl/denuncias
2310 - https://www.metro.cl/files/documentos/documentos_generales/02e74f10e0327ad868d138f2b4fdd6f0.jpg
2311 - https://www.metro.cl/files/documentos/documentos_generales/1679091c5a880faf6fb5e6087eb1b2dc.doc
2312 - https://www.metro.cl/files/documentos/documentos_generales/182be0c5cdcd5072bb1864cdee4d3d6e.docx
2313 - https://www.metro.cl/files/documentos/documentos_generales/19ca14e7ea6328a42e0eb13d585e4c22.pdf
2314 - https://www.metro.cl/files/documentos/documentos_generales/1f0e3dad99908345f7439f8ffabdffc4.pdf
2315 - https://www.metro.cl/files/documentos/documentos_generales/1ff1de774005f8da13f42943881c655f.pdf
2316 - https://www.metro.cl/files/documentos/documentos_generales/20191025_143627_1098508650.pdf
2317 - https://www.metro.cl/files/documentos/documentos_generales/28dd2c7955ce926456240b2ff0100bde.pdf
2318 - https://www.metro.cl/files/documentos/documentos_generales/2a38a4a9316c49e5a833517c45d31070.docx
2319 - https://www.metro.cl/files/documentos/documentos_generales/32bb90e8976aab5298d5da10fe66f21d.pdf
2320 - https://www.metro.cl/files/documentos/documentos_generales/33e75ff09dd601bbe69f351039152189.pdf
2321 - https://www.metro.cl/files/documentos/documentos_generales/35f4a8d465e6e1edc05f3d8ab658c551.pdf
2322 - https://www.metro.cl/files/documentos/documentos_generales/37693cfc748049e45d87b8c7d8b9aacd.pdf
2323 - https://www.metro.cl/files/documentos/documentos_generales/3c59dc048e8850243be8079a5c74d079.pdf
2324 - https://www.metro.cl/files/documentos/documentos_generales/3ef815416f775098fe977004015c6193.pdf
2325 - https://www.metro.cl/files/documentos/documentos_generales/43ec517d68b6edd3015b3edc9a11367b.pdf
2326 - https://www.metro.cl/files/documentos/documentos_generales/45c48cce2e2d7fbdea1afc51c7c6ad26.pdf
2327 - https://www.metro.cl/files/documentos/documentos_generales/4e732ced3463d06de0ca9a15b6153677.pdf
2328 - https://www.metro.cl/files/documentos/documentos_generales/6364d3f0f495b6ab9dcf8d3b5c6e0b01.docx
2329 - https://www.metro.cl/files/documentos/documentos_generales/6512bd43d9caa6e02c990b0a82652dca.pdf
2330 - https://www.metro.cl/files/documentos/documentos_generales/68d30a9594728bc39aa24be94b319d21.pdf
2331 - https://www.metro.cl/files/documentos/documentos_generales/6ea9ab1baa0efb9e19094440c317e21b.pdf
2332 - https://www.metro.cl/files/documentos/documentos_generales/6f4922f45568161a8cdf4ad2299f6d23.pdf
2333 - https://www.metro.cl/files/documentos/documentos_generales/70efdf2ec9b086079795c442636b55fb.pdf
2334 - https://www.metro.cl/files/documentos/documentos_generales/7647966b7343c29048673252e490f736.pdf
2335 - https://www.metro.cl/files/documentos/documentos_generales/8613985ec49eb8f757ae6439e879bb2a.pdf
2336 - https://www.metro.cl/files/documentos/documentos_generales/8e296a067a37563370ded05f5a3bf3ec.pdf
2337 - https://www.metro.cl/files/documentos/documentos_generales/8f14e45fceea167a5a36dedd4bea2543.doc
2338 - https://www.metro.cl/files/documentos/documentos_generales/93db85ed909c13838ff95ccfa94cebd9.pdf
2339 - https://www.metro.cl/files/documentos/documentos_generales/9778d5d219c5080b9a6a17bef029331c.pdf
2340 - https://www.metro.cl/files/documentos/documentos_generales/98f13708210194c475687be6106a3b84.pdf
2341 - https://www.metro.cl/files/documentos/documentos_generales/9bf31c7ff062936a96d3c8bd1f8f2ff3.pdf
2342 - https://www.metro.cl/files/documentos/documentos_generales/a5771bce93e200c36f7cd9dfd0e5deaa.pdf
2343 - https://www.metro.cl/files/documentos/documentos_generales/a5bfc9e07964f8dddeb95fc584cd965d.pdf
2344 - https://www.metro.cl/files/documentos/documentos_generales/a87ff679a2f3e71d9181a67b7542122c.pdf
2345 - https://www.metro.cl/files/documentos/documentos_generales/aab3238922bcc25a6f606eb525ffdc56.pdf
2346 - https://www.metro.cl/files/documentos/documentos_generales/ad61ab143223efbc24c7d2583be69251.pdf
2347 - https://www.metro.cl/files/documentos/documentos_generales/b6d767d2f8ed5d21a44b0e5886680cb9.pdf
2348 - https://www.metro.cl/files/documentos/documentos_generales/c20ad4d76fe97759aa27a0c99bff6710.pdf
2349 - https://www.metro.cl/files/documentos/documentos_generales/c51ce410c124a10e0db5e4b97fc2af39.pdf
2350 - https://www.metro.cl/files/documentos/documentos_generales/c74d97b01eae257e44aa9d5bade97baf.pdf
2351 - https://www.metro.cl/files/documentos/documentos_generales/c7e1249ffc03eb9ded908c236bd1996d.pdf
2352 - https://www.metro.cl/files/documentos/documentos_generales/c81e728d9d4c2f636f067f89cc14862c.pdf
2353 - https://www.metro.cl/files/documentos/documentos_generales/c9f0f895fb98ab9159f51fd0297e236d.doc
2354 - https://www.metro.cl/files/documentos/documentos_generales/d09bf41544a3365a46c9077ebb5e35c3.pdf
2355 - https://www.metro.cl/files/documentos/documentos_generales/d1fe173d08e959397adf34b1d77e88d7.docx
2356 - https://www.metro.cl/files/documentos/documentos_generales/d2ddea18f00665ce8623e36bd4e3c7c5.pdf
2357 - https://www.metro.cl/files/documentos/documentos_generales/d3d9446802a44259755d38e6d163e820.pdf
2358 - https://www.metro.cl/files/documentos/documentos_generales/e2c420d928d4bf8ce0ff2ec19b371514.pdf
2359 - https://www.metro.cl/files/documentos/documentos_generales/e369853df766fa44e1ed0ff613f563bd.pdf
2360 - https://www.metro.cl/files/documentos/documentos_generales/e4da3b7fbbce2345d7772b0674a318d5.doc
2361 - https://www.metro.cl/files/documentos/documentos_generales/f033ab37c30201f73f142449d037028d.pdf
2362 - https://www.metro.cl/files/documentos/documentos_generales/fbd7939d674997cdb4692d34de8633c4.pdf
2363 - https://www.metro.cl/files/documentos/documentos_generales/fe9fc289c3ff0af142b6d3bead98a923.pdf
2364 - https://www.metro.cl/files/documentos/hechos_esenciales/02e74f10e0327ad868d138f2b4fdd6f0.pdf
2365 - https://www.metro.cl/files/documentos/hechos_esenciales/03afdbd66e7929b125f8597834fa83a4.pdf
2366 - https://www.metro.cl/files/documentos/hechos_esenciales/069059b7ef840f0c74a814ec9237b6ec.pdf
2367 - https://www.metro.cl/files/documentos/hechos_esenciales/072b030ba126b2f4b2374f342be9ed44.pdf
2368 - https://www.metro.cl/files/documentos/hechos_esenciales/07e1cd7dca89a1678042477183b7ac3f.pdf
2369 - https://www.metro.cl/files/documentos/hechos_esenciales/093f65e080a295f8076b1c5722a46aa2.pdf
2370 - https://www.metro.cl/files/documentos/hechos_esenciales/14bfa6bb14875e45bba028a21ed38046.pdf
2371 - https://www.metro.cl/files/documentos/hechos_esenciales/1679091c5a880faf6fb5e6087eb1b2dc.pdf
2372 - https://www.metro.cl/files/documentos/hechos_esenciales/17e62166fc8586dfa4d1bc0e1742c08b.pdf
2373 - https://www.metro.cl/files/documentos/hechos_esenciales/182be0c5cdcd5072bb1864cdee4d3d6e.pdf
2374 - https://www.metro.cl/files/documentos/hechos_esenciales/19ca14e7ea6328a42e0eb13d585e4c22.pdf
2375 - https://www.metro.cl/files/documentos/hechos_esenciales/1c383cd30b7c298ab50293adfecb7b18.pdf
2376 - https://www.metro.cl/files/documentos/hechos_esenciales/1f0e3dad99908345f7439f8ffabdffc4.pdf
2377 - https://www.metro.cl/files/documentos/hechos_esenciales/1ff1de774005f8da13f42943881c655f.pdf
2378 - https://www.metro.cl/files/documentos/hechos_esenciales/20191023_214257_666440580.pdf
2379 - https://www.metro.cl/files/documentos/hechos_esenciales/202cb962ac59075b964b07152d234b70.pdf
2380 - https://www.metro.cl/files/documentos/hechos_esenciales/26657d5ff9020d2abefe558796b99584.pdf
2381 - https://www.metro.cl/files/documentos/hechos_esenciales/2723d092b63885e0d7c260cc007e8b9d.pdf
2382 - https://www.metro.cl/files/documentos/hechos_esenciales/2838023a778dfaecdc212708f721b788.pdf
2383 - https://www.metro.cl/files/documentos/hechos_esenciales/28dd2c7955ce926456240b2ff0100bde.pdf
2384 - https://www.metro.cl/files/documentos/hechos_esenciales/2a38a4a9316c49e5a833517c45d31070.pdf
2385 - https://www.metro.cl/files/documentos/hechos_esenciales/2b44928ae11fb9384c4cf38708677c48.pdf
2386 - https://www.metro.cl/files/documentos/hechos_esenciales/3295c76acbf4caaed33c36b1b5fc2cb1.pdf
2387 - https://www.metro.cl/files/documentos/hechos_esenciales/32bb90e8976aab5298d5da10fe66f21d.pdf
2388 - https://www.metro.cl/files/documentos/hechos_esenciales/33e75ff09dd601bbe69f351039152189.pdf
2389 - https://www.metro.cl/files/documentos/hechos_esenciales/3416a75f4cea9109507cacd8e2f2aefc.pdf
2390 - https://www.metro.cl/files/documentos/hechos_esenciales/34173cb38f07f89ddbebc2ac9128303f.pdf
2391 - https://www.metro.cl/files/documentos/hechos_esenciales/35f4a8d465e6e1edc05f3d8ab658c551.pdf
2392 - https://www.metro.cl/files/documentos/hechos_esenciales/37693cfc748049e45d87b8c7d8b9aacd.pdf
2393 - https://www.metro.cl/files/documentos/hechos_esenciales/38b3eff8baf56627478ec76a704e9b52.pdf
2394 - https://www.metro.cl/files/documentos/hechos_esenciales/3c59dc048e8850243be8079a5c74d079.pdf
2395 - https://www.metro.cl/files/documentos/hechos_esenciales/3def184ad8f4755ff269862ea77393dd.pdf
2396 - https://www.metro.cl/files/documentos/hechos_esenciales/3ef815416f775098fe977004015c6193.pdf
2397 - https://www.metro.cl/files/documentos/hechos_esenciales/43ec517d68b6edd3015b3edc9a11367b.pdf
2398 - https://www.metro.cl/files/documentos/hechos_esenciales/44f683a84163b3523afe57c2e008bc8c.pdf
2399 - https://www.metro.cl/files/documentos/hechos_esenciales/45c48cce2e2d7fbdea1afc51c7c6ad26.pdf
2400 - https://www.metro.cl/files/documentos/hechos_esenciales/4c56ff4ce4aaf9573aa5dff913df997a.pdf
2401 - https://www.metro.cl/files/documentos/hechos_esenciales/4e732ced3463d06de0ca9a15b6153677.pdf
2402 - https://www.metro.cl/files/documentos/hechos_esenciales/5ef059938ba799aaa845e1c2e8a762bd.pdf
2403 - https://www.metro.cl/files/documentos/hechos_esenciales/5f93f983524def3dca464469d2cf9f3e.pdf
2404 - https://www.metro.cl/files/documentos/hechos_esenciales/5fd0b37cd7dbbb00f97ba6ce92bf5add.pdf
2405 - https://www.metro.cl/files/documentos/hechos_esenciales/6364d3f0f495b6ab9dcf8d3b5c6e0b01.pdf
2406 - https://www.metro.cl/files/documentos/hechos_esenciales/642e92efb79421734881b53e1e1b18b6.pdf
2407 - https://www.metro.cl/files/documentos/hechos_esenciales/6512bd43d9caa6e02c990b0a82652dca.pdf
2408 - https://www.metro.cl/files/documentos/hechos_esenciales/65b9eea6e1cc6bb9f0cd2a47751a186f.pdf
2409 - https://www.metro.cl/files/documentos/hechos_esenciales/66f041e16a60928b05a7e228a89c3799.pdf
2410 - https://www.metro.cl/files/documentos/hechos_esenciales/67c6a1e7ce56d3d6fa748ab6d9af3fd7.pdf
2411 - https://www.metro.cl/files/documentos/hechos_esenciales/68d30a9594728bc39aa24be94b319d21.pdf
2412 - https://www.metro.cl/files/documentos/hechos_esenciales/698d51a19d8a121ce581499d7b701668.pdf
2413 - https://www.metro.cl/files/documentos/hechos_esenciales/6c8349cc7260ae62e3b1396831a8398f.pdf
2414 - https://www.metro.cl/files/documentos/hechos_esenciales/6ea9ab1baa0efb9e19094440c317e21b.pdf
2415 - https://www.metro.cl/files/documentos/hechos_esenciales/6f4922f45568161a8cdf4ad2299f6d23.pdf
2416 - https://www.metro.cl/files/documentos/hechos_esenciales/70efdf2ec9b086079795c442636b55fb.pdf
2417 - https://www.metro.cl/files/documentos/hechos_esenciales/73278a4a86960eeb576a8fd4c9ec6997.pdf
2418 - https://www.metro.cl/files/documentos/hechos_esenciales/735b90b4568125ed6c3f678819b6e058.pdf
2419 - https://www.metro.cl/files/documentos/hechos_esenciales/7647966b7343c29048673252e490f736.pdf
2420 - https://www.metro.cl/files/documentos/hechos_esenciales/76dc611d6ebaafc66cc0879c71b5db5c.pdf
2421 - https://www.metro.cl/files/documentos/hechos_esenciales/7cbbc409ec990f19c78c75bd1e06f215.pdf
2422 - https://www.metro.cl/files/documentos/hechos_esenciales/7f39f8317fbdb1988ef4c628eba02591.pdf
2423 - https://www.metro.cl/files/documentos/hechos_esenciales/7f6ffaa6bb0b408017b62254211691b5.pdf
2424 - https://www.metro.cl/files/documentos/hechos_esenciales/812b4ba287f5ee0bc9d43bbf5bbe87fb.pdf
2425 - https://www.metro.cl/files/documentos/hechos_esenciales/8e296a067a37563370ded05f5a3bf3ec.pdf
2426 - https://www.metro.cl/files/documentos/hechos_esenciales/8f14e45fceea167a5a36dedd4bea2543.pdf
2427 - https://www.metro.cl/files/documentos/hechos_esenciales/92cc227532d17e56e07902b254dfad10.pdf
2428 - https://www.metro.cl/files/documentos/hechos_esenciales/93db85ed909c13838ff95ccfa94cebd9.pdf
2429 - https://www.metro.cl/files/documentos/hechos_esenciales/9778d5d219c5080b9a6a17bef029331c.pdf
2430 - https://www.metro.cl/files/documentos/hechos_esenciales/98dce83da57b0395e163467c9dae521b.pdf
2431 - https://www.metro.cl/files/documentos/hechos_esenciales/98f13708210194c475687be6106a3b84.doc
2432 - https://www.metro.cl/files/documentos/hechos_esenciales/9a1158154dfa42caddbd0694a4e9bdc8.pdf
2433 - https://www.metro.cl/files/documentos/hechos_esenciales/9b8619251a19057cff70779273e95aa6.pdf
2434 - https://www.metro.cl/files/documentos/hechos_esenciales/9bf31c7ff062936a96d3c8bd1f8f2ff3.pdf
2435 - https://www.metro.cl/files/documentos/hechos_esenciales/9f61408e3afb633e50cdf1b20de6f466.pdf
2436 - https://www.metro.cl/files/documentos/hechos_esenciales/a0a080f42e6f13b3a2df133f073095dd.pdf
2437 - https://www.metro.cl/files/documentos/hechos_esenciales/a1d0c6e83f027327d8461063f4ac58a6.pdf
2438 - https://www.metro.cl/files/documentos/hechos_esenciales/a3c65c2974270fd093ee8a9bf8ae7d0b.pdf
2439 - https://www.metro.cl/files/documentos/hechos_esenciales/a3f390d88e4c41f2747bfa2f1b5f87db.pdf
2440 - https://www.metro.cl/files/documentos/hechos_esenciales/a5771bce93e200c36f7cd9dfd0e5deaa.pdf
2441 - https://www.metro.cl/files/documentos/hechos_esenciales/a5bfc9e07964f8dddeb95fc584cd965d.pdf
2442 - https://www.metro.cl/files/documentos/hechos_esenciales/a684eceee76fc522773286a895bc8436.pdf
2443 - https://www.metro.cl/files/documentos/hechos_esenciales/a87ff679a2f3e71d9181a67b7542122c.pdf
2444 - https://www.metro.cl/files/documentos/hechos_esenciales/a97da629b098b75c294dffdc3e463904.pdf
2445 - https://www.metro.cl/files/documentos/hechos_esenciales/aab3238922bcc25a6f606eb525ffdc56.pdf
2446 - https://www.metro.cl/files/documentos/hechos_esenciales/ac627ab1ccbdb62ec96e702f07f6425b.pdf
2447 - https://www.metro.cl/files/documentos/hechos_esenciales/ad61ab143223efbc24c7d2583be69251.pdf
2448 - https://www.metro.cl/files/documentos/hechos_esenciales/b53b3a3d6ab90ce0268229151c9bde11.pdf
2449 - https://www.metro.cl/files/documentos/hechos_esenciales/b6d767d2f8ed5d21a44b0e5886680cb9.pdf
2450 - https://www.metro.cl/files/documentos/hechos_esenciales/c0c7c76d30bd3dcaefc96f40275bdc0a.pdf
2451 - https://www.metro.cl/files/documentos/hechos_esenciales/c16a5320fa475530d9583c34fd356ef5.pdf
2452 - https://www.metro.cl/files/documentos/hechos_esenciales/c20ad4d76fe97759aa27a0c99bff6710.pdf
2453 - https://www.metro.cl/files/documentos/hechos_esenciales/c45147dee729311ef5b5c3003946c48f.pdf
2454 - https://www.metro.cl/files/documentos/hechos_esenciales/c4ca4238a0b923820dcc509a6f75849b.pdf
2455 - https://www.metro.cl/files/documentos/hechos_esenciales/c51ce410c124a10e0db5e4b97fc2af39.pdf
2456 - https://www.metro.cl/files/documentos/hechos_esenciales/c74d97b01eae257e44aa9d5bade97baf.pdf
2457 - https://www.metro.cl/files/documentos/hechos_esenciales/c7e1249ffc03eb9ded908c236bd1996d.pdf
2458 - https://www.metro.cl/files/documentos/hechos_esenciales/c81e728d9d4c2f636f067f89cc14862c.pdf
2459 - https://www.metro.cl/files/documentos/hechos_esenciales/c8ffe9a587b126f152ed3d89a146b445.pdf
2460 - https://www.metro.cl/files/documentos/hechos_esenciales/c9e1074f5b3f9fc8ea15d152add07294.pdf
2461 - https://www.metro.cl/files/documentos/hechos_esenciales/c9f0f895fb98ab9159f51fd0297e236d.pdf
2462 - https://www.metro.cl/files/documentos/hechos_esenciales/d09bf41544a3365a46c9077ebb5e35c3.pdf
2463 - https://www.metro.cl/files/documentos/hechos_esenciales/d1f491a404d6854880943e5c3cd9ca25.pdf
2464 - https://www.metro.cl/files/documentos/hechos_esenciales/d1fe173d08e959397adf34b1d77e88d7.pdf
2465 - https://www.metro.cl/files/documentos/hechos_esenciales/d2ddea18f00665ce8623e36bd4e3c7c5.pdf
2466 - https://www.metro.cl/files/documentos/hechos_esenciales/d3d9446802a44259755d38e6d163e820.pdf
2467 - https://www.metro.cl/files/documentos/hechos_esenciales/d645920e395fedad7bbbed0eca3fe2e0.PDF
2468 - https://www.metro.cl/files/documentos/hechos_esenciales/d67d8ab4f4c10bf22aa353e27879133c.pdf
2469 - https://www.metro.cl/files/documentos/hechos_esenciales/d82c8d1619ad8176d665453cfb2e55f0.pdf
2470 - https://www.metro.cl/files/documentos/hechos_esenciales/d9d4f495e875a2e075a1a4a6e1b9770f.pdf
2471 - https://www.metro.cl/files/documentos/hechos_esenciales/da4fb5c6e93e74d3df8527599fa62642.pdf
2472 - https://www.metro.cl/files/documentos/hechos_esenciales/e2c420d928d4bf8ce0ff2ec19b371514.pdf
2473 - https://www.metro.cl/files/documentos/hechos_esenciales/e2ef524fbf3d9fe611d5a8e90fefdc9c.pdf
2474 - https://www.metro.cl/files/documentos/hechos_esenciales/e369853df766fa44e1ed0ff613f563bd.pdf
2475 - https://www.metro.cl/files/documentos/hechos_esenciales/e4da3b7fbbce2345d7772b0674a318d5.pdf
2476 - https://www.metro.cl/files/documentos/hechos_esenciales/ea5d2f1c4608232e07d3aa3d998e5135.pdf
2477 - https://www.metro.cl/files/documentos/hechos_esenciales/eb160de1de89d9058fcb0b968dbbbd68.pdf
2478 - https://www.metro.cl/files/documentos/hechos_esenciales/ec5decca5ed3d6b8079e2e7e7bacc9f2.pdf
2479 - https://www.metro.cl/files/documentos/hechos_esenciales/ec8956637a99787bd197eacd77acce5e.pdf
2480 - https://www.metro.cl/files/documentos/hechos_esenciales/eccbc87e4b5ce2fe28308fd9f2a7baf3.pdf
2481 - https://www.metro.cl/files/documentos/hechos_esenciales/ed3d2c21991e3bef5e069713af9fa6ca.pdf
2482 - https://www.metro.cl/files/documentos/hechos_esenciales/f033ab37c30201f73f142449d037028d.pdf
2483 - https://www.metro.cl/files/documentos/hechos_esenciales/f0935e4cd5920aa6c7c996a5ee53a70f.pdf
2484 - https://www.metro.cl/files/documentos/hechos_esenciales/f457c545a9ded88f18ecee47145a72c0.pdf
2485 - https://www.metro.cl/files/documentos/hechos_esenciales/f4b9ec30ad9f68f89b29639786cb62ef.pdf
2486 - https://www.metro.cl/files/documentos/hechos_esenciales/f7177163c833dff4b38fc8d2872f1ec6.pdf
2487 - https://www.metro.cl/files/documentos/hechos_esenciales/f899139df5e1059396431415e770c6dd.pdf
2488 - https://www.metro.cl/files/documentos/hechos_esenciales/fbd7939d674997cdb4692d34de8633c4.pdf
2489 - https://www.metro.cl/files/documentos/hechos_esenciales/fc490ca45c00b1249bbe3554a4fdf6fb.pdf
2490 - https://www.metro.cl/files/documentos/hechos_esenciales/fe9fc289c3ff0af142b6d3bead98a923.pdf
2491 - https://www.metro.cl/minisitio/finanzas/es
2492 - https://www.metro.cl/minisitio/linea-3-y-6/
2493 - https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-2
2494 - https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-3
2495 - https://www.metro.cl/minisitio/linea-3-y-6/extension-linea-4
2496 - https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-7
2497 - https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-8
2498 - https://www.metro.cl/minisitio/linea-3-y-6/futura-linea-9
2499 - https://www.metro.cl/minisitio/linea-3-y-6/linea-3
2500 - https://www.metro.cl/minisitio/linea-3-y-6/linea-6
2501 - https://www.metro.cl/minisitio/linea3y6/licitaciones
2502 - https://www.metro.cl/porstgo
2503 - https://www.metro.cl/porstgo/CA
2504 - https://www.metro.cl/porstgo/FR
2505 - https://www.metro.cl/porstgo/LE
2506 - https://www.metro.cl/porstgo/QN
2507 - https://www.metro.cl/red-clientes/
2508 - https://www.metro.cl/registro/
2509 - https://www.metro.cl/tam
2510 - https://www.youtube.com/embed/FpbizFh2k1M?rel=0
2511 - https://www.youtube.com/embed/SOENQrl1O2A?rel=0
2512 Total external links: 447
2513
2514+ Email addresses found:
2515 Total email address found: 0
2516
2517+ Directories found:
2518 - http://www.metro.cl./atencion-cliente/ (No open folder)
2519 - http://www.metro.cl./audio/ (403 Forbidden)
2520 - http://www.metro.cl./audio/toponimias/ (403 Forbidden)
2521 - http://www.metro.cl./buen-viajero/ (No open folder)
2522 - http://www.metro.cl./corporativo/ (No open folder)
2523 - http://www.metro.cl./css/ (403 Forbidden)
2524 - http://www.metro.cl./documentos/ (403 Forbidden)
2525 - http://www.metro.cl./estacion/ (No open folder)
2526 - http://www.metro.cl./historias-de-metro/ (No open folder)
2527 - http://www.metro.cl./images/ (403 Forbidden)
2528 - http://www.metro.cl./images/carga/ (403 Forbidden)
2529 - http://www.metro.cl./images/carrusel/ (403 Forbidden)
2530 - http://www.metro.cl./images/clima/ (403 Forbidden)
2531 - http://www.metro.cl./images/directores/ (403 Forbidden)
2532 - http://www.metro.cl./images/full/ (403 Forbidden)
2533 - http://www.metro.cl./images/links/ (403 Forbidden)
2534 - http://www.metro.cl./images/thumbs/ (403 Forbidden)
2535 - http://www.metro.cl./images/toponimias/ (403 Forbidden)
2536 - http://www.metro.cl./img/ (403 Forbidden)
2537 - http://www.metro.cl./img/noticias/ (403 Forbidden)
2538 - http://www.metro.cl./js/ (403 Forbidden)
2539 - http://www.metro.cl./js/zoom/ (403 Forbidden)
2540 - http://www.metro.cl./noticias/ (No open folder)
2541 - http://www.metro.cl./planificador/ (No open folder)
2542 - http://www.metro.cl./planificador/images/ (403 Forbidden)
2543 - http://www.metro.cl./porsantiago/ (No open folder)
2544 - http://www.metro.cl./tu-viaje/ (404 Not Found)
2545 Total directories: 27
2546
2547+ Directory indexing found:
2548 Total directories with indexing: 0
2549
2550----------------------------------------------------------------------
2551
2552--Finished--
2553Summary information for domain metro.cl.
2554-----------------------------------------
2555 Domain Specific Information:
2556 Email: last@metro.cl
2557
2558 Domain Ips Information:
2559 IP: 52.100.0.0
2560 Type: SPF
2561 Is Active: True (reset ttl 64)
2562 IP: 200.62.2.178
2563 HostName: ns0.ifxnetworks.com Type: NS
2564 HostName: ns0.ifxnetworks.com Type: PTR
2565 HostName: ns0.ifxnetworks.co Type: NS
2566 Country: United States
2567 Is Active: True (reset ttl 64)
2568 Port: 53/tcp open domain syn-ack ttl 49 (unknown banner: BIND)
2569 Script Info: | dns-nsid:
2570 Script Info: |_ bind.version: BIND
2571 Script Info: | fingerprint-strings:
2572 Script Info: | DNSVersionBindReqTCP:
2573 Script Info: | version
2574 Script Info: | bind
2575 Script Info: |_ BIND
2576 Port: 179/tcp open tcpwrapped syn-ack ttl 240
2577 IP: 200.91.44.0
2578 Type: SPF
2579 Type: SPF
2580 Is Active: True (reset ttl 64)
2581 IP: 200.73.13.136
2582 HostName: mail.metro.cl. Type: A
2583 Country: Chile
2584 Is Active: True (reset ttl 64)
2585 Port: 80/tcp open http syn-ack ttl 110 Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
2586 Port: 443/tcp open ssl/https? syn-ack ttl 110
2587 Script Info: |_ssl-date: 2019-10-29T16:42:19+00:00; -1s from scanner time.
2588 Port: 587/tcp open smtp syn-ack ttl 110 Microsoft Exchange smtpd
2589 Script Info: | smtp-commands: PR-CAS01.metrodom.cl Hello [94.242.54.114], SIZE 41943040, PIPELINING, DSN, ENHANCEDSTATUSCODES, STARTTLS, AUTH GSSAPI NTLM, 8BITMIME, BINARYMIME, CHUNKING,
2590 Script Info: |_ This server supports the following commands: HELO EHLO STARTTLS RCPT DATA RSET MAIL QUIT HELP AUTH BDAT
2591 Script Info: | smtp-ntlm-info:
2592 Script Info: | Target_Name: METRO_DOM
2593 Script Info: | NetBIOS_Domain_Name: METRO_DOM
2594 Script Info: | NetBIOS_Computer_Name: PR-CAS01
2595 Script Info: | DNS_Domain_Name: metrodom.cl
2596 Script Info: | DNS_Computer_Name: PR-CAS01.metrodom.cl
2597 Script Info: | DNS_Tree_Name: metrodom.cl
2598 Script Info: |_ Product_Version: 6.1.7601
2599 Script Info: |_ssl-date: 2019-10-29T16:42:20+00:00; 0s from scanner time.
2600 Os Info: Host: PR-CAS01.metrodom.cl; OS: Windows; CPE: cpe:/o:microsoft:windows
2601 IP: 200.73.13.132
2602 HostName: server2.metro.cl Type: MX
2603 HostName: server2.metro.cl Type: PTR
2604 Type: SPF
2605 Country: Chile
2606 Is Active: True (reset ttl 64)
2607 IP: 200.73.13.131
2608 HostName: server.metro.cl Type: MX
2609 HostName: server.metro.cl Type: PTR
2610 Type: SPF
2611 HostName: server.metro.cl. Type: A
2612 Country: Chile
2613 Is Active: True (reset ttl 64)
2614 IP: 200.73.13.143
2615 HostName: ftp.metro.cl. Type: A
2616 Country: Chile
2617 Is Active: True (reset ttl 64)
2618 Port: 21/tcp open ftp syn-ack ttl 111 FileZilla ftpd 0.9.41 beta
2619 Script Info: | ftp-syst:
2620 Script Info: |_ SYST: UNIX emulated by FileZilla
2621 Os Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2622 IP: 104.47.0.0
2623 Type: SPF
2624 Is Active: True (reset ttl 64)
2625 IP: 201.217.241.118
2626 Type: SPF
2627 HostName: www.metro.cl. Type: A
2628 HostName: servidor.agenciacatedral.com Type: PTR
2629 Country: Chile
2630 Is Active: True (reset ttl 64)
2631 Port: 53/tcp open domain syn-ack ttl 49 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
2632 Script Info: | dns-nsid:
2633 Script Info: |_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
2634 Port: 80/tcp open http syn-ack ttl 50 LiteSpeed httpd
2635 Script Info: | http-cookie-flags:
2636 Script Info: | /:
2637 Script Info: | PHPSESSID:
2638 Script Info: |_ httponly flag not set
2639 Script Info: | http-methods:
2640 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
2641 Script Info: |_http-server-header: LiteSpeed
2642 Script Info: |_http-title: Metro
2643 Port: 443/tcp open ssl/https? syn-ack ttl 50
2644 Script Info: | http-methods:
2645 Script Info: |_ Supported Methods: HEAD POST
2646 Script Info: |_http-title: Did not follow redirect to https://201.217.241.118/
2647 Script Info: | ssl-cert: Subject: commonName=metro.cl
2648 Script Info: | Subject Alternative Name: DNS:metro.cl, DNS:cpanel.metro.cl, DNS:mail.metro.cl, DNS:webdisk.metro.cl, DNS:webmail.metro.cl, DNS:www.metro.cl
2649 Script Info: | Issuer: commonName=cPanel, Inc. Certification Authority/organizationName=cPanel, Inc./stateOrProvinceName=TX/countryName=US
2650 Script Info: | Public Key type: rsa
2651 Script Info: | Public Key bits: 2048
2652 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2653 Script Info: | Not valid before: 2019-08-27T00:00:00
2654 Script Info: | Not valid after: 2019-11-25T23:59:59
2655 Script Info: | MD5: 52bd 5920 8e17 bb83 8936 e7d8 6754 57ce
2656 Script Info: |_SHA-1: d7d6 a245 d9c2 935a a0ae 7f05 f982 dfbc a13d 8519
2657 Port: 3306/tcp open mysql syn-ack ttl 49 MySQL (unauthorized)
2658 Os Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
2659 IP: 40.76.14.208
2660 HostName: ns1.ifxnetworks.com Type: NS
2661 HostName: ns1.ifxnetworks.co Type: NS
2662 Country: United States
2663 Is Active: True (reset ttl 64)
2664 Port: 53/tcp open tcpwrapped syn-ack ttl 53
2665 Script Info: | dns-nsid:
2666 Script Info: |_ bind.version: IFX DNS system
2667 Script Info: Device type: general purpose|storage-misc
2668 Script Info: Running (JUST GUESSING): Linux 2.6.X|3.X (91%), Synology DiskStation Manager 5.X (85%)
2669 IP: 200.91.41.0
2670 Type: SPF
2671 Type: SPF
2672 Is Active: True (reset ttl 64)
2673 Port: 80/tcp open http syn-ack ttl 54 nginx
2674 Script Info: | http-methods:
2675 Script Info: |_ Supported Methods: GET HEAD POST OPTIONS
2676 Script Info: |_http-title: Did not follow redirect to https://200.91.41.0/
2677 Port: 443/tcp open ssl/http syn-ack ttl 54 nginx
2678 Script Info: |_http-title: 400 The plain HTTP request was sent to HTTPS port
2679 Script Info: | ssl-cert: Subject: commonName=www.integramedica.pe
2680 Script Info: | Subject Alternative Name: DNS:www.integramedica.pe
2681 Script Info: | Issuer: commonName=Let's Encrypt Authority X3/organizationName=Let's Encrypt/countryName=US
2682 Script Info: | Public Key type: rsa
2683 Script Info: | Public Key bits: 2048
2684 Script Info: | Signature Algorithm: sha256WithRSAEncryption
2685 Script Info: | Not valid before: 2019-10-08T19:08:47
2686 Script Info: | Not valid after: 2020-01-06T19:08:47
2687 Script Info: | MD5: ff6f 1933 1fe2 f4bb 661c baee f657 22c1
2688 Script Info: |_SHA-1: 6036 cda6 4473 e77b 8b5b f918 3457 faec 2be5 42a7
2689 Script Info: |_ssl-date: TLS randomness does not represent time
2690 Script Info: | tls-alpn:
2691 Script Info: | h2
2692 Script Info: |_ http/1.1
2693 Script Info: | tls-nextprotoneg:
2694 Script Info: | h2
2695 Script Info: |_ http/1.1
2696 Script Info: Device type: general purpose|storage-misc|broadband router|WAP
2697 Script Info: Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (93%), HP embedded (91%)
2698 IP: 40.107.0.0
2699 Type: SPF
2700 Is Active: True (reset ttl 64)
2701 IP: 200.91.45.0
2702 Type: SPF
2703 Type: SPF
2704 Is Active: True (reset ttl 64)
2705 IP: 200.91.40.0
2706 Type: SPF
2707 Type: SPF
2708 Is Active: True (reset ttl 64)
2709 IP: 40.92.0.0
2710 Type: SPF
2711 Is Active: True (reset ttl 64)
2712######################################################################################################################################
2713[3/100] https://www.metro.cl/licitaciones/descarga/24917db15c4e37e421866448c9ab23d8
2714[4/100] https://www.metro.cl/licitaciones/descarga/14da92f2bdaec7f2218042a5b6124570
2715[5/100] https://www.metro.cl/licitaciones/descarga/9824f9c1543628a85bb51d2dd6fcf8a3
2716[6/100] https://www.metro.cl/licitaciones/descarga/49182f81e6a13cf5eaa496d51fea6406
2717[7/100] https://www.metro.cl/files/licitaciones/ITO_Corrientes_Debiles_Ext_L1_y_ExtL5.doc
2718[8/100] https://www.metro.cl/files/licitaciones/Resena_Licitac_Asesoria_Equipos_y_Montajes_Ext_L1_y_Ext_L5.doc
2719[9/100] https://www.metro.cl/files/licitaciones/suministro_prensas.doc
2720[10/100] https://www.metro.cl/files/licitaciones/sist_elect_l1_oriente_l5_maipu-20070906.doc
2721[11/100] https://www.metro.cl/files/licitaciones/licitacion_cables-20071205.doc
2722[12/100] https://www.metro.cl/files/licitaciones/comando_centralizado-20080114.doc
2723[13/100] https://www.metro.cl/files/licitaciones/telefonia-20080124.doc
2724[14/100] https://www.metro.cl/files/licitaciones/suministro_pistas-20070823.doc
2725[15/100] https://www.metro.cl/files/licitaciones/telecomuciaciones_EL1_LMAI5-20080117.doc
2726[16/100] https://www.metro.cl/files/licitaciones/Internet_CCTV-20080807.doc
2727[17/100] https://www.metro.cl/files/licitaciones/vias_extension_L1_L5_maipu-20080605.doc
2728[18/100] https://www.metro.cl/files/licitaciones/vias_extension_l1_l5-20070711.doc
2729[19/100] https://www.metro.cl/files/licitaciones/20081024-7.doc
2730[20/100] https://www.metro.cl/files/licitaciones/sonorizacion-20080403.doc
2731[21/100] https://www.metro.cl/licitaciones/descarga/2a27b8144ac02f67687f76782a3b5d8f
2732[22/100] https://www.metro.cl/licitaciones/descarga/a07c2f3b3b907aaf8436a26c6d77f0a2
2733[23/100] https://www.metro.cl/files/licitaciones/Pulicacion_WEB_10_08_2007.doc
2734[24/100] https://www.metro.cl/files/licitaciones/suministro_prensas%25281%2529.doc
2735 [x] Error in the parsing process
2736[25/100] https://www.metro.cl/files/licitaciones/licitacion_ito_corrientes_deviles_l4_l4a.doc
2737[26/100] http://www.metro.cl/files/licitaciones/suministro_motovia.doc
2738[27/100] https://www.metro.cl/files/licitaciones/suministro_trafos.doc
2739----------------------------------------------------------------------------------------------
2740
2741[+] List of users found:
2742------------------------------------------------------------------------------------------------
2743JUAN_BARRIGA
2744gubilla
2745JUAN_BARRIGA
2746HECTOR MONSALVE
2747JUAN_BARRIGA
2748HECTOR MONSALVE
2749CPAZ
2750rcarrascog
2751CPAZ
2752PC-362
2753CPAZ
2754PC-362
2755Alberto Botteselle Doggenweiler
2756Paulina Astorga Pino
2757CPAZ
2758RRIVERA
2759CPAZ
2760alucero
2761CPAZ
2762ABOTTESELLE
2763CPAZ
2764alucero
2765CPAZ
2766PC-362
2767CPAZ
2768alucero
2769CPAZ
2770alucero
2771CPAZ
2772alucero
2773CPAZ
2774alucero
2775CPAZ
2776PC-362
2777CPAZ
2778alucero
2779ESPECIFICACIONES TECNICAS ESPECIALES
2780PROYECTO DE ASCENSORES PARA MINUSVALIDOS
2781Francisco Morales
2782Luis E Tapia Peralta
2783pmondacag
2784ELIZABETH MUÑOZ
2785EMUNOZ
2786Alberto Botteselle Doggenweiler
2787Alberto Botteselle Doggeweiler
2788Alberto Botteselle Doggenweiler
2789Alberto Botteselle Doggeweiler
2790CZIEBOLD
2791operaciones
2792VALENTINA GONZALEZ IAKL
2793SOLUCION DE ACCESO DE MINUSVALIDOS A ESTACION LOS HEROES MEDIANTE ASCENSORES
2794respinozab
2795+
2796��ELIZABETH MU�OZ
2797vsanmartin
2798
2799UNIFORME VARON VERANO
2800VGONZALEZI
2801MARIA ESTEFANIA ARIAS
2802itoro
2803Antonio Herrada
2804VSANMARTIN
2805JPENAM
2806GElgueta
2807Departamento Administraci�n General, Gerencia de Administraci�n y Finanzas
2808ivillagr
2809acastano
2810Myriam
2811PMONDACAG
2812Ignacio Martinez
2813��Departamento Administraci�n General
2814CSchaad
2815HMONSALVE
2816Soraya Albrecht
2817racunam
2818FABIAN ELGUETA
2819Susana Cofre
2820jcatalan
2821(anonymous)
2822mhenriquezf
2823demostracion
2824PILAR VEAS
2825Luis Verdugo
2826
2827[+] List of software found:
2828-----------------------------------------------------------------------------------------------
2829Microsoft Office Word
2830Microsoft Office Word
2831Microsoft Office Word
2832Microsoft Office Word
2833Microsoft Office Word
2834Microsoft Office Word
2835Microsoft Word 8.0
2836Microsoft Word 9.0
2837Microsoft Word 9.0
2838Microsoft Word 9.0
2839Microsoft Word 9.0
2840Microsoft Office Word
2841Microsoft Word 9.0
2842Microsoft Word 9.0
2843Microsoft Word 9.0
2844Microsoft Word 9.0
2845Microsoft Office Word
2846Microsoft Word 9.0
2847Microsoft Office Word
2848Microsoft Office Word
2849Microsoft Word 9.0
2850Microsoft Word 8.0
2851Microsoft Word 8.0
2852Microsoft Word 9.0
2853Acrobat Distiller 5.0.5 (Windows)
2854Acrobat PDFMaker 5.0 para PowerPoint
2855��Microsoft� Word 2010
2856GPL Ghostscript 8.15
2857PScript5.dll Version 5.2.2
2858��Microsoft� Office Word 2007
2859Adobe PDF Library 10.0
2860Acrobat PDFMaker 10.1 para Word
2861AFPL Ghostscript 8.54
2862PrimoPDF http://www.primopdf.com
2863Acrobat Distiller 9.0.0 (Windows)
2864Microsoft� Word 2010
2865Microsoft� Office Word 2007
2866Amyuni PDF Converter version 4.5.3.1
2867Microsoft� PowerPoint� 2010
2868Adobe PDF library 9.00
2869Adobe Illustrator CS4
2870Acrobat Distiller 10.1.9 (Windows)
2871PDFCreator Version 1.2.3
2872ReportLab http://www.reportlab.com
2873Acrobat Distiller 8.1.0 (Windows)
2874Acrobat PDFMaker 8.1 para Word
2875Acrobat PDFMaker 10.0 para Word
2876Microsoft Excel
2877
2878[+] List of paths and servers found:
2879---------------------------------------
2880 Normal.dotm
2881 Normal
2882 INFORME
2883 INFORME.dot
2884'D:\Mis Documentos Alberto\1 Metro\1 Proyectos\1 Departamento Proyectos\Proyecto Punto Detención Trenes L1\Memo a Fiscalía - Anexo 3 - Contrato Vías L4 - 2004-03-21.doc'
2885'D:\Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 4\Vías L4\Memo a Fiscalía - Anexo 3 - Contrato Vías L4 - 2004-03-21.doc'
2886'D:\Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 4\Vías L4\Memo a Administración General - Aviso Propuesta Prensas L4 - 2004-04-30.doc'
2887'C:\WINDOWS\TEMP\Guardado con Autorrecuperación de Memo a Administración General - Aviso Propuesta Prensas L4 - 2004-04-30.asd'
2888'\\NT_METRO\METRO_SHARED\Desarrollo\Proyecto\EquipostallerLínea4\Prensas\Aviso Llamando a Propuesta - Suministro Prensas.doc'
2889'C:\WINDOWS\Escritorio\web\Aviso Llamando a Propuesta - Suministro Prensas.doc'
2890 Normal.dot
2891'C:\Mis documentos\Energía Extensión L1 y L5\Memos\Venta de Bases\Reseña Licitac Sist Eléc Extensión L1 Oriente y L5 Maipú.doc'
2892'D:\CRISTIAN PONCE\Suministro Cables 20KV y 1KV\Reseña Licitación Cables.doc'
2893'D:\CRISTIAN PONCE\EXTENSION L1 y L5\Suministro Cables 20KV y 1KV\Reseña Licitación Cables.doc'
2894'D:\CRISTIAN PONCE\EXTENSION L1 y L5\Suministro Cables 20KV y 1KV\VENTA\Reseña Licitación Cables.doc'
2895'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK4C\Reseña Licitación Cables.doc'
2896'C:\Documents and Settings\VBUSTOS\Configuración local\Temp\Archivos temporales de Internet\OLKD8\Hoja Publicación Internet_CDO1.doc'
2897'\\Oveliz\d\Res_09-01-04\Disco D\Mis documentos\mis document\WORD\BASES Y CONTRATOS\Entension Línea 1 y 5\Cdo Cdo L1 y L5\Cdo Cdo final\Hoja Publicación Internet_CDO1.doc'
2898'C:\Documents and Settings\VBUSTOS\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet_CDO1.asd'
2899'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK16\Hoja Publicación Internet_CDO1.doc'
2900'D:\1 Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 1 Extensión Los Dominicos\EOL1 - Comando Centralizado\Hoja Publicación Internet_CDO1.doc'
2901'\\Oveliz\d\Res_09-01-04\Disco D\Mis documentos\mis document\WORD\BASES Y CONTRATOS\Entension Línea 1 y 5\THF L1 y L5\Hoja Publicación Internet_ THF.doc'
2902'C:\Documents and Settings\VBUSTOS\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet_ THF.asd'
2903'C:\Documents and Settings\VBUSTOS\Configuración local\Temp\Archivos temporales de Internet\OLK2\Hoja Publicación Internet_ THF.doc'
2904'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK1E4\Hoja Publicación Internet_ THF1.doc'
2905'C:\Documents and Settings\VBUSTOS\Configuración local\Temp\Archivos temporales de Internet\OLK71\Hoja Publicación Internet_TEL.doc'
2906'\\Oveliz\d\Res_09-01-04\Disco D\Mis documentos\mis document\WORD\BASES Y CONTRATOS\Entension Línea 1 y 5\Telecomunicaciones\Hoja Publicación Internet Telecomuciaciones EL1 y LMAI5.doc'
2907'C:\Documents and Settings\alucero\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet Telecomuciaciones EL1 y LMAI5.asd'
2908'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK22D\Hoja Publicación Internet Telecomuciaciones EL1 y LMAI5.doc'
2909'D:\Mis Documentos\CCTV\Hoja Publicación Internet_CCTV.doc'
2910'C:\Documents and Settings\CSANCHEZ\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet_CCTV.asd'
2911'\\jruminot\anexos\Revisados\Hoja Publicación Internet_CCTV.doc'
2912'D:\Compartir\anexos\Revisados\checklist\Hoja Publicación Internet_CCTV.doc'
2913'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK8\Hoja Publicación Internet_CCTV.doc'
2914'C:\Documents and Settings\alucero\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet_CCTV.asd'
2915'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK14\Reseña Licitac ITO VIAS Extensión L1 Oriente y L5 Maipú.doc'
2916'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLKAA\Reseña Licitac Sist VIAS Extensión L1 Oriente y L5 Maipú_Final1.doc'
2917'D:\Nuevas Extensiones\Contratos\Hoja Publicación Internet_Sonorización.doc'
2918'C:\Documents and Settings\JFLORESY\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet_Sonorización.asd'
2919'C:\Documents and Settings\JFLORESY\Configuración local\Archivos temporales de Internet\OLK5D\Hoja Publicación Internet_Sonorización.doc'
2920'C:\Documents and Settings\VBUSTOS\Configuración local\Temp\Archivos temporales de Internet\OLK9\Hoja Publicación Internet_Sonorización.doc'
2921'C:\Documents and Settings\VBUSTOS\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Hoja Publicación Internet_Sonorización.asd'
2922'C:\Documents and Settings\alucero\Configuración local\Archivos temporales de Internet\OLK250\Hoja Publicación Internet_Sonorización.doc'
2923'D:\Disco D\LICITA\IMPRESION OFFSET\Pulicacion WEB.doc'
2924'C:\Documents and Settings\MBAEZA\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Pulicacion WEB.asd'
2925'C:\Documents and Settings\MBAEZA\Configuración local\Archivos temporales de Internet\OLK1D\Pulicacion WEB.doc'
2926'C:\Documents and Settings\MBAEZA\Configuración local\Archivos temporales de Internet\OLK1D\Pulicacion WEB1.doc'
2927'C:\Documents and Settings\EMUNOZ\Configuración local\Archivos temporales de Internet\OLK3\Pulicacion WEB.doc'
2928'D:\Disco D\LICITA\INTERNET CORP 2007\Pulicacion WEB 10 08 2007.doc'
2929'C:\Documents and Settings\EMUNOZ\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Pulicacion WEB 10 08 2007.asd'
2930'D:\Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 4\Inspecciones\ITO Corrientes Débiles\Aviso - Licitación ITO Corrientes Déviles L4-L4A - 2004-06-30a.doc'
2931'D:\1 Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 4\Inspecciones Técnicas\Inspección Técnica Electromecánica\Aviso Propuesta Pública Inspección Técnica Electromecánica L4-L4A - 2004-12-22.doc'
2932'D:\1 Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 4\Talleres L4\Máquina Esmeriladora\Aviso Propuesta Pública - Suministro Máquina Esmeriladora Rieles - 2005-01-27.doc'
2933'C:\WINDOWS\TEMP\Guardado con Autorrecuperación de Aviso Propuesta Pública - Suministro Máquina Esmeriladora Rieles - 2005-01-27.asd'
2934'D:\1 Mis Documentos Alberto\1 Metro\1 Proyectos\Línea 4\Talleres L4\Motovías\Aviso Propuesta Pública - Suministro Motovía - 2005-04-26.doc'
2935'C:\WINDOWS\TEMP\Guardado con Autorrecuperación de Aviso Propuesta Pública - Suministro Motovía - 2005-04-26.asd'
2936'C:\Documents and Settings\CAROJAS\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Aviso Propuesta Pública - Suministro Motovía - 2005-04-26.asd'
2937'F:\Desarrollo\Proyecto\Reposicion Trafos Askarel 2ªEtapa\Proceso de Adquisicion\Aviso Propuesta Pública - Suministro Trafos - 2005-06-13.doc'
2938'F:\Desarrollo\Proyecto\Reposicion Trafos Askarel 2ªEtapa\Proceso de Adquisicion\Aviso Propuesta Pública - Suministro Trafos - 2005-08-21.doc'
2939'C:\Documents and Settings\CAROJAS\Datos de programa\Microsoft\Word\Guardado con Autorrecuperación de Aviso Propuesta Pública - Suministro Trafos - 2005-08-21.asd'
2940'C:\Documents and Settings\CZIEBOLD.METRO_DOM\Configuración local\Archivos temporales de Internet\OLKB\Aviso Propuesta Pública - Suministro Trafos - 2005-08-211.doc'
2941----------------------------------------------------------------------------------------------
2942[+] List of e-mails found:
2943-----------------------------------------------------------------------------------------------
2944avaldes@metro.cl
2945ValarconM@metro.cl.
2946vgonzalezi@metro.cl
2947acavalcante@metro.cl
2948emunoz@metro.cl
2949plarrain@metro.cl
2950vmorales@metro.cl
2951jcruz@metro.cl
2952hmonsalve@metro.cl
2953fmena@metro.cl
2954mmunozc@metro.cl
2955pacuna@metro.cl
2956mmmunozc@metro.cl
2957racunam@metro.cl
2958kmorgan@metro.cl
2959amorales@metro.cl
2960bgomez@metro.cl.
2961amorales@metro.cl.
2962dmartinez@metro.cl
2963lmarambio@metro.cl
2964#######################################################################################################################################
2965[*] Processing domain www.metro.cl
2966[*] Using system resolvers ['38.132.106.139', '194.187.251.67', '185.93.180.131', '2001:18c0:121:6900:724f:b8ff:fefd:5b6a', '192.168.0.1']
2967[+] Getting nameservers
2968[-] Getting nameservers failed
2969[-] Zone transfer failed
2970
2971[*] Scanning www.metro.cl for A records
2972201.217.241.118 - www.metro.cl
2973#######################################################################################################################################
2974Privileges have been dropped to "nobody:nogroup" for security reasons.
2975
2976Processed queries: 0
2977Received packets: 0
2978Progress: 0.00% (00 h 00 min 00 sec / 00 h 00 min 00 sec)
2979Current incoming rate: 0 pps, average: 0 pps
2980Current success rate: 0 pps, average: 0 pps
2981Finished total: 0, success: 0 (0.00%)
2982Mismatched domains: 0 (0.00%), IDs: 0 (0.00%)
2983Failures: 0: 0.00%, 1: 0.00%, 2: 0.00%, 3: 0.00%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
2984Response: | Success: | Total:
2985OK: | 0 ( 0.00%) | 0 ( 0.00%)
2986NXDOMAIN: | 0 ( 0.00%) | 0 ( 0.00%)
2987SERVFAIL: | 0 ( 0.00%) | 0 ( 0.00%)
2988REFUSED: | 0 ( 0.00%) | 0 ( 0.00%)
2989FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
2990
2991
2992
2993Processed queries: 1919
2994Received packets: 1319
2995Progress: 100.00% (00 h 00 min 01 sec / 00 h 00 min 01 sec)
2996Current incoming rate: 1318 pps, average: 1318 pps
2997Current success rate: 809 pps, average: 809 pps
2998Finished total: 810, success: 810 (100.00%)
2999Mismatched domains: 45 (3.45%), IDs: 0 (0.00%)
3000Failures: 0: 43.83%, 1: 145.80%, 2: 45.43%, 3: 1.85%, 4: 0.00%, 5: 0.00%, 6: 0.00%, 7: 0.00%, 8: 0.00%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3001Response: | Success: | Total:
3002OK: | 94 ( 11.60%) | 100 ( 7.66%)
3003NXDOMAIN: | 654 ( 80.74%) | 674 ( 51.65%)
3004SERVFAIL: | 62 ( 7.65%) | 64 ( 4.90%)
3005REFUSED: | 0 ( 0.00%) | 467 ( 35.79%)
3006FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3007
3008
3009
3010Processed queries: 1919
3011Received packets: 2817
3012Progress: 100.00% (00 h 00 min 02 sec / 00 h 00 min 02 sec)
3013Current incoming rate: 1495 pps, average: 1406 pps
3014Current success rate: 733 pps, average: 771 pps
3015Finished total: 1545, success: 1545 (100.00%)
3016Mismatched domains: 383 (13.73%), IDs: 0 (0.00%)
3017Failures: 0: 22.98%, 1: 28.74%, 2: 20.13%, 3: 29.26%, 4: 18.51%, 5: 3.88%, 6: 0.58%, 7: 0.06%, 8: 0.06%, 9: 0.00%, 10: 0.00%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3018Response: | Success: | Total:
3019OK: | 181 ( 11.72%) | 204 ( 7.31%)
3020NXDOMAIN: | 1254 ( 81.17%) | 1497 ( 53.68%)
3021SERVFAIL: | 110 ( 7.12%) | 128 ( 4.59%)
3022REFUSED: | 0 ( 0.00%) | 960 ( 34.42%)
3023FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3024
3025
3026
3027Processed queries: 1919
3028Received packets: 3573
3029Progress: 100.00% (00 h 00 min 03 sec / 00 h 00 min 03 sec)
3030Current incoming rate: 754 pps, average: 1189 pps
3031Current success rate: 285 pps, average: 609 pps
3032Finished total: 1831, success: 1831 (100.00%)
3033Mismatched domains: 749 (21.16%), IDs: 0 (0.00%)
3034Failures: 0: 19.39%, 1: 24.25%, 2: 16.99%, 3: 16.77%, 4: 11.74%, 5: 8.08%, 6: 4.42%, 7: 2.46%, 8: 0.55%, 9: 0.11%, 10: 0.05%, 11: 0.00%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3035Response: | Success: | Total:
3036OK: | 207 ( 11.31%) | 234 ( 6.61%)
3037NXDOMAIN: | 1495 ( 81.65%) | 2083 ( 58.84%)
3038SERVFAIL: | 129 ( 7.05%) | 151 ( 4.27%)
3039REFUSED: | 0 ( 0.00%) | 1072 ( 30.28%)
3040FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3041
3042
3043
3044Processed queries: 1919
3045Received packets: 3906
3046Progress: 100.00% (00 h 00 min 04 sec / 00 h 00 min 04 sec)
3047Current incoming rate: 332 pps, average: 974 pps
3048Current success rate: 77 pps, average: 476 pps
3049Finished total: 1909, success: 1909 (100.00%)
3050Mismatched domains: 983 (25.39%), IDs: 0 (0.00%)
3051Failures: 0: 18.60%, 1: 23.26%, 2: 16.29%, 3: 16.08%, 4: 11.26%, 5: 6.86%, 6: 3.46%, 7: 2.72%, 8: 1.15%, 9: 0.52%, 10: 0.21%, 11: 0.10%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3052Response: | Success: | Total:
3053OK: | 210 ( 11.00%) | 239 ( 6.17%)
3054NXDOMAIN: | 1568 ( 82.14%) | 2380 ( 61.48%)
3055SERVFAIL: | 131 ( 6.86%) | 157 ( 4.06%)
3056REFUSED: | 0 ( 0.00%) | 1095 ( 28.29%)
3057FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3058
3059
3060
3061Processed queries: 1919
3062Received packets: 3970
3063Progress: 100.00% (00 h 00 min 05 sec / 00 h 00 min 05 sec)
3064Current incoming rate: 63 pps, average: 792 pps
3065Current success rate: 4 pps, average: 382 pps
3066Finished total: 1914, success: 1914 (100.00%)
3067Mismatched domains: 1040 (26.44%), IDs: 0 (0.00%)
3068Failures: 0: 18.55%, 1: 23.20%, 2: 16.25%, 3: 16.04%, 4: 11.23%, 5: 6.84%, 6: 3.45%, 7: 2.61%, 8: 1.10%, 9: 0.42%, 10: 0.37%, 11: 0.21%, 12: 0.00%, 13: 0.00%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3069Response: | Success: | Total:
3070OK: | 211 ( 11.02%) | 240 ( 6.10%)
3071NXDOMAIN: | 1572 ( 82.13%) | 2437 ( 61.95%)
3072SERVFAIL: | 131 ( 6.84%) | 159 ( 4.04%)
3073REFUSED: | 0 ( 0.00%) | 1098 ( 27.91%)
3074FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3075
3076
3077
3078Processed queries: 1919
3079Received packets: 4009
3080Progress: 100.00% (00 h 00 min 06 sec / 00 h 00 min 06 sec)
3081Current incoming rate: 38 pps, average: 666 pps
3082Current success rate: 3 pps, average: 319 pps
3083Finished total: 1918, success: 1918 (100.00%)
3084Mismatched domains: 1073 (27.01%), IDs: 0 (0.00%)
3085Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.26%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3086Response: | Success: | Total:
3087OK: | 212 ( 11.05%) | 241 ( 6.07%)
3088NXDOMAIN: | 1575 ( 82.12%) | 2471 ( 62.21%)
3089SERVFAIL: | 131 ( 6.83%) | 160 ( 4.03%)
3090REFUSED: | 0 ( 0.00%) | 1100 ( 27.69%)
3091FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3092
3093
3094
3095Processed queries: 1919
3096Received packets: 4025
3097Progress: 100.00% (00 h 00 min 07 sec / 00 h 00 min 07 sec)
3098Current incoming rate: 15 pps, average: 573 pps
3099Current success rate: 0 pps, average: 273 pps
3100Finished total: 1918, success: 1918 (100.00%)
3101Mismatched domains: 1089 (27.31%), IDs: 0 (0.00%)
3102Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.10%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3103Response: | Success: | Total:
3104OK: | 212 ( 11.05%) | 241 ( 6.04%)
3105NXDOMAIN: | 1575 ( 82.12%) | 2487 ( 62.36%)
3106SERVFAIL: | 131 ( 6.83%) | 160 ( 4.01%)
3107REFUSED: | 0 ( 0.00%) | 1100 ( 27.58%)
3108FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3109
3110
3111
3112Processed queries: 1919
3113Received packets: 4041
3114Progress: 100.00% (00 h 00 min 08 sec / 00 h 00 min 08 sec)
3115Current incoming rate: 15 pps, average: 504 pps
3116Current success rate: 0 pps, average: 239 pps
3117Finished total: 1918, success: 1918 (100.00%)
3118Mismatched domains: 1105 (27.60%), IDs: 0 (0.00%)
3119Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.05%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3120Response: | Success: | Total:
3121OK: | 212 ( 11.05%) | 241 ( 6.02%)
3122NXDOMAIN: | 1575 ( 82.12%) | 2501 ( 62.46%)
3123SERVFAIL: | 131 ( 6.83%) | 162 ( 4.05%)
3124REFUSED: | 0 ( 0.00%) | 1100 ( 27.47%)
3125FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3126
3127
3128
3129Processed queries: 1919
3130Received packets: 4043
3131Progress: 100.00% (00 h 00 min 09 sec / 00 h 00 min 09 sec)
3132Current incoming rate: 1 pps, average: 448 pps
3133Current success rate: 0 pps, average: 212 pps
3134Finished total: 1918, success: 1918 (100.00%)
3135Mismatched domains: 1107 (27.63%), IDs: 0 (0.00%)
3136Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.05%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3137Response: | Success: | Total:
3138OK: | 212 ( 11.05%) | 241 ( 6.02%)
3139NXDOMAIN: | 1575 ( 82.12%) | 2503 ( 62.48%)
3140SERVFAIL: | 131 ( 6.83%) | 162 ( 4.04%)
3141REFUSED: | 0 ( 0.00%) | 1100 ( 27.46%)
3142FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3143
3144
3145
3146Processed queries: 1919
3147Received packets: 4048
3148Progress: 100.00% (00 h 00 min 10 sec / 00 h 00 min 10 sec)
3149Current incoming rate: 4 pps, average: 404 pps
3150Current success rate: 0 pps, average: 191 pps
3151Finished total: 1918, success: 1918 (100.00%)
3152Mismatched domains: 1112 (27.72%), IDs: 0 (0.00%)
3153Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.05%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3154Response: | Success: | Total:
3155OK: | 212 ( 11.05%) | 241 ( 6.01%)
3156NXDOMAIN: | 1575 ( 82.12%) | 2506 ( 62.48%)
3157SERVFAIL: | 131 ( 6.83%) | 163 ( 4.06%)
3158REFUSED: | 0 ( 0.00%) | 1101 ( 27.45%)
3159FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3160
3161
3162
3163Processed queries: 1919
3164Received packets: 4054
3165Progress: 100.00% (00 h 00 min 11 sec / 00 h 00 min 11 sec)
3166Current incoming rate: 5 pps, average: 367 pps
3167Current success rate: 0 pps, average: 174 pps
3168Finished total: 1918, success: 1918 (100.00%)
3169Mismatched domains: 1118 (27.83%), IDs: 0 (0.00%)
3170Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.05%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3171Response: | Success: | Total:
3172OK: | 212 ( 11.05%) | 241 ( 6.00%)
3173NXDOMAIN: | 1575 ( 82.12%) | 2506 ( 62.38%)
3174SERVFAIL: | 131 ( 6.83%) | 168 ( 4.18%)
3175REFUSED: | 0 ( 0.00%) | 1102 ( 27.43%)
3176FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3177
3178
3179
3180Processed queries: 1919
3181Received packets: 4065
3182Progress: 100.00% (00 h 00 min 12 sec / 00 h 00 min 12 sec)
3183Current incoming rate: 10 pps, average: 338 pps
3184Current success rate: 0 pps, average: 159 pps
3185Finished total: 1918, success: 1918 (100.00%)
3186Mismatched domains: 1129 (28.03%), IDs: 0 (0.00%)
3187Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.05%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3188Response: | Success: | Total:
3189OK: | 212 ( 11.05%) | 241 ( 5.98%)
3190NXDOMAIN: | 1575 ( 82.12%) | 2509 ( 62.29%)
3191SERVFAIL: | 131 ( 6.83%) | 173 ( 4.29%)
3192REFUSED: | 0 ( 0.00%) | 1105 ( 27.43%)
3193FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3194
3195
3196
3197Processed queries: 1919
3198Received packets: 4070
3199Progress: 100.00% (00 h 00 min 13 sec / 00 h 00 min 13 sec)
3200Current incoming rate: 4 pps, average: 312 pps
3201Current success rate: 0 pps, average: 147 pps
3202Finished total: 1918, success: 1918 (100.00%)
3203Mismatched domains: 1134 (28.12%), IDs: 0 (0.00%)
3204Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.05%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3205Response: | Success: | Total:
3206OK: | 212 ( 11.05%) | 241 ( 5.98%)
3207NXDOMAIN: | 1575 ( 82.12%) | 2509 ( 62.21%)
3208SERVFAIL: | 131 ( 6.83%) | 174 ( 4.31%)
3209REFUSED: | 0 ( 0.00%) | 1109 ( 27.50%)
3210FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3211
3212
3213
3214Processed queries: 1919
3215Received packets: 4071
3216Progress: 100.00% (00 h 00 min 14 sec / 00 h 00 min 14 sec)
3217Current incoming rate: 0 pps, average: 290 pps
3218Current success rate: 0 pps, average: 136 pps
3219Finished total: 1918, success: 1918 (100.00%)
3220Mismatched domains: 1135 (28.14%), IDs: 0 (0.00%)
3221Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.05%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3222Response: | Success: | Total:
3223OK: | 212 ( 11.05%) | 241 ( 5.97%)
3224NXDOMAIN: | 1575 ( 82.12%) | 2509 ( 62.20%)
3225SERVFAIL: | 131 ( 6.83%) | 174 ( 4.31%)
3226REFUSED: | 0 ( 0.00%) | 1110 ( 27.52%)
3227FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3228
3229
3230
3231Processed queries: 1919
3232Received packets: 4072
3233Progress: 100.00% (00 h 00 min 15 sec / 00 h 00 min 15 sec)
3234Current incoming rate: 0 pps, average: 270 pps
3235Current success rate: 0 pps, average: 127 pps
3236Finished total: 1918, success: 1918 (100.00%)
3237Mismatched domains: 1136 (28.15%), IDs: 0 (0.00%)
3238Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.05%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3239Response: | Success: | Total:
3240OK: | 212 ( 11.05%) | 241 ( 5.97%)
3241NXDOMAIN: | 1575 ( 82.12%) | 2509 ( 62.18%)
3242SERVFAIL: | 131 ( 6.83%) | 174 ( 4.31%)
3243REFUSED: | 0 ( 0.00%) | 1111 ( 27.53%)
3244FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3245
3246
3247
3248Processed queries: 1919
3249Received packets: 4075
3250Progress: 100.00% (00 h 00 min 16 sec / 00 h 00 min 16 sec)
3251Current incoming rate: 2 pps, average: 254 pps
3252Current success rate: 0 pps, average: 119 pps
3253Finished total: 1918, success: 1918 (100.00%)
3254Mismatched domains: 1139 (28.21%), IDs: 0 (0.00%)
3255Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.05%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3256Response: | Success: | Total:
3257OK: | 212 ( 11.05%) | 241 ( 5.97%)
3258NXDOMAIN: | 1575 ( 82.12%) | 2510 ( 62.16%)
3259SERVFAIL: | 131 ( 6.83%) | 175 ( 4.33%)
3260REFUSED: | 0 ( 0.00%) | 1112 ( 27.54%)
3261FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3262
3263
3264
3265Processed queries: 1919
3266Received packets: 4077
3267Progress: 100.00% (00 h 00 min 17 sec / 00 h 00 min 17 sec)
3268Current incoming rate: 1 pps, average: 239 pps
3269Current success rate: 0 pps, average: 112 pps
3270Finished total: 1918, success: 1918 (100.00%)
3271Mismatched domains: 1141 (28.24%), IDs: 0 (0.00%)
3272Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.05%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3273Response: | Success: | Total:
3274OK: | 212 ( 11.05%) | 241 ( 5.97%)
3275NXDOMAIN: | 1575 ( 82.12%) | 2511 ( 62.15%)
3276SERVFAIL: | 131 ( 6.83%) | 175 ( 4.33%)
3277REFUSED: | 0 ( 0.00%) | 1113 ( 27.55%)
3278FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3279
3280
3281
3282Processed queries: 1919
3283Received packets: 4083
3284Progress: 100.00% (00 h 00 min 18 sec / 00 h 00 min 18 sec)
3285Current incoming rate: 5 pps, average: 226 pps
3286Current success rate: 0 pps, average: 106 pps
3287Finished total: 1918, success: 1918 (100.00%)
3288Mismatched domains: 1147 (28.35%), IDs: 0 (0.00%)
3289Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.05%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3290Response: | Success: | Total:
3291OK: | 212 ( 11.05%) | 241 ( 5.96%)
3292NXDOMAIN: | 1575 ( 82.12%) | 2515 ( 62.16%)
3293SERVFAIL: | 131 ( 6.83%) | 176 ( 4.35%)
3294REFUSED: | 0 ( 0.00%) | 1114 ( 27.53%)
3295FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3296
3297
3298
3299Processed queries: 1919
3300Received packets: 4089
3301Progress: 100.00% (00 h 00 min 19 sec / 00 h 00 min 19 sec)
3302Current incoming rate: 5 pps, average: 214 pps
3303Current success rate: 0 pps, average: 100 pps
3304Finished total: 1918, success: 1918 (100.00%)
3305Mismatched domains: 1153 (28.46%), IDs: 0 (0.00%)
3306Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.05%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3307Response: | Success: | Total:
3308OK: | 212 ( 11.05%) | 241 ( 5.95%)
3309NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.17%)
3310SERVFAIL: | 131 ( 6.83%) | 177 ( 4.37%)
3311REFUSED: | 0 ( 0.00%) | 1115 ( 27.52%)
3312FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3313
3314
3315
3316Processed queries: 1919
3317Received packets: 4089
3318Progress: 100.00% (00 h 00 min 20 sec / 00 h 00 min 20 sec)
3319Current incoming rate: 0 pps, average: 204 pps
3320Current success rate: 0 pps, average: 95 pps
3321Finished total: 1918, success: 1918 (100.00%)
3322Mismatched domains: 1153 (28.46%), IDs: 0 (0.00%)
3323Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.05%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3324Response: | Success: | Total:
3325OK: | 212 ( 11.05%) | 241 ( 5.95%)
3326NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.17%)
3327SERVFAIL: | 131 ( 6.83%) | 177 ( 4.37%)
3328REFUSED: | 0 ( 0.00%) | 1115 ( 27.52%)
3329FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3330
3331
3332
3333Processed queries: 1919
3334Received packets: 4092
3335Progress: 100.00% (00 h 00 min 21 sec / 00 h 00 min 21 sec)
3336Current incoming rate: 2 pps, average: 194 pps
3337Current success rate: 0 pps, average: 91 pps
3338Finished total: 1918, success: 1918 (100.00%)
3339Mismatched domains: 1156 (28.51%), IDs: 0 (0.00%)
3340Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.05%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3341Response: | Success: | Total:
3342OK: | 212 ( 11.05%) | 241 ( 5.94%)
3343NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.12%)
3344SERVFAIL: | 131 ( 6.83%) | 179 ( 4.41%)
3345REFUSED: | 0 ( 0.00%) | 1116 ( 27.52%)
3346FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3347
3348
3349
3350Processed queries: 1919
3351Received packets: 4095
3352Progress: 100.00% (00 h 00 min 22 sec / 00 h 00 min 22 sec)
3353Current incoming rate: 2 pps, average: 185 pps
3354Current success rate: 0 pps, average: 87 pps
3355Finished total: 1918, success: 1918 (100.00%)
3356Mismatched domains: 1159 (28.56%), IDs: 0 (0.00%)
3357Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.05%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3358Response: | Success: | Total:
3359OK: | 212 ( 11.05%) | 241 ( 5.94%)
3360NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.07%)
3361SERVFAIL: | 131 ( 6.83%) | 180 ( 4.44%)
3362REFUSED: | 0 ( 0.00%) | 1117 ( 27.53%)
3363FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3364
3365
3366
3367Processed queries: 1919
3368Received packets: 4096
3369Progress: 100.00% (00 h 00 min 23 sec / 00 h 00 min 23 sec)
3370Current incoming rate: 0 pps, average: 177 pps
3371Current success rate: 0 pps, average: 83 pps
3372Finished total: 1918, success: 1918 (100.00%)
3373Mismatched domains: 1160 (28.58%), IDs: 0 (0.00%)
3374Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.05%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3375Response: | Success: | Total:
3376OK: | 212 ( 11.05%) | 241 ( 5.94%)
3377NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.06%)
3378SERVFAIL: | 131 ( 6.83%) | 180 ( 4.43%)
3379REFUSED: | 0 ( 0.00%) | 1118 ( 27.54%)
3380FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3381
3382
3383
3384Processed queries: 1919
3385Received packets: 4096
3386Progress: 100.00% (00 h 00 min 24 sec / 00 h 00 min 24 sec)
3387Current incoming rate: 0 pps, average: 170 pps
3388Current success rate: 0 pps, average: 79 pps
3389Finished total: 1918, success: 1918 (100.00%)
3390Mismatched domains: 1160 (28.58%), IDs: 0 (0.00%)
3391Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.05%, 48: 0.00%, 49: 0.00%, 50: 0.00%,
3392Response: | Success: | Total:
3393OK: | 212 ( 11.05%) | 241 ( 5.94%)
3394NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.06%)
3395SERVFAIL: | 131 ( 6.83%) | 180 ( 4.43%)
3396REFUSED: | 0 ( 0.00%) | 1118 ( 27.54%)
3397FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3398
3399
3400
3401Processed queries: 1919
3402Received packets: 4097
3403Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
3404Current incoming rate: 0 pps, average: 163 pps
3405Current success rate: 0 pps, average: 76 pps
3406Finished total: 1918, success: 1918 (100.00%)
3407Mismatched domains: 1161 (28.60%), IDs: 0 (0.00%)
3408Failures: 0: 18.51%, 1: 23.15%, 2: 16.21%, 3: 16.01%, 4: 11.21%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.05%, 50: 0.00%,
3409Response: | Success: | Total:
3410OK: | 212 ( 11.05%) | 241 ( 5.94%)
3411NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.04%)
3412SERVFAIL: | 131 ( 6.83%) | 180 ( 4.43%)
3413REFUSED: | 0 ( 0.00%) | 1119 ( 27.56%)
3414FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3415
3416
3417
3418Processed queries: 1919
3419Received packets: 4097
3420Progress: 100.00% (00 h 00 min 25 sec / 00 h 00 min 25 sec)
3421Current incoming rate: 0 pps, average: 163 pps
3422Current success rate: 0 pps, average: 76 pps
3423Finished total: 1919, success: 1918 (99.95%)
3424Mismatched domains: 1161 (28.60%), IDs: 0 (0.00%)
3425Failures: 0: 18.50%, 1: 23.14%, 2: 16.21%, 3: 16.00%, 4: 11.20%, 5: 6.83%, 6: 3.44%, 7: 2.61%, 8: 1.09%, 9: 0.31%, 10: 0.31%, 11: 0.21%, 12: 0.05%, 13: 0.05%, 14: 0.00%, 15: 0.00%, 16: 0.00%, 17: 0.00%, 18: 0.00%, 19: 0.00%, 20: 0.00%, 21: 0.00%, 22: 0.00%, 23: 0.00%, 24: 0.00%, 25: 0.00%, 26: 0.00%, 27: 0.00%, 28: 0.00%, 29: 0.00%, 30: 0.00%, 31: 0.00%, 32: 0.00%, 33: 0.00%, 34: 0.00%, 35: 0.00%, 36: 0.00%, 37: 0.00%, 38: 0.00%, 39: 0.00%, 40: 0.00%, 41: 0.00%, 42: 0.00%, 43: 0.00%, 44: 0.00%, 45: 0.00%, 46: 0.00%, 47: 0.00%, 48: 0.00%, 49: 0.00%, 50: 0.05%,
3426Response: | Success: | Total:
3427OK: | 212 ( 11.05%) | 241 ( 5.94%)
3428NXDOMAIN: | 1575 ( 82.12%) | 2519 ( 62.04%)
3429SERVFAIL: | 131 ( 6.83%) | 180 ( 4.43%)
3430REFUSED: | 0 ( 0.00%) | 1119 ( 27.56%)
3431FORMERR: | 0 ( 0.00%) | 0 ( 0.00%)
3432www.metro.cl
3433www.metrosantiago.cl.
3434#######################################################################################################################################
3435[+] www.metro.cl has no SPF record!
3436[*] No DMARC record found. Looking for organizational record
3437[*] Found organizational DMARC record:
3438[*] v=DMARC1; pct=100; p=none; adkim=r; aspf=r
3439[*] No explicit organizational subdomain policy. Defaulting to organizational policy
3440[+] DMARC policy set to none
3441[+] Spoofing possible for www.metro.cl!
3442#######################################################################################################################################
3443INFO[0000] Starting to process queue....
3444INFO[0000] Starting to process permutations....
3445INFO[0000] FORBIDDEN http://metro.s3.amazonaws.com (http://metro.cl)
3446INFO[0000] FORBIDDEN http://metro-reports.s3.amazonaws.com (http://metro.cl)
3447INFO[0000] FORBIDDEN http://metro-dev.s3.amazonaws.com (http://metro.cl)
3448INFO[0000] FORBIDDEN http://metro-logs.s3.amazonaws.com (http://metro.cl)
3449INFO[0000] FORBIDDEN http://metro-elk.s3.amazonaws.com (http://metro.cl)
3450INFO[0000] FORBIDDEN http://metro-data.s3.amazonaws.com (http://metro.cl)
3451INFO[0000] FORBIDDEN http://metro-temp.s3.amazonaws.com (http://metro.cl)
3452INFO[0000] FORBIDDEN http://metro-project.s3.amazonaws.com (http://metro.cl)
3453INFO[0000] FORBIDDEN http://metro-backup.s3.amazonaws.com (http://metro.cl)
3454INFO[0000] FORBIDDEN http://metro-billing.s3.amazonaws.com (http://metro.cl)
3455INFO[0000] PUBLIC http://metro-media.s3.eu-west-2.amazonaws.com/ (http://metro.cl)
3456INFO[0000] FORBIDDEN http://test-metro.s3.amazonaws.com (http://metro.cl)
3457INFO[0000] FORBIDDEN http://metro-test.s3.amazonaws.com (http://metro.cl)
3458INFO[0000] FORBIDDEN http://metro-admin.s3.amazonaws.com (http://metro.cl)
3459INFO[0000] FORBIDDEN http://metro-help.s3.amazonaws.com (http://metro.cl)
3460#######################################################################################################################################
3461Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 16:19 EDT
3462Nmap scan report for www.metro.cl (201.217.241.118)
3463Host is up (0.37s latency).
3464rDNS record for 201.217.241.118: servidor.agenciacatedral.com
3465Not shown: 983 filtered ports, 13 closed ports
3466Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
3467PORT STATE SERVICE
346853/tcp open domain
346980/tcp open http
3470443/tcp open https
34713306/tcp open mysql
3472
3473Nmap done: 1 IP address (1 host up) scanned in 20.85 seconds
3474######################################################################################################################################
3475Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 16:19 EDT
3476Nmap scan report for www.metro.cl (201.217.241.118)
3477Host is up (0.047s latency).
3478rDNS record for 201.217.241.118: servidor.agenciacatedral.com
3479Not shown: 2 filtered ports
3480PORT STATE SERVICE
348153/udp open domain
348267/udp open|filtered dhcps
348368/udp open|filtered dhcpc
348469/udp open|filtered tftp
348588/udp open|filtered kerberos-sec
3486123/udp open|filtered ntp
3487139/udp open|filtered netbios-ssn
3488161/udp open|filtered snmp
3489162/udp open|filtered snmptrap
3490389/udp open|filtered ldap
3491500/udp open|filtered isakmp
3492520/udp open|filtered route
34932049/udp open|filtered nfs
3494
3495Nmap done: 1 IP address (1 host up) scanned in 1.74 seconds
3496#######################################################################################################################################
3497Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 16:19 EDT
3498Nmap scan report for www.metro.cl (201.217.241.118)
3499Host is up (0.20s latency).
3500rDNS record for 201.217.241.118: servidor.agenciacatedral.com
3501
3502PORT STATE SERVICE VERSION
350353/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
3504|_dns-fuzz: Server didn't response to our probe, can't fuzz
3505| dns-nsec-enum:
3506|_ No NSEC records found
3507| dns-nsec3-enum:
3508|_ DNSSEC NSEC3 not supported
3509| dns-nsid:
3510|_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
3511| vulscan: VulDB - https://vuldb.com:
3512| [129818] ISC BIND up to 9.11.4/9.12.2 DDNS privilege escalation
3513| [129803] ISC BIND up to 9.11.1 Response Policy Zone Query Loop denial of service
3514| [129802] ISC BIND up to 9.11.0-P1 nxdomain-redirect Query Assertion denial of service
3515| [102965] ISC BIND up to 9.11.1-P1 TSIG weak authentication
3516| [102964] ISC BIND up to 9.11.1-P1 TSIG weak authentication
3517| [99868] ISC BIND up to 9.11.1rc2 Control Channel Crash denial of service
3518| [99867] ISC BIND up to 9.11.1rc1 DNS64 State Crash denial of service
3519| [99866] ISC BIND up to 9.11.1rc1 CNAME/DNAME Crash denial of service
3520| [96827] ISC BIND up to 9.11.1b1 RPZ/DNS64 State Error NULL Pointer Dereference denial of service
3521|
3522| MITRE CVE - https://cve.mitre.org:
3523| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
3524| [CVE-2013-4869] Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0."
3525| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
3526| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
3527| [CVE-2013-3434] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.
3528| [CVE-2013-3433] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.
3529| [CVE-2013-3412] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.
3530| [CVE-2013-3404] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
3531| [CVE-2013-3403] Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.
3532| [CVE-2013-3402] An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.
3533| [CVE-2013-3382] The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
3534| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
3535| [CVE-2013-1150] The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
3536| [CVE-2013-1139] The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
3537| [CVE-2013-1137] Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
3538| [CVE-2013-1134] The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.
3539| [CVE-2013-0149] The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.
3540| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
3541| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
3542| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
3543| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
3544| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
3545| [CVE-2012-3817] ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2
3546| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
3547| [CVE-2012-1328] Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
3548| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
3549| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
3550| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
3551| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
3552| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
3553| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
3554| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
3555| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
3556| [CVE-2011-0414] ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
3557| [CVE-2010-3762] ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
3558| [CVE-2010-3615] named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
3559| [CVE-2010-3614] named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
3560| [CVE-2010-3613] named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
3561| [CVE-2010-0382] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.
3562| [CVE-2010-0290] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
3563| [CVE-2010-0218] ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
3564| [CVE-2010-0097] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
3565| [CVE-2009-4022] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
3566| [CVE-2009-2028] Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
3567| [CVE-2009-1905] The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
3568| [CVE-2009-0696] The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
3569| [CVE-2009-0265] Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
3570| [CVE-2008-4163] Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
3571| [CVE-2008-0122] Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
3572| [CVE-2007-2926] ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
3573| [CVE-2007-2925] The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
3574| [CVE-2007-2241] Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
3575| [CVE-2007-0493] Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
3576| [CVE-2002-2037] The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
3577| [CVE-2002-0400] ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
3578| [CVE-2001-0497] dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
3579| [CVE-2000-0855] SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline.
3580| [CVE-2000-0368] Classic Cisco IOS 9.1 and later allows attackers with access to the loging prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
3581| [CVE-1999-1466] Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
3582| [CVE-1999-1306] Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
3583| [CVE-1999-1216] Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
3584|
3585| SecurityFocus - https://www.securityfocus.com/bid/:
3586| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
3587| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
3588| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
3589| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
3590| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
3591| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
3592| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
3593| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
3594| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
3595| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
3596| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
3597| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
3598| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
3599| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
3600| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
3601| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
3602| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
3603| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
3604| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
3605| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
3606| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
3607| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
3608| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
3609| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
3610| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
3611| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
3612| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
3613| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
3614| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
3615| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
3616| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
3617| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
3618| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
3619| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
3620| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
3621| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
3622| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
3623| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
3624| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
3625| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
3626| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
3627| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
3628| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
3629| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
3630| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
3631| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
3632| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
3633| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
3634| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
3635| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
3636| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
3637| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
3638| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
3639| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
3640| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
3641| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
3642| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
3643| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
3644| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
3645| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
3646| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
3647| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
3648| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
3649| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
3650| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
3651| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
3652| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
3653| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
3654| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
3655| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
3656| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
3657| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
3658| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
3659| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
3660|
3661| IBM X-Force - https://exchange.xforce.ibmcloud.com:
3662| [85799] Cisco Unified IP Phones 9900 Series directory traversal
3663| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
3664| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
3665| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
3666| [9250] BIND 9 dns_message_findtype() denial of service
3667| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
3668| [539] Microsoft Windows 95 and Internet Explorer password disclosure
3669| [86004] ISC BIND RDATA denial of service
3670| [84767] ISC BIND denial of service
3671| [83066] ISC BIND denial of service
3672| [81504] ISC BIND AAAA denial of service
3673| [80510] ISC BIND DNS64 denial of service
3674| [79121] ISC BIND queries denial of service
3675| [78479] ISC BIND RDATA denial of service
3676| [77185] ISC BIND TCP queries denial of service
3677| [77184] ISC BIND bad cache denial of service
3678| [76034] ISC BIND rdata denial of service
3679| [73053] ISC BIND cache update policy security bypass
3680| [71332] ISC BIND recursive queries denial of service
3681| [68375] ISC BIND UPDATE denial of service
3682| [68374] ISC BIND Response Policy Zones denial of service
3683| [67665] ISC BIND RRSIG Rrsets denial of service
3684| [67297] ISC BIND RRSIG denial of service
3685| [65554] ISC BIND IXFR transfer denial of service
3686| [63602] ISC BIND allow-query security bypass
3687| [63596] ISC BIND zone data security bypass
3688| [63595] ISC BIND RRSIG denial of service
3689| [62072] ISC BIND DNSSEC query denial of service
3690| [62071] ISC BIND ACL security bypass
3691| [61871] ISC BIND anchors denial of service
3692| [60421] ISC BIND RRSIG denial of service
3693| [56049] ISC BIND out-of-bailiwick weak security
3694| [55937] ISC Bind unspecified cache poisoning
3695| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
3696| [54416] ISC BIND DNSSEC cache poisoning
3697| [52073] ISC BIND dns_db_findrdataset() denial of service
3698| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
3699| [45234] ISC BIND UDP denial of service
3700| [39670] ISC BIND inet_network buffer overflow
3701| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
3702| [37128] RHSA update for ISC BIND RRset denial of service not installed
3703| [37127] RHSA update for ISC BIND named service denial of service not installed
3704| [36275] ISC BIND DNS query spoofing
3705| [35575] ISC BIND query ID cache poisoning
3706| [35571] ISC BIND ACL security bypass
3707| [31838] ISC BIND RRset denial of service
3708| [31799] ISC BIND named service denial of service
3709| [29876] HP Tru64 ypbind core dump information disclosure
3710| [28745] ISC BIND DNSSEC RRset denial of service
3711| [28744] ISC BIND recursive INSIST denial of service
3712| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
3713| [18836] BIND hostname disclosure
3714| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
3715| [10333] ISC BIND SIG null pointer dereference denial of service
3716| [10332] ISC BIND OPT resource record (RR) denial of service
3717| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
3718| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
3719| [5814] ISC BIND "
3720| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
3721| [5462] ISC BIND AXFR host command remote buffer overflow
3722|
3723| Exploit-DB - https://www.exploit-db.com:
3724| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
3725| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
3726| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
3727| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
3728| [21812] MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure
3729| [21764] MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
3730| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
3731| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
3732| [13448] linux/x86 portbind port 5074 92 bytes
3733| [13388] linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes
3734| [13360] linux/x86 setuid/portbind shellcode 96 bytes
3735| [13245] bsd/x86 setuid/portbind shellcode 94 bytes
3736| [10638] Web Wiz Forums 9.64 - Database Disclosure Vulnerability
3737| [6775] Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
3738| [6236] BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit
3739| [6130] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
3740| [6123] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
3741| [6122] BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
3742| [4292] Diskeeper 9 Remote Memory Disclosure Exploit
3743| [4266] BIND 9 0.3beta - DNS Cache Poisoning Exploit
3744|
3745| OpenVAS (Nessus) - http://www.openvas.org:
3746| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
3747| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
3748| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
3749| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
3750| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
3751| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
3752| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
3753| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
3754| [11226] Oracle 9iAS default error information disclosure
3755|
3756| SecurityTracker - https://www.securitytracker.com:
3757| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
3758| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
3759| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
3760| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
3761| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
3762| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3763| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3764| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3765| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3766| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3767| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3768| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3769| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3770| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
3771| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
3772| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
3773| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
3774| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
3775| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
3776| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
3777| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
3778| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
3779| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
3780| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
3781| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
3782| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
3783|
3784| OSVDB - http://www.osvdb.org:
3785| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
3786| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
3787| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
3788| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
3789| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
3790| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
3791| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
3792| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
3793| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
3794| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
3795| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
3796| [18217] Oracle 9iAS echo Sample Application Information Disclosure
3797| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
3798| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
3799| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
3800| [3108] Microsoft Office 98 Macintosh Information Disclosure
3801| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
3802| [665] Microsoft Windows 95 Online Registration Information Disclosure
3803| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
3804| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
3805| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
3806| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
3807| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
3808| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
3809| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
3810| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
3811| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
3812| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
3813| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
3814| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
3815| [77159] ISC BIND Recursive Query Parsing Remote DoS
3816| [73605] ISC BIND UPDATE Request Parsing Remote DoS
3817| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
3818| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
3819| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
3820| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
3821| [69568] ISC BIND named allow-query ACL Restriction Bypass
3822| [69559] ISC BIND named Key Algorithm Rollover Weakness
3823| [69558] ISC BIND named RRSIG Negative Caching DoS
3824| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
3825| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
3826| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
3827| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
3828| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
3829| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
3830| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
3831| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
3832| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
3833| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
3834| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
3835| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
3836| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
3837| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
3838| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
3839| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
3840| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
3841| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
3842| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
3843| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
3844| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
3845| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
3846| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
3847| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
3848| [34752] ISC BIND so_linger Remote DoS
3849| [34751] ISC BIND Malformed SIG Record Remote DoS
3850| [34750] ISC BIND Malformed NAPTR Record Local DoS
3851| [34749] ISC BIND named maxdname DoS
3852| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
3853| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
3854| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
3855| [28558] ISC BIND Recursive Query Saturation DoS
3856| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
3857| [25895] ISC BIND Cached Recursive Query DoS
3858| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
3859| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
3860| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
3861| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
3862| [14795] ISC BIND TSIG Handling Code Remote Overflow
3863| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
3864| [13752] ISC BIND host Command AXFR Response Remote Overflow
3865| [13176] ISC BIND q_usedns Array Remote Overflow DoS
3866| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
3867| [9736] ISC BIND fdmax File Descriptor Consumption DoS
3868| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
3869| [9734] ISC BIND CNAME Record Zone Transfer DoS
3870| [9733] ISC BIND Malformed DNS Message DoS
3871| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
3872| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
3873| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
3874| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
3875| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
3876| [5828] ISC BIND named SRV Remote DoS
3877| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
3878| [2866] ISC BIND Negative Record Cache Poisoning
3879| [1751] ISC BIND Environment Variable Information Disclosure
3880| [1747] ISC BIND 4 nslookupComplain() Remote Format String
3881| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
3882| [913] ISC BIND Inverse-Query Remote Overflow
3883| [869] ISC BIND named SIG Resource Server Response RR Overflow
3884| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
3885| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
3886| [24] ISC BIND NXT Record Overflow
3887|_
3888Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
3889Device type: general purpose
3890Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
3891OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
3892Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.16 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
3893No exact OS matches for host (test conditions non-ideal).
3894Network Distance: 20 hops
3895Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
3896
3897Host script results:
3898| dns-brute:
3899| DNS Brute-force hostnames:
3900| app.metro.cl - 200.73.13.147
3901| vpn.metro.cl - 200.73.13.253
3902| mail.metro.cl - 200.73.13.136
3903| www.metro.cl - 201.217.241.118
3904| server.metro.cl - 200.73.13.131
3905| ftp.metro.cl - 200.73.13.143
3906| sip.metro.cl - 52.112.67.139
3907|_ sip.metro.cl - 2603:1037::b
3908
3909TRACEROUTE (using port 53/tcp)
3910HOP RTT ADDRESS
39111 49.66 ms 10.243.204.1
39122 49.71 ms vlan102.as04.qc1.ca.m247.com (176.113.74.145)
39133 49.75 ms irb-0.agg1.qc1.ca.m247.com (83.97.21.78)
39144 49.75 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
39155 49.73 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
39166 69.07 ms if-ae-12-2.tcore1.mtt-montreal.as6453.net (64.86.31.26)
39177 69.04 ms if-ae-0-2.tcore2.mtt-montreal.as6453.net (216.6.115.90)
39188 69.08 ms if-ae-5-2.tcore2.n0v-new-york.as6453.net (64.86.226.58)
39199 69.12 ms if-ae-10-4.tcore4.njy-newark.as6453.net (216.6.99.22)
392010 32.36 ms if-ae-0-2.tcore3.njy-newark.as6453.net (216.6.90.14)
392111 47.72 ms 216.6.87.171
392212 ...
392313 185.09 ms 176.52.248.54
392414 ... 16
392517 195.21 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
392618 ...
392719 220.94 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
392820 416.88 ms servidor.agenciacatedral.com (201.217.241.118)
3929#######################################################################################################################################
3930HTTP/1.1 302 Found
3931Connection: Keep-Alive
3932Date: Tue, 29 Oct 2019 20:20:07 GMT
3933Server: LiteSpeed
3934Cache-Control: no-cache, no-store, must-revalidate, max-age=0
3935Location: https://www.metro.cl/
3936Access-Control-Allow-Origin: http://www.metro.cl
3937Access-Control-Allow-Origin: http://metro.cl
3938Access-Control-Allow-Origin: http://www.metrosantiago.cl
3939Access-Control-Allow-Origin: http://metrosantiago.cl
3940Access-Control-Allow-Origin: http://metrodesantiago.cl
3941Access-Control-Allow-Origin: https://www.metro.cl
3942Access-Control-Allow-Origin: https://metro.cl
3943Access-Control-Allow-Origin: https://www.metrosantiago.cl
3944Access-Control-Allow-Origin: https://metrosantiago.cl
3945Access-Control-Allow-Origin: https://metrodesantiago.cl
3946X-Frame-Options: SAMEORIGIN
3947X-Content-Type-Options: nosniff
3948X-XSS-Protection: 1; mode=block
3949Referrer-Policy: strict-origin-when-cross-origin
3950Strict-Transport-Security: max-age=31536000; includeSubDomains
3951X-UA-Compatible: IE=edge
3952######################################################################################################################################
3953/actividad-comercial
3954/atencion-cliente/oficinas
3955/atencion-cliente/preguntas-frecuentes
3956/atencion-cliente/sugerencias-reclamos
3957/buen-viajero/que-hacer-en-casos-de-contingencia
3958/corporativo
3959/corporativo/
3960/corporativo/canal-de-denuncias
3961/corporativo/documentos
3962/corporativo/mapa-del-sitio
3963/corporativo/normas-redes-sociales
3964/corporativo/privacidad
3965/estacion
3966http://metro.trabajando.cl/
3967https://bazarmetro.cl/
3968https://cargatubip.metro.cl/CargaTuBipV2/
3969https://mail.metro.cl/
3970https://twitter.com/intent/user?screen_name=metrodesantiago
3971https://twitter.com/metrodesantiago
3972https://www.facebook.com/Metrostgo/
3973https://www.facebook.com/pages/Metro-de-Santiago-Chile/171538782666?ref=stream
3974https://www.instagram.com/metrodesantiago
3975https://www.metro.cl/minisitio/finanzas/es
3976https://www.metro.cl/red-clientes/
3977http://www.ccplm.cl/
3978http://www.mac.uchile.cl/
3979http://www.transantiago.cl/
3980http://www.youtube.com/user/metrodesantiagochile
3981/images/clima/04d.png
3982/images/icoInfo.png
3983/images/icoNoticias.png
3984/images/logoFooter.png
3985/js/base.js?v=1.2019102901
3986/js/bootstrap.min.js
3987/js/datatables.js
3988/js/ekko-lightbox.js?v=1.2019011701
3989/js/jquery-3.2.1.js
3990/js/jquery.jticker.min.js
3991/js/jquery.slicebox.js
3992/js/modernizr.custom.46884.js
3993/js/popper.min.js
3994/js/select2.min.js
3995/js/zoom/jquery.smoothZoom.min.js
3996/licitaciones
3997/noticias/historial
3998/planificador
3999/planificador/interactivo
4000/registro
4001/ticket-viaje
4002/tu-viaje/estado-red
4003/tu-viaje/horarios
4004/tu-viaje/ruta-expresa
4005######################################################################################################################################
4006http://www.metro.cl [302 Found] Country[CHILE][CL], HTML5, HTTPServer[LiteSpeed], IP[201.217.241.118], LiteSpeed, RedirectLocation[https://www.metro.cl/], Strict-Transport-Security[max-age=31536000; includeSubDomains], Title[302 Found][Title element contains newline(s)!], UncommonHeaders[access-control-allow-origin,x-content-type-options,referrer-policy], X-Frame-Options[SAMEORIGIN], X-UA-Compatible[IE=edge], X-XSS-Protection[1; mode=block]
4007https://www.metro.cl/ [200 OK] Cookies[metro], Country[CHILE][CL], Email[aariztia@metro-chile.cl,usuario@empresa.cl], Google-Analytics[UA-11084190-1], HTML5, HTTPServer[LiteSpeed], HttpOnly[metro], IP[201.217.241.118], JQuery[3.2.1], Lightbox, LiteSpeed, Modernizr, PasswordField, Script, Strict-Transport-Security[max-age=31536000; includeSubDomains], Title[Metro de Santiago], UncommonHeaders[access-control-allow-origin,x-content-type-options,referrer-policy,alt-svc], X-Frame-Options[SAMEORIGIN], X-UA-Compatible[IE=edge], X-XSS-Protection[1; mode=block]
4008#######################################################################################################################################
4009
4010wig - WebApp Information Gatherer
4011
4012
4013Scanning https://www.metro.cl...
4014__________________ SITE INFO __________________
4015IP Title
4016201.217.241.118 Metro de Santiago
4017
4018___________________ VERSION ___________________
4019Name Versions Type
4020litespeed Platform
4021jQuery 3.2.1 JavaScript
4022
4023_______________________________________________
4024Time: 106.3 sec Urls: 655 Fingerprints: 40401
4025######################################################################################################################################
4026Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 16:22 EDT
4027NSE: Loaded 163 scripts for scanning.
4028NSE: Script Pre-scanning.
4029Initiating NSE at 16:22
4030Completed NSE at 16:22, 0.00s elapsed
4031Initiating NSE at 16:22
4032Completed NSE at 16:22, 0.00s elapsed
4033Initiating Parallel DNS resolution of 1 host. at 16:22
4034Completed Parallel DNS resolution of 1 host. at 16:22, 0.02s elapsed
4035Initiating SYN Stealth Scan at 16:22
4036Scanning www.metro.cl (201.217.241.118) [1 port]
4037Discovered open port 80/tcp on 201.217.241.118
4038Completed SYN Stealth Scan at 16:22, 0.20s elapsed (1 total ports)
4039Initiating Service scan at 16:22
4040Scanning 1 service on www.metro.cl (201.217.241.118)
4041Completed Service scan at 16:22, 6.43s elapsed (1 service on 1 host)
4042Initiating OS detection (try #1) against www.metro.cl (201.217.241.118)
4043Retrying OS detection (try #2) against www.metro.cl (201.217.241.118)
4044Initiating Traceroute at 16:22
4045Completed Traceroute at 16:22, 3.08s elapsed
4046Initiating Parallel DNS resolution of 19 hosts. at 16:22
4047Completed Parallel DNS resolution of 19 hosts. at 16:22, 0.65s elapsed
4048NSE: Script scanning 201.217.241.118.
4049Initiating NSE at 16:22
4050Completed NSE at 16:23, 49.69s elapsed
4051Initiating NSE at 16:23
4052Completed NSE at 16:23, 0.96s elapsed
4053Nmap scan report for www.metro.cl (201.217.241.118)
4054Host is up (0.19s latency).
4055rDNS record for 201.217.241.118: servidor.agenciacatedral.com
4056
4057PORT STATE SERVICE VERSION
405880/tcp open http LiteSpeed httpd
4059| http-brute:
4060|_ Path "/" does not require authentication
4061|_http-chrono: Request times for /; avg: 735.33ms; min: 593.90ms; max: 952.43ms
4062|_http-csrf: Couldn't find any CSRF vulnerabilities.
4063|_http-date: Tue, 29 Oct 2019 20:22:37 GMT; -1s from local time.
4064|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
4065|_http-dombased-xss: Couldn't find any DOM based XSS.
4066|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
4067|_http-errors: Couldn't find any error pages.
4068|_http-feed: Couldn't find any feeds.
4069|_http-fetch: Please enter the complete path of the directory to save data in.
4070| http-headers:
4071| Connection: close
4072| Content-Type: text/html
4073| Content-Length: 681
4074| Date: Tue, 29 Oct 2019 20:22:42 GMT
4075| Server: LiteSpeed
4076| Cache-Control: no-cache, no-store, must-revalidate, max-age=0
4077| Location: https://www.metro.cl/
4078| Access-Control-Allow-Origin: http://www.metro.cl
4079| Access-Control-Allow-Origin: http://metro.cl
4080| Access-Control-Allow-Origin: http://www.metrosantiago.cl
4081| Access-Control-Allow-Origin: http://metrosantiago.cl
4082| Access-Control-Allow-Origin: http://metrodesantiago.cl
4083| Access-Control-Allow-Origin: https://www.metro.cl
4084| Access-Control-Allow-Origin: https://metro.cl
4085| Access-Control-Allow-Origin: https://www.metrosantiago.cl
4086| Access-Control-Allow-Origin: https://metrosantiago.cl
4087| Access-Control-Allow-Origin: https://metrodesantiago.cl
4088| X-Frame-Options: SAMEORIGIN
4089| X-Content-Type-Options: nosniff
4090| X-XSS-Protection: 1; mode=block
4091| Referrer-Policy: strict-origin-when-cross-origin
4092| Strict-Transport-Security: max-age=31536000; includeSubDomains
4093| X-UA-Compatible: IE=edge
4094|
4095|_ (Request type: GET)
4096|_http-jsonp-detection: Couldn't find any JSONP endpoints.
4097| http-methods:
4098|_ Supported Methods: GET HEAD POST OPTIONS
4099|_http-mobileversion-checker: No mobile version detected.
4100|_http-passwd: ERROR: Script execution failed (use -d to debug)
4101| http-security-headers:
4102| Strict_Transport_Security:
4103| Header: Strict-Transport-Security: max-age=31536000; includeSubDomains
4104| X_Frame_Options:
4105| Header: X-Frame-Options: SAMEORIGIN
4106| Description: The browser must not display this content in any frame from a page of different origin than the content itself.
4107| X_XSS_Protection:
4108| Header: X-XSS-Protection: 1; mode=block
4109| Description: The browser will prevent the rendering of the page when XSS is detected.
4110| X_Content_Type_Options:
4111| Header: X-Content-Type-Options: nosniff
4112| Description: Will prevent the browser from MIME-sniffing a response away from the declared content-type.
4113| Cache_Control:
4114| Header: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
4115| Pragma:
4116| Header: Pragma: no-cache
4117| Expires:
4118|_ Header: Expires: Thu, 19 Nov 1981 08:52:00 GMT
4119|_http-server-header: LiteSpeed
4120| http-sitemap-generator:
4121| Directory structure:
4122| Longest directory structure:
4123| Depth: 0
4124| Dir: /
4125| Total files found (by extension):
4126|_
4127|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
4128|_http-title: Did not follow redirect to https://www.metro.cl/
4129|_http-userdir-enum: Potential Users: root, admin, administrator, webadmin, sysadmin, netadmin, guest, user, web, test
4130| http-vhosts:
4131| vm.metro.cl
4132| 124 names had status 200
4133| www.metro.cl : 302 -> https://www.metro.cl/
4134|_mail.metro.cl : 302 -> https://mail.metro.cl/
4135|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
4136|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
4137|_http-xssed: No previously reported XSS vuln.
4138| vulscan: VulDB - https://vuldb.com:
4139| [127415] LiteSpeed OpenLiteSpeed up to 1.5.0 RC5 Byte Sequence Request privilege escalation
4140| [106897] Open Litespeed up to 1.3.9 Use-After-Free memory corruption
4141| [62114] Litespeedtech LiteSpeed Web Server 4.1.11 cross site scripting
4142| [53729] Litespeedtech LiteSpeed Web Server information disclosure
4143| [39420] Litespeed Technologies LiteSpeed Web Server up to 3.2.2 php%00.txt information disclosure
4144|
4145| MITRE CVE - https://cve.mitre.org:
4146| [CVE-2012-4871] Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter.
4147| [CVE-2010-2333] LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
4148| [CVE-2007-5654] LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."
4149| [CVE-2005-3695] Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
4150|
4151| SecurityFocus - https://www.securityfocus.com/bid/:
4152| [82240] PHP LiteSpeed SAPI Out of Bounds Read Memory Corruption Vulnerability
4153| [82027] PHP 'sapi/litespeed/lsapilib.c' Information Disclosure Vulnerability
4154| [74806] OpenLiteSpeed Heap Based Buffer Overflow and Denial of Service Vulnerabilities
4155| [74207] LiteSpeed Web Server 'httpreq.cpp' Use After Free Denial of Service Vulnerability
4156| [63484] LiteSpeed Web Server Local Privilege Escalation Vulnerability
4157| [63481] LiteSpeed Web Server Race Condition Insecure Temporary File Creation Vulnerability
4158| [55946] LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting Vulnerability
4159| [45382] PHP LiteSpeed SAPI Arbitrary Code Execution Vulnerability
4160| [40815] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
4161| [38317] LiteSpeed Web Server Cross Site Scripting and Request Forgery Vulnerabilities
4162| [36268] LiteSpeed Web Server Multiple Unspecified Remote Security Vulnerabilities
4163| [26163] LiteSpeed Web Server Null-Byte Handling Information Disclosure Vulnerability
4164| [15485] LiteSpeed ConfMgr.php Cross-Site Scripting Vulnerability
4165|
4166| IBM X-Force - https://exchange.xforce.ibmcloud.com:
4167| [74144] LiteSpeed graph_html.php cross-site scripting
4168| [63979] LiteSpeed Web Server Null buffer overflow
4169| [59385] LiteSpeed Web Server information disclosure
4170| [56389] LiteSpeed Web Server Admin interface cross-site scripting
4171| [56388] LiteSpeed Web Server confMgr.php cross-site request forgery
4172| [54537] LiteSpeed Web Server post-authentication code execution
4173| [54536] LiteSpeed Web Server Lshttpd denial of service
4174| [37380] LiteSpeed Web Server mime-type information disclosure
4175| [23086] LiteSpeed Web Server /admin/config/confMgr.php cross-site scripting
4176|
4177| Exploit-DB - https://www.exploit-db.com:
4178| [26535] LiteSpeed 2.1.5 ConfMgr.php Cross-Site Scripting Vulnerability
4179| [15723] FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit
4180| [13850] Litespeed Technologies Web Server Remote Poison null byte Exploit
4181| [11503] Litespeed Web Server 4.0.12 - (Add Admin) CSRF and XSS Vulnerabilities
4182| [4556] LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure Vuln
4183|
4184| OpenVAS (Nessus) - http://www.openvas.org:
4185| [100744] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
4186|
4187| SecurityTracker - https://www.securitytracker.com:
4188| [1015234] LiteSpeed Web Server Input Validation Flaw in 'confMgr.php' Permits Cross-Site Scripting Attacks
4189|
4190| OSVDB - http://www.osvdb.org:
4191| [80213] LiteSpeed Web Server Admin Panel service/graph_html.php gtitle Parameter XSS
4192| [69916] LiteSpeed Web Server HTTP Header LSAPI PHP Extension Processing Overflow
4193| [65476] LiteSpeed Web Server Script Source Code Information Disclosure
4194| [62449] LiteSpeed Web Server Admin User Creation CSRF
4195| [57910] LiteSpeed Web Server Unspecified Post-authentication Issue
4196| [57909] LiteSpeed Web Server lshttpd Unspecified Infinite Loop DoS
4197| [41867] LiteSpeed Web Server MIME Type Injection Null Byte Script Source Code Disclosure
4198| [20908] LiteSpeed Web Server WebAdmin confMgr.php m Parameter XSS
4199|_
4200Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
4201Device type: general purpose
4202Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (91%)
4203OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:2.6
4204Aggressive OS guesses: Linux 3.10 - 3.12 (91%), Linux 4.4 (91%), Linux 4.9 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.16 (86%), Linux 4.0 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.2 - 4.9 (85%)
4205No exact OS matches for host (test conditions non-ideal).
4206Uptime guess: 3.122 days (since Sat Oct 26 13:27:11 2019)
4207Network Distance: 21 hops
4208TCP Sequence Prediction: Difficulty=262 (Good luck!)
4209IP ID Sequence Generation: All zeros
4210
4211TRACEROUTE (using port 80/tcp)
4212HOP RTT ADDRESS
42131 51.88 ms 10.243.204.1
42142 70.43 ms vlan102.as04.qc1.ca.m247.com (176.113.74.145)
42153 70.45 ms irb-0.agg1.qc1.ca.m247.com (83.97.21.78)
42164 70.39 ms te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44)
42175 70.44 ms ix-xe-11-1-1-0.tcore1.w6c-montreal.as6453.net (66.198.96.98)
42186 70.52 ms if-ae-12-2.tcore1.mtt-montreal.as6453.net (64.86.31.26)
42197 70.50 ms if-ae-0-2.tcore2.mtt-montreal.as6453.net (216.6.115.90)
42208 70.54 ms if-ae-5-2.tcore2.n0v-new-york.as6453.net (64.86.226.58)
42219 70.52 ms if-ae-2-2.tcore1.n0v-new-york.as6453.net (216.6.90.21)
422210 34.66 ms if-ae-0-2.tcore3.njy-newark.as6453.net (216.6.90.14)
422311 47.28 ms if-ae-1-3.tcore4.njy-newark.as6453.net (216.6.57.6)
422412 45.24 ms if-ae-12-2.tcore2.aeq-ashburn.as6453.net (216.6.87.42)
422513 54.06 ms 216.6.87.171
422614 221.21 ms 5.53.0.215
422715 221.07 ms 5.53.1.94
422816 221.17 ms 176.52.252.175
422917 192.58 ms 5.53.0.233
423018 ...
423119 221.07 ms nap96lflo02.lo0.red.lflo.nap.movistar.cl (200.91.0.6)
423220 ...
423321 200.82 ms servidor.agenciacatedral.com (201.217.241.118)
4234
4235NSE: Script Post-scanning.
4236Initiating NSE at 16:23
4237Completed NSE at 16:23, 0.00s elapsed
4238Initiating NSE at 16:23
4239Completed NSE at 16:23, 0.00s elapsed
4240#######################################################################################################################################
4241------------------------------------------------------------------------------------------------------------------------
4242
4243[ ! ] Starting SCANNER INURLBR 2.1 at [29-10-2019 16:23:47]
4244[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
4245It is the end user's responsibility to obey all applicable local, state and federal laws.
4246Developers assume no liability and are not responsible for any misuse or damage caused by this program
4247
4248[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.metro.cl/output/inurlbr-www.metro.cl ]
4249[ INFO ][ DORK ]::[ site:www.metro.cl ]
4250[ INFO ][ SEARCHING ]:: {
4251[ INFO ][ ENGINE ]::[ GOOGLE - www.google.im ]
4252
4253[ INFO ][ SEARCHING ]::
4254-[:::]
4255[ INFO ][ ENGINE ]::[ GOOGLE API ]
4256
4257[ INFO ][ SEARCHING ]::
4258-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4259[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.com.mt ID: 013269018370076798483:wdba3dlnxqm ]
4260
4261[ INFO ][ SEARCHING ]::
4262-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
4263
4264[ INFO ][ TOTAL FOUND VALUES ]:: [ 100 ]
4265
4266
4267 _[ - ]::--------------------------------------------------------------------------------------------------------------
4268|_[ + ] [ 0 / 100 ]-[16:24:01] [ - ]
4269|_[ + ] Target:: [ https://www.metro.cl/ ]
4270|_[ + ] Exploit::
4271|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4272|_[ + ] More details:: / - / , ISP:
4273|_[ + ] Found:: UNIDENTIFIED
4274
4275 _[ - ]::--------------------------------------------------------------------------------------------------------------
4276|_[ + ] [ 1 / 100 ]-[16:24:05] [ - ]
4277|_[ + ] Target:: [ https://www.metro.cl/corporativo/ ]
4278|_[ + ] Exploit::
4279|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4280|_[ + ] More details:: / - / , ISP:
4281|_[ + ] Found:: UNIDENTIFIED
4282
4283 _[ - ]::--------------------------------------------------------------------------------------------------------------
4284|_[ + ] [ 2 / 100 ]-[16:24:07] [ - ]
4285|_[ + ] Target:: [ https://www.metro.cl/planificador/ ]
4286|_[ + ] Exploit::
4287|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4288|_[ + ] More details:: / - / , ISP:
4289|_[ + ] Found:: UNIDENTIFIED
4290
4291 _[ - ]::--------------------------------------------------------------------------------------------------------------
4292|_[ + ] [ 3 / 100 ]-[16:24:08] [ - ]
4293|_[ + ] Target:: [ https://www.metro.cl/estacion/ ]
4294|_[ + ] Exploit::
4295|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4296|_[ + ] More details:: / - / , ISP:
4297|_[ + ] Found:: UNIDENTIFIED
4298
4299 _[ - ]::--------------------------------------------------------------------------------------------------------------
4300|_[ + ] [ 4 / 100 ]-[16:24:12] [ - ]
4301|_[ + ] Target:: [ https://www.metro.cl/registro/ ]
4302|_[ + ] Exploit::
4303|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4304|_[ + ] More details:: / - / , ISP:
4305|_[ + ] Found:: UNIDENTIFIED
4306
4307 _[ - ]::--------------------------------------------------------------------------------------------------------------
4308|_[ + ] [ 5 / 100 ]-[16:24:14] [ - ]
4309|_[ + ] Target:: [ https://www.metro.cl/auspicios/ ]
4310|_[ + ] Exploit::
4311|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4312|_[ + ] More details:: / - / , ISP:
4313|_[ + ] Found:: UNIDENTIFIED
4314
4315 _[ - ]::--------------------------------------------------------------------------------------------------------------
4316|_[ + ] [ 6 / 100 ]-[16:24:15] [ - ]
4317|_[ + ] Target:: [ http://www.metro.cl/licitaciones/ ]
4318|_[ + ] Exploit::
4319|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:80
4320|_[ + ] More details:: / - / , ISP:
4321|_[ + ] Found:: UNIDENTIFIED
4322
4323 _[ - ]::--------------------------------------------------------------------------------------------------------------
4324|_[ + ] [ 7 / 100 ]-[16:24:18] [ - ]
4325|_[ + ] Target:: [ https://www.metro.cl/estacion/PR ]
4326|_[ + ] Exploit::
4327|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4328|_[ + ] More details:: / - / , ISP:
4329|_[ + ] Found:: UNIDENTIFIED
4330
4331 _[ - ]::--------------------------------------------------------------------------------------------------------------
4332|_[ + ] [ 8 / 100 ]-[16:24:21] [ - ]
4333|_[ + ] Target:: [ https://www.metro.cl/estacion/SM ]
4334|_[ + ] Exploit::
4335|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4336|_[ + ] More details:: / - / , ISP:
4337|_[ + ] Found:: UNIDENTIFIED
4338
4339 _[ - ]::--------------------------------------------------------------------------------------------------------------
4340|_[ + ] [ 9 / 100 ]-[16:24:24] [ - ]
4341|_[ + ] Target:: [ https://www.metro.cl/estacion/SA ]
4342|_[ + ] Exploit::
4343|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4344|_[ + ] More details:: / - / , ISP:
4345|_[ + ] Found:: UNIDENTIFIED
4346
4347 _[ - ]::--------------------------------------------------------------------------------------------------------------
4348|_[ + ] [ 10 / 100 ]-[16:24:26] [ - ]
4349|_[ + ] Target:: [ https://www.metro.cl/estacion/VMA ]
4350|_[ + ] Exploit::
4351|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4352|_[ + ] More details:: / - / , ISP:
4353|_[ + ] Found:: UNIDENTIFIED
4354
4355 _[ - ]::--------------------------------------------------------------------------------------------------------------
4356|_[ + ] [ 11 / 100 ]-[16:24:29] [ - ]
4357|_[ + ] Target:: [ https://www.metro.cl/estacion/FR ]
4358|_[ + ] Exploit::
4359|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4360|_[ + ] More details:: / - / , ISP:
4361|_[ + ] Found:: UNIDENTIFIED
4362
4363 _[ - ]::--------------------------------------------------------------------------------------------------------------
4364|_[ + ] [ 12 / 100 ]-[16:24:31] [ - ]
4365|_[ + ] Target:: [ https://www.metro.cl/estacion/MM ]
4366|_[ + ] Exploit::
4367|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4368|_[ + ] More details:: / - / , ISP:
4369|_[ + ] Found:: UNIDENTIFIED
4370
4371 _[ - ]::--------------------------------------------------------------------------------------------------------------
4372|_[ + ] [ 13 / 100 ]-[16:24:34] [ - ]
4373|_[ + ] Target:: [ https://www.metro.cl/estacion/NA ]
4374|_[ + ] Exploit::
4375|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4376|_[ + ] More details:: / - / , ISP:
4377|_[ + ] Found:: UNIDENTIFIED
4378
4379 _[ - ]::--------------------------------------------------------------------------------------------------------------
4380|_[ + ] [ 14 / 100 ]-[16:24:37] [ - ]
4381|_[ + ] Target:: [ https://www.metro.cl/estacion/VVA ]
4382|_[ + ] Exploit::
4383|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4384|_[ + ] More details:: / - / , ISP:
4385|_[ + ] Found:: UNIDENTIFIED
4386
4387 _[ - ]::--------------------------------------------------------------------------------------------------------------
4388|_[ + ] [ 15 / 100 ]-[16:24:40] [ - ]
4389|_[ + ] Target:: [ https://www.metro.cl/estacion/LO ]
4390|_[ + ] Exploit::
4391|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4392|_[ + ] More details:: / - / , ISP:
4393|_[ + ] Found:: UNIDENTIFIED
4394
4395 _[ - ]::--------------------------------------------------------------------------------------------------------------
4396|_[ + ] [ 16 / 100 ]-[16:24:45] [ - ]
4397|_[ + ] Target:: [ https://www.metro.cl/corporativo/privacidad ]
4398|_[ + ] Exploit::
4399|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4400|_[ + ] More details:: / - / , ISP:
4401|_[ + ] Found:: UNIDENTIFIED
4402
4403 _[ - ]::--------------------------------------------------------------------------------------------------------------
4404|_[ + ] [ 17 / 100 ]-[16:24:47] [ - ]
4405|_[ + ] Target:: [ https://www.metro.cl/estacion/DO ]
4406|_[ + ] Exploit::
4407|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4408|_[ + ] More details:: / - / , ISP:
4409|_[ + ] Found:: UNIDENTIFIED
4410
4411 _[ - ]::--------------------------------------------------------------------------------------------------------------
4412|_[ + ] [ 18 / 100 ]-[16:24:51] [ - ]
4413|_[ + ] Target:: [ https://www.metro.cl/estacion/LR ]
4414|_[ + ] Exploit::
4415|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4416|_[ + ] More details:: / - / , ISP:
4417|_[ + ] Found:: UNIDENTIFIED
4418
4419 _[ - ]::--------------------------------------------------------------------------------------------------------------
4420|_[ + ] [ 19 / 100 ]-[16:24:54] [ - ]
4421|_[ + ] Target:: [ https://www.metro.cl/estacion/CER ]
4422|_[ + ] Exploit::
4423|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4424|_[ + ] More details:: / - / , ISP:
4425|_[ + ] Found:: UNIDENTIFIED
4426
4427 _[ - ]::--------------------------------------------------------------------------------------------------------------
4428|_[ + ] [ 20 / 100 ]-[16:24:57] [ - ]
4429|_[ + ] Target:: [ https://www.metro.cl/estacion/NP ]
4430|_[ + ] Exploit::
4431|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4432|_[ + ] More details:: / - / , ISP:
4433|_[ + ] Found:: UNIDENTIFIED
4434
4435 _[ - ]::--------------------------------------------------------------------------------------------------------------
4436|_[ + ] [ 21 / 100 ]-[16:24:59] [ - ]
4437|_[ + ] Target:: [ https://www.metro.cl/estacion/SBO ]
4438|_[ + ] Exploit::
4439|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4440|_[ + ] More details:: / - / , ISP:
4441|_[ + ] Found:: UNIDENTIFIED
4442
4443 _[ - ]::--------------------------------------------------------------------------------------------------------------
4444|_[ + ] [ 22 / 100 ]-[16:25:01] [ - ]
4445|_[ + ] Target:: [ https://www.metro.cl/corporativo/remuneraciones ]
4446|_[ + ] Exploit::
4447|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4448|_[ + ] More details:: / - / , ISP:
4449|_[ + ] Found:: UNIDENTIFIED
4450
4451 _[ - ]::--------------------------------------------------------------------------------------------------------------
4452|_[ + ] [ 23 / 100 ]-[16:25:03] [ - ]
4453|_[ + ] Target:: [ https://www.metro.cl/estacion/PZA ]
4454|_[ + ] Exploit::
4455|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4456|_[ + ] More details:: / - / , ISP:
4457|_[ + ] Found:: UNIDENTIFIED
4458
4459 _[ - ]::--------------------------------------------------------------------------------------------------------------
4460|_[ + ] [ 24 / 100 ]-[16:25:06] [ - ]
4461|_[ + ] Target:: [ https://www.metro.cl/estacion/GL ]
4462|_[ + ] Exploit::
4463|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4464|_[ + ] More details:: / - / , ISP:
4465|_[ + ] Found:: UNIDENTIFIED
4466
4467 _[ - ]::--------------------------------------------------------------------------------------------------------------
4468|_[ + ] [ 25 / 100 ]-[16:25:11] [ - ]
4469|_[ + ] Target:: [ https://www.metro.cl/estacion/RP ]
4470|_[ + ] Exploit::
4471|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4472|_[ + ] More details:: / - / , ISP:
4473|_[ + ] Found:: UNIDENTIFIED
4474
4475 _[ - ]::--------------------------------------------------------------------------------------------------------------
4476|_[ + ] [ 26 / 100 ]-[16:25:14] [ - ]
4477|_[ + ] Target:: [ https://www.metro.cl/estacion/SL ]
4478|_[ + ] Exploit::
4479|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4480|_[ + ] More details:: / - / , ISP:
4481|_[ + ] Found:: UNIDENTIFIED
4482
4483 _[ - ]::--------------------------------------------------------------------------------------------------------------
4484|_[ + ] [ 27 / 100 ]-[16:25:17] [ - ]
4485|_[ + ] Target:: [ https://www.metro.cl/estacion/SJE ]
4486|_[ + ] Exploit::
4487|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4488|_[ + ] More details:: / - / , ISP:
4489|_[ + ] Found:: UNIDENTIFIED
4490
4491 _[ - ]::--------------------------------------------------------------------------------------------------------------
4492|_[ + ] [ 28 / 100 ]-[16:25:20] [ - ]
4493|_[ + ] Target:: [ https://www.metro.cl/estacion/PZE ]
4494|_[ + ] Exploit::
4495|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4496|_[ + ] More details:: / - / , ISP:
4497|_[ + ] Found:: UNIDENTIFIED
4498
4499 _[ - ]::--------------------------------------------------------------------------------------------------------------
4500|_[ + ] [ 29 / 100 ]-[16:25:22] [ - ]
4501|_[ + ] Target:: [ https://www.metro.cl/estacion/RA ]
4502|_[ + ] Exploit::
4503|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4504|_[ + ] More details:: / - / , ISP:
4505|_[ + ] Found:: UNIDENTIFIED
4506
4507 _[ - ]::--------------------------------------------------------------------------------------------------------------
4508|_[ + ] [ 30 / 100 ]-[16:25:25] [ - ]
4509|_[ + ] Target:: [ https://www.metro.cl/estacion/TO ]
4510|_[ + ] Exploit::
4511|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4512|_[ + ] More details:: / - / , ISP:
4513|_[ + ] Found:: UNIDENTIFIED
4514
4515 _[ - ]::--------------------------------------------------------------------------------------------------------------
4516|_[ + ] [ 31 / 100 ]-[16:25:28] [ - ]
4517|_[ + ] Target:: [ https://www.metro.cl/estacion/LC ]
4518|_[ + ] Exploit::
4519|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4520|_[ + ] More details:: / - / , ISP:
4521|_[ + ] Found:: UNIDENTIFIED
4522
4523 _[ - ]::--------------------------------------------------------------------------------------------------------------
4524|_[ + ] [ 32 / 100 ]-[16:25:31] [ - ]
4525|_[ + ] Target:: [ https://www.metro.cl/estacion/TOB ]
4526|_[ + ] Exploit::
4527|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4528|_[ + ] More details:: / - / , ISP:
4529|_[ + ] Found:: UNIDENTIFIED
4530
4531 _[ - ]::--------------------------------------------------------------------------------------------------------------
4532|_[ + ] [ 33 / 100 ]-[16:25:34] [ - ]
4533|_[ + ] Target:: [ https://www.metro.cl/estacion/SI ]
4534|_[ + ] Exploit::
4535|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4536|_[ + ] More details:: / - / , ISP:
4537|_[ + ] Found:: UNIDENTIFIED
4538
4539 _[ - ]::--------------------------------------------------------------------------------------------------------------
4540|_[ + ] [ 34 / 100 ]-[16:25:37] [ - ]
4541|_[ + ] Target:: [ https://www.metro.cl/estacion/UCH ]
4542|_[ + ] Exploit::
4543|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4544|_[ + ] More details:: / - / , ISP:
4545|_[ + ] Found:: UNIDENTIFIED
4546
4547 _[ - ]::--------------------------------------------------------------------------------------------------------------
4548|_[ + ] [ 35 / 100 ]-[16:25:39] [ - ]
4549|_[ + ] Target:: [ https://www.metro.cl/estacion/RMA ]
4550|_[ + ] Exploit::
4551|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4552|_[ + ] More details:: / - / , ISP:
4553|_[ + ] Found:: UNIDENTIFIED
4554
4555 _[ - ]::--------------------------------------------------------------------------------------------------------------
4556|_[ + ] [ 36 / 100 ]-[16:25:42] [ - ]
4557|_[ + ] Target:: [ https://www.metro.cl/estacion/PT ]
4558|_[ + ] Exploit::
4559|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4560|_[ + ] More details:: / - / , ISP:
4561|_[ + ] Found:: UNIDENTIFIED
4562
4563 _[ - ]::--------------------------------------------------------------------------------------------------------------
4564|_[ + ] [ 37 / 100 ]-[16:25:44] [ - ]
4565|_[ + ] Target:: [ https://www.metro.cl/estacion/LIB ]
4566|_[ + ] Exploit::
4567|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4568|_[ + ] More details:: / - / , ISP:
4569|_[ + ] Found:: UNIDENTIFIED
4570
4571 _[ - ]::--------------------------------------------------------------------------------------------------------------
4572|_[ + ] [ 38 / 100 ]-[16:25:46] [ - ]
4573|_[ + ] Target:: [ https://www.metro.cl/estacion/CCH ]
4574|_[ + ] Exploit::
4575|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4576|_[ + ] More details:: / - / , ISP:
4577|_[ + ] Found:: UNIDENTIFIED
4578
4579 _[ - ]::--------------------------------------------------------------------------------------------------------------
4580|_[ + ] [ 39 / 100 ]-[16:25:48] [ - ]
4581|_[ + ] Target:: [ https://www.metro.cl/estacion/EC ]
4582|_[ + ] Exploit::
4583|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4584|_[ + ] More details:: / - / , ISP:
4585|_[ + ] Found:: UNIDENTIFIED
4586
4587 _[ - ]::--------------------------------------------------------------------------------------------------------------
4588|_[ + ] [ 40 / 100 ]-[16:25:51] [ - ]
4589|_[ + ] Target:: [ https://www.metro.cl/estacion/BQ ]
4590|_[ + ] Exploit::
4591|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4592|_[ + ] More details:: / - / , ISP:
4593|_[ + ] Found:: UNIDENTIFIED
4594
4595 _[ - ]::--------------------------------------------------------------------------------------------------------------
4596|_[ + ] [ 41 / 100 ]-[16:25:54] [ - ]
4597|_[ + ] Target:: [ https://www.metro.cl/estacion/SB ]
4598|_[ + ] Exploit::
4599|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4600|_[ + ] More details:: / - / , ISP:
4601|_[ + ] Found:: UNIDENTIFIED
4602
4603 _[ - ]::--------------------------------------------------------------------------------------------------------------
4604|_[ + ] [ 42 / 100 ]-[16:25:58] [ - ]
4605|_[ + ] Target:: [ https://www.metro.cl/estacion/MAT ]
4606|_[ + ] Exploit::
4607|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4608|_[ + ] More details:: / - / , ISP:
4609|_[ + ] Found:: UNIDENTIFIED
4610
4611 _[ - ]::--------------------------------------------------------------------------------------------------------------
4612|_[ + ] [ 43 / 100 ]-[16:26:01] [ - ]
4613|_[ + ] Target:: [ https://www.metro.cl/estacion/PE ]
4614|_[ + ] Exploit::
4615|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4616|_[ + ] More details:: / - / , ISP:
4617|_[ + ] Found:: UNIDENTIFIED
4618
4619 _[ - ]::--------------------------------------------------------------------------------------------------------------
4620|_[ + ] [ 44 / 100 ]-[16:26:04] [ - ]
4621|_[ + ] Target:: [ https://www.metro.cl/estacion/IR ]
4622|_[ + ] Exploit::
4623|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4624|_[ + ] More details:: / - / , ISP:
4625|_[ + ] Found:: UNIDENTIFIED
4626
4627 _[ - ]::--------------------------------------------------------------------------------------------------------------
4628|_[ + ] [ 45 / 100 ]-[16:26:07] [ - ]
4629|_[ + ] Target:: [ https://www.metro.cl/estacion/CH ]
4630|_[ + ] Exploit::
4631|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4632|_[ + ] More details:: / - / , ISP:
4633|_[ + ] Found:: UNIDENTIFIED
4634
4635 _[ - ]::--------------------------------------------------------------------------------------------------------------
4636|_[ + ] [ 46 / 100 ]-[16:26:12] [ - ]
4637|_[ + ] Target:: [ https://www.metro.cl/estacion/PB ]
4638|_[ + ] Exploit::
4639|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4640|_[ + ] More details:: / - / , ISP:
4641|_[ + ] Found:: UNIDENTIFIED
4642
4643 _[ - ]::--------------------------------------------------------------------------------------------------------------
4644|_[ + ] [ 47 / 100 ]-[16:26:16] [ - ]
4645|_[ + ] Target:: [ https://www.metro.cl/estacion/PCA ]
4646|_[ + ] Exploit::
4647|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4648|_[ + ] More details:: / - / , ISP:
4649|_[ + ] Found:: UNIDENTIFIED
4650
4651 _[ - ]::--------------------------------------------------------------------------------------------------------------
4652|_[ + ] [ 48 / 100 ]-[16:26:21] [ - ]
4653|_[ + ] Target:: [ https://www.metro.cl/estacion/LH ]
4654|_[ + ] Exploit::
4655|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4656|_[ + ] More details:: / - / , ISP:
4657|_[ + ] Found:: UNIDENTIFIED
4658
4659 _[ - ]::--------------------------------------------------------------------------------------------------------------
4660|_[ + ] [ 49 / 100 ]-[16:26:24] [ - ]
4661|_[ + ] Target:: [ https://www.metro.cl/actividad-comercial/ ]
4662|_[ + ] Exploit::
4663|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4664|_[ + ] More details:: / - / , ISP:
4665|_[ + ] Found:: UNIDENTIFIED
4666
4667 _[ - ]::--------------------------------------------------------------------------------------------------------------
4668|_[ + ] [ 50 / 100 ]-[16:26:26] [ - ]
4669|_[ + ] Target:: [ https://www.metro.cl/estacion/SO ]
4670|_[ + ] Exploit::
4671|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4672|_[ + ] More details:: / - / , ISP:
4673|_[ + ] Found:: UNIDENTIFIED
4674
4675 _[ - ]::--------------------------------------------------------------------------------------------------------------
4676|_[ + ] [ 51 / 100 ]-[16:26:28] [ - ]
4677|_[ + ] Target:: [ https://www.metro.cl/estacion/HM ]
4678|_[ + ] Exploit::
4679|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4680|_[ + ] More details:: / - / , ISP:
4681|_[ + ] Found:: UNIDENTIFIED
4682
4683 _[ - ]::--------------------------------------------------------------------------------------------------------------
4684|_[ + ] [ 52 / 100 ]-[16:26:31] [ - ]
4685|_[ + ] Target:: [ https://www.metro.cl/estacion/CB ]
4686|_[ + ] Exploit::
4687|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4688|_[ + ] More details:: / - / , ISP:
4689|_[ + ] Found:: UNIDENTIFIED
4690
4691 _[ - ]::--------------------------------------------------------------------------------------------------------------
4692|_[ + ] [ 53 / 100 ]-[16:26:33] [ - ]
4693|_[ + ] Target:: [ https://www.metro.cl/estacion/TRI ]
4694|_[ + ] Exploit::
4695|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4696|_[ + ] More details:: / - / , ISP:
4697|_[ + ] Found:: UNIDENTIFIED
4698
4699 _[ - ]::--------------------------------------------------------------------------------------------------------------
4700|_[ + ] [ 54 / 100 ]-[16:26:37] [ - ]
4701|_[ + ] Target:: [ https://www.metro.cl/estacion/SP ]
4702|_[ + ] Exploit::
4703|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4704|_[ + ] More details:: / - / , ISP:
4705|_[ + ] Found:: UNIDENTIFIED
4706
4707 _[ - ]::--------------------------------------------------------------------------------------------------------------
4708|_[ + ] [ 55 / 100 ]-[16:26:41] [ - ]
4709|_[ + ] Target:: [ https://www.metro.cl/estacion/ECO ]
4710|_[ + ] Exploit::
4711|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4712|_[ + ] More details:: / - / , ISP:
4713|_[ + ] Found:: UNIDENTIFIED
4714
4715 _[ - ]::--------------------------------------------------------------------------------------------------------------
4716|_[ + ] [ 56 / 100 ]-[16:26:42] [ - ]
4717|_[ + ] Target:: [ https://www.metro.cl/estacion/PZC ]
4718|_[ + ] Exploit::
4719|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4720|_[ + ] More details:: / - / , ISP:
4721|_[ + ] Found:: UNIDENTIFIED
4722
4723 _[ - ]::--------------------------------------------------------------------------------------------------------------
4724|_[ + ] [ 57 / 100 ]-[16:26:45] [ - ]
4725|_[ + ] Target:: [ https://www.metro.cl/estacion/PPA ]
4726|_[ + ] Exploit::
4727|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4728|_[ + ] More details:: / - / , ISP:
4729|_[ + ] Found:: UNIDENTIFIED
4730
4731 _[ - ]::--------------------------------------------------------------------------------------------------------------
4732|_[ + ] [ 58 / 100 ]-[16:26:46] [ - ]
4733|_[ + ] Target:: [ https://www.metro.cl/ticket-viaje ]
4734|_[ + ] Exploit::
4735|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4736|_[ + ] More details:: / - / , ISP:
4737|_[ + ] Found:: UNIDENTIFIED
4738
4739 _[ - ]::--------------------------------------------------------------------------------------------------------------
4740|_[ + ] [ 59 / 100 ]-[16:26:49] [ - ]
4741|_[ + ] Target:: [ https://www.metro.cl/estacion/NU ]
4742|_[ + ] Exploit::
4743|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4744|_[ + ] More details:: / - / , ISP:
4745|_[ + ] Found:: UNIDENTIFIED
4746
4747 _[ - ]::--------------------------------------------------------------------------------------------------------------
4748|_[ + ] [ 60 / 100 ]-[16:26:55] [ - ]
4749|_[ + ] Target:: [ https://www.metro.cl/estacion/VV ]
4750|_[ + ] Exploit::
4751|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4752|_[ + ] More details:: / - / , ISP:
4753|_[ + ] Found:: UNIDENTIFIED
4754
4755 _[ - ]::--------------------------------------------------------------------------------------------------------------
4756|_[ + ] [ 61 / 100 ]-[16:26:57] [ - ]
4757|_[ + ] Target:: [ https://www.metro.cl/estacion/LV ]
4758|_[ + ] Exploit::
4759|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4760|_[ + ] More details:: / - / , ISP:
4761|_[ + ] Found:: UNIDENTIFIED
4762
4763 _[ - ]::--------------------------------------------------------------------------------------------------------------
4764|_[ + ] [ 62 / 100 ]-[16:27:01] [ - ]
4765|_[ + ] Target:: [ https://www.metro.cl/estacion/EL ]
4766|_[ + ] Exploit::
4767|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4768|_[ + ] More details:: / - / , ISP:
4769|_[ + ] Found:: UNIDENTIFIED
4770
4771 _[ - ]::--------------------------------------------------------------------------------------------------------------
4772|_[ + ] [ 63 / 100 ]-[16:27:03] [ - ]
4773|_[ + ] Target:: [ https://www.metro.cl/estacion/LGR ]
4774|_[ + ] Exploit::
4775|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4776|_[ + ] More details:: / - / , ISP:
4777|_[ + ] Found:: UNIDENTIFIED
4778
4779 _[ - ]::--------------------------------------------------------------------------------------------------------------
4780|_[ + ] [ 64 / 100 ]-[16:27:06] [ - ]
4781|_[ + ] Target:: [ https://www.metro.cl/estacion/LCI ]
4782|_[ + ] Exploit::
4783|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4784|_[ + ] More details:: / - / , ISP:
4785|_[ + ] Found:: UNIDENTIFIED
4786
4787 _[ - ]::--------------------------------------------------------------------------------------------------------------
4788|_[ + ] [ 65 / 100 ]-[16:27:09] [ - ]
4789|_[ + ] Target:: [ https://www.metro.cl/estacion/SRO ]
4790|_[ + ] Exploit::
4791|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4792|_[ + ] More details:: / - / , ISP:
4793|_[ + ] Found:: UNIDENTIFIED
4794
4795 _[ - ]::--------------------------------------------------------------------------------------------------------------
4796|_[ + ] [ 66 / 100 ]-[16:27:11] [ - ]
4797|_[ + ] Target:: [ https://www.metro.cl/estacion/AL ]
4798|_[ + ] Exploit::
4799|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4800|_[ + ] More details:: / - / , ISP:
4801|_[ + ] Found:: UNIDENTIFIED
4802
4803 _[ - ]::--------------------------------------------------------------------------------------------------------------
4804|_[ + ] [ 67 / 100 ]-[16:27:13] [ - ]
4805|_[ + ] Target:: [ https://www.metro.cl/estacion/AN ]
4806|_[ + ] Exploit::
4807|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4808|_[ + ] More details:: / - / , ISP:
4809|_[ + ] Found:: UNIDENTIFIED
4810
4811 _[ - ]::--------------------------------------------------------------------------------------------------------------
4812|_[ + ] [ 68 / 100 ]-[16:27:16] [ - ]
4813|_[ + ] Target:: [ https://www.metro.cl/estacion/EI ]
4814|_[ + ] Exploit::
4815|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4816|_[ + ] More details:: / - / , ISP:
4817|_[ + ] Found:: UNIDENTIFIED
4818
4819 _[ - ]::--------------------------------------------------------------------------------------------------------------
4820|_[ + ] [ 69 / 100 ]-[16:27:19] [ - ]
4821|_[ + ] Target:: [ https://www.metro.cl/estacion/FRA ]
4822|_[ + ] Exploit::
4823|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4824|_[ + ] More details:: / - / , ISP:
4825|_[ + ] Found:: UNIDENTIFIED
4826
4827 _[ - ]::--------------------------------------------------------------------------------------------------------------
4828|_[ + ] [ 70 / 100 ]-[16:27:21] [ - ]
4829|_[ + ] Target:: [ https://www.metro.cl/estacion/PEG ]
4830|_[ + ] Exploit::
4831|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4832|_[ + ] More details:: / - / , ISP:
4833|_[ + ] Found:: UNIDENTIFIED
4834
4835 _[ - ]::--------------------------------------------------------------------------------------------------------------
4836|_[ + ] [ 71 / 100 ]-[16:27:22] [ - ]
4837|_[ + ] Target:: [ https://www.metro.cl/atencion-cliente/ ]
4838|_[ + ] Exploit::
4839|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4840|_[ + ] More details:: / - / , ISP:
4841|_[ + ] Found:: UNIDENTIFIED
4842
4843 _[ - ]::--------------------------------------------------------------------------------------------------------------
4844|_[ + ] [ 72 / 100 ]-[16:27:25] [ - ]
4845|_[ + ] Target:: [ https://www.metro.cl/estacion/MQ ]
4846|_[ + ] Exploit::
4847|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4848|_[ + ] More details:: / - / , ISP:
4849|_[ + ] Found:: UNIDENTIFIED
4850
4851 _[ - ]::--------------------------------------------------------------------------------------------------------------
4852|_[ + ] [ 73 / 100 ]-[16:27:27] [ - ]
4853|_[ + ] Target:: [ https://www.metro.cl/estacion/HOS ]
4854|_[ + ] Exploit::
4855|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4856|_[ + ] More details:: / - / , ISP:
4857|_[ + ] Found:: UNIDENTIFIED
4858
4859 _[ - ]::--------------------------------------------------------------------------------------------------------------
4860|_[ + ] [ 74 / 100 ]-[16:27:29] [ - ]
4861|_[ + ] Target:: [ https://www.metro.cl/estacion/DS ]
4862|_[ + ] Exploit::
4863|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4864|_[ + ] More details:: / - / , ISP:
4865|_[ + ] Found:: UNIDENTIFIED
4866
4867 _[ - ]::--------------------------------------------------------------------------------------------------------------
4868|_[ + ] [ 75 / 100 ]-[16:27:32] [ - ]
4869|_[ + ] Target:: [ https://www.metro.cl/estacion/COL ]
4870|_[ + ] Exploit::
4871|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4872|_[ + ] More details:: / - / , ISP:
4873|_[ + ] Found:: UNIDENTIFIED
4874
4875 _[ - ]::--------------------------------------------------------------------------------------------------------------
4876|_[ + ] [ 76 / 100 ]-[16:27:35] [ - ]
4877|_[ + ] Target:: [ https://www.metro.cl/estacion/LS ]
4878|_[ + ] Exploit::
4879|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4880|_[ + ] More details:: / - / , ISP:
4881|_[ + ] Found:: UNIDENTIFIED
4882
4883 _[ - ]::--------------------------------------------------------------------------------------------------------------
4884|_[ + ] [ 77 / 100 ]-[16:27:37] [ - ]
4885|_[ + ] Target:: [ https://www.metro.cl/corporativo/historia ]
4886|_[ + ] Exploit::
4887|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4888|_[ + ] More details:: / - / , ISP:
4889|_[ + ] Found:: UNIDENTIFIED
4890
4891 _[ - ]::--------------------------------------------------------------------------------------------------------------
4892|_[ + ] [ 78 / 100 ]-[16:27:39] [ - ]
4893|_[ + ] Target:: [ https://www.metro.cl/estacion/LA ]
4894|_[ + ] Exploit::
4895|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4896|_[ + ] More details:: / - / , ISP:
4897|_[ + ] Found:: UNIDENTIFIED
4898
4899 _[ - ]::--------------------------------------------------------------------------------------------------------------
4900|_[ + ] [ 79 / 100 ]-[16:27:42] [ - ]
4901|_[ + ] Target:: [ https://www.metro.cl/estacion/PQ ]
4902|_[ + ] Exploit::
4903|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4904|_[ + ] More details:: / - / , ISP:
4905|_[ + ] Found:: UNIDENTIFIED
4906
4907 _[ - ]::--------------------------------------------------------------------------------------------------------------
4908|_[ + ] [ 80 / 100 ]-[16:27:45] [ - ]
4909|_[ + ] Target:: [ https://www.metro.cl/estacion/DE ]
4910|_[ + ] Exploit::
4911|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4912|_[ + ] More details:: / - / , ISP:
4913|_[ + ] Found:: UNIDENTIFIED
4914
4915 _[ - ]::--------------------------------------------------------------------------------------------------------------
4916|_[ + ] [ 81 / 100 ]-[16:27:49] [ - ]
4917|_[ + ] Target:: [ https://www.metro.cl/estacion/PV ]
4918|_[ + ] Exploit::
4919|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4920|_[ + ] More details:: / - / , ISP:
4921|_[ + ] Found:: UNIDENTIFIED
4922
4923 _[ - ]::--------------------------------------------------------------------------------------------------------------
4924|_[ + ] [ 82 / 100 ]-[16:27:53] [ - ]
4925|_[ + ] Target:: [ https://www.metro.cl/estacion/CE ]
4926|_[ + ] Exploit::
4927|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4928|_[ + ] More details:: / - / , ISP:
4929|_[ + ] Found:: UNIDENTIFIED
4930
4931 _[ - ]::--------------------------------------------------------------------------------------------------------------
4932|_[ + ] [ 83 / 100 ]-[16:27:56] [ - ]
4933|_[ + ] Target:: [ https://www.metro.cl/estacion/PAC ]
4934|_[ + ] Exploit::
4935|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4936|_[ + ] More details:: / - / , ISP:
4937|_[ + ] Found:: UNIDENTIFIED
4938
4939 _[ - ]::--------------------------------------------------------------------------------------------------------------
4940|_[ + ] [ 84 / 100 ]-[16:28:01] [ - ]
4941|_[ + ] Target:: [ https://www.metro.cl/estacion/PU ]
4942|_[ + ] Exploit::
4943|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4944|_[ + ] More details:: / - / , ISP:
4945|_[ + ] Found:: UNIDENTIFIED
4946
4947 _[ - ]::--------------------------------------------------------------------------------------------------------------
4948|_[ + ] [ 85 / 100 ]-[16:28:05] [ - ]
4949|_[ + ] Target:: [ https://www.metro.cl/estacion/PM ]
4950|_[ + ] Exploit::
4951|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4952|_[ + ] More details:: / - / , ISP:
4953|_[ + ] Found:: UNIDENTIFIED
4954
4955 _[ - ]::--------------------------------------------------------------------------------------------------------------
4956|_[ + ] [ 86 / 100 ]-[16:28:06] [ - ]
4957|_[ + ] Target:: [ https://www.metro.cl/noticias/historial ]
4958|_[ + ] Exploit::
4959|_[ + ] Information Server:: HTTP/1.1 302 Found, Server: LiteSpeed , IP:201.217.241.118:443
4960|_[ + ] More details:: / - / , ISP:
4961|_[ + ] Found:: UNIDENTIFIED
4962
4963 _[ - ]::--------------------------------------------------------------------------------------------------------------
4964|_[ + ] [ 87 / 100 ]-[16:28:09] [ - ]
4965|_[ + ] Target:: [ https://www.metro.cl/estacion/PDG ]
4966|_[ + ] Exploit::
4967|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4968|_[ + ] More details:: / - / , ISP:
4969|_[ + ] Found:: UNIDENTIFIED
4970
4971 _[ - ]::--------------------------------------------------------------------------------------------------------------
4972|_[ + ] [ 88 / 100 ]-[16:28:12] [ - ]
4973|_[ + ] Target:: [ https://www.metro.cl/estacion/LTO ]
4974|_[ + ] Exploit::
4975|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4976|_[ + ] More details:: / - / , ISP:
4977|_[ + ] Found:: UNIDENTIFIED
4978
4979 _[ - ]::--------------------------------------------------------------------------------------------------------------
4980|_[ + ] [ 89 / 100 ]-[16:28:14] [ - ]
4981|_[ + ] Target:: [ https://www.metro.cl/estacion/RC ]
4982|_[ + ] Exploit::
4983|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4984|_[ + ] More details:: / - / , ISP:
4985|_[ + ] Found:: UNIDENTIFIED
4986
4987 _[ - ]::--------------------------------------------------------------------------------------------------------------
4988|_[ + ] [ 90 / 100 ]-[16:28:17] [ - ]
4989|_[ + ] Target:: [ https://www.metro.cl/estacion/ESP ]
4990|_[ + ] Exploit::
4991|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
4992|_[ + ] More details:: / - / , ISP:
4993|_[ + ] Found:: UNIDENTIFIED
4994
4995 _[ - ]::--------------------------------------------------------------------------------------------------------------
4996|_[ + ] [ 91 / 100 ]-[16:28:20] [ - ]
4997|_[ + ] Target:: [ https://www.metro.cl/estacion/QN ]
4998|_[ + ] Exploit::
4999|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5000|_[ + ] More details:: / - / , ISP:
5001|_[ + ] Found:: UNIDENTIFIED
5002
5003 _[ - ]::--------------------------------------------------------------------------------------------------------------
5004|_[ + ] [ 92 / 100 ]-[16:28:23] [ - ]
5005|_[ + ] Target:: [ https://www.metro.cl/estacion/CN ]
5006|_[ + ] Exploit::
5007|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5008|_[ + ] More details:: / - / , ISP:
5009|_[ + ] Found:: UNIDENTIFIED
5010
5011 _[ - ]::--------------------------------------------------------------------------------------------------------------
5012|_[ + ] [ 93 / 100 ]-[16:28:24] [ - ]
5013|_[ + ] Target:: [ https://www.metro.cl/corporativo/memoria ]
5014|_[ + ] Exploit::
5015|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5016|_[ + ] More details:: / - / , ISP:
5017|_[ + ] Found:: UNIDENTIFIED
5018
5019 _[ - ]::--------------------------------------------------------------------------------------------------------------
5020|_[ + ] [ 94 / 100 ]-[16:28:27] [ - ]
5021|_[ + ] Target:: [ https://www.metro.cl/estacion/GO ]
5022|_[ + ] Exploit::
5023|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5024|_[ + ] More details:: / - / , ISP:
5025|_[ + ] Found:: UNIDENTIFIED
5026
5027 _[ - ]::--------------------------------------------------------------------------------------------------------------
5028|_[ + ] [ 95 / 100 ]-[16:28:30] [ - ]
5029|_[ + ] Target:: [ https://www.metro.cl/porstgo/ ]
5030|_[ + ] Exploit::
5031|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5032|_[ + ] More details:: / - / , ISP:
5033|_[ + ] Found:: UNIDENTIFIED
5034
5035 _[ - ]::--------------------------------------------------------------------------------------------------------------
5036|_[ + ] [ 96 / 100 ]-[16:28:32] [ - ]
5037|_[ + ] Target:: [ https://www.metro.cl/clubmetro ]
5038|_[ + ] Exploit::
5039|_[ + ] Information Server:: HTTP/1.1 301 Moved Permanently, Server: LiteSpeed , IP:201.217.241.118:443
5040|_[ + ] More details:: / - / , ISP:
5041|_[ + ] Found:: UNIDENTIFIED
5042
5043 _[ - ]::--------------------------------------------------------------------------------------------------------------
5044|_[ + ] [ 97 / 100 ]-[16:28:36] [ - ]
5045|_[ + ] Target:: [ https://www.metro.cl/noticias/detalle/1606 ]
5046|_[ + ] Exploit::
5047|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5048|_[ + ] More details:: / - / , ISP:
5049|_[ + ] Found:: UNIDENTIFIED
5050
5051 _[ - ]::--------------------------------------------------------------------------------------------------------------
5052|_[ + ] [ 98 / 100 ]-[16:28:37] [ - ]
5053|_[ + ] Target:: [ https://www.metro.cl/noticias/detalle/1726 ]
5054|_[ + ] Exploit::
5055|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5056|_[ + ] More details:: / - / , ISP:
5057|_[ + ] Found:: UNIDENTIFIED
5058
5059 _[ - ]::--------------------------------------------------------------------------------------------------------------
5060|_[ + ] [ 99 / 100 ]-[16:28:43] [ - ]
5061|_[ + ] Target:: [ https://www.metro.cl/licitaciones/descarga/01eee509ee2f68dc6014898c309e86bf ]
5062|_[ + ] Exploit::
5063|_[ + ] Information Server:: HTTP/1.1 200 OK, Server: LiteSpeed , IP:201.217.241.118:443
5064|_[ + ] More details:: / - / , ISP:
5065|_[ + ] Found:: UNIDENTIFIED
5066
5067[ INFO ] [ Shutting down ]
5068[ INFO ] [ End of process INURLBR at [29-10-2019 16:28:43]
5069[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
5070[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/loot/workspace/www.metro.cl/output/inurlbr-www.metro.cl ]
5071|_________________________________________________________________________________________
5072
5073\_________________________________________________________________________________________/
5074#######################################################################################################################################
5075HTTP/1.1 200 OK
5076Connection: Keep-Alive
5077Set-Cookie: metro=ku4aj40pvjiq5itn1ae43f0ma7; path=/; domain=.metro.cl; secure; HttpOnly
5078Expires: Thu, 19 Nov 1981 08:52:00 GMT
5079Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
5080Pragma: no-cache
5081Content-Type: text/html; charset=UTF-8
5082Date: Tue, 29 Oct 2019 20:28:49 GMT
5083Server: LiteSpeed
5084Access-Control-Allow-Origin: http://www.metro.cl
5085Access-Control-Allow-Origin: http://metro.cl
5086Access-Control-Allow-Origin: http://www.metrosantiago.cl
5087Access-Control-Allow-Origin: http://metrosantiago.cl
5088Access-Control-Allow-Origin: http://metrodesantiago.cl
5089Access-Control-Allow-Origin: https://www.metro.cl
5090Access-Control-Allow-Origin: https://metro.cl
5091Access-Control-Allow-Origin: https://www.metrosantiago.cl
5092Access-Control-Allow-Origin: https://metrosantiago.cl
5093Access-Control-Allow-Origin: https://metrodesantiago.cl
5094X-Frame-Options: SAMEORIGIN
5095X-Content-Type-Options: nosniff
5096X-XSS-Protection: 1; mode=block
5097Referrer-Policy: strict-origin-when-cross-origin
5098Strict-Transport-Security: max-age=31536000; includeSubDomains
5099X-UA-Compatible: IE=edge
5100Alt-Svc: quic=":443"; ma=2592000; v="39,43,46", h3-Q039=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-22=":443"; ma=2592000
5101#######################################################################################################################################
5102/actividad-comercial
5103/atencion-cliente/oficinas
5104/atencion-cliente/preguntas-frecuentes
5105/atencion-cliente/sugerencias-reclamos
5106/buen-viajero/que-hacer-en-casos-de-contingencia
5107/corporativo
5108/corporativo/
5109/corporativo/canal-de-denuncias
5110/corporativo/documentos
5111/corporativo/mapa-del-sitio
5112/corporativo/normas-redes-sociales
5113/corporativo/privacidad
5114/estacion
5115http://metro.trabajando.cl/
5116https://bazarmetro.cl/
5117https://cargatubip.metro.cl/CargaTuBipV2/
5118https://mail.metro.cl/
5119https://twitter.com/intent/user?screen_name=metrodesantiago
5120https://twitter.com/metrodesantiago
5121https://www.facebook.com/Metrostgo/
5122https://www.facebook.com/pages/Metro-de-Santiago-Chile/171538782666?ref=stream
5123https://www.instagram.com/metrodesantiago
5124https://www.metro.cl/minisitio/finanzas/es
5125https://www.metro.cl/red-clientes/
5126http://www.ccplm.cl/
5127http://www.mac.uchile.cl/
5128http://www.transantiago.cl/
5129http://www.youtube.com/user/metrodesantiagochile
5130/images/clima/04d.png
5131/images/icoInfo.png
5132/images/icoNoticias.png
5133/images/logoFooter.png
5134/js/base.js?v=1.2019102901
5135/js/bootstrap.min.js
5136/js/datatables.js
5137/js/ekko-lightbox.js?v=1.2019011701
5138/js/jquery-3.2.1.js
5139/js/jquery.jticker.min.js
5140/js/jquery.slicebox.js
5141/js/modernizr.custom.46884.js
5142/js/popper.min.js
5143/js/select2.min.js
5144/js/zoom/jquery.smoothZoom.min.js
5145/licitaciones
5146/noticias/historial
5147/planificador
5148/planificador/interactivo
5149/registro
5150/ticket-viaje
5151/tu-viaje/estado-red
5152/tu-viaje/horarios
5153/tu-viaje/ruta-expresa
5154#######################################################################################################################################
5155https://www.metro.cl [200 OK] Cookies[metro], Country[CHILE][CL], Email[aariztia@metro-chile.cl,usuario@empresa.cl], Google-Analytics[UA-11084190-1], HTML5, HTTPServer[LiteSpeed], HttpOnly[metro], IP[201.217.241.118], JQuery[3.2.1], Lightbox, LiteSpeed, Modernizr, PasswordField, Script, Strict-Transport-Security[max-age=31536000; includeSubDomains], Title[Metro de Santiago], UncommonHeaders[access-control-allow-origin,x-content-type-options,referrer-policy,alt-svc], X-Frame-Options[SAMEORIGIN], X-UA-Compatible[IE=edge], X-XSS-Protection[1; mode=block]
5156#######################################################################################################################################
5157Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 12:21 EDT
5158Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
5159Host is up (1.1s latency).
5160Not shown: 984 filtered ports, 12 closed ports
5161Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
5162PORT STATE SERVICE
516353/tcp open domain
516480/tcp open http
5165443/tcp open https
51663306/tcp open mysql
5167
5168Nmap done: 1 IP address (1 host up) scanned in 374.52 seconds
5169######################################################################################################################################
5170Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 12:27 EDT
5171Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
5172Host is up (0.23s latency).
5173Not shown: 2 filtered ports
5174PORT STATE SERVICE
517553/udp open domain
517667/udp open|filtered dhcps
517768/udp open|filtered dhcpc
517869/udp open|filtered tftp
517988/udp open|filtered kerberos-sec
5180123/udp open|filtered ntp
5181139/udp open|filtered netbios-ssn
5182161/udp open|filtered snmp
5183162/udp open|filtered snmptrap
5184389/udp open|filtered ldap
5185500/udp open|filtered isakmp
5186520/udp open|filtered route
51872049/udp open|filtered nfs
5188
5189Nmap done: 1 IP address (1 host up) scanned in 5.24 seconds
5190######################################################################################################################################
5191Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 12:27 EDT
5192Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
5193Host is up (0.81s latency).
5194
5195PORT STATE SERVICE VERSION
519653/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
5197|_dns-fuzz: Server didn't response to our probe, can't fuzz
5198| dns-nsec-enum:
5199|_ No NSEC records found
5200| dns-nsec3-enum:
5201|_ DNSSEC NSEC3 not supported
5202| dns-nsid:
5203|_ bind.version: 9.11.4-P2-RedHat-9.11.4-9.P2.el7
5204| vulscan: VulDB - https://vuldb.com:
5205| [129818] ISC BIND up to 9.11.4/9.12.2 DDNS privilege escalation
5206| [129803] ISC BIND up to 9.11.1 Response Policy Zone Query Loop denial of service
5207| [129802] ISC BIND up to 9.11.0-P1 nxdomain-redirect Query Assertion denial of service
5208| [102965] ISC BIND up to 9.11.1-P1 TSIG weak authentication
5209| [102964] ISC BIND up to 9.11.1-P1 TSIG weak authentication
5210| [99868] ISC BIND up to 9.11.1rc2 Control Channel Crash denial of service
5211| [99867] ISC BIND up to 9.11.1rc1 DNS64 State Crash denial of service
5212| [99866] ISC BIND up to 9.11.1rc1 CNAME/DNAME Crash denial of service
5213| [96827] ISC BIND up to 9.11.1b1 RPZ/DNS64 State Error NULL Pointer Dereference denial of service
5214|
5215| MITRE CVE - https://cve.mitre.org:
5216| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
5217| [CVE-2013-4869] Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0."
5218| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
5219| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
5220| [CVE-2013-3434] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.
5221| [CVE-2013-3433] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.
5222| [CVE-2013-3412] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.
5223| [CVE-2013-3404] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
5224| [CVE-2013-3403] Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.
5225| [CVE-2013-3402] An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.
5226| [CVE-2013-3382] The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
5227| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
5228| [CVE-2013-1150] The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
5229| [CVE-2013-1139] The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
5230| [CVE-2013-1137] Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
5231| [CVE-2013-1134] The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.
5232| [CVE-2013-0149] The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.
5233| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
5234| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
5235| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
5236| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
5237| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
5238| [CVE-2012-3817] ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2
5239| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
5240| [CVE-2012-1328] Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
5241| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
5242| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
5243| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
5244| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
5245| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
5246| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
5247| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
5248| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
5249| [CVE-2011-0414] ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
5250| [CVE-2010-3762] ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
5251| [CVE-2010-3615] named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
5252| [CVE-2010-3614] named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
5253| [CVE-2010-3613] named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
5254| [CVE-2010-0382] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.
5255| [CVE-2010-0290] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
5256| [CVE-2010-0218] ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
5257| [CVE-2010-0097] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
5258| [CVE-2009-4022] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
5259| [CVE-2009-2028] Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
5260| [CVE-2009-1905] The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
5261| [CVE-2009-0696] The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
5262| [CVE-2009-0265] Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
5263| [CVE-2008-4163] Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
5264| [CVE-2008-0122] Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
5265| [CVE-2007-2926] ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
5266| [CVE-2007-2925] The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
5267| [CVE-2007-2241] Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
5268| [CVE-2007-0493] Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
5269| [CVE-2002-2037] The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
5270| [CVE-2002-0400] ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
5271| [CVE-2001-0497] dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
5272| [CVE-2000-0855] SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline.
5273| [CVE-2000-0368] Classic Cisco IOS 9.1 and later allows attackers with access to the loging prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
5274| [CVE-1999-1466] Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
5275| [CVE-1999-1306] Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
5276| [CVE-1999-1216] Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
5277|
5278| SecurityFocus - https://www.securityfocus.com/bid/:
5279| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
5280| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
5281| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
5282| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
5283| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
5284| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
5285| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
5286| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
5287| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
5288| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
5289| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
5290| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
5291| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
5292| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
5293| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
5294| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
5295| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
5296| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5297| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
5298| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5299| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5300| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5301| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5302| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5303| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
5304| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
5305| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
5306| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
5307| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
5308| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
5309| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
5310| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
5311| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
5312| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
5313| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
5314| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
5315| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
5316| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
5317| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
5318| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
5319| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
5320| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
5321| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
5322| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
5323| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
5324| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
5325| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
5326| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
5327| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
5328| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
5329| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
5330| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
5331| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
5332| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
5333| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
5334| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
5335| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
5336| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
5337| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
5338| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
5339| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
5340| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
5341| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
5342| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
5343| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
5344| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
5345| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
5346| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
5347| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
5348| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
5349| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
5350| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
5351| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
5352| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
5353|
5354| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5355| [85799] Cisco Unified IP Phones 9900 Series directory traversal
5356| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
5357| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
5358| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
5359| [9250] BIND 9 dns_message_findtype() denial of service
5360| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
5361| [539] Microsoft Windows 95 and Internet Explorer password disclosure
5362| [86004] ISC BIND RDATA denial of service
5363| [84767] ISC BIND denial of service
5364| [83066] ISC BIND denial of service
5365| [81504] ISC BIND AAAA denial of service
5366| [80510] ISC BIND DNS64 denial of service
5367| [79121] ISC BIND queries denial of service
5368| [78479] ISC BIND RDATA denial of service
5369| [77185] ISC BIND TCP queries denial of service
5370| [77184] ISC BIND bad cache denial of service
5371| [76034] ISC BIND rdata denial of service
5372| [73053] ISC BIND cache update policy security bypass
5373| [71332] ISC BIND recursive queries denial of service
5374| [68375] ISC BIND UPDATE denial of service
5375| [68374] ISC BIND Response Policy Zones denial of service
5376| [67665] ISC BIND RRSIG Rrsets denial of service
5377| [67297] ISC BIND RRSIG denial of service
5378| [65554] ISC BIND IXFR transfer denial of service
5379| [63602] ISC BIND allow-query security bypass
5380| [63596] ISC BIND zone data security bypass
5381| [63595] ISC BIND RRSIG denial of service
5382| [62072] ISC BIND DNSSEC query denial of service
5383| [62071] ISC BIND ACL security bypass
5384| [61871] ISC BIND anchors denial of service
5385| [60421] ISC BIND RRSIG denial of service
5386| [56049] ISC BIND out-of-bailiwick weak security
5387| [55937] ISC Bind unspecified cache poisoning
5388| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
5389| [54416] ISC BIND DNSSEC cache poisoning
5390| [52073] ISC BIND dns_db_findrdataset() denial of service
5391| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
5392| [45234] ISC BIND UDP denial of service
5393| [39670] ISC BIND inet_network buffer overflow
5394| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
5395| [37128] RHSA update for ISC BIND RRset denial of service not installed
5396| [37127] RHSA update for ISC BIND named service denial of service not installed
5397| [36275] ISC BIND DNS query spoofing
5398| [35575] ISC BIND query ID cache poisoning
5399| [35571] ISC BIND ACL security bypass
5400| [31838] ISC BIND RRset denial of service
5401| [31799] ISC BIND named service denial of service
5402| [29876] HP Tru64 ypbind core dump information disclosure
5403| [28745] ISC BIND DNSSEC RRset denial of service
5404| [28744] ISC BIND recursive INSIST denial of service
5405| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
5406| [18836] BIND hostname disclosure
5407| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
5408| [10333] ISC BIND SIG null pointer dereference denial of service
5409| [10332] ISC BIND OPT resource record (RR) denial of service
5410| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
5411| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
5412| [5814] ISC BIND "
5413| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
5414| [5462] ISC BIND AXFR host command remote buffer overflow
5415|
5416| Exploit-DB - https://www.exploit-db.com:
5417| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
5418| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
5419| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
5420| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
5421| [21812] MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure
5422| [21764] MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
5423| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
5424| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
5425| [13448] linux/x86 portbind port 5074 92 bytes
5426| [13388] linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes
5427| [13360] linux/x86 setuid/portbind shellcode 96 bytes
5428| [13245] bsd/x86 setuid/portbind shellcode 94 bytes
5429| [10638] Web Wiz Forums 9.64 - Database Disclosure Vulnerability
5430| [6775] Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
5431| [6236] BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit
5432| [6130] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
5433| [6123] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
5434| [6122] BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
5435| [4292] Diskeeper 9 Remote Memory Disclosure Exploit
5436| [4266] BIND 9 0.3beta - DNS Cache Poisoning Exploit
5437|
5438| OpenVAS (Nessus) - http://www.openvas.org:
5439| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
5440| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
5441| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
5442| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
5443| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
5444| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
5445| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
5446| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
5447| [11226] Oracle 9iAS default error information disclosure
5448|
5449| SecurityTracker - https://www.securitytracker.com:
5450| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
5451| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
5452| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
5453| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
5454| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
5455| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5456| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5457| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5458| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5459| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5460| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5461| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5462| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5463| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
5464| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
5465| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
5466| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
5467| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
5468| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
5469| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
5470| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
5471| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
5472| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
5473| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
5474| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
5475| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
5476|
5477| OSVDB - http://www.osvdb.org:
5478| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
5479| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
5480| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
5481| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
5482| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
5483| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
5484| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
5485| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
5486| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
5487| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
5488| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
5489| [18217] Oracle 9iAS echo Sample Application Information Disclosure
5490| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
5491| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
5492| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
5493| [3108] Microsoft Office 98 Macintosh Information Disclosure
5494| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
5495| [665] Microsoft Windows 95 Online Registration Information Disclosure
5496| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
5497| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
5498| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
5499| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
5500| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
5501| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
5502| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
5503| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
5504| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
5505| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
5506| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
5507| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
5508| [77159] ISC BIND Recursive Query Parsing Remote DoS
5509| [73605] ISC BIND UPDATE Request Parsing Remote DoS
5510| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
5511| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
5512| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
5513| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
5514| [69568] ISC BIND named allow-query ACL Restriction Bypass
5515| [69559] ISC BIND named Key Algorithm Rollover Weakness
5516| [69558] ISC BIND named RRSIG Negative Caching DoS
5517| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
5518| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
5519| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
5520| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
5521| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
5522| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
5523| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
5524| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
5525| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
5526| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
5527| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
5528| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
5529| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
5530| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
5531| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
5532| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
5533| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
5534| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
5535| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
5536| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
5537| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
5538| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
5539| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
5540| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
5541| [34752] ISC BIND so_linger Remote DoS
5542| [34751] ISC BIND Malformed SIG Record Remote DoS
5543| [34750] ISC BIND Malformed NAPTR Record Local DoS
5544| [34749] ISC BIND named maxdname DoS
5545| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
5546| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
5547| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
5548| [28558] ISC BIND Recursive Query Saturation DoS
5549| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
5550| [25895] ISC BIND Cached Recursive Query DoS
5551| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
5552| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
5553| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
5554| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
5555| [14795] ISC BIND TSIG Handling Code Remote Overflow
5556| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
5557| [13752] ISC BIND host Command AXFR Response Remote Overflow
5558| [13176] ISC BIND q_usedns Array Remote Overflow DoS
5559| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
5560| [9736] ISC BIND fdmax File Descriptor Consumption DoS
5561| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
5562| [9734] ISC BIND CNAME Record Zone Transfer DoS
5563| [9733] ISC BIND Malformed DNS Message DoS
5564| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
5565| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
5566| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
5567| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
5568| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
5569| [5828] ISC BIND named SRV Remote DoS
5570| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
5571| [2866] ISC BIND Negative Record Cache Poisoning
5572| [1751] ISC BIND Environment Variable Information Disclosure
5573| [1747] ISC BIND 4 nslookupComplain() Remote Format String
5574| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
5575| [913] ISC BIND Inverse-Query Remote Overflow
5576| [869] ISC BIND named SIG Resource Server Response RR Overflow
5577| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
5578| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
5579| [24] ISC BIND NXT Record Overflow
5580|_
5581Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
5582Device type: general purpose
5583Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (86%)
5584OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
5585Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (86%), Linux 3.11 - 4.1 (85%), Linux 4.4 (85%)
5586No exact OS matches for host (test conditions non-ideal).
5587Network Distance: 22 hops
5588Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
5589
5590Host script results:
5591| dns-brute:
5592| DNS Brute-force hostnames:
5593| test.agenciacatedral.com - 201.217.241.112
5594| ns1.agenciacatedral.com - 201.217.241.112
5595| ns2.agenciacatedral.com - 201.217.241.112
5596|_ www.agenciacatedral.com - 201.217.241.112
5597
5598TRACEROUTE (using port 53/tcp)
5599HOP RTT ADDRESS
56001 138.02 ms 10.250.200.1
56012 138.09 ms 94.242.54.1
56023 138.08 ms bg.rnet.ru (94.242.0.1)
56034 138.07 ms spb-sel-cr1.ae61-1251.rascom.as20764.net (81.27.241.22)
56045 ...
56056 149.32 ms be4338.204.ccr21.sto01.atlas.cogentco.com (149.6.168.137)
56067 150.09 ms be3376.ccr21.sto03.atlas.cogentco.com (130.117.50.225)
56078 171.48 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
56089 179.27 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
560910 259.78 ms be12265.ccr41.par01.atlas.cogentco.com (130.117.2.142)
561011 255.75 ms be3628.ccr42.jfk02.atlas.cogentco.com (154.54.27.169)
561112 253.81 ms be3363.ccr31.jfk04.atlas.cogentco.com (154.54.3.126)
561213 258.91 ms telefonica.jfk04.atlas.cogentco.com (154.54.11.234)
561314 ...
561415 375.08 ms 213.140.35.190
561516 384.25 ms 5.53.1.94
561617 ... 18
561719 390.31 ms nap96lflo02.lo0.red.lflo.nap.movistar.cl (200.91.0.6)
561820 ... 21
561922 828.98 ms servidor.agenciacatedral.com (201.217.241.118)
5620######################################################################################################################################
5621HTTP/1.1 200 OK
5622Connection: Keep-Alive
5623Set-Cookie: PHPSESSID=8bdnvl55vuk7n41htcg6uesc71; path=/
5624Expires: Thu, 19 Nov 1981 08:52:00 GMT
5625Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
5626Pragma: no-cache
5627Content-Type: text/html; charset=UTF-8
5628Date: Tue, 29 Oct 2019 16:28:50 GMT
5629Server: LiteSpeed
5630edit: Set-Cookie ^(.*)$ $1;HttpOnly;Secure
5631X-XSS-Protection: 1; mode=block
5632x-Frame-Options: SAMEORIGIN
5633X-Content-Type-Options: nosniff
5634Strict-Transport-Security: max-age=31536000; includeSubDomains
5635Referrer-Policy: strict-origin
5636######################################################################################################################################
5637http://201.217.241.118 [200 OK] Cookies[PHPSESSID], Country[CHILE][CL], HTML5, HTTPServer[LiteSpeed], IP[201.217.241.118], LiteSpeed, Strict-Transport-Security[max-age=31536000; includeSubDomains], Title[Metro], UncommonHeaders[edit,x-content-type-options,referrer-policy], X-Frame-Options[SAMEORIGIN], X-XSS-Protection[1; mode=block]
5638#######################################################################################################################################
5639Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 12:33 EDT
5640NSE: Loaded 163 scripts for scanning.
5641NSE: Script Pre-scanning.
5642Initiating NSE at 12:33
5643Completed NSE at 12:33, 0.00s elapsed
5644Initiating NSE at 12:33
5645Completed NSE at 12:33, 0.00s elapsed
5646Initiating Parallel DNS resolution of 1 host. at 12:33
5647Completed Parallel DNS resolution of 1 host. at 12:33, 0.16s elapsed
5648Initiating SYN Stealth Scan at 12:33
5649Scanning servidor.agenciacatedral.com (201.217.241.118) [1 port]
5650Discovered open port 80/tcp on 201.217.241.118
5651Completed SYN Stealth Scan at 12:33, 0.76s elapsed (1 total ports)
5652Initiating Service scan at 12:33
5653Scanning 1 service on servidor.agenciacatedral.com (201.217.241.118)
5654Completed Service scan at 12:34, 7.65s elapsed (1 service on 1 host)
5655Initiating OS detection (try #1) against servidor.agenciacatedral.com (201.217.241.118)
5656Retrying OS detection (try #2) against servidor.agenciacatedral.com (201.217.241.118)
5657Initiating Traceroute at 12:34
5658Completed Traceroute at 12:34, 3.92s elapsed
5659Initiating Parallel DNS resolution of 18 hosts. at 12:34
5660Completed Parallel DNS resolution of 18 hosts. at 12:34, 3.79s elapsed
5661NSE: Script scanning 201.217.241.118.
5662Initiating NSE at 12:34
5663Completed NSE at 12:38, 245.39s elapsed
5664Initiating NSE at 12:38
5665Completed NSE at 12:38, 2.72s elapsed
5666Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
5667Host is up (0.87s latency).
5668
5669PORT STATE SERVICE VERSION
567080/tcp open http LiteSpeed httpd
5671| http-brute:
5672|_ Path "/" does not require authentication
5673|_http-chrono: Request times for /; avg: 4067.39ms; min: 2025.06ms; max: 9845.74ms
5674| http-cookie-flags:
5675| /:
5676| PHPSESSID:
5677|_ httponly flag not set
5678|_http-csrf: Couldn't find any CSRF vulnerabilities.
5679|_http-date: Tue, 29 Oct 2019 16:34:38 GMT; -2s from local time.
5680|_http-devframework: Couldn't determine the underlying framework or CMS. Try increasing 'httpspider.maxpagecount' value to spider more pages.
5681|_http-dombased-xss: Couldn't find any DOM based XSS.
5682|_http-drupal-enum: Nothing found amongst the top 100 resources,use --script-args number=<number|all> for deeper analysis)
5683|_http-errors: Couldn't find any error pages.
5684|_http-feed: Couldn't find any feeds.
5685|_http-fetch: Please enter the complete path of the directory to save data in.
5686| http-headers:
5687| Connection: close
5688| Set-Cookie: PHPSESSID=5eu61t2bnaqmirgtu8uuvlmvc3; path=/
5689| Expires: Thu, 19 Nov 1981 08:52:00 GMT
5690| Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
5691| Pragma: no-cache
5692| Content-Type: text/html; charset=UTF-8
5693| Date: Tue, 29 Oct 2019 16:34:59 GMT
5694| Server: LiteSpeed
5695| edit: Set-Cookie ^(.*)$ $1;HttpOnly;Secure
5696| X-XSS-Protection: 1; mode=block
5697| x-Frame-Options: SAMEORIGIN
5698| X-Content-Type-Options: nosniff
5699| Strict-Transport-Security: max-age=31536000; includeSubDomains
5700| Referrer-Policy: strict-origin
5701|
5702|_ (Request type: HEAD)
5703|_http-jsonp-detection: Couldn't find any JSONP endpoints.
5704| http-methods:
5705|_ Supported Methods: GET HEAD POST OPTIONS
5706|_http-mobileversion-checker: No mobile version detected.
5707| http-php-version: Logo query returned unknown hash f1a6709b66bcc59dafe72a54aca2c4a0
5708|_Credits query returned unknown hash f1a6709b66bcc59dafe72a54aca2c4a0
5709| http-security-headers:
5710| Strict_Transport_Security:
5711| Header: Strict-Transport-Security: max-age=31536000; includeSubDomains
5712| X_Frame_Options:
5713| Header: X-Frame-Options: SAMEORIGIN
5714| Description: The browser must not display this content in any frame from a page of different origin than the content itself.
5715| X_XSS_Protection:
5716| Header: X-XSS-Protection: 1; mode=block
5717| Description: The browser will prevent the rendering of the page when XSS is detected.
5718| X_Content_Type_Options:
5719| Header: X-Content-Type-Options: nosniff
5720| Description: Will prevent the browser from MIME-sniffing a response away from the declared content-type.
5721| Cache_Control:
5722| Header: Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
5723| Pragma:
5724| Header: Pragma: no-cache
5725| Expires:
5726|_ Header: Expires: Thu, 19 Nov 1981 08:52:00 GMT
5727|_http-server-header: LiteSpeed
5728| http-sitemap-generator:
5729| Directory structure:
5730| /
5731| Other: 1; png: 1
5732| Longest directory structure:
5733| Depth: 0
5734| Dir: /
5735| Total files found (by extension):
5736|_ Other: 1; png: 1
5737|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
5738|_http-title: Metro
5739|_http-userdir-enum: Potential Users: root, admin, administrator, webadmin, sysadmin, netadmin, guest, user, web, test
5740| http-vhosts:
5741| firewall.agenciacatedral.com
5742| dns0.agenciacatedral.com
5743| dns2.agenciacatedral.com
5744| f5.agenciacatedral.com
5745| testing.agenciacatedral.com
5746| ns0.agenciacatedral.com
5747| www.agenciacatedral.com
5748|_120 names had status 200
5749|_http-wordpress-enum: Nothing found amongst the top 100 resources,use --script-args search-limit=<number|all> for deeper analysis)
5750|_http-wordpress-users: [Error] Wordpress installation was not found. We couldn't find wp-login.php
5751|_http-xssed: No previously reported XSS vuln.
5752| vulscan: VulDB - https://vuldb.com:
5753| [127415] LiteSpeed OpenLiteSpeed up to 1.5.0 RC5 Byte Sequence Request privilege escalation
5754| [106897] Open Litespeed up to 1.3.9 Use-After-Free memory corruption
5755| [62114] Litespeedtech LiteSpeed Web Server 4.1.11 cross site scripting
5756| [53729] Litespeedtech LiteSpeed Web Server information disclosure
5757| [39420] Litespeed Technologies LiteSpeed Web Server up to 3.2.2 php%00.txt information disclosure
5758|
5759| MITRE CVE - https://cve.mitre.org:
5760| [CVE-2012-4871] Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter.
5761| [CVE-2010-2333] LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
5762| [CVE-2007-5654] LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."
5763| [CVE-2005-3695] Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
5764|
5765| SecurityFocus - https://www.securityfocus.com/bid/:
5766| [82240] PHP LiteSpeed SAPI Out of Bounds Read Memory Corruption Vulnerability
5767| [82027] PHP 'sapi/litespeed/lsapilib.c' Information Disclosure Vulnerability
5768| [74806] OpenLiteSpeed Heap Based Buffer Overflow and Denial of Service Vulnerabilities
5769| [74207] LiteSpeed Web Server 'httpreq.cpp' Use After Free Denial of Service Vulnerability
5770| [63484] LiteSpeed Web Server Local Privilege Escalation Vulnerability
5771| [63481] LiteSpeed Web Server Race Condition Insecure Temporary File Creation Vulnerability
5772| [55946] LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting Vulnerability
5773| [45382] PHP LiteSpeed SAPI Arbitrary Code Execution Vulnerability
5774| [40815] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
5775| [38317] LiteSpeed Web Server Cross Site Scripting and Request Forgery Vulnerabilities
5776| [36268] LiteSpeed Web Server Multiple Unspecified Remote Security Vulnerabilities
5777| [26163] LiteSpeed Web Server Null-Byte Handling Information Disclosure Vulnerability
5778| [15485] LiteSpeed ConfMgr.php Cross-Site Scripting Vulnerability
5779|
5780| IBM X-Force - https://exchange.xforce.ibmcloud.com:
5781| [74144] LiteSpeed graph_html.php cross-site scripting
5782| [63979] LiteSpeed Web Server Null buffer overflow
5783| [59385] LiteSpeed Web Server information disclosure
5784| [56389] LiteSpeed Web Server Admin interface cross-site scripting
5785| [56388] LiteSpeed Web Server confMgr.php cross-site request forgery
5786| [54537] LiteSpeed Web Server post-authentication code execution
5787| [54536] LiteSpeed Web Server Lshttpd denial of service
5788| [37380] LiteSpeed Web Server mime-type information disclosure
5789| [23086] LiteSpeed Web Server /admin/config/confMgr.php cross-site scripting
5790|
5791| Exploit-DB - https://www.exploit-db.com:
5792| [26535] LiteSpeed 2.1.5 ConfMgr.php Cross-Site Scripting Vulnerability
5793| [15723] FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit
5794| [13850] Litespeed Technologies Web Server Remote Poison null byte Exploit
5795| [11503] Litespeed Web Server 4.0.12 - (Add Admin) CSRF and XSS Vulnerabilities
5796| [4556] LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure Vuln
5797|
5798| OpenVAS (Nessus) - http://www.openvas.org:
5799| [100744] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
5800|
5801| SecurityTracker - https://www.securitytracker.com:
5802| [1015234] LiteSpeed Web Server Input Validation Flaw in 'confMgr.php' Permits Cross-Site Scripting Attacks
5803|
5804| OSVDB - http://www.osvdb.org:
5805| [80213] LiteSpeed Web Server Admin Panel service/graph_html.php gtitle Parameter XSS
5806| [69916] LiteSpeed Web Server HTTP Header LSAPI PHP Extension Processing Overflow
5807| [65476] LiteSpeed Web Server Script Source Code Information Disclosure
5808| [62449] LiteSpeed Web Server Admin User Creation CSRF
5809| [57910] LiteSpeed Web Server Unspecified Post-authentication Issue
5810| [57909] LiteSpeed Web Server lshttpd Unspecified Infinite Loop DoS
5811| [41867] LiteSpeed Web Server MIME Type Injection Null Byte Script Source Code Disclosure
5812| [20908] LiteSpeed Web Server WebAdmin confMgr.php m Parameter XSS
5813|_
5814Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
5815Device type: general purpose
5816Running (JUST GUESSING): Linux 2.6.X|3.X|4.X (86%)
5817OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
5818Aggressive OS guesses: Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 - 3.12 (85%), Linux 3.11 - 4.1 (85%), Linux 4.4 (85%), Linux 4.9 (85%)
5819No exact OS matches for host (test conditions non-ideal).
5820Uptime guess: 0.172 days (since Tue Oct 29 08:31:30 2019)
5821Network Distance: 22 hops
5822TCP Sequence Prediction: Difficulty=254 (Good luck!)
5823IP ID Sequence Generation: All zeros
5824
5825TRACEROUTE (using port 80/tcp)
5826HOP RTT ADDRESS
58271 133.07 ms 10.250.200.1
58282 136.64 ms 94.242.54.1
58293 133.42 ms 94.242.0.21
58304 133.61 ms spb-bm18-cr1.ae61-1253.rascom.as20764.net (80.64.98.226)
58315 ...
58326 145.67 ms be4338.204.ccr21.sto01.atlas.cogentco.com (149.6.168.137)
58337 146.47 ms be3377.ccr22.sto03.atlas.cogentco.com (154.54.36.89)
58348 167.48 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
58359 169.89 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
583610 247.98 ms be12488.ccr42.lon13.atlas.cogentco.com (130.117.51.41)
583711 251.92 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
583812 251.81 ms be3471.ccr41.jfk02.atlas.cogentco.com (154.54.40.154)
583913 253.81 ms telefonica.jfk04.atlas.cogentco.com (154.54.11.234)
584014 292.72 ms 94.142.119.233
584115 377.83 ms 176.52.248.54
584216 396.38 ms 5.53.7.171
584317 ...
584418 375.23 ms nap96lflo02.lo0.red.lflo.nap.movistar.cl (200.91.0.6)
584519 372.65 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
584620 ... 21
584722 915.63 ms servidor.agenciacatedral.com (201.217.241.118)
5848
5849NSE: Script Post-scanning.
5850Initiating NSE at 12:38
5851Completed NSE at 12:38, 0.00s elapsed
5852Initiating NSE at 12:38
5853Completed NSE at 12:38, 0.00s elapsed
5854######################################################################################################################################
5855https://201.217.241.118 [200 OK] Cookies[metro], Country[CHILE][CL], Email[aariztia@metro-chile.cl,usuario@empresa.cl], Google-Analytics[UA-11084190-1], HTML5, HTTPServer[LiteSpeed], HttpOnly[metro], IP[201.217.241.118], JQuery[3.2.1], Lightbox, LiteSpeed, Modernizr, PasswordField, Script, Strict-Transport-Security[max-age=31536000; includeSubDomains], Title[Metro de Santiago], UncommonHeaders[access-control-allow-origin,x-content-type-options,referrer-policy,alt-svc], X-Frame-Options[SAMEORIGIN], X-UA-Compatible[IE=edge], X-XSS-Protection[1; mode=block]
5856######################################################################################################################################
5857Version: 1.11.13-static
5858OpenSSL 1.0.2-chacha (1.0.2g-dev)
5859
5860Connected to 201.217.241.118
5861
5862Testing SSL server 201.217.241.118 on port 443 using SNI name 201.217.241.118
5863
5864 TLS Fallback SCSV:
5865Server does not support TLS Fallback SCSV
5866
5867 TLS renegotiation:
5868Session renegotiation not supported
5869
5870 TLS Compression:
5871Compression disabled
5872
5873 Heartbleed:
5874TLS 1.2 not vulnerable to heartbleed
5875TLS 1.1 not vulnerable to heartbleed
5876TLS 1.0 not vulnerable to heartbleed
5877
5878 Supported Server Cipher(s):
5879
5880 SSL Certificate:
5881Signature Algorithm: sha256WithRSAEncryption
5882RSA Key Strength: 2048
5883
5884Subject: metro.cl
5885Altnames: DNS:metro.cl, DNS:cpanel.metro.cl, DNS:mail.metro.cl, DNS:webdisk.metro.cl, DNS:webmail.metro.cl, DNS:www.metro.cl
5886Issuer: cPanel, Inc. Certification Authority
5887
5888Not valid before: Aug 27 00:00:00 2019 GMT
5889Not valid after: Nov 25 23:59:59 2019 GMT
5890################################################################################################
5891Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 12:43 EDT
5892Stats: 0:09:26 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
5893NSE Timing: About 88.52% done; ETC: 12:54 (0:01:11 remaining)
5894NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
5895NSE: [mysql-brute] usernames: Time limit 10m00s exceeded.
5896NSE: [mysql-brute] passwords: Time limit 10m00s exceeded.
5897Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
5898Host is up (0.87s latency).
5899
5900PORT STATE SERVICE VERSION
59013306/tcp open mysql MySQL (unauthorized)
5902| mysql-brute:
5903| Accounts: No valid accounts found
5904|_ Statistics: Performed 6050 guesses in 604 seconds, average tps: 9.4
5905|_mysql-empty-password: Host '94.242.54.114' is not allowed to connect to this MySQL server
5906| mysql-enum:
5907| Accounts: No valid accounts found
5908|_ Statistics: Performed 10 guesses in 7 seconds, average tps: 1.4
5909|_mysql-vuln-cve2012-2122: ERROR: Script execution failed (use -d to debug)
5910| vulscan: VulDB - https://vuldb.com:
5911| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
5912| [140101] Yandex ClickHouse MySQL Client information disclosure
5913| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
5914| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
5915| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
5916| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
5917| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
5918| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
5919| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
5920| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
5921| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
5922| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
5923| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
5924| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
5925| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
5926| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
5927| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
5928| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5929| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5930| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5931| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5932| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5933| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5934| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5935| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
5936| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
5937| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
5938| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
5939| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
5940| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
5941| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
5942| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
5943| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
5944| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
5945| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
5946| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
5947| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
5948| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
5949| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
5950| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
5951| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
5952| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
5953| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
5954| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5955| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
5956| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
5957| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
5958| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
5959| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
5960| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
5961| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
5962| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
5963| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
5964| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
5965| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
5966| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
5967| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
5968| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5969| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5970| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5971| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5972| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5973| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5974| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5975| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5976| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
5977| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
5978| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
5979| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
5980| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
5981| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
5982| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
5983| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5984| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5985| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
5986| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
5987| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
5988| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
5989| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
5990| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
5991| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
5992| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
5993| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
5994| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
5995| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
5996| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
5997| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
5998| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
5999| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
6000| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
6001| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
6002| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
6003| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
6004| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
6005| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
6006| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
6007| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
6008| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
6009| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
6010| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
6011| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
6012| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
6013| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
6014| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
6015| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
6016| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
6017| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
6018| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
6019| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
6020| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
6021| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
6022| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
6023| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
6024| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
6025| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
6026| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
6027| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
6028| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
6029| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
6030| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
6031| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
6032| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
6033| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
6034| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
6035| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
6036| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
6037| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
6038| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
6039| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
6040| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
6041| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
6042| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
6043| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
6044| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
6045| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
6046| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
6047| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
6048| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
6049| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
6050| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
6051| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
6052| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
6053| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
6054| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
6055| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
6056| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
6057| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
6058| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
6059| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
6060| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
6061| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
6062| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
6063| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
6064| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
6065| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
6066| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
6067| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
6068| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
6069| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
6070| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
6071| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
6072| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
6073| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
6074| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
6075| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
6076| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
6077| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
6078| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
6079| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
6080| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
6081| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
6082| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
6083| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
6084| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
6085| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
6086| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
6087| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
6088| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
6089| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
6090| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
6091| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
6092| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
6093| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
6094| [118340] mysqljs on Node.js Backdoor privilege escalation
6095| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
6096| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
6097| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
6098| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
6099| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
6100| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
6101| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
6102| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
6103| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
6104| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
6105| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
6106| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
6107| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
6108| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
6109| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
6110| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
6111| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
6112| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
6113| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
6114| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
6115| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
6116| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
6117| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
6118| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
6119| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
6120| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
6121| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
6122| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
6123| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
6124| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
6125| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
6126| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
6127| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
6128| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
6129| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
6130| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
6131| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
6132| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
6133| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
6134| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
6135| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
6136| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
6137| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
6138| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
6139| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
6140| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
6141| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
6142| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
6143| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
6144| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
6145| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
6146| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
6147| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
6148| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
6149| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
6150| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
6151| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
6152| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
6153| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
6154| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
6155| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
6156| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
6157| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
6158| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
6159| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
6160| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
6161| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
6162| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
6163| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
6164| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
6165| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
6166| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
6167| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
6168| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
6169| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
6170| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
6171| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
6172| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
6173| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
6174| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
6175| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
6176| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
6177| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
6178| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
6179| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
6180| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
6181| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
6182| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
6183| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
6184| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
6185| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
6186| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
6187| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
6188| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
6189| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
6190| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
6191| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
6192| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
6193| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
6194| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
6195| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
6196| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
6197| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
6198| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
6199| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
6200| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
6201| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
6202| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
6203| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
6204| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
6205| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
6206| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
6207| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
6208| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
6209| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
6210| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
6211| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
6212| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
6213| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
6214| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
6215| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
6216| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
6217| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
6218| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
6219| [103578] MySQL Dumper 1.24 Stored cross site scripting
6220| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
6221| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
6222| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
6223| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
6224| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
6225| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
6226| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
6227| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
6228| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
6229| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
6230| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
6231| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
6232| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
6233| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
6234| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
6235| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
6236| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
6237| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
6238| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
6239| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
6240| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
6241| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
6242| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
6243| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
6244| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
6245| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
6246| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
6247| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
6248| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
6249| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
6250| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
6251| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
6252| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
6253| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
6254| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
6255| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
6256| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
6257| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
6258| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
6259| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
6260| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
6261| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
6262| [97041] MySQL DBD::mysql up to 4.38 denial of service
6263| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
6264| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
6265| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
6266| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
6267| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
6268| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
6269| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
6270| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
6271| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
6272| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
6273| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
6274| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
6275| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
6276| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
6277| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
6278| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
6279| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
6280| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
6281| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
6282| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
6283| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
6284| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
6285| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
6286| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
6287| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
6288| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
6289| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
6290| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
6291| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
6292| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
6293| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
6294| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
6295| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
6296| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
6297| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6298| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
6299| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
6300| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
6301| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
6302| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
6303| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
6304| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
6305| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
6306| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
6307| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
6308| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
6309| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
6310| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6311| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
6312| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
6313| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6314| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6315| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6316| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6317| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
6318| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
6319| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
6320| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
6321| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
6322| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
6323| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
6324| [90877] DBD::mysql up to 4.033 my_login memory corruption
6325| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
6326| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
6327| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
6328| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
6329| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
6330| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
6331| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
6332| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
6333| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
6334| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
6335| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
6336| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
6337| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
6338| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
6339| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
6340| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
6341| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
6342| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
6343| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
6344| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
6345| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
6346| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
6347| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
6348| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
6349| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
6350| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
6351| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
6352| [80604] Oracle MySQL Server up to 5.6.26 denial of service
6353| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
6354| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
6355| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
6356| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
6357| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
6358| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
6359| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
6360| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
6361| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
6362| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
6363| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
6364| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
6365| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
6366| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
6367| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
6368| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
6369| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
6370| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
6371| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
6372| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
6373| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
6374| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
6375| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
6376| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
6377| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
6378| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
6379| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
6380| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
6381| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
6382| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
6383| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
6384| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
6385| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
6386| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
6387| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
6388| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
6389| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
6390| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
6391| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
6392| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
6393| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
6394| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
6395| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
6396| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
6397| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
6398| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
6399| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
6400| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
6401| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
6402| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
6403| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
6404| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
6405| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
6406| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
6407| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
6408| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
6409| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
6410| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
6411| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
6412| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
6413| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
6414| [76628] Oracle MySQL Server up to 5.6.24 denial of service
6415| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
6416| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
6417| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
6418| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
6419| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
6420| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
6421| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
6422| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
6423| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
6424| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
6425| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
6426| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
6427| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
6428| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
6429| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
6430| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
6431| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
6432| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
6433| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
6434| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
6435| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
6436| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
6437| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
6438| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
6439| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
6440| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
6441| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
6442| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
6443| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
6444| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
6445| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
6446| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
6447| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
6448| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
6449| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
6450| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
6451| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
6452| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
6453| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
6454| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
6455| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
6456| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
6457| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
6458| [67987] Oracle MySQL Server up to 5.6.19 denial of service
6459| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
6460| [67985] Oracle MySQL Server up to 5.6.19 denial of service
6461| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
6462| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
6463| [67982] Oracle MySQL Server up to 5.5.38 denial of service
6464| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
6465| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
6466| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
6467| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
6468| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
6469| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
6470| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
6471| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
6472| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
6473| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
6474| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
6475| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
6476| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
6477| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
6478| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
6479| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
6480| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
6481| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
6482| [67165] Oracle MySQL Server up to 5.6.17 denial of service
6483| [67163] Oracle MySQL Server up to 5.6.17 denial of service
6484| [67162] Oracle MySQL Server up to 5.5.37 denial of service
6485| [67161] Oracle MySQL Server up to 5.6.17 denial of service
6486| [67160] Oracle MySQL Server up to 5.5.37 denial of service
6487| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
6488| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
6489| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
6490| [13065] Django up to 1.7 MySQL Typecast privilege escalation
6491| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
6492| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
6493| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
6494| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
6495| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
6496| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
6497| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
6498| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
6499| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
6500| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
6501| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
6502| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
6503| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
6504| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
6505| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
6506| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
6507| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
6508| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
6509| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
6510| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
6511| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
6512| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
6513| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
6514| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
6515| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
6516| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
6517| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
6518| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
6519| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
6520| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
6521| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
6522| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
6523| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
6524| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
6525| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
6526| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
6527| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
6528| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
6529| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
6530| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
6531| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
6532| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
6533| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
6534| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
6535| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
6536| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
6537| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
6538| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
6539| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
6540| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
6541| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
6542| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
6543| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
6544| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
6545| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
6546| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
6547| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
6548| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
6549| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
6550| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
6551| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
6552| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
6553| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
6554| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
6555| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
6556| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
6557| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
6558| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
6559| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
6560| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
6561| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
6562| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
6563| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
6564| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
6565| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
6566| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
6567| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
6568| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
6569| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
6570| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
6571| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
6572| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
6573| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
6574| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
6575| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
6576| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
6577| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
6578| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
6579| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
6580| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
6581| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
6582| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
6583| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
6584| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
6585| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
6586| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
6587| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
6588| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
6589| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
6590| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
6591| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
6592| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
6593| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
6594| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
6595| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
6596| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
6597| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
6598| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
6599| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
6600| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
6601| [63111] Oracle MySQL 5.5.19 Installation denial of service
6602| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
6603| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
6604| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
6605| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
6606| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
6607| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
6608| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
6609| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
6610| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
6611| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
6612| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
6613| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
6614| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
6615| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
6616| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
6617| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
6618| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
6619| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
6620| [61672] MySQL unknown vulnerability
6621| [61567] MySQLDumper 1.24.4 Error Message information disclosure
6622| [61566] MySQLDumper 1.24.4 Restore information disclosure
6623| [61565] MySQLDumper 1.24.4 directory traversal
6624| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
6625| [61563] MySQLDumper 1.24.4 index.php cross site scripting
6626| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
6627| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
6628| [5781] Oracle MySQL Server up to 5.5.23 denial of service
6629| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
6630| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
6631| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
6632| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
6633| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
6634| [5168] Oracle MySQL Server Optimizer denial of service
6635| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
6636| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
6637| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
6638| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
6639| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
6640| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
6641| [5072] Oracle MySQL Server up to 5.5.21 denial of service
6642| [4627] Oracle MySQL up to 5.5.20 memory corruption
6643| [60055] WordPress up to 1.2 MySQL Database denial of service
6644| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
6645| [5235] Oracle MySQL Server 5.5.x denial of service
6646| [5233] Oracle MySQL Server 5.5.x denial of service
6647| [5232] Oracle MySQL Server 5.5.x denial of service
6648| [5231] Oracle MySQL Server 5.5.x denial of service
6649| [5230] Oracle MySQL Server 5.5.x denial of service
6650| [5229] Oracle MySQL Server 5.5.x denial of service
6651| [5228] Oracle MySQL Server 5.5.x denial of service
6652| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
6653| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
6654| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
6655| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6656| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6657| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6658| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6659| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6660| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6661| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6662| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
6663| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
6664| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
6665| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
6666| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
6667| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
6668| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
6669| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
6670| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
6671| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
6672| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
6673| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
6674| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
6675| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
6676| [56083] MySQL Crash denial of service
6677| [56082] MySQL Use-After-Free denial of service
6678| [56081] MySQL Optimizer Crash denial of service
6679| [56080] MySQL up to 5.1.25 Stored denial of service
6680| [56079] MySQL Crash denial of service
6681| [56078] MySQL Create Table Crash denial of service
6682| [56025] MySQL up to 5.1.25 Crash denial of service
6683| [56024] MySQL up to 5.1.25 store denial of service
6684| [56023] MySQL up to 5.1.25 Crash denial of service
6685| [56022] MySQL up to 5.1.25 Crash denial of service
6686| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
6687| [56020] MySQL up to 5.1.25 Crash denial of service
6688| [56019] MySQL up to 5.1.25 Crash denial of service
6689| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
6690| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
6691| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
6692| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
6693| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
6694| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
6695| [54026] MySQL up to 5.1.25 Crash denial of service
6696| [53483] MySQL up to 5.0.0.0 memory corruption
6697| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
6698| [53481] MySQL up to 5.0.0.0 directory traversal
6699| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
6700| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
6701| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
6702| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
6703| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
6704| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
6705| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
6706| [50961] mysql GeomFromWKB denial of service
6707| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
6708| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
6709| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
6710| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
6711| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
6712| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
6713| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
6714| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
6715| [46636] MyBlog MySQL Database Cleartext information disclosure
6716| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
6717| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
6718| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
6719| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
6720| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
6721| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
6722| [44358] MySQL up to 5.0.67 cross site scripting
6723| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
6724| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
6725| [44131] NooMS 1.1 MySQL db.php information disclosure
6726| [44076] MySQL Create Table Symlink privilege escalation
6727| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
6728| [43987] MySQL Crash denial of service
6729| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
6730| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
6731| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
6732| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
6733| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
6734| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
6735| [42868] BlognPlus 2.5.4 MySQL sql injection
6736| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
6737| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
6738| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
6739| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
6740| [39993] MySQL denial of service
6741| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
6742| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
6743| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
6744| [39991] MySQL up to 6.0.4 denial of service
6745| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
6746| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
6747| [38781] PHP 5.2.4 MySQL memory corruption
6748| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
6749| [85747] InterWorx SiteWorx mysql.php cross site scripting
6750| [85735] InterWorx NodeWorx mysql.php cross site scripting
6751| [37818] MySQL Community Server up to 5.0.40 denial of service
6752| [39994] MySQL Federated Crash denial of service
6753| [37641] MySQLDumper htaccess privilege escalation
6754| [86077] NetClassifieds Mysql_db.php information disclosure
6755| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
6756| [36814] MySQL up to 5.1.17 information disclosure
6757| [36669] MySQL 4.0.1 unknown vulnerability
6758| [36813] mysql up to 5.1.17 thd::db_access denial of service
6759| [36812] MySQL up to 5.1.17 unknown vulnerability
6760| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
6761| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
6762| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
6763| [35917] Advanced Website Creator MySQL sql injection
6764| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
6765| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
6766| [85480] Fantastico includes/mysqlconfig.php directory traversal
6767| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
6768| [85212] WGS-PPC config/mysql_config.php privilege escalation
6769| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
6770| [34576] MyODBC MySQL Database denial of service
6771| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
6772| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
6773| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
6774| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
6775| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
6776| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
6777| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
6778|
6779| MITRE CVE - https://cve.mitre.org:
6780| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
6781| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
6782| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
6783| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
6784| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
6785| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
6786| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
6787| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
6788| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6789| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
6790| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
6791| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
6792| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6793| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
6794| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
6795| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
6796| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
6797| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
6798| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
6799| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
6800| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6801| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
6802| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6803| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
6804| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
6805| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
6806| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
6807| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
6808| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
6809| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
6810| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6811| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
6812| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
6813| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
6814| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
6815| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
6816| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
6817| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
6818| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
6819| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
6820| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
6821| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6822| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
6823| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
6824| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
6825| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6826| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
6827| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
6828| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
6829| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
6830| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
6831| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
6832| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6833| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
6834| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
6835| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
6836| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
6837| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
6838| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
6839| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
6840| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
6841| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
6842| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
6843| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
6844| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
6845| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
6846| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
6847| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
6848| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
6849| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
6850| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
6851| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
6852| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6853| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
6854| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
6855| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
6856| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6857| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
6858| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
6859| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
6860| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
6861| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6862| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
6863| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
6864| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
6865| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
6866| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
6867| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
6868| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
6869| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6870| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
6871| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6872| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6873| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6874| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6875| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
6876| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
6877| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6878| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6879| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6880| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
6881| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
6882| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
6883| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
6884| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
6885| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
6886| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
6887| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
6888| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
6889| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
6890| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
6891| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
6892| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
6893| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
6894| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
6895| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
6896| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
6897| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
6898| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
6899| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
6900| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
6901| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
6902| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
6903| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
6904| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
6905| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
6906| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
6907| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
6908| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
6909| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
6910| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
6911| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
6912| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
6913| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
6914| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
6915| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
6916| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
6917| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
6918| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
6919| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
6920| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
6921| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
6922| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
6923| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
6924| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
6925| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
6926| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
6927| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
6928| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
6929| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
6930| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
6931| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
6932| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
6933| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
6934| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
6935| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
6936| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
6937| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
6938| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
6939| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
6940| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
6941| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
6942| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
6943| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
6944| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
6945| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
6946| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
6947| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
6948| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
6949| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
6950| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
6951| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
6952| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
6953| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
6954| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
6955| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
6956| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
6957| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
6958| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
6959| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
6960| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
6961| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
6962| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
6963| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
6964| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
6965| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
6966| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
6967| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
6968| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
6969| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
6970| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
6971| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
6972| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
6973| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
6974| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
6975| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
6976| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
6977| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
6978| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
6979| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
6980| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
6981| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
6982| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
6983| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
6984| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
6985| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
6986| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
6987| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
6988| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
6989| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
6990| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
6991| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
6992| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
6993| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
6994| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
6995| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
6996| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
6997| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
6998| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
6999| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
7000| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
7001| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
7002| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
7003| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
7004| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
7005| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
7006| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
7007| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
7008| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
7009| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
7010| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
7011| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
7012| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
7013| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
7014| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
7015| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
7016| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
7017| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
7018| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
7019| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
7020| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
7021| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
7022| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
7023| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
7024| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
7025| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
7026| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
7027| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
7028| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
7029| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
7030| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
7031| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
7032| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
7033| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
7034| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
7035| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
7036| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
7037| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
7038| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
7039| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
7040| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
7041| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
7042| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
7043| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
7044| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
7045| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
7046| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
7047| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
7048| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
7049| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
7050| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
7051| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
7052| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
7053| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
7054| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
7055| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
7056| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
7057| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
7058| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
7059| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
7060| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
7061| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
7062| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
7063| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
7064| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
7065| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
7066| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
7067| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
7068| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
7069| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
7070| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
7071| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
7072| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
7073| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
7074| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
7075| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
7076| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
7077| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
7078| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
7079| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
7080| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
7081| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
7082| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
7083| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
7084| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
7085| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
7086| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
7087| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
7088| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
7089| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
7090| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
7091| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
7092| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
7093| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
7094| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
7095| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
7096| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
7097| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
7098| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
7099| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
7100| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
7101| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
7102| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
7103| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
7104| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
7105| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
7106| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
7107| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
7108| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
7109| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
7110| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
7111| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
7112| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
7113| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
7114| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
7115| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
7116| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
7117| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
7118| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
7119| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
7120| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
7121| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
7122| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
7123| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
7124| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
7125| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
7126| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
7127| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
7128| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
7129| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
7130| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
7131| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
7132| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
7133| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
7134| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
7135| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
7136| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
7137| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
7138| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
7139| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
7140| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
7141| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
7142| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
7143| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
7144| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
7145| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
7146| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
7147| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
7148| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
7149| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
7150| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
7151| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
7152| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
7153| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
7154| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
7155| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
7156| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
7157| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
7158| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
7159| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
7160| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
7161| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
7162| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
7163| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
7164| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
7165| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
7166| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
7167| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
7168| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
7169| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
7170| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
7171| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
7172| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
7173| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
7174| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
7175| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
7176| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
7177| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
7178| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
7179| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
7180| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
7181| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
7182| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
7183| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
7184| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
7185| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
7186| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
7187| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
7188| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
7189| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
7190| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
7191| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
7192| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
7193| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
7194| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
7195| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
7196| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
7197| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
7198| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
7199| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
7200| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
7201|
7202| SecurityFocus - https://www.securityfocus.com/bid/:
7203| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
7204| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
7205| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
7206| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
7207| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
7208| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
7209| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
7210| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
7211| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
7212| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
7213| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
7214| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
7215| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
7216| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
7217| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
7218| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
7219| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
7220| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
7221| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
7222| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
7223| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
7224| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
7225| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
7226| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
7227| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
7228| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
7229| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
7230| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
7231| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
7232| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
7233| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
7234| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
7235| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
7236| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
7237| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
7238| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
7239| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
7240| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
7241| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
7242| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
7243| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
7244| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
7245| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
7246| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
7247| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
7248| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
7249| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
7250| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
7251| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
7252| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
7253| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
7254| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
7255| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
7256| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
7257| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
7258| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
7259| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
7260| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
7261| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
7262| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
7263| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
7264| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
7265| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
7266| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
7267| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
7268| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
7269| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
7270| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
7271| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
7272| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
7273| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
7274| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
7275| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
7276| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
7277| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
7278| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
7279| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
7280| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
7281| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
7282| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
7283| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
7284| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
7285| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
7286| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
7287| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
7288| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
7289| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
7290| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
7291| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
7292| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
7293| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
7294| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
7295| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
7296| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
7297| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
7298| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
7299| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
7300| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
7301| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
7302| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
7303| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
7304| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
7305| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
7306| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
7307| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
7308| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
7309| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
7310| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
7311| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
7312| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
7313| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
7314| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
7315| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
7316| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
7317| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
7318| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
7319| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
7320| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
7321| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
7322| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
7323| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
7324| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
7325| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
7326| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
7327| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
7328| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
7329| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
7330| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
7331| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
7332| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
7333| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
7334| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
7335| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
7336| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
7337| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
7338| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
7339| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
7340| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
7341| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
7342| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
7343| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
7344| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
7345| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
7346| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
7347| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
7348| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
7349| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
7350| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
7351| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
7352| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
7353| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
7354| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
7355| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
7356| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
7357| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
7358| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
7359| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
7360| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
7361| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
7362| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
7363| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
7364| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
7365| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
7366| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
7367| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
7368| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
7369| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
7370| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
7371| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
7372| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
7373| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
7374| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
7375| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
7376| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
7377| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
7378| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
7379| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
7380| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
7381| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
7382| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
7383| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
7384| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
7385| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
7386| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
7387| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
7388| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
7389| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
7390| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
7391| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
7392| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
7393| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
7394| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
7395| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
7396| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
7397| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
7398| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
7399| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
7400| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
7401| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
7402| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
7403| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
7404| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
7405| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
7406| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
7407| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
7408| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
7409| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
7410| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
7411| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
7412| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
7413| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
7414| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
7415| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
7416| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
7417| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
7418| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
7419| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
7420| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
7421| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
7422| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
7423| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
7424| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
7425| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
7426| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
7427| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
7428| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
7429| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
7430| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
7431| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
7432| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
7433| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
7434| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
7435| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
7436| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
7437| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
7438| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
7439| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
7440| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
7441| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
7442| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
7443| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
7444| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
7445| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
7446| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
7447| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
7448| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
7449| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
7450| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
7451| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
7452| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
7453| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
7454| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
7455| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
7456| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
7457| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
7458| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
7459| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
7460| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
7461| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
7462| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
7463| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
7464| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
7465| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
7466| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
7467| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
7468| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
7469| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
7470| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
7471| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
7472| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
7473| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
7474| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
7475| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
7476| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
7477| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
7478| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
7479| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
7480| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
7481| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
7482| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
7483| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
7484| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
7485| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
7486| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
7487| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
7488| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
7489| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
7490| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
7491| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
7492| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
7493| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
7494| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
7495| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
7496| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
7497| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
7498| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
7499| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
7500| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
7501| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
7502| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
7503| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
7504| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
7505| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
7506| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
7507| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
7508| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
7509| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
7510| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
7511| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
7512| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
7513| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
7514| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
7515| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
7516| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
7517| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
7518| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
7519| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
7520| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
7521| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
7522| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
7523| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
7524| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
7525| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
7526| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
7527| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
7528| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
7529| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
7530| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
7531| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
7532| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
7533| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
7534| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
7535| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
7536| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
7537| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
7538| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
7539| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
7540| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
7541| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
7542| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
7543| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
7544| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
7545| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
7546| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
7547| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
7548| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
7549| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
7550| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
7551| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
7552| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
7553| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
7554| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
7555| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
7556| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
7557| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
7558| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
7559| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
7560| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
7561| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
7562| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
7563| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
7564| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
7565| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
7566| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
7567| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
7568| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
7569| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
7570| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
7571| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
7572| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
7573| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
7574| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
7575| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
7576| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
7577| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
7578| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
7579| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
7580| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
7581| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
7582| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
7583| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
7584| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
7585| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
7586| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
7587| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
7588| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
7589| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
7590| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
7591| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
7592| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
7593| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
7594| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
7595| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
7596| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
7597| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
7598| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
7599| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
7600| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
7601| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
7602| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
7603| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
7604| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
7605| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
7606| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
7607| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
7608| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
7609| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
7610| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
7611| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
7612| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
7613| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
7614| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
7615| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
7616| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
7617| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
7618| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
7619| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
7620| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
7621| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
7622| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
7623| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
7624| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
7625| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
7626| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
7627| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
7628| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
7629| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
7630| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
7631| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
7632| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
7633| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
7634| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
7635| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
7636| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
7637| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
7638| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
7639| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
7640| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
7641| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
7642| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
7643| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
7644| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
7645| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
7646| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
7647| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
7648| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
7649| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
7650| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
7651| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
7652| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
7653| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
7654| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
7655| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
7656| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
7657| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
7658| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
7659| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
7660| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
7661| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
7662| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
7663| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
7664| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
7665| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
7666| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
7667| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
7668| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
7669| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
7670| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
7671| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
7672| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
7673| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
7674| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
7675| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
7676| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
7677| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
7678| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
7679| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
7680| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
7681| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
7682| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
7683| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
7684| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
7685| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
7686| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
7687| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
7688| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
7689| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
7690| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
7691| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
7692| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
7693| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
7694| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
7695| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
7696| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
7697| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
7698| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
7699| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
7700| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
7701| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
7702| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
7703| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
7704| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
7705| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
7706| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
7707| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
7708| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
7709| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
7710| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
7711| [56791] Oracle MySQL Remote Code Execution Vulnerability
7712| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
7713| [56772] Oracle MySQL Remote Code Execution Vulnerability
7714| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
7715| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
7716| [56768] Oracle MySQL Server Heap Overflow Vulnerability
7717| [56766] Oracle MySQL Server Username Enumeration Weakness
7718| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
7719| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
7720| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
7721| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
7722| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
7723| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
7724| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
7725| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
7726| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
7727| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
7728| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
7729| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
7730| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
7731| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
7732| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
7733| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
7734| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
7735| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
7736| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
7737| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
7738| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
7739| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
7740| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
7741| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
7742| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
7743| [53306] MySQLDumper Multiple Security Vulnerabilities
7744| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
7745| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
7746| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
7747| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
7748| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
7749| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
7750| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
7751| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
7752| [51925] MySQL Unspecified Remote Code Execution Vulnerability
7753| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
7754| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
7755| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
7756| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
7757| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
7758| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
7759| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
7760| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
7761| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
7762| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
7763| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
7764| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
7765| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
7766| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
7767| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
7768| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
7769| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
7770| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
7771| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
7772| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
7773| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
7774| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
7775| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
7776| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
7777| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
7778| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
7779| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
7780| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
7781| [48466] MySQLDriverCS SQL Injection Vulnerability
7782| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
7783| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
7784| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
7785| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
7786| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
7787| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
7788| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
7789| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
7790| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
7791| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
7792| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
7793| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
7794| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
7795| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
7796| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
7797| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
7798| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
7799| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
7800| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
7801| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
7802| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
7803| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
7804| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
7805| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
7806| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
7807| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
7808| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
7809| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
7810| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
7811| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
7812| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
7813| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
7814| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
7815| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
7816| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
7817| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
7818| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
7819| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
7820| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
7821| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
7822| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
7823| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
7824| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
7825| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
7826| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
7827| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
7828| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
7829| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
7830| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
7831| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
7832| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
7833| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
7834| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
7835| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
7836| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
7837| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
7838| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
7839| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
7840| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
7841| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
7842| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
7843| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
7844| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
7845| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
7846| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
7847| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
7848| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
7849| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
7850| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
7851| [26156] Bacula MySQL Password Information Disclosure Vulnerability
7852| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
7853| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
7854| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
7855| [24016] MySQL Rename Table Function Access Validation Vulnerability
7856| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
7857| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
7858| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
7859| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
7860| [22941] MySQL Commander Remote File Include Vulnerability
7861| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
7862| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
7863| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
7864| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
7865| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
7866| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
7867| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
7868| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
7869| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
7870| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
7871| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
7872| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
7873| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
7874| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
7875| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
7876| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
7877| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
7878| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
7879| [16850] MySQL Query Logging Bypass Vulnerability
7880| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
7881| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
7882| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
7883| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
7884| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
7885| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
7886| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
7887| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
7888| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
7889| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
7890| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
7891| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
7892| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
7893| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
7894| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
7895| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
7896| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
7897| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
7898| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
7899| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
7900| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
7901| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
7902| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
7903| [11357] MySQL Multiple Local Vulnerabilities
7904| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
7905| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
7906| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
7907| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
7908| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
7909| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
7910| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
7911| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
7912| [10654] MySQL Authentication Bypass Vulnerability
7913| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
7914| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
7915| [8796] MySQL Multiple Vulnerabilities
7916| [8590] MySQL Password Handler Buffer Overflow Vulnerability
7917| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
7918| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
7919| [7500] MySQL Weak Password Encryption Vulnerability
7920| [7052] MySQL mysqld Privilege Escalation Vulnerability
7921| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
7922| [6718] MySQL Double Free Heap Corruption Vulnerability
7923| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
7924| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
7925| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
7926| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
7927| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
7928| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
7929| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
7930| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
7931| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
7932| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
7933| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
7934| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
7935| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
7936| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
7937| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
7938| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
7939| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
7940| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
7941| [2262] Mysql Local Buffer Overflow Vulnerability
7942| [1850] pam_mysql Authentication Input Validation Vulnerability
7943| [1826] MySQL Authentication Algorithm Vulnerability
7944| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
7945| [975] MySQL Unauthenticated Remote Access Vulnerability
7946| [926] MySQL GRANT Global Password Changing Vulnerability
7947|
7948| IBM X-Force - https://exchange.xforce.ibmcloud.com:
7949| [85724] Oracle MySQL Server XA Transactions denial of service
7950| [85723] Oracle MySQL Server Server Replication denial of service
7951| [85722] Oracle MySQL Server InnoDB denial of service
7952| [85721] Oracle MySQL Server Server Privileges unspecified
7953| [85720] Oracle MySQL Server Server Partition denial of service
7954| [85719] Oracle MySQL Server Server Parser denial of service
7955| [85718] Oracle MySQL Server Server Options denial of service
7956| [85717] Oracle MySQL Server Server Options denial of service
7957| [85716] Oracle MySQL Server Server Optimizer denial of service
7958| [85715] Oracle MySQL Server Server Optimizer denial of service
7959| [85714] Oracle MySQL Server Prepared Statements denial of service
7960| [85713] Oracle MySQL Server InnoDB denial of service
7961| [85712] Oracle MySQL Server Full Text Search denial of service
7962| [85711] Oracle MySQL Server Data Manipulation Language denial of service
7963| [85710] Oracle MySQL Server Data Manipulation Language denial of service
7964| [85709] Oracle MySQL Server Audit Log unspecified
7965| [85708] Oracle MySQL Server MemCached unspecified
7966| [84846] Debian mysql-server package information disclosure
7967| [84375] Wireshark MySQL dissector denial of service
7968| [83554] Oracle MySQL Server Server Partition denial of service
7969| [83553] Oracle MySQL Server Server Locking denial of service
7970| [83552] Oracle MySQL Server Server Install unspecified
7971| [83551] Oracle MySQL Server Server Types denial of service
7972| [83550] Oracle MySQL Server Server Privileges unspecified
7973| [83549] Oracle MySQL Server InnoDB denial of service
7974| [83548] Oracle MySQL Server InnoDB denial of service
7975| [83547] Oracle MySQL Server Data Manipulation Language denial of service
7976| [83546] Oracle MySQL Server Stored Procedure denial of service
7977| [83545] Oracle MySQL Server Server Replication denial of service
7978| [83544] Oracle MySQL Server Server Partition denial of service
7979| [83543] Oracle MySQL Server Server Optimizer denial of service
7980| [83542] Oracle MySQL Server InnoDB denial of service
7981| [83541] Oracle MySQL Server Information Schema denial of service
7982| [83540] Oracle MySQL Server Data Manipulation Language denial of service
7983| [83539] Oracle MySQL Server Data Manipulation Language denial of service
7984| [83538] Oracle MySQL Server Server Optimizer unspecified
7985| [83537] Oracle MySQL Server MemCached denial of service
7986| [83536] Oracle MySQL Server Server Privileges unspecified
7987| [83535] Oracle MySQL Server Server Privileges unspecified
7988| [83534] Oracle MySQL Server Server unspecified
7989| [83533] Oracle MySQL Server Information Schema unspecified
7990| [83532] Oracle MySQL Server Server Locking unspecified
7991| [83531] Oracle MySQL Server Data Manipulation Language denial of service
7992| [83388] MySQL administrative login attempt detected
7993| [82963] Mambo MySQL database information disclosure
7994| [82946] Oracle MySQL buffer overflow
7995| [82945] Oracle MySQL buffer overflow
7996| [82895] Oracle MySQL and MariaDB geometry queries denial of service
7997| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
7998| [81325] Oracle MySQL Server Server Privileges denial of service
7999| [81324] Oracle MySQL Server Server Partition denial of service
8000| [81323] Oracle MySQL Server Server Optimizer denial of service
8001| [81322] Oracle MySQL Server Server Optimizer denial of service
8002| [81321] Oracle MySQL Server Server denial of service
8003| [81320] Oracle MySQL Server MyISAM denial of service
8004| [81319] Oracle MySQL Server InnoDB denial of service
8005| [81318] Oracle MySQL Server InnoDB denial of service
8006| [81317] Oracle MySQL Server Server Locking denial of service
8007| [81316] Oracle MySQL Server Server denial of service
8008| [81315] Oracle MySQL Server Server Replication unspecified
8009| [81314] Oracle MySQL Server Server Replication unspecified
8010| [81313] Oracle MySQL Server Stored Procedure denial of service
8011| [81312] Oracle MySQL Server Server Optimizer denial of service
8012| [81311] Oracle MySQL Server Information Schema denial of service
8013| [81310] Oracle MySQL Server GIS Extension denial of service
8014| [80790] Oracle MySQL yaSSL buffer overflow
8015| [80553] Oracle MySQL and MariaDB salt security bypass
8016| [80443] Oracle MySQL Server unspecified code execution
8017| [80442] Oracle MySQL Server acl_get() buffer overflow
8018| [80440] Oracle MySQL Server table buffer overflow
8019| [80435] Oracle MySQL Server database privilege escalation
8020| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
8021| [80433] Oracle MySQL Server Stuxnet privilege escalation
8022| [80432] Oracle MySQL Server authentication information disclosure
8023| [79394] Oracle MySQL Server Server Installation information disclosure
8024| [79393] Oracle MySQL Server Server Replication denial of service
8025| [79392] Oracle MySQL Server Server Full Text Search denial of service
8026| [79391] Oracle MySQL Server Server denial of service
8027| [79390] Oracle MySQL Server Client information disclosure
8028| [79389] Oracle MySQL Server Server Optimizer denial of service
8029| [79388] Oracle MySQL Server Server Optimizer denial of service
8030| [79387] Oracle MySQL Server Server denial of service
8031| [79386] Oracle MySQL Server InnoDB Plugin denial of service
8032| [79385] Oracle MySQL Server InnoDB denial of service
8033| [79384] Oracle MySQL Server Client unspecified
8034| [79383] Oracle MySQL Server Server denial of service
8035| [79382] Oracle MySQL Server Protocol unspecified
8036| [79381] Oracle MySQL Server Information Schema unspecified
8037| [78954] SilverStripe MySQLDatabase.php information disclosure
8038| [78948] MySQL MyISAM table symlink
8039| [77865] MySQL unknown vuln
8040| [77864] MySQL sort order denial of service
8041| [77768] MySQLDumper refresh_dblist.php information disclosure
8042| [77177] MySQL Squid Access Report unspecified cross-site scripting
8043| [77065] Oracle MySQL Server Optimizer denial of service
8044| [77064] Oracle MySQL Server Optimizer denial of service
8045| [77063] Oracle MySQL Server denial of service
8046| [77062] Oracle MySQL InnoDB denial of service
8047| [77061] Oracle MySQL GIS Extension denial of service
8048| [77060] Oracle MySQL Server Optimizer denial of service
8049| [76189] MySQL unspecified error
8050| [76188] MySQL attempts security bypass
8051| [75287] MySQLDumper restore.php information disclosure
8052| [75286] MySQLDumper filemanagement.php directory traversal
8053| [75285] MySQLDumper main.php cross-site request forgery
8054| [75284] MySQLDumper install.php cross-site scripting
8055| [75283] MySQLDumper install.php file include
8056| [75282] MySQLDumper menu.php code execution
8057| [75022] Oracle MySQL Server Server Optimizer denial of service
8058| [75021] Oracle MySQL Server Server Optimizer denial of service
8059| [75020] Oracle MySQL Server Server DML denial of service
8060| [75019] Oracle MySQL Server Partition denial of service
8061| [75018] Oracle MySQL Server MyISAM denial of service
8062| [75017] Oracle MySQL Server Server Optimizer denial of service
8063| [74672] Oracle MySQL Server multiple unspecified
8064| [73092] MySQL unspecified code execution
8065| [72540] Oracle MySQL Server denial of service
8066| [72539] Oracle MySQL Server unspecified
8067| [72538] Oracle MySQL Server denial of service
8068| [72537] Oracle MySQL Server denial of service
8069| [72536] Oracle MySQL Server unspecified
8070| [72535] Oracle MySQL Server denial of service
8071| [72534] Oracle MySQL Server denial of service
8072| [72533] Oracle MySQL Server denial of service
8073| [72532] Oracle MySQL Server denial of service
8074| [72531] Oracle MySQL Server denial of service
8075| [72530] Oracle MySQL Server denial of service
8076| [72529] Oracle MySQL Server denial of service
8077| [72528] Oracle MySQL Server denial of service
8078| [72527] Oracle MySQL Server denial of service
8079| [72526] Oracle MySQL Server denial of service
8080| [72525] Oracle MySQL Server information disclosure
8081| [72524] Oracle MySQL Server denial of service
8082| [72523] Oracle MySQL Server denial of service
8083| [72522] Oracle MySQL Server denial of service
8084| [72521] Oracle MySQL Server denial of service
8085| [72520] Oracle MySQL Server denial of service
8086| [72519] Oracle MySQL Server denial of service
8087| [72518] Oracle MySQL Server unspecified
8088| [72517] Oracle MySQL Server unspecified
8089| [72516] Oracle MySQL Server unspecified
8090| [72515] Oracle MySQL Server denial of service
8091| [72514] Oracle MySQL Server unspecified
8092| [71965] MySQL port denial of service
8093| [70680] DBD::mysqlPP unspecified SQL injection
8094| [70370] TaskFreak! multi-mysql unspecified path disclosure
8095| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
8096| [68294] MySQLDriverCS statement.cs sql injection
8097| [68175] Prosody MySQL denial of service
8098| [67539] Zend Framework MySQL PDO security bypass
8099| [67254] DirectAdmin MySQL information disclosure
8100| [66567] Xoops mysql.sql information disclosure
8101| [65871] PyWebDAV MySQLAuthHandler class SQL injection
8102| [65543] MySQL Select Arbitrary data into a File
8103| [65529] MySQL Eventum full_name field cross-site scripting
8104| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
8105| [65379] Oracle MySQL Eventum list.php cross-site scripting
8106| [65266] Accellion File Transfer Appliance MySQL default password
8107| [64878] MySQL Geometry denial of service
8108| [64877] MySQL EXPLAIN EXTENDED denial of service
8109| [64876] MySQL prepared statement denial of service
8110| [64845] MySQL extreme-value denial of service
8111| [64844] MySQL Gis_line_string::init_from_wkb denial of service
8112| [64843] MySQL user-variable denial of service
8113| [64842] MySQL view preparation denial of service
8114| [64841] MySQL prepared statement denial of service
8115| [64840] MySQL LONGBLOB denial of service
8116| [64839] MySQL invocations denial of service
8117| [64838] MySQL Gis_line_string::init_from_wkb denial of service
8118| [64689] MySQL dict0crea.c denial of service
8119| [64688] MySQL SET column denial of service
8120| [64687] MySQL BINLOG command denial of service
8121| [64686] MySQL InnoDB denial of service
8122| [64685] MySQL HANDLER interface denial of service
8123| [64684] MySQL Item_singlerow_subselect::store denial of service
8124| [64683] MySQL OK packet denial of service
8125| [63518] MySQL Query Browser GUI Tools information disclosure
8126| [63517] MySQL Administrator GUI Tools information disclosure
8127| [62272] MySQL PolyFromWKB() denial of service
8128| [62269] MySQL LIKE predicates denial of service
8129| [62268] MySQL joins denial of service
8130| [62267] MySQL GREATEST() or LEAST() denial of service
8131| [62266] MySQL GROUP_CONCAT() denial of service
8132| [62265] MySQL expression values denial of service
8133| [62264] MySQL temporary table denial of service
8134| [62263] MySQL LEAST() or GREATEST() denial of service
8135| [62262] MySQL replication privilege escalation
8136| [61739] MySQL WITH ROLLUP denial of service
8137| [61343] MySQL LOAD DATA INFILE denial of service
8138| [61342] MySQL EXPLAIN denial of service
8139| [61341] MySQL HANDLER denial of service
8140| [61340] MySQL BINLOG denial of service
8141| [61339] MySQL IN() or CASE denial of service
8142| [61338] MySQL SET denial of service
8143| [61337] MySQL DDL denial of service
8144| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
8145| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
8146| [61316] PHP php_mysqlnd_auth_write buffer overflow
8147| [61274] MySQL TEMPORARY InnoDB denial of service
8148| [59905] MySQL ALTER DATABASE denial of service
8149| [59841] CMySQLite updateUser.php cross-site request forgery
8150| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
8151| [59075] PHP php_mysqlnd_auth_write() buffer overflow
8152| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
8153| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
8154| [59072] PHP php_mysqlnd_ok_read() information disclosure
8155| [58842] MySQL DROP TABLE file deletion
8156| [58676] Template Shares MySQL information disclosure
8157| [58531] MySQL COM_FIELD_LIST buffer overflow
8158| [58530] MySQL packet denial of service
8159| [58529] MySQL COM_FIELD_LIST security bypass
8160| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
8161| [57925] MySQL UNINSTALL PLUGIN security bypass
8162| [57006] Quicksilver Forums mysqldump information disclosure
8163| [56800] Employee Timeclock Software mysqldump information disclosure
8164| [56200] Flex MySQL Connector ActionScript SQL injection
8165| [55877] MySQL yaSSL buffer overflow
8166| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
8167| [55416] MySQL unspecified buffer overflow
8168| [55382] Ublog UblogMySQL.sql information disclosure
8169| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
8170| [54597] MySQL sql_table.cc security bypass
8171| [54596] MySQL mysqld denial of service
8172| [54365] MySQL OpenSSL security bypass
8173| [54364] MySQL MyISAM table symlink
8174| [53950] The mysql-ocaml mysql_real_escape_string weak security
8175| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
8176| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
8177| [52660] iScouter PHP Web Portal MySQL Password Retrieval
8178| [52220] aa33code mysql.inc information disclosure
8179| [52122] MySQL Connector/J unicode SQL injection
8180| [51614] MySQL dispatch_command() denial of service
8181| [51406] MySQL Connector/NET SSL spoofing
8182| [49202] MySQL UDF command execution
8183| [49050] MySQL XPath denial of service
8184| [48919] Cisco Application Networking Manager MySQL default account password
8185| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
8186| [47544] MySQL Calendar index.php SQL injection
8187| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
8188| [45649] MySQL MyISAM symlink security bypass
8189| [45648] MySQL MyISAM symlinks security bypass
8190| [45607] MySQL Quick Admin actions.php file include
8191| [45606] MySQL Quick Admin index.php file include
8192| [45590] MySQL command-line client cross-site scripting
8193| [45436] PromoteWeb MySQL go.php SQL injection
8194| [45042] MySQL empty bit-string literal denial of service
8195| [44662] mysql-lists unspecified cross-site scripting
8196| [42267] MySQL MyISAM security bypass
8197| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
8198| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
8199| [40920] MySQL sql_select.cc denial of service
8200| [40734] MySQL Server BINLOG privilege escalation
8201| [40350] MySQL password information disclosure
8202| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
8203| [39402] PHP LOCAL INFILE and MySQL extension security bypass
8204| [38999] aurora framework db_mysql.lib SQL injection
8205| [38990] MySQL federated engine denial of service
8206| [38989] MySQL DEFINER value privilege escalation
8207| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
8208| [38964] MySQL RENAME TABLE symlink
8209| [38733] ManageEngine EventLog Analyzer MySQL default password
8210| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
8211| [38189] MySQL default root password
8212| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
8213| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
8214| [36555] PHP MySQL extension multiple functions security bypass
8215| [35960] MySQL view privilege escalation
8216| [35959] MySQL CREATE TABLE LIKE information disclosure
8217| [35958] MySQL connection protocol denial of service
8218| [35291] MySQLDumper main.php security bypass
8219| [34811] MySQL udf_init and mysql_create_function command execution
8220| [34809] MySQL mysql_update privilege escalation
8221| [34349] MySQL ALTER information disclosure
8222| [34348] MySQL mysql_change_db privilege escalation
8223| [34347] MySQL RENAME TABLE weak security
8224| [34232] MySQL IF clause denial of service
8225| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
8226| [33285] Eve-Nuke mysql.php file include
8227| [32957] MySQL Commander dbopen.php file include
8228| [32933] cPanel load_language.php and mysqlconfig.php file include
8229| [32911] MySQL filesort function denial of service
8230| [32462] cPanel passwdmysql cross-site scripting
8231| [32288] RHSA-2006:0544 updates for mysql not installed
8232| [32266] MySQLNewsEngine affichearticles.php3 file include
8233| [31244] The Address Book MySQL export.php password information disclosure
8234| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
8235| [30760] BTSaveMySql URL file disclosure
8236| [30191] StoryStream mysql.php and mysqli.php file include
8237| [30085] MySQL MS-DOS device name denial of service
8238| [30031] Agora MysqlfinderAdmin.php file include
8239| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
8240| [29179] paBugs class.mysql.php file include
8241| [29120] ZoomStats MySQL file include
8242| [28448] MySQL case sensitive database name privilege escalation
8243| [28442] MySQL GRANT EXECUTE privilege escalation
8244| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
8245| [28202] MySQL multiupdate subselect query denial of service
8246| [28180] MySQL MERGE table security bypass
8247| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
8248| [27995] Opsware Network Automation System MySQL plaintext password
8249| [27904] MySQL date_format() format string
8250| [27635] MySQL Instance Manager denial of service
8251| [27212] MySQL SELECT str_to_date denial of service
8252| [26875] MySQL ASCII escaping SQL injection
8253| [26420] Apple Mac OS X MySQL Manager blank password
8254| [26236] MySQL login packet information disclosure
8255| [26232] MySQL COM_TABLE_DUMP buffer overflow
8256| [26228] MySQL sql_parce.cc information disclosure
8257| [26042] MySQL running
8258| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
8259| [24966] MySQL mysql_real_query logging bypass
8260| [24653] PAM-MySQL logging function denial of service
8261| [24652] PAM-MySQL authentication double free code execution
8262| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
8263| [24095] PHP ext/mysqli exception handling format string
8264| [23990] PHP mysql_connect() buffer overflow
8265| [23596] MySQL Auction search module could allow cross-site scripting
8266| [22642] RHSA-2005:334 updates for mysql not installed
8267| [21757] MySQL UDF library functions command execution
8268| [21756] MySQL LoadLibraryEx function denial of service
8269| [21738] MySQL UDF mysql_create_function function directory traversal
8270| [21737] MySQL user defined function buffer overflow
8271| [21640] MySQL Eventum multiple class SQL injection
8272| [21638] MySQL Eventum multiple scripts cross-site scripting
8273| [20984] xmysqladmin temporary file symlink
8274| [20656] MySQL mysql_install_db script symlink
8275| [20333] Plans MySQL password information disclosure
8276| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
8277| [19658] MySQL udf_init function gain access
8278| [19576] auraCMS mysql_fetch_row function path disclosure
8279| [18922] MySQL mysqlaccess script symlink attack
8280| [18824] MySQL UDF root privileges
8281| [18464] mysql_auth unspecified vulnerability
8282| [18449] Sugar Sales plaintext MySQL password
8283| [17783] MySQL underscore allows elevated privileges
8284| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
8285| [17667] MySQL UNION change denial of service
8286| [17666] MySQL ALTER TABLE RENAME bypass restriction
8287| [17493] MySQL libmysqlclient bulk inserts buffer overflow
8288| [17462] MySQLGuest AWSguest.php script cross-site scripting
8289| [17047] MySQL mysql_real_connect buffer overflow
8290| [17030] MySQL mysqlhotcopy insecure temporary file
8291| [16612] MySQL my_rnd buffer overflow
8292| [16604] MySQL check_scramble_323 function allows unauthorized access
8293| [15883] MySQL mysqld_multi script symlink attack
8294| [15617] MySQL mysqlbug script symlink attack
8295| [15417] Confixx db_mysql_loeschen2.php SQL injection
8296| [15280] Proofpoint Protection Server MySQL allows unauthorized access
8297| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
8298| [13153] MySQL long password buffer overflow
8299| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
8300| [12540] Teapop PostSQL and MySQL modules SQL injection
8301| [12337] MySQL mysql_real_connect function buffer overflow
8302| [11510] MySQL datadir/my.cnf modification could allow root privileges
8303| [11493] mysqlcc configuration and connection files are world writable
8304| [11340] SuckBot mod_mysql_logger denial of service
8305| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
8306| [10850] MySQL libmysql client read_one_row buffer overflow
8307| [10849] MySQL libmysql client read_rows buffer overflow
8308| [10848] MySQL COM_CHANGE_USER password buffer overflow
8309| [10847] MySQL COM_CHANGE_USER command password authentication bypass
8310| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
8311| [10483] Bugzilla stores passwords in plain text in the MySQL database
8312| [10455] gBook MySQL could allow administrative access
8313| [10243] MySQL my.ini "
8314| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
8315| [9909] MySQL logging disabled by default on Windows
8316| [9908] MySQL binding to the loopback adapter is disabled
8317| [9902] MySQL default root password could allow unauthorized access
8318| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
8319| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
8320| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
8321| [7206] WinMySQLadmin stores MySQL password in plain text
8322| [6617] MySQL "
8323| [6419] MySQL drop database command buffer overflow
8324| [6418] MySQL libmysqlclient.so buffer overflow
8325| [5969] MySQL select buffer overflow
8326| [5447] pam_mysql authentication input
8327| [5409] MySQL authentication algorithm obtain password hash
8328| [5057] PCCS MySQL Database Admin Tool could reveal username and password
8329| [4228] MySQL unauthenticated remote access
8330| [3849] MySQL default test account could allow any user to connect to the database
8331| [1568] MySQL creates readable log files
8332|
8333| Exploit-DB - https://www.exploit-db.com:
8334| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
8335| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
8336| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
8337| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
8338| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
8339| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
8340| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
8341| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
8342| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
8343| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
8344| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
8345| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
8346| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
8347| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
8348| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
8349| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
8350| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
8351| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
8352| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
8353| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
8354| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
8355| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
8356| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
8357| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
8358| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
8359| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
8360| [23179] Oracle MySQL for Microsoft Windows MOF Execution
8361| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
8362| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
8363| [23081] MySQL Remote Preauth User Enumeration Zeroday
8364| [23078] MySQL Denial of Service Zeroday PoC
8365| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
8366| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
8367| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
8368| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
8369| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
8370| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
8371| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
8372| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
8373| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
8374| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
8375| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
8376| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
8377| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
8378| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
8379| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
8380| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
8381| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
8382| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
8383| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
8384| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
8385| [19092] MySQL Remote Root Authentication Bypass
8386| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
8387| [16957] Oracle MySQL for Microsoft Windows Payload Execution
8388| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
8389| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
8390| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
8391| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
8392| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
8393| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
8394| [14096] CMSQlite & CMySQLite CSRF Vulnerability
8395| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
8396| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
8397| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
8398| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
8399| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
8400| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
8401| [7856] MySQL 4/5/6 UDF for Command Execution
8402| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
8403| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
8404| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
8405| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
8406| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
8407| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
8408| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
8409| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
8410| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
8411| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
8412| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
8413| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
8414| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
8415| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
8416| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
8417| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
8418| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
8419| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
8420| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
8421| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
8422| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
8423| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
8424| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
8425| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
8426| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
8427| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
8428| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
8429| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
8430| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
8431| [98] MySQL 3.23.x/4.0.x Remote Exploit
8432|
8433| OpenVAS (Nessus) - http://www.openvas.org:
8434| [902675] MySQLDumper Multiple Vulnerabilities
8435| [881549] CentOS Update for mysql CESA-2012:1551 centos6
8436| [881538] CentOS Update for mysql CESA-2012:1462 centos6
8437| [881225] CentOS Update for mysql CESA-2012:0105 centos6
8438| [881185] CentOS Update for mysql CESA-2012:0127 centos5
8439| [881061] CentOS Update for mysql CESA-2012:0874 centos6
8440| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
8441| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
8442| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
8443| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
8444| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
8445| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
8446| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
8447| [870870] RedHat Update for mysql RHSA-2012:1551-01
8448| [870861] RedHat Update for mysql RHSA-2012:1462-01
8449| [870778] RedHat Update for mysql RHSA-2012:0874-04
8450| [870736] RedHat Update for mysql RHSA-2011:0164-01
8451| [870647] RedHat Update for mysql RHSA-2012:0105-01
8452| [870547] RedHat Update for mysql RHSA-2012:0127-01
8453| [870357] RedHat Update for mysql RHSA-2010:0824-01
8454| [870356] RedHat Update for mysql RHSA-2010:0825-01
8455| [870272] RedHat Update for mysql RHSA-2010:0442-01
8456| [870218] RedHat Update for mysql RHSA-2010:0110-01
8457| [870216] RedHat Update for mysql RHSA-2010:0109-01
8458| [870195] RedHat Update for mysql RHSA-2007:1155-01
8459| [870069] RedHat Update for mysql RHSA-2008:0364-01
8460| [870033] RedHat Update for mysql RHSA-2008:0768-01
8461| [864951] Fedora Update for mysql FEDORA-2012-19823
8462| [864945] Fedora Update for mysql FEDORA-2012-19833
8463| [864504] Fedora Update for mysql FEDORA-2012-9324
8464| [864474] Fedora Update for mysql FEDORA-2012-9308
8465| [863910] Fedora Update for mysql FEDORA-2012-0972
8466| [863725] Fedora Update for mysql FEDORA-2012-0987
8467| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
8468| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
8469| [862676] Fedora Update for mysql FEDORA-2010-15147
8470| [862444] Fedora Update for mysql FEDORA-2010-15166
8471| [862300] Fedora Update for mysql FEDORA-2010-11126
8472| [862290] Fedora Update for mysql FEDORA-2010-11135
8473| [862149] Fedora Update for mysql FEDORA-2010-9053
8474| [862148] Fedora Update for mysql FEDORA-2010-9061
8475| [862136] Fedora Update for mysql FEDORA-2010-9016
8476| [861948] Fedora Update for mysql FEDORA-2010-7355
8477| [861936] Fedora Update for mysql FEDORA-2010-7414
8478| [861707] Fedora Update for mysql FEDORA-2010-1300
8479| [861651] Fedora Update for mysql FEDORA-2010-1348
8480| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
8481| [861392] Fedora Update for mysql FEDORA-2007-4471
8482| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
8483| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
8484| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
8485| [861033] Fedora Update for mysql FEDORA-2007-4465
8486| [855481] Solaris Update for mysql 120292-02
8487| [855333] Solaris Update for mysql 120293-02
8488| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
8489| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
8490| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
8491| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
8492| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
8493| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
8494| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
8495| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
8496| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
8497| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
8498| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
8499| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
8500| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
8501| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
8502| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
8503| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
8504| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
8505| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
8506| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
8507| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
8508| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
8509| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
8510| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
8511| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
8512| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
8513| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
8514| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
8515| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
8516| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
8517| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
8518| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
8519| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
8520| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
8521| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
8522| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
8523| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
8524| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
8525| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
8526| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
8527| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
8528| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
8529| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
8530| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
8531| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
8532| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
8533| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
8534| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
8535| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
8536| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
8537| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
8538| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
8539| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
8540| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
8541| [70586] FreeBSD Ports: proftpd, proftpd-mysql
8542| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
8543| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
8544| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
8545| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
8546| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
8547| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
8548| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
8549| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
8550| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
8551| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
8552| [65937] SLES10: Security update for MySQL
8553| [65884] SLES10: Security update for MySQL
8554| [65827] SLES10: Security update for MySQL
8555| [65710] SLES11: Security update for MySQL
8556| [65610] SLES9: Security update for MySQL
8557| [65566] SLES9: Security update for MySQL
8558| [65507] SLES9: Security update for MySQL
8559| [65502] SLES9: Security update for mysql
8560| [65426] SLES9: Security update for MySQL
8561| [65385] SLES9: Security update for mysql
8562| [65341] SLES9: Security update for MySQL
8563| [65181] SLES9: Security update for MySQL
8564| [65176] SLES9: Security update for MySQL
8565| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
8566| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
8567| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
8568| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
8569| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
8570| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
8571| [63630] FreeBSD Ports: proftpd, proftpd-mysql
8572| [63171] FreeBSD Ports: mysql-server
8573| [63170] FreeBSD Ports: mysql-server
8574| [63169] FreeBSD Ports: mysql-server
8575| [63168] FreeBSD Ports: mysql-server
8576| [63095] FreeBSD Ports: mysql-server
8577| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
8578| [61699] FreeBSD Ports: mysql-client
8579| [61656] FreeBSD Ports: proftpd, proftpd-mysql
8580| [61618] FreeBSD Ports: mysql-server
8581| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
8582| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
8583| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
8584| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
8585| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
8586| [60017] Slackware Advisory SSA:2007-348-01 mysql
8587| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
8588| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
8589| [58863] FreeBSD Ports: freeradius, freeradius-mysql
8590| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
8591| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
8592| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
8593| [57725] FreeBSD Ports: proftpd, proftpd-mysql
8594| [57576] FreeBSD Ports: proftpd, proftpd-mysql
8595| [57527] FreeBSD Ports: mysql-server
8596| [57526] FreeBSD Ports: mysql-server
8597| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
8598| [57257] FreeBSD Ports: mysql-server
8599| [57167] Slackware Advisory SSA:2006-211-01 mysql
8600| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
8601| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
8602| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
8603| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
8604| [56861] Slackware Advisory SSA:2006-155-01 mysql
8605| [56850] FreeBSD Ports: mysql-server
8606| [56849] FreeBSD Ports: mysql-server
8607| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
8608| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
8609| [56788] Debian Security Advisory DSA 1071-1 (mysql)
8610| [56730] Slackware Advisory SSA:2006-129-02 mysql
8611| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
8612| [56714] FreeBSD Ports: mysql-server
8613| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
8614| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
8615| [55493] Debian Security Advisory DSA 829-1 (mysql)
8616| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
8617| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
8618| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
8619| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
8620| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
8621| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
8622| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
8623| [54483] FreeBSD Ports: proftpd, proftpd-mysql
8624| [54201] FreeBSD Ports: mysql-server
8625| [53776] Debian Security Advisory DSA 013-1 (mysql)
8626| [53755] Debian Security Advisory DSA 483-1 (mysql)
8627| [53750] Debian Security Advisory DSA 707-1 (mysql)
8628| [53666] Debian Security Advisory DSA 381-1 (mysql)
8629| [53595] Debian Security Advisory DSA 303-1 (mysql)
8630| [53585] Debian Security Advisory DSA 212-1 (mysql)
8631| [53481] Debian Security Advisory DSA 647-1 (mysql)
8632| [53251] Debian Security Advisory DSA 562-1 (mysql)
8633| [53230] Debian Security Advisory DSA 540-1 (mysql)
8634| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
8635| [52459] FreeBSD Ports: mysql-client
8636| [52419] FreeBSD Ports: mysql-scripts
8637| [52406] FreeBSD Ports: mysql-server
8638| [52375] FreeBSD Ports: mysql-server, mysql-client
8639| [52274] FreeBSD Ports: mysql-server
8640| [52273] FreeBSD Ports: mysql-server
8641| [52272] FreeBSD Ports: mysql-server
8642| [52271] FreeBSD Ports: mysql-server
8643| [52270] FreeBSD Ports: mysql-server
8644| [52233] FreeBSD Ports: mysql-scripts
8645| [52158] FreeBSD Ports: mysql-server
8646| [16093] MySQL Eventum Multiple flaws
8647| [12639] MySQL Authentication bypass through a zero-length password
8648| [10783] PCCS-Mysql User/Password Exposure
8649|
8650| SecurityTracker - https://www.securitytracker.com:
8651| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
8652| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
8653| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
8654| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
8655| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
8656| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
8657| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
8658| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
8659| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
8660| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
8661| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
8662| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
8663| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
8664| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
8665| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
8666| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
8667| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
8668| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
8669| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
8670| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
8671| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
8672| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
8673| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
8674| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
8675| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
8676| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
8677| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
8678| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
8679| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
8680| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
8681| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
8682| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
8683| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
8684| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
8685| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
8686| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
8687| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
8688| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
8689| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
8690| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
8691| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
8692| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
8693| [1016790] MySQL Replication Error Lets Local Users Deny Service
8694| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
8695| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
8696| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
8697| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
8698| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
8699| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
8700| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
8701| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
8702| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
8703| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
8704| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
8705| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
8706| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
8707| [1014172] xMySQLadmin Lets Local Users Delete Files
8708| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
8709| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
8710| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
8711| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
8712| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
8713| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
8714| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
8715| [1012500] mysql_auth Memory Leak Has Unspecified Impact
8716| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
8717| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
8718| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
8719| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
8720| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
8721| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
8722| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
8723| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
8724| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
8725| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
8726| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
8727| [1007518] DWebPro Discloses MySQL Database Password to Local Users
8728| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
8729| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
8730| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
8731| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
8732| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
8733| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
8734| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
8735| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
8736| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
8737| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
8738| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
8739| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
8740| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
8741|
8742| OSVDB - http://www.osvdb.org:
8743| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
8744| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
8745| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
8746| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
8747| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
8748| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
8749| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
8750| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
8751| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
8752| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
8753| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
8754| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
8755| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
8756| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
8757| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
8758| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
8759| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
8760| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
8761| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
8762| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
8763| [93174] MySQL Crafted Derived Table Handling DoS
8764| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
8765| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
8766| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
8767| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
8768| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
8769| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
8770| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
8771| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
8772| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
8773| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
8774| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
8775| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
8776| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
8777| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
8778| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
8779| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
8780| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
8781| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
8782| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
8783| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
8784| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
8785| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
8786| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
8787| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
8788| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
8789| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
8790| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
8791| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
8792| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
8793| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
8794| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
8795| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
8796| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
8797| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
8798| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
8799| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
8800| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
8801| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
8802| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
8803| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
8804| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
8805| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
8806| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
8807| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
8808| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
8809| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
8810| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
8811| [89042] ViciBox Server MySQL cron Service Default Credentials
8812| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
8813| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
8814| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
8815| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
8816| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
8817| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
8818| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
8819| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
8820| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
8821| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
8822| [87480] MySQL Malformed XML Comment Handling DoS
8823| [87466] MySQL SSL Certificate Revocation Weakness
8824| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
8825| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
8826| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
8827| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
8828| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
8829| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
8830| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
8831| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
8832| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
8833| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
8834| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
8835| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
8836| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
8837| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
8838| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
8839| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
8840| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
8841| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
8842| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
8843| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
8844| [84719] MySQLDumper index.php page Parameter XSS
8845| [84680] MySQL Squid Access Report access.log File Path XSS
8846| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
8847| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
8848| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
8849| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
8850| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
8851| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
8852| [83661] Oracle MySQL Unspecified Issue (59533)
8853| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
8854| [82803] Oracle MySQL Unspecified Issue (59387)
8855| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
8856| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
8857| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
8858| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
8859| [81614] MySQLDumper File Upload PHP Code Execution
8860| [81613] MySQLDumper main.php Multiple Function CSRF
8861| [81612] MySQLDumper restore.php filename Parameter XSS
8862| [81611] MySQLDumper sql.php Multiple Parameter XSS
8863| [81610] MySQLDumper install.php Multiple Parameter XSS
8864| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
8865| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
8866| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
8867| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
8868| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
8869| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
8870| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
8871| [81059] Oracle MySQL Server Multiple Unspecified Issues
8872| [79038] Webmin Process Listing MySQL Password Local Disclosure
8873| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
8874| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
8875| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
8876| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
8877| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
8878| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
8879| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
8880| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
8881| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
8882| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
8883| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
8884| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
8885| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
8886| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
8887| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
8888| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
8889| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
8890| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
8891| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
8892| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
8893| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
8894| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
8895| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
8896| [78375] Oracle MySQL Server Unspecified Local DoS
8897| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
8898| [78373] Oracle MySQL Server Unspecified Local Issue
8899| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
8900| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
8901| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
8902| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
8903| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
8904| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
8905| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
8906| [77040] DBD::mysqlPP Unspecified SQL Injection
8907| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
8908| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
8909| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
8910| [73387] Zend Framework PDO_MySql Character Set Security Bypass
8911| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
8912| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
8913| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
8914| [71368] Accellion File Transfer Appliance Weak MySQL root Password
8915| [70967] MySQL Eventum Admin User Creation CSRF
8916| [70966] MySQL Eventum preferences.php full_name Parameter XSS
8917| [70961] MySQL Eventum list.php Multiple Parameter XSS
8918| [70960] MySQL Eventum forgot_password.php URI XSS
8919| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
8920| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
8921| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
8922| [69395] MySQL Derived Table Grouping DoS
8923| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
8924| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
8925| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
8926| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
8927| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
8928| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
8929| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
8930| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
8931| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
8932| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
8933| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
8934| [68996] MySQL EXPLAIN EXTENDED Statement DoS
8935| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
8936| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
8937| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
8938| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
8939| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
8940| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
8941| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
8942| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
8943| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
8944| [67381] MySQL InnoDB Temporary Table Handling DoS
8945| [67380] MySQL BINLOG Statement Unspecified Argument DoS
8946| [67379] MySQL Multiple Operation NULL Argument Handling DoS
8947| [67378] MySQL Unique SET Column Join Statement Remote DoS
8948| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
8949| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
8950| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
8951| [66731] PHP Bundled MySQL Library Unspecified Issue
8952| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
8953| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
8954| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
8955| [65085] MySQL Enterprise Monitor Unspecified CSRF
8956| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
8957| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
8958| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
8959| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
8960| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
8961| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
8962| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
8963| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
8964| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
8965| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
8966| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
8967| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
8968| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
8969| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
8970| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
8971| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
8972| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
8973| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
8974| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
8975| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
8976| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
8977| [59907] MySQL on Windows bind-address Remote Connection Weakness
8978| [59906] MySQL on Windows Default Configuration Logging Weakness
8979| [59616] MySQL Hashed Password Weakness
8980| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
8981| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
8982| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
8983| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
8984| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
8985| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
8986| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
8987| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
8988| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
8989| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
8990| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
8991| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
8992| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
8993| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
8994| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
8995| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
8996| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
8997| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
8998| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
8999| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
9000| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
9001| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
9002| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
9003| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
9004| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
9005| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
9006| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
9007| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
9008| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
9009| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
9010| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
9011| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
9012| [52464] MySQL charset Column Truncation Weakness
9013| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
9014| [52378] Cisco ANM MySQL root Account Default Password
9015| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
9016| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
9017| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
9018| [50892] MySQL Calendar index.php username Parameter SQL Injection
9019| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
9020| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
9021| [48710] MySQL Command Line Client HTML Output XSS
9022| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
9023| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
9024| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
9025| [47789] mysql-lists Unspecified XSS
9026| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
9027| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
9028| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
9029| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
9030| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
9031| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
9032| [43179] MySQL Server BINLOG Statement Rights Checking Failure
9033| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
9034| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
9035| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
9036| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
9037| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
9038| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
9039| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
9040| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
9041| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
9042| [39279] PHP mysql_error() Function XSS
9043| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
9044| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
9045| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
9046| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
9047| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
9048| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
9049| [37782] MySQL Community Server External Table View Privilege Escalation
9050| [37781] MySQL ALTER TABLE Information Disclosure
9051| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
9052| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
9053| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
9054| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
9055| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
9056| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
9057| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
9058| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
9059| [36251] Associated Press (AP) Newspower Default MySQL root Password
9060| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
9061| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
9062| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
9063| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
9064| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
9065| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
9066| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
9067| [33974] MySQL information_schema Table Subselect Single-Row DoS
9068| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
9069| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
9070| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
9071| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
9072| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
9073| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
9074| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
9075| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
9076| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
9077| [32056] BTSaveMySql Direct Request Config File Disclosure
9078| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
9079| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
9080| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
9081| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
9082| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
9083| [29696] MySQLDumper sql.php db Parameter XSS
9084| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
9085| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
9086| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
9087| [28288] MySQL Instance_options::complete_initialization Function Overflow
9088| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
9089| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
9090| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
9091| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
9092| [28012] MySQL Case Sensitivity Unauthorized Database Creation
9093| [27919] MySQL VIEW Access information_schema.views Information Disclosure
9094| [27703] MySQL MERGE Table Privilege Persistence
9095| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
9096| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
9097| [27416] MySQL Server time.cc date_format Function Format String
9098| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
9099| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
9100| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
9101| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
9102| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
9103| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
9104| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
9105| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
9106| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
9107| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
9108| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
9109| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
9110| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
9111| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
9112| [25595] Apple Mac OS X MySQL Manager Blank root Password
9113| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
9114| [25227] MySQL COM_TABLE_DUMP Packet Overflow
9115| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
9116| [24245] Cholod Mysql Based Message Board Unspecified XSS
9117| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
9118| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
9119| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
9120| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
9121| [23526] MySQL Query NULL Charcter Logging Bypass
9122| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
9123| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
9124| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
9125| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
9126| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
9127| [22479] PHP mysqli Extension Error Message Format String
9128| [22232] PHP Pipe Variable mysql_connect() Function Overflow
9129| [21685] MySQL Auction Search Module keyword XSS
9130| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
9131| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
9132| [19457] aMember Pro mysql.inc.php Remote File Inclusion
9133| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
9134| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
9135| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
9136| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
9137| [18896] MySQL User-Defined Function init_syms() Function Overflow
9138| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
9139| [18894] MySQL drop database Request Remote Overflow
9140| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
9141| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
9142| [18406] MySQL Eventum releases.php SQL Injection
9143| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
9144| [18404] MySQL Eventum custom_fields.php SQL Injection
9145| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
9146| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
9147| [18401] MySQL Eventum list.php release Parameter XSS
9148| [18400] MySQL Eventum view.php id Parameter XSS
9149| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
9150| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
9151| [17223] xMySQLadmin Symlink Arbitrary File Deletion
9152| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
9153| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
9154| [16056] Plans Unspecified mySQL Remote Password Disclosure
9155| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
9156| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
9157| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
9158| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
9159| [14748] MySQL MS-DOS Device Names Request DoS
9160| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
9161| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
9162| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
9163| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
9164| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
9165| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
9166| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
9167| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
9168| [12919] MySQL MaxDB WebAgent websql Remote Overflow
9169| [12779] MySQL User Defined Function Privilege Escalation
9170| [12609] MySQL Eventum projects.php Multiple Parameter XSS
9171| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
9172| [12607] MySQL Eventum forgot_password.php email Parameter XSS
9173| [12606] MySQL Eventum index.php email Parameter XSS
9174| [12605] MySQL Eventum Default Vendor Account
9175| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
9176| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
9177| [11689] Roxen Web Server MySQL Socket Permission Weakness
9178| [10985] MySQL MATCH..AGAINST Query DoS
9179| [10959] MySQL GRANT ALL ON Privilege Escalation
9180| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
9181| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
9182| [10658] MySQL mysql_real_connect() Function Remote Overflow
9183| [10532] MySQL MaxDB webdbm Server Field DoS
9184| [10491] AWS MySQLguest AWSguest.php Script Insertion
9185| [10244] MySQL libmysqlclient Prepared Statements API Overflow
9186| [10226] MySQLGuest AWSguest.php Multiple Field XSS
9187| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
9188| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
9189| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
9190| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
9191| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
9192| [9907] MySQL SELECT Statement String Handling Overflow
9193| [9906] MySQL GRANT Privilege Arbitrary Password Modification
9194| [9509] teapop MySQL Authentication Module SQL Injection
9195| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
9196| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
9197| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
9198| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
9199| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
9200| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
9201| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
9202| [8886] MySQL libmysqlclient Library read_one_row Overflow
9203| [8885] MySQL libmysqlclient Library read_rows Overflow
9204| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
9205| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
9206| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
9207| [7128] MySQL show database Database Name Exposure
9208| [6716] MySQL Database Engine Weak Authentication Information Disclosure
9209| [6605] MySQL mysqld Readable Log File Information Disclosure
9210| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
9211| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
9212| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
9213| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
9214| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
9215| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
9216| [520] MySQL Database Name Traversal Arbitrary File Modification
9217| [380] MySQL Server on Windows Default Null Root Password
9218| [261] MySQL Short Check String Authentication Bypass
9219|_
9220Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
9221Device type: general purpose
9222Running (JUST GUESSING): Linux 4.X|3.X|2.6.X (91%)
9223OS CPE: cpe:/o:linux:linux_kernel:4.4 cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:2.6
9224Aggressive OS guesses: Linux 4.4 (91%), Linux 4.9 (91%), Linux 3.10 - 3.12 (89%), Linux 2.6.18 - 2.6.22 (86%), Linux 3.10 (86%), Linux 3.10 - 3.16 (86%), Linux 4.0 (86%), Linux 3.10 - 4.11 (85%), Linux 3.11 - 4.1 (85%), Linux 3.18 (85%)
9225No exact OS matches for host (test conditions non-ideal).
9226Network Distance: 21 hops
9227
9228TRACEROUTE (using port 3306/tcp)
9229HOP RTT ADDRESS
92301 133.53 ms 10.250.200.1
92312 133.58 ms 94.242.54.1
92323 133.96 ms 94.242.0.21
92334 134.28 ms spb-bm18-cr1.ae61-1253.rascom.as20764.net (80.64.98.226)
92345 ...
92356 144.92 ms be4338.204.ccr21.sto01.atlas.cogentco.com (149.6.168.137)
92367 145.39 ms be3377.ccr22.sto03.atlas.cogentco.com (154.54.36.89)
92378 166.76 ms be2282.ccr42.ham01.atlas.cogentco.com (154.54.72.105)
92389 169.62 ms be2816.ccr42.ams03.atlas.cogentco.com (154.54.38.209)
923910 251.47 ms be12266.ccr42.par01.atlas.cogentco.com (154.54.56.174)
924011 255.85 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
924112 258.94 ms be3362.ccr31.jfk04.atlas.cogentco.com (154.54.3.10)
924213 254.18 ms telefonica.jfk04.atlas.cogentco.com (154.54.11.234)
924314 246.59 ms telefonica.jfk04.atlas.cogentco.com (154.54.11.234)
924415 372.85 ms 176.52.248.54
924516 370.85 ms 5.53.7.171
924617 ... 18
924719 383.50 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
924820 377.10 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
924921 952.59 ms servidor.agenciacatedral.com (201.217.241.118)
9250######################################################################################################################################
9251--------------------------------------------------------
9252<<<Yasuo discovered following vulnerable applications>>>
9253--------------------------------------------------------
9254+----------+-----------------------------------+----------------------------------------------+----------+----------+
9255| App Name | URL to Application | Potential Exploit | Username | Password |
9256+----------+-----------------------------------+----------------------------------------------+----------+----------+
9257| SVN | https://201.217.241.118:443/.svn/ | ./auxiliary/scanner/http/svn_wcdb_scanner.rb | | |
9258+----------+-----------------------------------+----------------------------------------------+----------+----------+
9259######################################################################################################################################
9260Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 13:11 EDT
9261NSE: Loaded 47 scripts for scanning.
9262NSE: Script Pre-scanning.
9263Initiating NSE at 13:11
9264Completed NSE at 13:11, 0.00s elapsed
9265Initiating NSE at 13:11
9266Completed NSE at 13:11, 0.00s elapsed
9267Initiating Ping Scan at 13:11
9268Scanning 201.217.241.118 [4 ports]
9269Stats: 0:00:01 elapsed; 0 hosts completed (0 up), 1 undergoing Ping Scan
9270Ping Scan Timing: About 100.00% done; ETC: 13:11 (0:00:00 remaining)
9271Completed Ping Scan at 13:11, 0.93s elapsed (1 total hosts)
9272Initiating Parallel DNS resolution of 1 host. at 13:11
9273Completed Parallel DNS resolution of 1 host. at 13:11, 0.17s elapsed
9274Initiating SYN Stealth Scan at 13:11
9275Scanning servidor.agenciacatedral.com (201.217.241.118) [65535 ports]
9276Discovered open port 80/tcp on 201.217.241.118
9277Discovered open port 3306/tcp on 201.217.241.118
9278Discovered open port 53/tcp on 201.217.241.118
9279Discovered open port 443/tcp on 201.217.241.118
9280SYN Stealth Scan Timing: About 0.30% done
9281SYN Stealth Scan Timing: About 0.81% done
9282SYN Stealth Scan Timing: About 1.55% done; ETC: 15:22 (2:09:00 remaining)
9283SYN Stealth Scan Timing: About 2.63% done; ETC: 14:48 (1:33:54 remaining)
9284SYN Stealth Scan Timing: About 3.18% done; ETC: 14:55 (1:40:02 remaining)
9285SYN Stealth Scan Timing: About 3.90% done; ETC: 14:49 (1:34:23 remaining)
9286SYN Stealth Scan Timing: About 4.94% done; ETC: 14:45 (1:29:15 remaining)
9287SYN Stealth Scan Timing: About 5.83% done; ETC: 14:39 (1:22:54 remaining)
9288SYN Stealth Scan Timing: About 7.94% done; ETC: 14:36 (1:18:02 remaining)
9289SYN Stealth Scan Timing: About 8.99% done; ETC: 14:32 (1:13:45 remaining)
9290Discovered open port 2083/tcp on 201.217.241.118
9291SYN Stealth Scan Timing: About 11.22% done; ETC: 14:30 (1:09:32 remaining)
9292Stats: 0:09:18 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9293SYN Stealth Scan Timing: About 12.05% done; ETC: 14:28 (1:07:46 remaining)
9294Stats: 0:15:54 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9295SYN Stealth Scan Timing: About 19.79% done; ETC: 14:31 (1:04:22 remaining)
9296Discovered open port 2086/tcp on 201.217.241.118
9297SYN Stealth Scan Timing: About 24.99% done; ETC: 14:31 (1:00:08 remaining)
9298SYN Stealth Scan Timing: About 30.24% done; ETC: 14:32 (0:56:06 remaining)
9299SYN Stealth Scan Timing: About 34.96% done; ETC: 14:31 (0:52:01 remaining)
9300SYN Stealth Scan Timing: About 40.53% done; ETC: 14:32 (0:47:52 remaining)
9301SYN Stealth Scan Timing: About 45.72% done; ETC: 14:32 (0:43:46 remaining)
9302Discovered open port 1295/tcp on 201.217.241.118
9303SYN Stealth Scan Timing: About 38.68% done; ETC: 15:04 (1:08:59 remaining)
9304Stats: 0:48:21 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9305SYN Stealth Scan Timing: About 41.83% done; ETC: 15:07 (1:07:13 remaining)
9306Stats: 0:52:30 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9307SYN Stealth Scan Timing: About 44.99% done; ETC: 15:08 (1:04:11 remaining)
9308SYN Stealth Scan Timing: About 48.96% done; ETC: 15:05 (0:58:15 remaining)
9309SYN Stealth Scan Timing: About 53.16% done; ETC: 15:03 (0:52:31 remaining)
9310Stats: 1:03:07 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9311SYN Stealth Scan Timing: About 56.80% done; ETC: 15:02 (0:48:00 remaining)
9312SYN Stealth Scan Timing: About 61.78% done; ETC: 15:02 (0:42:25 remaining)
9313SYN Stealth Scan Timing: About 67.37% done; ETC: 15:04 (0:36:50 remaining)
9314Discovered open port 2095/tcp on 201.217.241.118
9315SYN Stealth Scan Timing: About 73.73% done; ETC: 15:10 (0:31:10 remaining)
9316Stats: 1:28:10 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9317SYN Stealth Scan Timing: About 74.37% done; ETC: 15:10 (0:30:23 remaining)
9318SYN Stealth Scan Timing: About 59.83% done; ETC: 15:39 (0:59:31 remaining)
9319SYN Stealth Scan Timing: About 64.88% done; ETC: 15:39 (0:52:04 remaining)
9320Stats: 1:37:32 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9321SYN Stealth Scan Timing: About 65.32% done; ETC: 15:41 (0:51:47 remaining)
9322SYN Stealth Scan Timing: About 70.89% done; ETC: 15:43 (0:44:15 remaining)
9323Stats: 1:57:32 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9324SYN Stealth Scan Timing: About 75.59% done; ETC: 15:47 (0:37:57 remaining)
9325Discovered open port 2082/tcp on 201.217.241.118
9326SYN Stealth Scan Timing: About 80.40% done; ETC: 15:45 (0:30:07 remaining)
9327SYN Stealth Scan Timing: About 85.32% done; ETC: 15:42 (0:22:11 remaining)
9328Discovered open port 2096/tcp on 201.217.241.118
9329SYN Stealth Scan Timing: About 90.02% done; ETC: 15:37 (0:14:36 remaining)
9330SYN Stealth Scan Timing: About 94.98% done; ETC: 15:34 (0:07:10 remaining)
9331Stats: 2:16:49 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9332SYN Stealth Scan Timing: About 96.38% done; ETC: 15:33 (0:05:08 remaining)
9333Discovered open port 2087/tcp on 201.217.241.118
9334Stats: 2:17:15 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
9335SYN Stealth Scan Timing: About 96.86% done; ETC: 15:33 (0:04:27 remaining)
9336Completed SYN Stealth Scan at 15:31, 8410.24s elapsed (65535 total ports)
9337Initiating Service scan at 15:31
9338Scanning 11 services on servidor.agenciacatedral.com (201.217.241.118)
9339Service scan Timing: About 45.45% done; ETC: 15:33 (0:00:54 remaining)
9340Completed Service scan at 15:33, 73.67s elapsed (11 services on 1 host)
9341Initiating OS detection (try #1) against servidor.agenciacatedral.com (201.217.241.118)
9342Retrying OS detection (try #2) against servidor.agenciacatedral.com (201.217.241.118)
9343Initiating Traceroute at 15:33
9344Completed Traceroute at 15:33, 6.20s elapsed
9345Initiating Parallel DNS resolution of 15 hosts. at 15:33
9346Completed Parallel DNS resolution of 15 hosts. at 15:33, 10.54s elapsed
9347NSE: Script scanning 201.217.241.118.
9348Initiating NSE at 15:33
9349Completed NSE at 15:34, 26.66s elapsed
9350Initiating NSE at 15:34
9351Completed NSE at 15:34, 3.90s elapsed
9352Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
9353Host is up (0.52s latency).
9354Not shown: 65507 filtered ports
9355PORT STATE SERVICE VERSION
935622/tcp closed ssh
935725/tcp closed smtp
935826/tcp closed rsftp
935953/tcp open domain ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
9360| vulscan: VulDB - https://vuldb.com:
9361| [129818] ISC BIND up to 9.11.4/9.12.2 DDNS privilege escalation
9362| [129803] ISC BIND up to 9.11.1 Response Policy Zone Query Loop denial of service
9363| [129802] ISC BIND up to 9.11.0-P1 nxdomain-redirect Query Assertion denial of service
9364| [102965] ISC BIND up to 9.11.1-P1 TSIG weak authentication
9365| [102964] ISC BIND up to 9.11.1-P1 TSIG weak authentication
9366| [99868] ISC BIND up to 9.11.1rc2 Control Channel Crash denial of service
9367| [99867] ISC BIND up to 9.11.1rc1 DNS64 State Crash denial of service
9368| [99866] ISC BIND up to 9.11.1rc1 CNAME/DNAME Crash denial of service
9369| [96827] ISC BIND up to 9.11.1b1 RPZ/DNS64 State Error NULL Pointer Dereference denial of service
9370|
9371| MITRE CVE - https://cve.mitre.org:
9372| [CVE-2007-0494] ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
9373| [CVE-2013-4869] Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key, aka Bug IDs CSCsc69187 and CSCui01756. NOTE: the vendor has provided a statement that the "hard-coded static encryption key is considered a hardening issue rather than a vulnerability, and as such, has a CVSS score of 0/0."
9374| [CVE-2013-4854] The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.
9375| [CVE-2013-3919] resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone.
9376| [CVE-2013-3434] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.
9377| [CVE-2013-3433] Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.
9378| [CVE-2013-3412] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.
9379| [CVE-2013-3404] SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
9380| [CVE-2013-3403] Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.
9381| [CVE-2013-3402] An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.
9382| [CVE-2013-3382] The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
9383| [CVE-2013-2266] libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as demonstrated by a memory-exhaustion attack against a machine running a named process.
9384| [CVE-2013-1150] The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
9385| [CVE-2013-1139] The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
9386| [CVE-2013-1137] Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
9387| [CVE-2013-1134] The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.
9388| [CVE-2013-0149] The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.
9389| [CVE-2012-5689] ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record.
9390| [CVE-2012-5688] ISC BIND 9.8.x before 9.8.4-P1 and 9.9.x before 9.9.2-P1, when DNS64 is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query.
9391| [CVE-2012-5166] ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
9392| [CVE-2012-4244] ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource record.
9393| [CVE-2012-3868] Race condition in the ns_client structure management in ISC BIND 9.9.x before 9.9.1-P2 allows remote attackers to cause a denial of service (memory consumption or process exit) via a large volume of TCP queries.
9394| [CVE-2012-3817] ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2
9395| [CVE-2012-1667] ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record.
9396| [CVE-2012-1328] Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
9397| [CVE-2012-1033] The resolver in ISC BIND 9 through 9.8.1-P1 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoked domain names via a "ghost domain names" attack.
9398| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
9399| [CVE-2011-5184] Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote attackers to inject arbitrary web script or HTML via the (1) node parameter to nnm/mibdiscover
9400| [CVE-2011-4313] query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named exit) via unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver.
9401| [CVE-2011-2465] Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
9402| [CVE-2011-2464] Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
9403| [CVE-2011-1910] Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
9404| [CVE-2011-1907] ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones (RPZ) RRset replacement is enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an RRSIG query.
9405| [CVE-2011-0414] ISC BIND 9.7.1 through 9.7.2-P3, when configured as an authoritative server, allows remote attackers to cause a denial of service (deadlock and daemon hang) by sending a query at the time of (1) an IXFR transfer or (2) a DDNS update.
9406| [CVE-2010-3762] ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query.
9407| [CVE-2010-3615] named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism.
9408| [CVE-2010-3614] named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
9409| [CVE-2010-3613] named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.
9410| [CVE-2010-0382] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta handles out-of-bailiwick data accompanying a secure response without re-fetching from the original source, which allows remote attackers to have an unspecified impact via a crafted response, aka Bug 20819. NOTE: this vulnerability exists because of a regression during the fix for CVE-2009-4022.
9411| [CVE-2010-0290] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains (1) CNAME or (2) DNAME records, which do not have the intended validation before caching, aka Bug 20737. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4022.
9412| [CVE-2010-0218] ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
9413| [CVE-2010-0097] ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a forged NXDOMAIN response for an existing domain.
9414| [CVE-2009-4022] Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks by receiving a recursive client query and sending a response that contains an Additional section with crafted data, which is not properly handled when the response is processed "at the same time as requesting DNSSEC records (DO)," aka Bug 20438.
9415| [CVE-2009-2028] Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
9416| [CVE-2009-1905] The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish a database connection via unspecified vectors.
9417| [CVE-2009-0696] The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009.
9418| [CVE-2009-0265] Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009-0025.
9419| [CVE-2008-4163] Unspecified vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows allows remote attackers to cause a denial of service (UDP client handler termination) via unknown vectors.
9420| [CVE-2008-0122] Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption.
9421| [CVE-2007-2926] ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.
9422| [CVE-2007-2925] The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
9423| [CVE-2007-2241] Unspecified vulnerability in query.c in ISC BIND 9.4.0, and 9.5.0a1 through 9.5.0a3, when recursion is enabled, allows remote attackers to cause a denial of service (daemon exit) via a sequence of queries processed by the query_addsoa function.
9424| [CVE-2007-0493] Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context."
9425| [CVE-2002-2037] The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
9426| [CVE-2002-0400] ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.
9427| [CVE-2001-0497] dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
9428| [CVE-2000-0855] SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline.
9429| [CVE-2000-0368] Classic Cisco IOS 9.1 and later allows attackers with access to the loging prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
9430| [CVE-1999-1466] Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
9431| [CVE-1999-1306] Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters.
9432| [CVE-1999-1216] Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command.
9433|
9434| SecurityFocus - https://www.securityfocus.com/bid/:
9435| [70744] Cisco ASR 901 Series Routers CVE-2014-3293 Denial of Service Vulnerability
9436| [70658] ZTE ZXDSL 931VII 'manager_dev_config_t.gch' Information Disclosure Vulnerability
9437| [61774] ISC BIND 9 SRTT Algorithm Authoritative Server Selection Security Vulnerability
9438| [61479] ISC BIND 9 DNS RDATA Handling CVE-2013-4854 Remote Denial of Service Vulnerability
9439| [58736] ISC BIND 9 'libdns' Remote Denial of Service Vulnerability
9440| [57556] ISC BIND 9 DNS64 CVE-2012-5689 Remote Denial of Service Vulnerability
9441| [56817] ISC BIND 9 DNS64 Remote Denial of Service Vulnerability
9442| [55852] ISC BIND 9 DNS RDATA Handling CVE-2012-5166 Remote Denial of Service Vulnerability
9443| [55522] ISC BIND 9 DNS Resource Records Handling CVE-2012-4244 Remote Denial of Service Vulnerability
9444| [54659] ISC BIND 9 TCP Query Remote Denial of Service Vulnerability
9445| [54658] ISC BIND 9 DNSSEC Validation CVE-2012-3817 Denial of Service Vulnerability
9446| [53772] ISC BIND 9 DNS Resource Records Handling Remote Denial of Service Vulnerability
9447| [50690] ISC BIND 9 Recursive Queries Remote Denial of Service Vulnerability
9448| [48566] ISC BIND 9 Unspecified Packet Processing Remote Denial of Service Vulnerability
9449| [48565] ISC BIND 9 RPZ Configurations Remote Denial of Service Vulnerabilities
9450| [48007] ISC BIND 9 Large RRSIG RRsets Remote Denial of Service Vulnerability
9451| [47734] ISC BIND 9 RRSIG Query Type Remote Denial of Service Vulnerability
9452| [46491] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
9453| [45385] ISC BIND 9 DNSSEC Validation Remote Denial of Service Vulnerability
9454| [45133] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
9455| [41730] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
9456| [37865] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
9457| [37118] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
9458| [35848] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
9459| [25076] ISC BIND 9 Default ACL Settings Recursive Queries And Cached Content Security Bypass Vulnerability
9460| [25037] ISC BIND 9 Remote Cache Poisoning Vulnerability
9461| [4936] ISC BIND 9 Remote Denial Of Service Vulnerability
9462| [100656] Cisco ASR 920 Series Routers CVE-2017-6795 Local Arbitrary File Overwrite Vulnerability
9463| [97450] Cisco ASR 903 and ASR 920 Series CVE-2017-6603 Denial of Service Vulnerability
9464| [93415] Cisco Nexus 9000 Series Switches CVE-2016-1455 Remote Information Disclosure Vulnerability
9465| [82579] Cisco Nexus 9000 Series ACI Mode Switches CVE-2015-6398 Denial of Service Vulnerability
9466| [77686] Cisco Firepower 9000 Series CVE-2015-6380 Unspecified OS Command Injection Vulnerability
9467| [77635] Cisco Firepower 9000 Series CVE-2015-6371 Multiple Arbitrary File Read Vulnerabilities
9468| [77634] Cisco Firepower 9000 Series CVE-2015-6370 Local Command Injection Vulnerability
9469| [77633] Cisco Firepower 9000 Series Switches CVE-2015-6372 HTML Injection Vulnerability
9470| [77631] Cisco Firepower 9000 Series Switches CVE-2015-6374 Clickjacking Vulnerability
9471| [77629] Cisco Firepower 9000 Series CVE-2015-6369 Local Denial of Service Vulnerability
9472| [77628] Cisco Firepower 9000 CVE-2015-6373 Cross Site Request Forgery Vulnerability
9473| [77614] Cisco Firepower 9000 Series Switches CVE-2015-6368 Information Disclosure Vulnerability
9474| [76913] Cisco NX-OS Software for Nexus 9000 Series Switches CVE-2015-6308 Denial of Service Vulnerability
9475| [76791] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-6301 Denial of Service Vulnerability
9476| [76762] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-6295 Denial of Service Vulnerability
9477| [76329] Cisco Nexus 9000 Series Software CVE-2015-4301 Remote Denial of Service Vulnerability
9478| [76057] Cisco Firepower 9000 Series Devices CVE-2015-4287 Information Disclosure Vulnerability
9479| [75471] Cisco Unified IP Phones 9900 Series CVE-2015-4226 Denial of Service Vulnerability
9480| [75378] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-4213 Information Disclosure Vulnerability
9481| [74029] Cisco ASR 9000 Series Routers CVE-2015-0694 Remote Security Bypass Vulnerability
9482| [73895] Cisco NX-OS Software for Nexus 9000 Series CVE-2015-0686 Denial of Service Vulnerability
9483| [73470] Cisco ASR 9000 Series Routers CVE-2015-0685 Denial of Service Vulnerability
9484| [73318] Cisco ASR 9000 Series Aggregation Services Routers CVE-2015-0672 Denial of Service Vulnerability
9485| [72485] Cisco Unified IP Phones 9900 Series CVE-2015-0604 Arbitrary File Upload Vulnerability
9486| [72484] Cisco Unified IP Phones 9900 Series CVE-2015-0603 Local Denial of Service Vulnerability
9487| [72483] Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
9488| [72482] Cisco Unified IP Phones 9900 Series CVE-2015-0602 Information Disclosure Vulnerability
9489| [72481] Cisco Unified IP Phones 9900 Series CVE-2015-0600 Denial of Service Vulnerability
9490| [71979] Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
9491| [69057] Cisco Nexus 9000 Series Switches CVE-2014-3330 Access List Security Bypass Vulnerability
9492| [64770] Cisco Unified IP Phones 9900 Series Crafted Header Unregister Denial of Service Vulnerability
9493| [63564] Cisco MDS 9000 NX-OS Software VRRP Frames Denial of Service Vulnerability
9494| [62944] Cisco Unified IP Phones 9900 Series CVE-2013-5532 Buffer Overflow Vulnerability
9495| [62943] Cisco Unified IP Phones 9900 Series CVE-2013-5533 Local Command Injection Vulnerability
9496| [62905] Cisco Unified IP Phones 9900 Series CVE-2013-5526 Denial of Service Vulnerability
9497| [61330] Cisco Unified IP Phones 9900 Series CVE-2013-3426 Arbitrary File Download Vulnerability
9498| [49633] Oracle Application Server 9i 'httpd.conf' Information Disclosure Vulnerability
9499| [48811] Cisco ASR 9000 Series Routers IP Version 4 Denial of Service Vulnerability
9500| [48264] Aastra 9480i CT Multiple Information Disclosure Vulnerabilities
9501| [15542] NetObjects Fusion 9 Information Disclosure Vulnerability
9502| [6556] Oracle 9i Application Server Sample Scripts Information Disclosure Vulnerability
9503| [6459] Oracle 9i Application Server Java Server Page Source Code Disclosure Vulnerability
9504| [5335] Multiple Lucent Router UDP Port 9 Information Disclosure Vulnerability
9505| [4290] Oracle 9i Default Configuration File Information Disclosure Vulnerability
9506| [4034] Oracle 9IAS OracleJSP Information Disclosure Vulnerability
9507| [3848] Mandrake Bind 9 Package Insecure File Permissions Vulnerability
9508| [2516] Microsoft Plus! 98 Windows ME Password Disclosure Vulnerability
9509|
9510| IBM X-Force - https://exchange.xforce.ibmcloud.com:
9511| [85799] Cisco Unified IP Phones 9900 Series directory traversal
9512| [75412] Cisco Unified IP Phones 9900 series RT privilege escalation
9513| [68733] Cisco 9000 Series Aggregation Service Router IPv4 packet denial of service
9514| [9704] Multiple Lucent router UDP port 9 could disclose sensitive information
9515| [9250] BIND 9 dns_message_findtype() denial of service
9516| [1852] BIND prior to 4.9.7 buffer overflow affects Digital Firewall 97 users
9517| [539] Microsoft Windows 95 and Internet Explorer password disclosure
9518| [86004] ISC BIND RDATA denial of service
9519| [84767] ISC BIND denial of service
9520| [83066] ISC BIND denial of service
9521| [81504] ISC BIND AAAA denial of service
9522| [80510] ISC BIND DNS64 denial of service
9523| [79121] ISC BIND queries denial of service
9524| [78479] ISC BIND RDATA denial of service
9525| [77185] ISC BIND TCP queries denial of service
9526| [77184] ISC BIND bad cache denial of service
9527| [76034] ISC BIND rdata denial of service
9528| [73053] ISC BIND cache update policy security bypass
9529| [71332] ISC BIND recursive queries denial of service
9530| [68375] ISC BIND UPDATE denial of service
9531| [68374] ISC BIND Response Policy Zones denial of service
9532| [67665] ISC BIND RRSIG Rrsets denial of service
9533| [67297] ISC BIND RRSIG denial of service
9534| [65554] ISC BIND IXFR transfer denial of service
9535| [63602] ISC BIND allow-query security bypass
9536| [63596] ISC BIND zone data security bypass
9537| [63595] ISC BIND RRSIG denial of service
9538| [62072] ISC BIND DNSSEC query denial of service
9539| [62071] ISC BIND ACL security bypass
9540| [61871] ISC BIND anchors denial of service
9541| [60421] ISC BIND RRSIG denial of service
9542| [56049] ISC BIND out-of-bailiwick weak security
9543| [55937] ISC Bind unspecified cache poisoning
9544| [55753] ISC BIND DNSSEC NSEC/NSEC3 cache poisoning
9545| [54416] ISC BIND DNSSEC cache poisoning
9546| [52073] ISC BIND dns_db_findrdataset() denial of service
9547| [47409] Multiple Mozilla products XBL loadBindingDocument information disclosure
9548| [45234] ISC BIND UDP denial of service
9549| [39670] ISC BIND inet_network buffer overflow
9550| [37233] libgssapi ISC BIND Novell SUSE Linux Enterprise Server GSS-TSIG request denial of service
9551| [37128] RHSA update for ISC BIND RRset denial of service not installed
9552| [37127] RHSA update for ISC BIND named service denial of service not installed
9553| [36275] ISC BIND DNS query spoofing
9554| [35575] ISC BIND query ID cache poisoning
9555| [35571] ISC BIND ACL security bypass
9556| [31838] ISC BIND RRset denial of service
9557| [31799] ISC BIND named service denial of service
9558| [29876] HP Tru64 ypbind core dump information disclosure
9559| [28745] ISC BIND DNSSEC RRset denial of service
9560| [28744] ISC BIND recursive INSIST denial of service
9561| [22041] BEA WebLogic Server and Express LDAP anonymous bind information disclosure
9562| [18836] BIND hostname disclosure
9563| [10624] ISC BIND DNS stub resolver library (libresolv.a) stack buffer overflows
9564| [10333] ISC BIND SIG null pointer dereference denial of service
9565| [10332] ISC BIND OPT resource record (RR) denial of service
9566| [10304] ISC BIND SIG cached resource records (RR) heap buffer overflow
9567| [7027] Cisco CBOS Web-based configuration utility binds to port 80 by default
9568| [5814] ISC BIND "
9569| [5540] ISC BIND can be remotely crashed by issuing ZXFR requests
9570| [5462] ISC BIND AXFR host command remote buffer overflow
9571|
9572| Exploit-DB - https://www.exploit-db.com:
9573| [25305] ColdFusion 9-10 - Credential Disclosure Exploit
9574| [9300] ISC BIND 9 Remote Dynamic Update Message Denial of Service PoC
9575| [24689] cPanel 9.9.1 -R3 Front Page Extension Installation Information Disclosure
9576| [23059] Netbula Anyboard 9.9.5 6 Information Disclosure Vulnerability
9577| [21812] MS Word 95/97/98/2000/2002 INCLUDEPICTURE Document Sharing File Disclosure
9578| [21764] MS Word 95/97/98/2000/2002 Excel 2002 INCLUDETEXT Document Sharing File Disclosure
9579| [19877] FrontPage 98/Personal WebServer 1.0,Personal Web Server 2.0 htimage.exe File Existence Disclosure
9580| [17376] Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability
9581| [13448] linux/x86 portbind port 5074 92 bytes
9582| [13388] linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes
9583| [13360] linux/x86 setuid/portbind shellcode 96 bytes
9584| [13245] bsd/x86 setuid/portbind shellcode 94 bytes
9585| [10638] Web Wiz Forums 9.64 - Database Disclosure Vulnerability
9586| [6775] Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
9587| [6236] BIND 9.5.0-P2 (randomized ports) Remote DNS Cache Poisoning Exploit
9588| [6130] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (c)
9589| [6123] BIND 9.x Remote DNS Cache Poisoning Flaw Exploit (py)
9590| [6122] BIND 9.4.1-9.4.2 - Remote DNS Cache Poisoning Flaw Exploit (meta)
9591| [4292] Diskeeper 9 Remote Memory Disclosure Exploit
9592| [4266] BIND 9 0.3beta - DNS Cache Poisoning Exploit
9593|
9594| OpenVAS (Nessus) - http://www.openvas.org:
9595| [103090] ISC BIND 9 IXFR Transfer/DDNS Update Remote Denial of Service Vulnerability
9596| [103031] ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
9597| [103030] ISC BIND 9 'RRSIG' Record Type Negative Cache Remote Denial of Service Vulnerability
9598| [100717] ISC BIND 9 'RRSIG' Record Type Remote Denial of Service Vulnerability
9599| [100458] ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
9600| [100362] ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
9601| [100251] ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
9602| [63208] Fedora Core 9 FEDORA-2009-0350 (bind)
9603| [11226] Oracle 9iAS default error information disclosure
9604|
9605| SecurityTracker - https://www.securitytracker.com:
9606| [1025811] Cisco ASR 9000 Series Router IPv4 Packet Processing Flaw Lets Remote Users Deny Service
9607| [1012995] BIND 9 Validator Assumption Error May Let Remote Users Deny Service
9608| [1005048] Oracle Enterprise Manager Web Service Component of Oracle 9i Application Server Discloses the Web Cache Administrator Password to Local Users
9609| [1003675] Oracle 9iAS Application Server Discloses CGI-BIN Script Source Code to Remote Users
9610| [1001186] Microsoft Windows Me Operating System and Windows 98 with the Plus! 98 Package Disclose Data Compression Passwords
9611| [1028901] (McAfee Issues Advisory for McAfee Email Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9612| [1028900] (McAfee Issues Advisory for McAfee Email and Web Security Appliance) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9613| [1028899] (McAfee Issues Fix for McAfee Web Gateway) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9614| [1028866] (McAfee Issues Fix for McAfee Firewall Enterprise) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9615| [1028854] (NetBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9616| [1028849] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9617| [1028848] (Red Hat Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9618| [1028839] (FreeBSD Issues Fix) ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9619| [1028838] ISC BIND RDATA Processing Bug Lets Remote Users Deny Service
9620| [1028632] ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers
9621| [1028046] ISC BIND DNS64 and Response Policy Zones (RPZ) Bug Lets Remote Users Deny Service
9622| [1027835] ISC BIND DNS64 Bug Lets Remote Users Deny Service
9623| [1027642] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
9624| [1027529] ISC BIND RDATA Processing Flaw Lets Remote Users Deny Service
9625| [1026647] ISC BIND Cache Update Policy Can Be Bypassed to Allow Revoked Domain Names to Remain Resolvable
9626| [1026335] ISC BIND Invalid Record Caching Flaw Lets Remote Users Deny Service
9627| [1025743] ISC BIND Response Policy Zones DNAME/CNAME Processing Flaw Lets Remote Users Deny Service
9628| [1025742] ISC BIND Packet Processing Flaw Lets Remote Users Deny Service
9629| [1015850] Samba winbindd Daemon Discloses Server Password to Local Users
9630| [1003359] BindView NETinventory Discloses Password to Local Users During Auditing
9631| [1001721] BIND Domain Name System Software May Disclose DNS Transactional Signature (TSIG) Keys to Local Users
9632|
9633| OSVDB - http://www.osvdb.org:
9634| [95373] Cisco Unified IP Phones 9900 Series Serviceability Servlet Path Value Handling Arbitrary File Access
9635| [86219] Cardiac Science G3 Plus 9390A-501 AED AEDUpdate Cleartext Password Local Disclosure
9636| [76009] Cisco IOS DLSw FST IP Protocol 91 Packet Memory Leak Remote DoS
9637| [73985] Cisco ASR 9000 Series Line Card IPv4 Packet Parsing Remote DoS
9638| [72941] Aastra 9480i IP Phone Multiple Configuration File Direct Request Information Disclosure
9639| [34520] Cisco Linksys Multiple Router UDP 916 Remote Information Disclosure
9640| [22517] MPN HP-180W Wireless IP Phone UDP Port 9090 Information Disclosure
9641| [22516] ZyXEL P-2000W_v2 VoIP Wi-Fi Phone UDP Port 9090 Information Disclosure
9642| [21292] ZyXEL P2000W UDP 9090 Remote Information Disclosure
9643| [18220] Oracle 9iAS httpd.confg /perl Location Alias Arbitrary CGI File Script Disclosure
9644| [18218] Oracle 9iAS echo2 Sample Application Information Disclosure
9645| [18217] Oracle 9iAS echo Sample Application Information Disclosure
9646| [18216] Oracle 9iAS printenv Sample Application Information Disclosure
9647| [18215] Oracle 9iAS info.jsp Sample Application Information Disclosure
9648| [6674] Microsoft Office 98 for Macintosh Disk Space Information Disclosure
9649| [3108] Microsoft Office 98 Macintosh Information Disclosure
9650| [1146] Microsoft Windows 9x Credential Cache Cleartext Password Disclosure
9651| [665] Microsoft Windows 95 Online Registration Information Disclosure
9652| [95707] ISC BIND rdata.c RFC 5011 Implementation Malformed RDATA Section Handling Remote DoS
9653| [93913] ISC BIND Recursive Resolver resolver.c Malformed Zone Query Handling Remote DoS
9654| [91712] ISC BIND Crafted Regular Expression Handling Memory Exhaustion Remote DoS
9655| [89584] ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS
9656| [89401] Foswiki LocalSite.cfg LDAP BindPassword Plaintext Local Disclosure
9657| [88126] ISC BIND DNS64 IPv6 Transition Mechanism DNS Query Parsing Remote DoS
9658| [86118] ISC BIND Nameserver RDATA Record Query Parsing Remote DoS
9659| [85417] ISC BIND Assertion Error Resource Record RDATA Query Parsing Remote DoS
9660| [84229] ISC BIND Memory Leak TCP Query Parsing ns_client Object Out-of-memory Remote DoS
9661| [84228] ISC BIND Query Handling Bad Cache Data Structure Assertion Remote DoS
9662| [82609] ISC BIND named DNS Resource Record Zero Length Rdata Handling Remote Information Disclosure
9663| [78916] ISC BIND Cache Update Policy Deleted Domain Name Resolving Weakness
9664| [77159] ISC BIND Recursive Query Parsing Remote DoS
9665| [73605] ISC BIND UPDATE Request Parsing Remote DoS
9666| [73604] ISC BIND Response Policy Zones (RPZ) DNAME / CNAME Parsing Remote DoS
9667| [72540] ISC BIND Caching Resolver Large RRSIG RRsets Negative Caching Remote DoS
9668| [72539] ISC BIND Authoritative Server Crafted IXFR / DDNS Query Update Deadlock DoS
9669| [72172] ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
9670| [69568] ISC BIND named allow-query ACL Restriction Bypass
9671| [69559] ISC BIND named Key Algorithm Rollover Weakness
9672| [69558] ISC BIND named RRSIG Negative Caching DoS
9673| [68271] ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS
9674| [68270] ISC BIND ACL Application Weakness Cache Recursion Access Restriction Bypass
9675| [66395] ISC BIND RRSIG Requests Infinite Loop DoS
9676| [63373] Apple Mac OS X Server Admin Authenticated Directory Binding Handling Unspecified Open Directory Information Disclosure
9677| [62008] ISC BIND Secure Response Refetch Weakness Unspecified Issue
9678| [62007] ISC BIND Recursive Client Query CNAME / DNAME Response DNS Cache Poisoning
9679| [61853] ISC BIND DNSSEC Validation Crafted NXDOMAIN Request Cache Poisoning
9680| [60493] ISC BIND DNSSEC Recursive Query Additional Section Cache Poisoning
9681| [59272] ISC BIND named Multiple Symlink Arbitrary File Overwrite
9682| [58740] Apache Rampart TransportBinding Message Payload Cleartext Disclosure
9683| [57060] ISC BIND DNS Message Malformed TSIG Remote DoS
9684| [56584] ISC BIND Dynamic Update Message Handling Remote DoS
9685| [56411] GNU wget DNS Rebinding Information Disclosure Weakness
9686| [53115] ISC BIND EVP_VerifyFinal() / DSA_do_verify() SSL/TLS Signature Validation Weakness
9687| [48243] ISC BIND for Windows UDP Client Handler Remote DoS
9688| [46776] ISC BIND DNS Query ID Field Prediction Cache Poisoning
9689| [42655] ISC BIND on Red Hat Linux /etc/rndc.key Insecure File Permission Local named Manipulation
9690| [41211] ISC BIND libbind inet_network() Function Off-By-One Memory Corruption
9691| [40935] ISC BIND on SUSE Linux Enterprise Server libgssapi named GSS-TSIG Request Remote DoS
9692| [37301] ISC BIND Signed Zone Signature Verification Remote DoS
9693| [36796] ISC BIND Outgoing Query Predictable DNS Query ID
9694| [36236] ISC BIND allow-query-cache/allow-recursion ACL Bypass
9695| [36235] ISC BIND Predictable DNS Query IDs Cache Poisoning
9696| [34753] ISC BIND stub Resolver libbind Crafted Query Remote DoS
9697| [34752] ISC BIND so_linger Remote DoS
9698| [34751] ISC BIND Malformed SIG Record Remote DoS
9699| [34750] ISC BIND Malformed NAPTR Record Local DoS
9700| [34749] ISC BIND named maxdname DoS
9701| [34748] ISC BIND query.c query_addsoa Function Unspecified Recursive Query DoS
9702| [31923] ISC BIND Crafted ANY Request Response Multiple RRsets DoS
9703| [31922] ISC BIND Unspecified Freed Fetch Context Dereference DoS
9704| [28558] ISC BIND Recursive Query Saturation DoS
9705| [28557] ISC BIND SIG Query Multiple RRsets Response DoS
9706| [25895] ISC BIND Cached Recursive Query DoS
9707| [24263] Samba winbindd Debug Log Server Credentials Local Disclosure
9708| [21353] BindView NetInventory HOSTCFG._NI Deletion Cleartext Password Disclosure
9709| [14878] ISC BIND rdataset Parameter Malformed DNS Packet DoS
9710| [14877] ISC BIND stub Resolver Libraries Malformed DNS Response DoS
9711| [14795] ISC BIND TSIG Handling Code Remote Overflow
9712| [14432] ISC BIND Multiple DNS Resolver Functions Remote Overflow
9713| [13752] ISC BIND host Command AXFR Response Remote Overflow
9714| [13176] ISC BIND q_usedns Array Remote Overflow DoS
9715| [13175] ISC BIND dnssec authvalidated Crafted Packet Remote DoS
9716| [9736] ISC BIND fdmax File Descriptor Consumption DoS
9717| [9735] ISC BIND -DALLOW_UPDATES Option Remote Record Modification
9718| [9734] ISC BIND CNAME Record Zone Transfer DoS
9719| [9733] ISC BIND Malformed DNS Message DoS
9720| [9725] ISC BIND SIG RR Elements Invalid Expirty Times DoS
9721| [9724] ISC BIND OPT Resource Record Large UDP Payload DoS
9722| [9723] Multiple Vendor LDAP Server NULL Bind Connection Information Disclosure
9723| [8330] ISC BIND DNS stub resolver (libresolv.a) DNS Response Overflow
9724| [7990] ISC BIND gethostbyname() DNS Handling Remote Overflow
9725| [5828] ISC BIND named SRV Remote DoS
9726| [5609] ISC BIND dnskeygen HMAC-MD5 Shared Secret Key File Disclosure
9727| [2866] ISC BIND Negative Record Cache Poisoning
9728| [1751] ISC BIND Environment Variable Information Disclosure
9729| [1747] ISC BIND 4 nslookupComplain() Remote Format String
9730| [1746] ISC BIND 4 nslookupComplain() Remote Overflow
9731| [913] ISC BIND Inverse-Query Remote Overflow
9732| [869] ISC BIND named SIG Resource Server Response RR Overflow
9733| [448] ISC BIND Compressed ZXFR Name Service Query Remote DoS
9734| [438] ISC BIND Predictable Query ID DNS Cache Poisoning
9735| [24] ISC BIND NXT Record Overflow
9736|_
973780/tcp open http LiteSpeed httpd
9738| vulscan: VulDB - https://vuldb.com:
9739| [127415] LiteSpeed OpenLiteSpeed up to 1.5.0 RC5 Byte Sequence Request privilege escalation
9740| [106897] Open Litespeed up to 1.3.9 Use-After-Free memory corruption
9741| [62114] Litespeedtech LiteSpeed Web Server 4.1.11 cross site scripting
9742| [53729] Litespeedtech LiteSpeed Web Server information disclosure
9743| [39420] Litespeed Technologies LiteSpeed Web Server up to 3.2.2 php%00.txt information disclosure
9744|
9745| MITRE CVE - https://cve.mitre.org:
9746| [CVE-2012-4871] Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter.
9747| [CVE-2010-2333] LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
9748| [CVE-2007-5654] LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."
9749| [CVE-2005-3695] Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
9750|
9751| SecurityFocus - https://www.securityfocus.com/bid/:
9752| [82240] PHP LiteSpeed SAPI Out of Bounds Read Memory Corruption Vulnerability
9753| [82027] PHP 'sapi/litespeed/lsapilib.c' Information Disclosure Vulnerability
9754| [74806] OpenLiteSpeed Heap Based Buffer Overflow and Denial of Service Vulnerabilities
9755| [74207] LiteSpeed Web Server 'httpreq.cpp' Use After Free Denial of Service Vulnerability
9756| [63484] LiteSpeed Web Server Local Privilege Escalation Vulnerability
9757| [63481] LiteSpeed Web Server Race Condition Insecure Temporary File Creation Vulnerability
9758| [55946] LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting Vulnerability
9759| [45382] PHP LiteSpeed SAPI Arbitrary Code Execution Vulnerability
9760| [40815] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
9761| [38317] LiteSpeed Web Server Cross Site Scripting and Request Forgery Vulnerabilities
9762| [36268] LiteSpeed Web Server Multiple Unspecified Remote Security Vulnerabilities
9763| [26163] LiteSpeed Web Server Null-Byte Handling Information Disclosure Vulnerability
9764| [15485] LiteSpeed ConfMgr.php Cross-Site Scripting Vulnerability
9765|
9766| IBM X-Force - https://exchange.xforce.ibmcloud.com:
9767| [74144] LiteSpeed graph_html.php cross-site scripting
9768| [63979] LiteSpeed Web Server Null buffer overflow
9769| [59385] LiteSpeed Web Server information disclosure
9770| [56389] LiteSpeed Web Server Admin interface cross-site scripting
9771| [56388] LiteSpeed Web Server confMgr.php cross-site request forgery
9772| [54537] LiteSpeed Web Server post-authentication code execution
9773| [54536] LiteSpeed Web Server Lshttpd denial of service
9774| [37380] LiteSpeed Web Server mime-type information disclosure
9775| [23086] LiteSpeed Web Server /admin/config/confMgr.php cross-site scripting
9776|
9777| Exploit-DB - https://www.exploit-db.com:
9778| [26535] LiteSpeed 2.1.5 ConfMgr.php Cross-Site Scripting Vulnerability
9779| [15723] FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit
9780| [13850] Litespeed Technologies Web Server Remote Poison null byte Exploit
9781| [11503] Litespeed Web Server 4.0.12 - (Add Admin) CSRF and XSS Vulnerabilities
9782| [4556] LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure Vuln
9783|
9784| OpenVAS (Nessus) - http://www.openvas.org:
9785| [100744] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
9786|
9787| SecurityTracker - https://www.securitytracker.com:
9788| [1015234] LiteSpeed Web Server Input Validation Flaw in 'confMgr.php' Permits Cross-Site Scripting Attacks
9789|
9790| OSVDB - http://www.osvdb.org:
9791| [80213] LiteSpeed Web Server Admin Panel service/graph_html.php gtitle Parameter XSS
9792| [69916] LiteSpeed Web Server HTTP Header LSAPI PHP Extension Processing Overflow
9793| [65476] LiteSpeed Web Server Script Source Code Information Disclosure
9794| [62449] LiteSpeed Web Server Admin User Creation CSRF
9795| [57910] LiteSpeed Web Server Unspecified Post-authentication Issue
9796| [57909] LiteSpeed Web Server lshttpd Unspecified Infinite Loop DoS
9797| [41867] LiteSpeed Web Server MIME Type Injection Null Byte Script Source Code Disclosure
9798| [20908] LiteSpeed Web Server WebAdmin confMgr.php m Parameter XSS
9799|_
9800110/tcp closed pop3
9801139/tcp closed netbios-ssn
9802143/tcp closed imap
9803443/tcp open ssl/http LiteSpeed httpd
9804| vulscan: VulDB - https://vuldb.com:
9805| [127415] LiteSpeed OpenLiteSpeed up to 1.5.0 RC5 Byte Sequence Request privilege escalation
9806| [106897] Open Litespeed up to 1.3.9 Use-After-Free memory corruption
9807| [62114] Litespeedtech LiteSpeed Web Server 4.1.11 cross site scripting
9808| [53729] Litespeedtech LiteSpeed Web Server information disclosure
9809| [39420] Litespeed Technologies LiteSpeed Web Server up to 3.2.2 php%00.txt information disclosure
9810|
9811| MITRE CVE - https://cve.mitre.org:
9812| [CVE-2012-4871] Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gtitle parameter.
9813| [CVE-2010-2333] LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
9814| [CVE-2007-5654] LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."
9815| [CVE-2005-3695] Cross-site scripting (XSS) vulnerability in admin/config/confMgr.php in LiteSpeed Web Server 2.1.5 allows remote attackers to inject arbitrary web script or HTML via the m parameter.
9816|
9817| SecurityFocus - https://www.securityfocus.com/bid/:
9818| [82240] PHP LiteSpeed SAPI Out of Bounds Read Memory Corruption Vulnerability
9819| [82027] PHP 'sapi/litespeed/lsapilib.c' Information Disclosure Vulnerability
9820| [74806] OpenLiteSpeed Heap Based Buffer Overflow and Denial of Service Vulnerabilities
9821| [74207] LiteSpeed Web Server 'httpreq.cpp' Use After Free Denial of Service Vulnerability
9822| [63484] LiteSpeed Web Server Local Privilege Escalation Vulnerability
9823| [63481] LiteSpeed Web Server Race Condition Insecure Temporary File Creation Vulnerability
9824| [55946] LiteSpeed Web Server 'gtitle' parameter Cross Site Scripting Vulnerability
9825| [45382] PHP LiteSpeed SAPI Arbitrary Code Execution Vulnerability
9826| [40815] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
9827| [38317] LiteSpeed Web Server Cross Site Scripting and Request Forgery Vulnerabilities
9828| [36268] LiteSpeed Web Server Multiple Unspecified Remote Security Vulnerabilities
9829| [26163] LiteSpeed Web Server Null-Byte Handling Information Disclosure Vulnerability
9830| [15485] LiteSpeed ConfMgr.php Cross-Site Scripting Vulnerability
9831|
9832| IBM X-Force - https://exchange.xforce.ibmcloud.com:
9833| [74144] LiteSpeed graph_html.php cross-site scripting
9834| [63979] LiteSpeed Web Server Null buffer overflow
9835| [59385] LiteSpeed Web Server information disclosure
9836| [56389] LiteSpeed Web Server Admin interface cross-site scripting
9837| [56388] LiteSpeed Web Server confMgr.php cross-site request forgery
9838| [54537] LiteSpeed Web Server post-authentication code execution
9839| [54536] LiteSpeed Web Server Lshttpd denial of service
9840| [37380] LiteSpeed Web Server mime-type information disclosure
9841| [23086] LiteSpeed Web Server /admin/config/confMgr.php cross-site scripting
9842|
9843| Exploit-DB - https://www.exploit-db.com:
9844| [26535] LiteSpeed 2.1.5 ConfMgr.php Cross-Site Scripting Vulnerability
9845| [15723] FreeBSD LiteSpeed Web Server 4.0.17 with PHP - Remote Exploit
9846| [13850] Litespeed Technologies Web Server Remote Poison null byte Exploit
9847| [11503] Litespeed Web Server 4.0.12 - (Add Admin) CSRF and XSS Vulnerabilities
9848| [4556] LiteSpeed Web Server <= 3.2.3 - Remote Source Code Disclosure Vuln
9849|
9850| OpenVAS (Nessus) - http://www.openvas.org:
9851| [100744] LiteSpeed Web Server Source Code Information Disclosure Vulnerability
9852|
9853| SecurityTracker - https://www.securitytracker.com:
9854| [1015234] LiteSpeed Web Server Input Validation Flaw in 'confMgr.php' Permits Cross-Site Scripting Attacks
9855|
9856| OSVDB - http://www.osvdb.org:
9857| [80213] LiteSpeed Web Server Admin Panel service/graph_html.php gtitle Parameter XSS
9858| [69916] LiteSpeed Web Server HTTP Header LSAPI PHP Extension Processing Overflow
9859| [65476] LiteSpeed Web Server Script Source Code Information Disclosure
9860| [62449] LiteSpeed Web Server Admin User Creation CSRF
9861| [57910] LiteSpeed Web Server Unspecified Post-authentication Issue
9862| [57909] LiteSpeed Web Server lshttpd Unspecified Infinite Loop DoS
9863| [41867] LiteSpeed Web Server MIME Type Injection Null Byte Script Source Code Disclosure
9864| [20908] LiteSpeed Web Server WebAdmin confMgr.php m Parameter XSS
9865|_
9866445/tcp closed microsoft-ds
9867465/tcp closed smtps
9868587/tcp closed submission
9869993/tcp closed imaps
9870995/tcp closed pop3s
98711295/tcp open ehtp?
98722049/tcp closed nfs
98732077/tcp closed tsrmagt
98742078/tcp closed tpcsrvr
98752079/tcp closed idware-router
98762080/tcp closed autodesk-nlm
98772082/tcp open infowave?
98782083/tcp open ssl/radsec?
9879| fingerprint-strings:
9880| GetRequest:
9881| HTTP/1.0 200 OK
9882| Connection: close
9883| Content-Type: text/html; charset="utf-8"
9884| Date: Tue, 29 Oct 2019 19:32:37 GMT
9885| Cache-Control: no-cache, no-store, must-revalidate, private
9886| Pragma: no-cache
9887| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9888| Set-Cookie: cpsession=%3aMW4pDADMuLLZnale%2c8b0fe977b150e5c9000ed45c92f3c32c; HttpOnly; path=/; port=2083; secure
9889| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9890| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9891| Set-Cookie: Horde=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9892| Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-Jan-1970 00:
9893| HTTPOptions:
9894| HTTP/1.0 200 OK
9895| Connection: close
9896| Content-Type: text/html; charset="utf-8"
9897| Date: Tue, 29 Oct 2019 19:32:40 GMT
9898| Cache-Control: no-cache, no-store, must-revalidate, private
9899| Pragma: no-cache
9900| Set-Cookie: cprelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9901| Set-Cookie: cpsession=%3aQtgl2CYho4hxDPQf%2c6c6a7a8ef3f635cc42a7d9c2cc857356; HttpOnly; path=/; port=2083; secure
9902| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9903| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9904| Set-Cookie: Horde=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2083; secure
9905|_ Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-Jan-1970 00:
99062086/tcp open gnunet?
99072087/tcp open ssl/eli?
9908| fingerprint-strings:
9909| GetRequest:
9910| HTTP/1.0 200 OK
9911| Connection: close
9912| Content-Type: text/html; charset="utf-8"
9913| Date: Tue, 29 Oct 2019 19:32:31 GMT
9914| Cache-Control: no-cache, no-store, must-revalidate, private
9915| Pragma: no-cache
9916| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9917| Set-Cookie: whostmgrsession=%3a0I_ekSB8C4KFFCBB%2c00db196d5627615b966c78e81b9185ab; HttpOnly; path=/; port=2087; secure
9918| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9919| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9920| Set-Cookie: Horde=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9921| Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-
9922| HTTPOptions:
9923| HTTP/1.0 200 OK
9924| Connection: close
9925| Content-Type: text/html; charset="utf-8"
9926| Date: Tue, 29 Oct 2019 19:32:33 GMT
9927| Cache-Control: no-cache, no-store, must-revalidate, private
9928| Pragma: no-cache
9929| Set-Cookie: whostmgrrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9930| Set-Cookie: whostmgrsession=%3aeb_cJkh4fCze02X7%2c582360cad822efcc462eb8a230253925; HttpOnly; path=/; port=2087; secure
9931| Set-Cookie: roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9932| Set-Cookie: roundcube_sessauth=expired; HttpOnly; domain=servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9933| Set-Cookie: Horde=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=2087; secure
9934|_ Set-Cookie: horde_secret_key=expired; HttpOnly; domain=.servidor.metro.cl; expires=Thu, 01-
99352095/tcp open nbx-ser?
9936| fingerprint-strings:
9937| GenericLines, NULL:
9938| HTTP/1.0 401 Access Denied
9939| Connection: close
9940| Content-Type: text/html; charset="utf-8"
9941| Date: Tue, 29 Oct 2019 19:31:52 GMT
9942| Cache-Control: no-cache, no-store, must-revalidate, private
9943| Pragma: no-cache
9944| X-Error-Message: Access Denied
9945| Content-Length: 5084
9946| <!DOCTYPE html>
9947| <html lang="en" dir="ltr">
9948| <head>
9949| <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
9950| <meta name="viewport" content="width=device-width, initial-scale=1.0">
9951| <meta name="google" content="notranslate" />
9952| <meta name="apple-itunes-app" content="app-id=1188352635" />
9953| <title>Webmail Login</title>
9954|_ <link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAEAICAAAAEAIADSAgAAFgAAAIlQTkcNChoKAAAADUlIRFIAAAAgAAAAIAgGAAAAc3p69AAAAplJREFUWIXt1j2IHGUYB/DfOzdnjIKFkECIVWIKvUFsIkRExa9KJCLaWAgWJx4DilZWgpDDiI0wiViIoGATP1CCEDYHSeCwUBBkgiiKURQJFiLo4d0eOxYzC8nsO9m9XcXC+8MW+3z+9/l6l2383xH+iSB
99552096/tcp open ssl/nbx-dir?
9956| fingerprint-strings:
9957| GenericLines, NULL:
9958| HTTP/1.0 401 Access Denied
9959| Connection: close
9960| Content-Type: text/html; charset="utf-8"
9961| Date: Tue, 29 Oct 2019 19:32:24 GMT
9962| Cache-Control: no-cache, no-store, must-revalidate, private
9963| Pragma: no-cache
9964| X-Error-Message: Access Denied
9965| Content-Length: 5084
9966| <!DOCTYPE html>
9967| <html lang="en" dir="ltr">
9968| <head>
9969| <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
9970| <meta name="viewport" content="width=device-width, initial-scale=1.0">
9971| <meta name="google" content="notranslate" />
9972| <meta name="apple-itunes-app" content="app-id=1188352635" />
9973| <title>Webmail Login</title>
9974|_ <link rel="shortcut icon" href="data:image/x-icon;base64,AAABAAEAICAAAAEAIADSAgAAFgAAAIlQTkcNChoKAAAADUlIRFIAAAAgAAAAIAgGAAAAc3p69AAAAplJREFUWIXt1j2IHGUYB/DfOzdnjIKFkECIVWIKvUFsIkRExa9KJCLaWAgWJx4DilZWgpDDiI0wiViIoGATP1CCEDYHSeCwUBBkgiiKURQJFiLo4d0eOxYzC8nsO9m9XcXC+8MW+3z+9/l6l2383xH+iSB
99753071/tcp closed csd-mgmt-port
99763306/tcp open mysql MySQL (unauthorized)
9977| vulscan: VulDB - https://vuldb.com:
9978| [141414] LibreNMS up to 1.47 inventory.inc.php mysqli_escape_real_string Parameter cross site scripting
9979| [140101] Yandex ClickHouse MySQL Client information disclosure
9980| [139468] cPanel up to 60.0.24 MySQL Upgrade File privilege escalation
9981| [139350] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
9982| [139349] cPanel up to 64.0.20 convert_roundcube_mysql2sqlite privilege escalation
9983| [139308] cPanel up to 67.9999.102 WHM MySQL Password Change Interfaces Stored cross site scripting
9984| [138305] SaltStack Salt 2018.3/2019.2 mysqluser_chpass sql injection
9985| [138102] Oracle MySQL Server up to 8.0.16 InnoDB unknown vulnerability
9986| [138101] Oracle MySQL Server up to 8.0.16 Privileges unknown vulnerability
9987| [138100] Oracle MySQL Server up to 5.6.44/5.7.18 Privileges unknown vulnerability
9988| [138099] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Compiling information disclosure
9989| [138098] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Plug-in unknown vulnerability
9990| [138097] Oracle MySQL Server up to 5.7.26/8.0.16 Client programs denial of service
9991| [138096] Oracle MySQL Server up to 8.0.16 Roles denial of service
9992| [138095] Oracle MySQL Server up to 8.0.16 Privileges denial of service
9993| [138094] Oracle MySQL Server up to 5.7.25/8.0.15 Replication denial of service
9994| [138093] Oracle MySQL Server up to 8.0.16 Options denial of service
9995| [138092] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
9996| [138091] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
9997| [138090] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
9998| [138089] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
9999| [138088] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
10000| [138087] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
10001| [138086] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
10002| [138085] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
10003| [138084] Oracle MySQL Server up to 5.7.26/8.0.16 Optimizer denial of service
10004| [138083] Oracle MySQL Server up to 8.0.12 GIS denial of service
10005| [138082] Oracle MySQL Server up to 8.0.16 FTS denial of service
10006| [138081] Oracle MySQL Server up to 8.0.16 DML denial of service
10007| [138080] Oracle MySQL Server up to 8.0.16 Components denial of service
10008| [138079] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Pluggable Auth denial of service
10009| [138078] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
10010| [138077] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
10011| [138076] Oracle MySQL Server up to 8.0.16 InnoDB denial of service
10012| [138074] Oracle MySQL Server up to 8.0.12 Roles denial of service
10013| [138073] Oracle MySQL Server up to 5.7.26/8.0.16 Audit Log denial of service
10014| [138072] Oracle MySQL Server up to 5.7.26/8.0.16 Privileges unknown vulnerability
10015| [138071] Oracle MySQL Server up to 5.7.23 Replication unknown vulnerability
10016| [138070] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Audit unknown vulnerability
10017| [138069] Oracle MySQL Server up to 5.7.26/8.0.16 InnoDB unknown vulnerability
10018| [138068] Oracle MySQL Workbench up to 8.0.16 OpenSSL information disclosure
10019| [138067] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 XML denial of service
10020| [138066] Oracle MySQL Server up to 5.6.44/5.7.26/8.0.16 Parser denial of service
10021| [138065] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
10022| [138064] Oracle MySQL Server up to 8.0.16 Optimizer denial of service
10023| [138063] Oracle MySQL Server up to 8.0.12 Data Dictionary denial of service
10024| [138062] Oracle MySQL Server up to 8.0.16 Charsets denial of service
10025| [138061] Oracle MySQL Server up to 8.0.16 Replication unknown vulnerability
10026| [138060] Oracle MySQL Server up to 8.0.16 InnoDB Cluster unknown vulnerability
10027| [138059] Oracle MySQL Enterprise Monitor up to 4.0.9/8.0.14 Spring Framework denial of service
10028| [138058] Oracle MySQL Server up to 5.7.26/8.0.15 cURL unknown vulnerability
10029| [133701] Oracle MySQL Server up to 8.0.15 Replication denial of service
10030| [133700] Oracle MySQL Server up to 8.0.15 Replication denial of service
10031| [133698] Oracle MySQL Server up to 8.0.15 Group Replication Plugin denial of service
10032| [133697] Oracle MySQL Server up to 8.0.15 Roles denial of service
10033| [133695] Oracle MySQL Server up to 8.0.15 Privileges denial of service
10034| [133691] Oracle MySQL Server up to 8.0.15 Replication denial of service
10035| [133687] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10036| [133686] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10037| [133685] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10038| [133684] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10039| [133683] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10040| [133682] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10041| [133681] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10042| [133680] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10043| [133677] Oracle MySQL Server up to 8.0.15 Information Schema denial of service
10044| [133676] Oracle MySQL Server up to 8.0.15 DDL denial of service
10045| [133675] Oracle MySQL Server up to 8.0.15 DDL denial of service
10046| [133672] Oracle MySQL Server up to 8.0.15 InnoDB denial of service
10047| [133668] Oracle MySQL Server up to 8.0.15 Replication denial of service
10048| [133666] Oracle MySQL Server up to 8.0.15 Options denial of service
10049| [133662] Oracle MySQL Connectors up to 8.0.15 Connector/J unknown vulnerability
10050| [133661] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10051| [133660] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10052| [133659] Oracle MySQL Server up to 8.0.15 Optimizer denial of service
10053| [129647] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
10054| [129646] Oracle MySQL Server up to 5.7.24/8.0.13 Privileges denial of service
10055| [129645] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication denial of service
10056| [129644] Oracle MySQL Server up to 5.7.24/8.0.13 Partition denial of service
10057| [129643] Oracle MySQL Server up to 8.0.13 Optimizer denial of service
10058| [129642] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
10059| [129641] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
10060| [129640] Oracle MySQL Server up to 5.7.24/8.0.13 Optimizer denial of service
10061| [129639] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 DDL denial of service
10062| [129638] Oracle MySQL Server up to 8.0.13 DDL denial of service
10063| [129637] Oracle MySQL Server up to 8.0.13 DDL denial of service
10064| [129636] Oracle MySQL Server up to 8.0.13 Connection denial of service
10065| [129635] Oracle MySQL Server up to 5.7.24/8.0.13 InnoDB denial of service
10066| [129634] Oracle MySQL Server up to 8.0.13 InnoDB denial of service
10067| [129631] Oracle MySQL Server up to 8.0.13 Replication denial of service
10068| [129630] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Connection Handling denial of service
10069| [129629] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Parser denial of service
10070| [129628] Oracle MySQL Server up to 5.7.24/8.0.13 Parser denial of service
10071| [129627] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 PS denial of service
10072| [129626] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Optimizer denial of service
10073| [129625] Oracle MySQL Server up to 8.0.13 Privileges unknown vulnerability
10074| [129624] Oracle MySQL Server up to 5.6.42/5.7.24/8.0.13 Replication unknown vulnerability
10075| [129623] Oracle MySQL Workbench up to 8.0.13 OpenSSL denial of service
10076| [129622] Oracle MySQL Connectors up to 2.1.8/8.0.13 Connector/Python unknown vulnerability
10077| [129621] Oracle MySQL Workbench up to 8.0.13 unknown vulnerability
10078| [127905] Open Dental up to 18.3 MySQL Database Default Credentials weak authentication
10079| [127404] Drobo 5N2 NAS 4.0.5-13.28.96115 MySQL API Error Page cross site scripting
10080| [127403] Drobo 5N2 NAS 4.0.5-13.28.96115 /mysql/api/droboapp/data information disclosure
10081| [127400] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/logfile.php Parameter information disclosure
10082| [127396] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/drobo.php information disclosure
10083| [127395] Drobo 5N2 NAS 4.0.5-13.28.96115 Access Control /mysql/api/diags.php Parameter information disclosure
10084| [127350] Dell OpenManage Network Manager up to 6.4.x MySQL privilege escalation
10085| [126982] LAOBANCMS 2.0 install/mysql_hy.php directory traversal
10086| [126687] LAOBANCMS 2.0 mysql_hy.php privilege escalation
10087| [125937] mysql-binuuid-rails up to 1.1.0 Database Column sql injection
10088| [125825] ThinkPHP 3.2.4 Mysql.class.php parseKey Parameter sql injection
10089| [125568] Oracle MySQL Server up to 8.0.12 Privileges unknown vulnerability
10090| [125567] Oracle MySQL Server up to 5.7.23/8.0.12 Logging denial of service
10091| [125566] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
10092| [125565] Oracle MySQL Server up to 8.0.12 Windows denial of service
10093| [125564] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Storage Engines denial of service
10094| [125563] Oracle MySQL Server up to 8.0.12 Roles denial of service
10095| [125562] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 RBR denial of service
10096| [125561] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
10097| [125560] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
10098| [125559] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Memcached denial of service
10099| [125558] Oracle MySQL Server up to 8.0.12 JSON denial of service
10100| [125557] Oracle MySQL Server up to 8.0.12 Information Schema denial of service
10101| [125556] Oracle MySQL Server up to 8.0.12 DDL denial of service
10102| [125555] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
10103| [125554] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
10104| [125553] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
10105| [125552] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
10106| [125551] Oracle MySQL Server up to 5.7.23/8.0.12 Partition denial of service
10107| [125549] Oracle MySQL Server up to 5.7.23/8.0.12 Optimizer denial of service
10108| [125548] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 Merge denial of service
10109| [125547] Oracle MySQL Server up to 8.0.12 DDL denial of service
10110| [125546] Oracle MySQL Server up to 5.7.23/8.0.12 InnoDB denial of service
10111| [125545] Oracle MySQL Server up to 5.7.23/8.0.12 Audit denial of service
10112| [125544] Oracle MySQL Server up to 8.0.12 Parser denial of service
10113| [125543] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 Parser denial of service
10114| [125542] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
10115| [125541] Oracle MySQL Server up to 8.0.12 Optimizer denial of service
10116| [125540] Oracle MySQL Server up to 8.0.12 DML denial of service
10117| [125539] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
10118| [125538] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
10119| [125537] Oracle MySQL Server up to 5.6.41/5.7.23/8.0.12 InnoDB denial of service
10120| [125536] Oracle MySQL Server up to 5.7.23/8.0.12 Parser denial of service
10121| [125535] Oracle MySQL Server up to 5.5.61/5.6.41/5.7.23/8.0.12 InnoDB unknown vulnerability
10122| [125534] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
10123| [125533] Oracle MySQL Connectors up to 8.0.12 Connector/J unknown vulnerability
10124| [125532] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
10125| [125531] Oracle MySQL Enterprise Monitor up to 3.4.9.4237/4.0.6.5281/8.0.2.8191 Monitoring unknown vulnerability
10126| [125415] Oracle Enterprise Manager for MySQL Database 13.2 EM Plugin unknown vulnerability
10127| [122549] PHP up to 7.1.5 mysqli_real_escape_string memory corruption
10128| [122201] mysql_user Module up to 2.2.0 on Ansible Password Change weak authentication
10129| [121802] Oracle MySQL Server up to 8.0.11 DDL unknown vulnerability
10130| [121800] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Encryption weak encryption
10131| [121799] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Options unknown vulnerability
10132| [121798] Oracle MySQL Workbench up to 6.3.10 Encryption weak encryption
10133| [121797] Oracle MySQL Server up to 5.7.22/8.0.11 Privileges unknown vulnerability
10134| [121796] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 MyISAM information disclosure
10135| [121795] Oracle MySQL Server up to 8.0.11 Privileges denial of service
10136| [121794] Oracle MySQL Server up to 5.5.60 Privileges denial of service
10137| [121793] Oracle MySQL Server up to 8.0.11 Replication denial of service
10138| [121792] Oracle MySQL Server up to 5.7.22 DML denial of service
10139| [121791] Oracle MySQL Server up to 8.0.11 DDL denial of service
10140| [121790] Oracle MySQL Server up to 8.0.11 DDL denial of service
10141| [121789] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
10142| [121788] Oracle MySQL Server up to 5.7.22/8.0.11 DDL denial of service
10143| [121787] Oracle MySQL Server up to 8.0.11 InnoDB denial of service
10144| [121786] Oracle MySQL Server up to 5.7.22 Audit Log denial of service
10145| [121785] Oracle MySQL Client up to 5.5.60/5.6.40/5.7.22/8.0.11 Client Programs denial of service
10146| [121784] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Memcached denial of service
10147| [121783] Oracle MySQL Server up to 8.0.11 Roles denial of service
10148| [121782] Oracle MySQL Workbench up to 8.0.11 denial of service
10149| [121781] Oracle MySQL Server up to 8.0.11 Optimizer denial of service
10150| [121780] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 Installing denial of service
10151| [121779] Oracle MySQL Server up to 5.7.22/8.0.11 DML denial of service
10152| [121778] Oracle MySQL Server up to 5.7.22/8.0.11 InnoDB denial of service
10153| [121777] Oracle MySQL Server up to 5.5.60/5.6.40/5.7.22 Client mysqldump denial of service
10154| [121776] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Monitoring denial of service
10155| [121775] Oracle MySQL Connectors up to 5.3.10/8.0.11 Connector/ODBC denial of service
10156| [121774] Oracle MySQL Server up to 5.6.40/5.7.22/8.0.11 InnoDB denial of service
10157| [121773] Oracle MySQL Workbench up to 8.0.11 unknown vulnerability
10158| [121772] Oracle MySQL Enterprise Monitor up to 3.4.7.4297/4.0.4.5235/8.0.0.8131 Service Manager unknown vulnerability
10159| [121613] Oracle Enterprise Manager for MySQL Database up to 13.2.2.0.0 EM Plugin unknown vulnerability
10160| [120277] query-mysql 0.0.0/0.0.1/0.0.2 on Node.js sql injection
10161| [118340] mysqljs on Node.js Backdoor privilege escalation
10162| [118305] MySQL Module up to v2.0.0-alpha7 on Node.js mysql.escape sql injection
10163| [117517] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd send_arp MMM Protocol Message command injection
10164| [117516] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd clear_ip MMM Protocol Message command injection
10165| [117515] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd clear_ip MMM Protocol Message command injection
10166| [117514] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd clear_ip MMM Protocol Message command injection
10167| [117513] MySQL Multi-Master Replication Manager 2.2.1 on FreeBSD mmm_agentd add_ip MMM Protocol Message command injection
10168| [117512] MySQL Multi-Master Replication Manager 2.2.1 on Solaris mmm_agentd add_ip MMM Protocol Message command injection
10169| [117511] MySQL Multi-Master Replication Manager 2.2.1 on Linux mmm_agentd add_ip MMM Protocol Message command injection
10170| [117510] MySQL Multi-Master Replication Manager 2.2.1 mmm_agentd _execute MMM Protocol Message command injection
10171| [117387] CSP MySQL User Manager 2.3.1 Username sql injection
10172| [116762] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL information disclosure
10173| [116761] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Locking denial of service
10174| [116759] Oracle MySQL Server up to 5.7.21 Group Replication GCS denial of service
10175| [116758] Oracle MySQL Server up to 5.7.21 Pluggable Auth denial of service
10176| [116757] Oracle MySQL Server up to 5.7.21 Performance Schema denial of service
10177| [116756] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
10178| [116755] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Optimizer denial of service
10179| [116754] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
10180| [116753] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
10181| [116752] Oracle MySQL Server up to 5.7.21 DML denial of service
10182| [116751] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Privileges denial of service
10183| [116750] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
10184| [116749] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
10185| [116748] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
10186| [116747] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
10187| [116745] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
10188| [116744] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
10189| [116743] Oracle MySQL Server up to 5.7.21 InnoDB denial of service
10190| [116742] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 Client programs denial of service
10191| [116741] Oracle MySQL Enterprise Monitor up to 3.3.7.3306/3.4.5.4248/4.0.2.5168 Monitoring: Agent (OpenSSL) information disclosure
10192| [116740] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
10193| [116739] Oracle MySQL Server up to 5.7.21 Optimizer denial of service
10194| [116738] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 DDL denial of service
10195| [116737] Oracle MySQL Server up to 5.6.39/5.7.21 Privileges denial of service
10196| [116736] Oracle MySQL Server up to 5.5.59/5.6.39/5.7.21 InnoDB denial of service
10197| [116735] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
10198| [116734] Oracle MySQL Server up to 5.6.39/5.7.21 InnoDB denial of service
10199| [116733] Oracle MySQL Server up to 5.6.39 GIS Extension denial of service
10200| [116622] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Apache Tomcat) unknown vulnerability
10201| [116620] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General (Spring Framework) unknown vulnerability
10202| [116619] Oracle Enterprise Manager for MySQL Database 12.1.0.4 EM Plugin: General unknown vulnerability
10203| [115836] Juniper Junos Space up to 13.3R1.7 MySQL Server Default Credentials weak authentication
10204| [115216] MySQL for PCF Tiles up to 1.7.9 AWS Access Key privilege escalation
10205| [114055] Couch up to 2.0 mysql2i.func.php Request information disclosure
10206| [112112] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema information disclosure
10207| [112111] Oracle MySQL Server up to 5.6.38/5.7.20 Performance Schema denial of service
10208| [112110] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
10209| [112109] Oracle MySQL Server up to 5.7.20 Optimizer denial of service
10210| [112108] Oracle MySQL Server up to 5.7.20 InnoDB denial of service
10211| [112107] Oracle MySQL Server up to 5.7.20 DML denial of service
10212| [112106] Oracle MySQL Server up to 5.7.20 DML denial of service
10213| [112105] Oracle MySQL Server up to 5.7.20 DML denial of service
10214| [112104] Oracle MySQL Server up to 5.6.38/5.7.19 Partition denial of service
10215| [112103] Oracle MySQL Server up to 5.6.38/5.7.20 Replication denial of service
10216| [112102] Oracle MySQL Server up to 5.6.38/5.7.20 Packaging information disclosure
10217| [112101] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring information disclosure
10218| [112100] Oracle MySQL Connectors up to 5.3.9 ODBC Connector information disclosure
10219| [112099] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
10220| [112098] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
10221| [112097] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 Optimizer denial of service
10222| [112096] Oracle MySQL Server up to 5.6.38/5.7.20 GIS denial of service
10223| [112095] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.20 DDL denial of service
10224| [112094] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
10225| [112093] Oracle MySQL Server up to 5.6.38/5.7.20 InnoDB denial of service
10226| [112092] Oracle MySQL Server up to 5.6.38/5.7.20 Stored Procedure denial of service
10227| [112091] Oracle MySQL Server up to 5.5.58/5.6.38/5.7.19 Partition denial of service
10228| [112090] Oracle MySQL Server up to 5.6.38/5.7.20 Privileges denial of service
10229| [112089] Oracle MySQL Connectors up to 6.9.9/6.10.4 Connector/Net denial of service
10230| [112088] Oracle MySQL Enterprise Monitor up to 3.3.6.3293/3.4.4.4226/4.0.0.5135 Monitoring privilege escalation
10231| [110974] puppetlabs-mysql up to 3.6.0 Parameter weak authentication
10232| [108192] Oracle MySQL Server up to 5.7.18 InnoDB denial of service
10233| [108190] Oracle MySQL Server up to 5.6.37/5.7.19 InnoDB denial of service
10234| [108189] Oracle MySQL Server up to 5.7.18 Stored Procedure denial of service
10235| [108188] Oracle MySQL Server up to 5.7.19 Replication denial of service
10236| [108187] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
10237| [108186] Oracle MySQL Server up to 5.6.36/5.7.18 Optimizer denial of service
10238| [108185] Oracle MySQL Server up to 5.6.37/5.7.19 Optimizer denial of service
10239| [108184] Oracle MySQL Server up to 5.6.37/5.7.19 Memcached denial of service
10240| [108183] Oracle MySQL Server up to 5.7.19 InnoDB denial of service
10241| [108182] Oracle MySQL Server up to 5.7.19 FTS denial of service
10242| [108181] Oracle MySQL Server up to 5.7.18 DML denial of service
10243| [108180] Oracle MySQL Server up to 5.7.19 Group Replication GCS denial of service
10244| [108179] Oracle MySQL Server up to 5.6.37/5.7.19 Performance Schema denial of service
10245| [108178] Oracle MySQL Connectors up to 6.9.9 Connector/Net denial of service
10246| [108177] Oracle MySQL Connectors up to 6.9.9 Connector/Net unknown vulnerability
10247| [108176] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.11 Optimizer denial of service
10248| [108175] Oracle MySQL Server up to 5.7.19 Optimizer denial of service
10249| [108174] Oracle MySQL Server up to 5.6.37/5.7.19 FTS denial of service
10250| [108173] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 DDL denial of service
10251| [108172] Oracle MySQL Server up to 5.5.57/5.6.37/5.7.19 Client programs information disclosure
10252| [108171] Oracle MySQL Server up to 5.6.35/5.7.18 OpenSSL denial of service
10253| [108170] Oracle MySQL Server up to 5.6.37/5.7.19 Pluggable Auth denial of service
10254| [108169] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Apache Tomcat unknown vulnerability
10255| [108168] Oracle MySQL Enterprise Monitor up to 3.2.8.2223/3.3.4.3247/3.4.2.4181 Web unknown vulnerability
10256| [104089] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
10257| [104088] Oracle MySQL Server up to 5.7.18 C API information disclosure
10258| [104087] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DDL unknown vulnerability
10259| [104086] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Client mysqldump unknown vulnerability
10260| [104085] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
10261| [104084] Oracle MySQL Server up to 5.6.36/5.7.18 Replication denial of service
10262| [104083] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 Charsets denial of service
10263| [104082] Oracle MySQL Cluster up to 7.3.5 CLSTCONF memory corruption
10264| [104081] Oracle MySQL Server up to 5.7.16 X Plugin denial of service
10265| [104080] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
10266| [104079] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
10267| [104078] Oracle MySQL Server up to 5.7.18 Optimizer denial of service
10268| [104077] Oracle MySQL Server up to 5.7.18 DML denial of service
10269| [104076] Oracle MySQL Server up to 5.7.18 DML denial of service
10270| [104075] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 DML denial of service
10271| [104074] Oracle MySQL Server up to 5.7.18 DML denial of service
10272| [104073] Oracle MySQL Server up to 5.7.18 DML denial of service
10273| [104072] Oracle MySQL Server up to 5.7.18 X Plugin denial of service
10274| [104071] Oracle MySQL Server up to 5.7.18 UDF denial of service
10275| [104069] Oracle MySQL Server up to 5.5.56/5.6.36/5.7.18 C API denial of service
10276| [104068] Oracle MySQL Connectors up to 6.1.10 Connector/C denial of service
10277| [104067] Oracle MySQL Server up to 5.6.35/5.7.17 OpenSSL unknown vulnerability
10278| [104066] Oracle MySQL Connectors up to 5.3.7 OpenSSL unknown vulnerability
10279| [104065] Oracle MySQL Connectors up to 6.1.9 OpenSSL unknown vulnerability
10280| [104064] Oracle MySQL Server up to 5.6.36/5.7.18 DML denial of service
10281| [104063] Oracle MySQL Server up to 5.6.36/5.7.18 Memcached denial of service
10282| [104062] Oracle MySQL Enterprise Monitor up to 3.3.3.1199 Apache Tomcat unknown vulnerability
10283| [104061] Oracle MySQL Enterprise Monitor up to 3.2.7.1204/3.3.3.1199 Apache Tomcat unknown vulnerability
10284| [104060] Oracle MySQL Enterprise Monitor up to 3.1.5.7958/3.2.5.1141/3.3.2.1162 Apache Struts 2 unknown vulnerability
10285| [103583] phpMyAdmin 4.0/4.4/4.6 MySQL Database Connection privilege escalation
10286| [103578] MySQL Dumper 1.24 Stored cross site scripting
10287| [102980] DBD::mysql Module up to 4.043 on Perl SSL weak encryption
10288| [102979] DBD::mysql Module up to 4.043 on Perl Error Use-After-Free memory corruption
10289| [102618] KBVault Mysql Free Knowledge Base 0.16a File Upload Explorer.aspx privilege escalation
10290| [100915] Accellion FTA communication_p2p.php mysql_real_escape_string sql injection
10291| [100543] Oracle MySQL up to 5.1.40 Connector/J privilege escalation
10292| [100232] Oracle MySQL Server up to 5.7.17 Encryption weak encryption
10293| [100231] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring denial of service
10294| [100228] Oracle MySQL Workbench up to 6.3.8 Encryption information disclosure
10295| [100227] Oracle MySQL Server up to 5.7.17 C API information disclosure
10296| [100226] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
10297| [100225] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DDL unknown vulnerability
10298| [100224] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
10299| [100223] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
10300| [100222] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Privileges denial of service
10301| [100221] Oracle MySQL Server up to 5.7.17 Optimizer denial of service
10302| [100220] Oracle MySQL Server up to 5.7.17 DML denial of service
10303| [100219] Oracle MySQL Server up to 5.7.17 DML denial of service
10304| [100218] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
10305| [100217] Oracle MySQL Server up to 5.7.17 Audit Plug-in denial of service
10306| [100215] Oracle MySQL Server up to 5.5.54/5.6.35 C API information disclosure
10307| [100214] Oracle MySQL Server up to 5.7.17 Privileges unknown vulnerability
10308| [100213] Oracle MySQL Cluster up to 7.2.27/7.3.16/7.4.14/7.5.5 DD denial of service
10309| [100212] Oracle MySQL Server up to 5.7.17 InnoDB denial of service
10310| [100211] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 OpenSSL information disclosure
10311| [100210] Oracle MySQL Enterprise Backup up to 3.12.3/4.0.3 ENTRBACK information disclosure
10312| [100209] Oracle MySQL Connectors up to 5.1.41 Connector/J unknown vulnerability
10313| [100208] Oracle MySQL Server up to 5.6.35 Optimizer denial of service
10314| [100207] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
10315| [100206] Oracle MySQL Server up to 5.7.17 DML denial of service
10316| [100205] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Apache Commons FileUpload denial of service
10317| [100204] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Client mysqldump unknown vulnerability
10318| [100203] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Thread Pooling denial of service
10319| [100202] Oracle MySQL Server up to 5.6.35/5.7.17 Pluggable Auth Integer denial of service
10320| [100201] Oracle MySQL Server up to 5.6.35/5.7.17 Memcached denial of service
10321| [100200] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 Optimizer denial of service
10322| [100199] Oracle MySQL Server up to 5.5.54/5.6.35/5.7.17 DML denial of service
10323| [100198] Oracle MySQL Workbench up to 6.3.7 OpenSSL memory corruption
10324| [100197] Oracle MySQL Enterprise Backup up to 3.12.2/4.0.1 ENTRBACK memory corruption
10325| [100196] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Monitoring: Server denial of service
10326| [100195] Oracle MySQL Workbench up to 6.3.8 OpenSSL denial of service
10327| [100194] Oracle MySQL Enterprise Monitor up to 3.1.6.8003/3.2.1182/3.3.2.1162 Struts 2 privilege escalation
10328| [99815] ATutor 2.2.1 mysql_connect.inc.php searchFriends sql injection
10329| [97041] MySQL DBD::mysql up to 4.38 denial of service
10330| [96814] MariaDB up to 5.5.54/10.0.29/10.1.21/10.2.3 libmysqlclient.so denial of service
10331| [96808] Oracle MySQL up to 5.6.21/5.7.4 libmysqlclient.so denial of service
10332| [95832] Zabbix up to 2.0.17/2.2.12/3.0.2 Configuration Script userparameter_mysql.conf) privilege escalation
10333| [95730] Oracle MySQL Server up to 5.7.16 Encryption weak encryption
10334| [95729] Oracle MySQL Server up to 5.7.16 X Plugin unknown vulnerability
10335| [95728] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service
10336| [95727] Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 denial of service
10337| [95726] Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 denial of service
10338| [95723] Oracle MySQL Server 5.6.34/5.7.16 Replication denial of service
10339| [95722] Oracle MySQL Server up to 5.5.53 Charsets denial of service
10340| [95720] Oracle MySQL Cluster 7.2.26/7.3.14/7.4.12 NDBAPI denial of service
10341| [95719] Oracle MySQL Server up to 5.7.16 Optimizer denial of service
10342| [95716] Oracle MySQL Server up to 5.7.16 Replication denial of service
10343| [95715] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Optimizer denial of service
10344| [95714] Oracle MySQL Server 5.6.34 5.7.16 InnoDB denial of service
10345| [95713] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DML denial of service
10346| [95712] Oracle MySQL Server 5.6.34/5.7.16 DDL denial of service
10347| [95711] Oracle MySQL Server 5.5.53/5.6.34/5.7.16 DDL denial of service
10348| [95709] Oracle MySQL Server 5.6.34/5.7.16 Encryption denial of service
10349| [95708] Oracle MySQL Enterprise Monitor 3.1.3.7856 Monitoring Agent memory corruption
10350| [95707] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.4.1102/3.3.0.1098 Monitoring denial of service
10351| [95706] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring memory corruption
10352| [95705] Oracle MySQL Enterprise Monitor 3.1.5.7958/3.2.1.1049, Monitoring privilege escalation
10353| [95704] Oracle MySQL Enterprise Monitor 3.1.4.7895/3.2.1.1049 Monitoring unknown vulnerability
10354| [93866] DBD-mysql up to 3.x/4.040 on Perl Use-After-Free memory corruption
10355| [92923] Oracle MySQL Server up to 5.6.33/5.7.15 Encryption denial of service
10356| [92911] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL weak encryption
10357| [92900] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Optimizer denial of service
10358| [92899] Oracle MySQL Server up to 5.6.31/5.7.13 InnoDB denial of service
10359| [92898] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 GIS denial of service
10360| [92897] Oracle MySQL Server up to 5.5.51 DML denial of service
10361| [92896] Oracle MySQL Server up to 5.5.50/5.6.31/5.7.13 DML denial of service
10362| [92895] Oracle MySQL Server up to 5.6.31 5.7.13 DML denial of service
10363| [92874] Oracle MySQL Connector up to 2.1.3/2.0.4 Connector/Python unknown vulnerability
10364| [92850] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10365| [92835] Oracle MySQL Server up to 5.7.13 Audit denial of service
10366| [92834] Oracle MySQL Server up to 5.7.13 RBR denial of service
10367| [92833] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
10368| [92832] Oracle MySQL Server up to 5.7.14 Optimizer denial of service
10369| [92831] Oracle MySQL Server up to 5.7.13 Memcached denial of service
10370| [92830] Oracle MySQL Server up to 5.6.32/5.7.14 InnoDB denial of service
10371| [92829] Oracle MySQL Server up to 5.6.31 5.7.13 InnoDB denial of service
10372| [92828] Oracle MySQL Server up to 5.7.13 InnoDB denial of service
10373| [92827] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Federated denial of service
10374| [92826] Oracle MySQL Server up to 5.7.13 DML denial of service
10375| [92821] Oracle MySQL Server up to 5.7.13 Replication denial of service
10376| [92820] Oracle MySQL Server up to 5.7.13 Performance Schema denial of service
10377| [92819] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10378| [92818] Oracle MySQL Server up to 5.5.52/5.6.33/5.7.15 Encryption information disclosure
10379| [92817] Oracle MySQL Server up to 5.5.51/5.6.32/5.7.14 Types denial of service
10380| [92815] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10381| [92814] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10382| [92813] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10383| [92798] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10384| [92797] Oracle Communications Policy Management up to 9.7.3/9.9.1/10.4.1/12.1.1 MySQL denial of service
10385| [92790] Oracle MySQL Server up to 5.7.14 Privileges information disclosure
10386| [92789] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB Plugin unknown vulnerability
10387| [92292] libdbd-mysql-perl 4.028 Error Message denial of service
10388| [91920] Open Dental up to 16.1 MySQL Server Default Credentials weak authentication
10389| [91625] PHP up to 5.6.25/7.0.10 mysqlnd Heap-based memory corruption
10390| [91505] Oracle MySQL up to 5.5.52/5.6.33/5.7.15 Logging my.cnf privilege escalation
10391| [90877] DBD::mysql up to 4.033 my_login memory corruption
10392| [90876] DBD::mysql up to 4.028 Use-After-Free memory corruption
10393| [90137] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.10 Encryption information disclosure
10394| [90136] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection information disclosure
10395| [90134] Oracle MySQL Server up to 5.7.12 Encryption denial of service
10396| [90133] Oracle MySQL Server up to 5.7.12 Replication denial of service
10397| [90132] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 RBR denial of service
10398| [90131] Oracle MySQL Server up to 5.6.30/5.7.12 Privileges denial of service
10399| [90130] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
10400| [90129] Oracle MySQL Server up to 5.7.12 Log denial of service
10401| [90128] Oracle MySQL Server up to 5.6.30/5.7.12 InnoDB denial of service
10402| [90127] Oracle MySQL Server up to 5.7.12 InnoDB denial of service
10403| [90126] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
10404| [90125] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 DML denial of service
10405| [90124] Oracle MySQL Server up to 5.7.12 InnoDB memory corruption
10406| [90123] Oracle MySQL Server up to 5.5.49/5.6.30/5.7.12 Types denial of service
10407| [90122] Oracle MySQL Server up to 5.7.12 Optimizer denial of service
10408| [90121] Oracle MySQL Server up to 5.6.30/5.7.12 Optimizer denial of service
10409| [90120] Oracle MySQL Server up to 5.6.30/5.7.12 FTS denial of service
10410| [90118] Oracle MySQL Server up to 5.6.30/5.7.12 Encryption denial of service
10411| [90117] Oracle MySQL Server up to 5.7.11 Optimizer denial of service
10412| [87408] PHP up to 5.4.42/5.5.26/5.6.10 SSL ext/mysqlnd/mysqlnd.c weak encryption
10413| [82687] Oracle MySQL Server up to 5.5.48/5.6.29/5.7.11 Connection Handling spoofing
10414| [82685] Oracle MySQL Enterprise Monitor up to 3.0.25/3.1.2 Monitoring unknown vulnerability
10415| [82684] Oracle MySQL Server up to 5.6.28/5.7.10 Encryption denial of service
10416| [82683] Oracle MySQL Server up to 5.6.29/5.7.11 Pluggable Authentication unknown vulnerability
10417| [82682] Oracle MySQL Server up to 5.6.29/5.7.11 Packaging memory corruption
10418| [80605] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Privileges denial of service
10419| [80604] Oracle MySQL Server up to 5.6.26 denial of service
10420| [80603] Oracle MySQL Server up to 5.5.45/5.6.26 Encryption information disclosure
10421| [80602] Oracle MySQL Server up to 5.6.27/5.7.9 Replication denial of service
10422| [80601] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 UDF denial of service
10423| [80600] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Encryption weak encryption
10424| [80599] Oracle MySQL Server 5.7.9 Partition denial of service
10425| [80598] Oracle MySQL Server 5.7.9 Optimizer denial of service
10426| [80597] Oracle MySQL Server up to 5.6.27 InnoDB denial of service
10427| [80596] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 InnoDB denial of service
10428| [80595] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 DML denial of service
10429| [80594] Oracle MySQL Server up to 5.5.46 Optimizer denial of service
10430| [80593] Oracle MySQL Server up to 5.6.27/5.7.9 Optimizer denial of service
10431| [80592] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Optimizer denial of service
10432| [80591] Oracle MySQL Server up to 5.5.31/5.6.11 Optimizer denial of service
10433| [80590] Oracle MySQL Server up to 5.5.46/5.6.27 DML denial of service
10434| [80589] Oracle MySQL Server up to 5.6.27/5.7.9 DML denial of service
10435| [80588] Oracle MySQL Server up to 5.6.27 DML denial of service
10436| [80587] Oracle MySQL Server up to 5.6.21 DML denial of service
10437| [80586] Oracle MySQL Server up to 5.5.46/5.6.27/5.7.9 Options unknown vulnerability
10438| [80585] Oracle MySQL Server up to 5.6.27/5.7.9 DML memory corruption
10439| [80184] Rename Plugin 1.0 on WordPress mysqldump_download.php directory traversal
10440| [78705] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
10441| [78703] Oracle MySQL Server up to 5.6.26 Memcached denial of service
10442| [78702] Oracle MySQL Server up to 5.5.45/5.6.26 SP denial of service
10443| [78701] Oracle MySQL Server up to 5.5.43/5.6.24 Privileges information disclosure
10444| [78700] Oracle MySQL Server up to 5.6.26 Privileges denial of service
10445| [78699] Oracle MySQL Server up to 5.6.26 Replication denial of service
10446| [78698] Oracle MySQL Server up to 5.5.45/5.6.26 Query Cache denial of service
10447| [78697] Oracle MySQL Server up to 5.5.45/5.6.26 InnoDB denial of service
10448| [78696] Oracle MySQL Server up to 5.6.25 InnoDB denial of service
10449| [78695] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
10450| [78694] Oracle MySQL Server up to 5.6.25 libmysqld denial of service
10451| [78693] Oracle MySQL Server up to 5.5.45/5.6.26 Types unknown vulnerability
10452| [78692] Oracle MySQL Server up to 5.6.20 Types denial of service
10453| [78691] Oracle MySQL Server up to 5.5.45/5.6.26 Privileges unknown vulnerability
10454| [78690] Oracle MySQL Server up to 5.6.25 Partition denial of service
10455| [78689] Oracle MySQL Server up to 5.5.45/5.6.26 Partition denial of service
10456| [78688] Oracle MySQL Server up to 5.5.45/5.6.26 Parser denial of service
10457| [78687] Oracle MySQL Server up to 5.6.26 Optimizer denial of service
10458| [78686] Oracle MySQL Server up to 5.5.44 InnoDB denial of service
10459| [78685] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
10460| [78684] Oracle MySQL Server up to 5.6.26 DML denial of service
10461| [78683] Oracle MySQL Server up to 5.5.45/5.6.26 DML denial of service
10462| [78682] Oracle MySQL Server up to 5.6.23 DML denial of service
10463| [78681] Oracle MySQL Server up to 5.5.45/5.6.26 DDL denial of service
10464| [78680] Oracle MySQL Server up to 5.5.44/5.6.25 DML unknown vulnerability
10465| [78679] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.20 C-Agent / Service Manager denial of service
10466| [78678] Oracle MySQL Server up to 5.6.25 Encryption spoofing
10467| [78676] Oracle MySQL Enterprise Monitor up to 2.3.20/3.0.22 C-Agent denial of service
10468| [77699] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site scripting
10469| [77698] JSP/MySQL Administrador Web 1 sys/sys/listaBD2.jsp cross site request forgery
10470| [76704] Oracle MySQL Server up to 5.6.24 Partition denial of service
10471| [76703] Oracle MySQL Server up to 5.6.24 RBR denial of service
10472| [76701] Oracle MySQL Server up to 5.6.24 Firewall denial of service
10473| [76699] Oracle MySQL Server up to 5.6.24 Firewall denial of service
10474| [76695] Oracle MySQL Server up to 5.6.24 MemCached denial of service
10475| [76691] Oracle MySQL Server up to 5.5.42 Optimizer denial of service
10476| [76690] Oracle MySQL Server up to 5.6.22 InnoDB denial of service
10477| [76686] Oracle MySQL Server up to 5.5.43/5.6.24 denial of service
10478| [76671] Oracle MySQL Server up to 5.5.43/5.6.23 Pluggable Auth information disclosure
10479| [76634] Oracle MySQL Server up to 5.5.43/5.6.24 DML denial of service
10480| [76629] Oracle MySQL Server up to 5.5.43/5.6.24 Optimizer denial of service
10481| [76628] Oracle MySQL Server up to 5.6.24 denial of service
10482| [76626] Oracle MySQL Server up to 5.6.24 Firewall information disclosure
10483| [76608] Oracle MySQL Server up to 5.5.43/5.6.23 information disclosure
10484| [76605] Oracle MySQL Server up to 5.6.24 Partition information disclosure
10485| [76599] Oracle MySQL Server up to 5.6.24 DML information disclosure
10486| [76571] Oracle MySQL Server up to 5.5.43/5.6.24 GIS denial of service
10487| [76081] MySQL Lite Administrator Beta-1 tabella.php cross site scripting
10488| [75579] lighttpd 1.4.35 Log File mod_mysql_vhost.c privilege escalation
10489| [75159] Oracle MySQL up to 5.7.2 SSL Client weak encryption
10490| [74969] Oracle MySQL Server up to 5.6.23 Replication denial of service
10491| [74967] Oracle MySQL Server up to 5.6.23 SP denial of service
10492| [74966] Oracle MySQL Server up to 5.6.22 DML weak encryption
10493| [74965] Oracle MySQL Server up to 5.6.23 Privileges denial of service
10494| [74964] Oracle MySQL Server up to 5.6.23 Memcached denial of service
10495| [74963] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
10496| [74962] Oracle MySQL Server up to 5.5.42/5.6.23 Federated unknown vulnerability
10497| [74961] Oracle MySQL Server up to 5.5.42/5.6.23 DDL unknown vulnerability
10498| [74960] Oracle MySQL Server up to 5.6.22 XA weak encryption
10499| [74959] Oracle MySQL Server up to 5.5.41/5.6.22 Encryption weak encryption
10500| [74958] Oracle MySQL Server up to 5.6.23 Partition denial of service
10501| [74957] Oracle MySQL Server up to 5.6.22 Partition weak encryption
10502| [74956] Oracle MySQL Server up to 5.5.42/5.6.23 Optimizer unknown vulnerability
10503| [74955] Oracle MySQL Server up to 5.6.22 Optimizer weak encryption
10504| [74954] Oracle MySQL Server up to 5.5.41/5.6.22 DML unknown vulnerability
10505| [74953] Oracle MySQL Server up to 5.6.23 InnoDB denial of service
10506| [74952] Oracle MySQL Server up to 5.6.22 InnoDB weak encryption
10507| [74951] Oracle MySQL Server up to 5.6.23 Information Schema denial of service
10508| [74950] Oracle MySQL Server up to 5.5.41/5.6.22 DDL unknown vulnerability
10509| [74949] Oracle MySQL Connectors up to 5.1.34 Connector/J unknown vulnerability
10510| [74948] Oracle MySQL Server up to 5.5.41/5.6.22 Privileges unknown vulnerability
10511| [74947] Oracle MySQL Server up to 5.6.22 Encryption s23_srvr.c ssl23_get_client_hello denial of service
10512| [74946] Oracle MySQL Server up to 5.5.42/5.6.23 Compiling unknown vulnerability
10513| [74945] Oracle MySQL Enterprise Monitor up to 2.3.19/3.0.18 Service Manager s:token/ cross site request forgery
10514| [74944] Oracle MySQL Enterprise Monitor up to 2.3.16/3.0.10 Service Manager memory corruption
10515| [68810] Oracle MySQL Server up to 5.5.40/5.6.21 Foreign Key information disclosure
10516| [68809] Oracle MySQL Server up to 5.6.21 Pluggable Auth denial of service
10517| [68808] Oracle MySQL Server up to 5.5.40/5.6.21 DML denial of service
10518| [68807] Oracle MySQL Server up to 5.6.21 Optimizer denial of service
10519| [68806] Oracle MySQL Server up to 5.5.40 Foreign Key denial of service
10520| [68805] Oracle MySQL Server up to 5.5.38/5.6.19 DDL denial of service
10521| [68804] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
10522| [68803] Oracle MySQL Server up to 5.5.40/5.6.21 Replication denial of service
10523| [68802] Oracle MySQL Server up to 5.5.40/5.6.21 Encryption weak encryption
10524| [67988] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
10525| [67987] Oracle MySQL Server up to 5.6.19 denial of service
10526| [67986] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
10527| [67985] Oracle MySQL Server up to 5.6.19 denial of service
10528| [67984] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
10529| [67983] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
10530| [67982] Oracle MySQL Server up to 5.5.38 denial of service
10531| [67981] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
10532| [67979] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
10533| [67978] Oracle MySQL Server up to 5.5.38/5.6.19 denial of service
10534| [67977] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
10535| [67976] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
10536| [67975] Oracle MySQL Server up to 5.5.39/5.6.20 information disclosure
10537| [67974] Oracle MySQL Server up to 5.5.38/5.6.19 Messages Stack-Based sql injection
10538| [67973] Oracle MySQL Server up to 5.6.19 unknown vulnerability
10539| [67972] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
10540| [67971] Oracle MySQL Server up to 5.5.38/5.6.19 unknown vulnerability
10541| [67970] Oracle MySQL Server up to 5.6.19 Messages NULL Pointer Dereference denial of service
10542| [67969] Oracle MySQL Server up to 5.5.39/5.6.20 directory traversal
10543| [67968] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
10544| [67967] Oracle MySQL Server up to 5.5.39/5.6.20 denial of service
10545| [67966] Oracle MySQL Server up to 5.5.39/5.6.20 unknown vulnerability
10546| [68555] McAfee Network Data Loss Prevention 9.2.0 MySQL Database weak authentication
10547| [67245] phpMyAdmin up to 4.2.5 MySQL User List server_user_groups.php privilege escalation
10548| [67166] Oracle MySQL Server up to 5.5.35/5.6.15 denial of service
10549| [67165] Oracle MySQL Server up to 5.6.17 denial of service
10550| [67163] Oracle MySQL Server up to 5.6.17 denial of service
10551| [67162] Oracle MySQL Server up to 5.5.37 denial of service
10552| [67161] Oracle MySQL Server up to 5.6.17 denial of service
10553| [67160] Oracle MySQL Server up to 5.5.37 denial of service
10554| [67159] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
10555| [67158] Oracle MySQL Server up to 5.5.37/5.6.17 unknown vulnerability
10556| [67157] Oracle MySQL Server up to 5.6.17 unknown vulnerability
10557| [13065] Django up to 1.7 MySQL Typecast privilege escalation
10558| [12983] Oracle MySQL Server up to 5.5.36/5.6.16 Options denial of service
10559| [12982] Oracle MySQL Server up to 5.5.35/5.6.15 Federated denial of service
10560| [12981] Oracle MySQL Server up to 5.5.35/5.6.15 Replication denial of service
10561| [12980] Oracle MySQL Server up to 5.6.15 Privileges denial of service
10562| [12979] Oracle MySQL Server up to 5.5.36/5.6.16 Performance Schema denial of service
10563| [12978] Oracle MySQL Server up to 5.5.35/5.6.15 XML denial of service
10564| [12977] Oracle MySQL Server up to 5.5.35/5.6.15 Partition denial of service
10565| [12976] Oracle MySQL Server up to 5.6.15 Optimizer denial of service
10566| [12975] Oracle MySQL Server up to 5.6.15 MyISAM denial of service
10567| [12974] Oracle MySQL Server up to 5.6.16 InnoDB denial of service
10568| [12973] Oracle MySQL Server up to 5.6.15 DML denial of service
10569| [12972] Oracle MySQL Client up to 5.5.36/5.6.16 unknown vulnerability
10570| [12971] Oracle MySQL Server up to 5.5.36/5.6.16 RBR unknown vulnerability
10571| [12970] Oracle MySQL Server up to 5.6.15 InnoDB unknown vulnerability
10572| [12613] lighttpd up to 1.4.34 MySQL Virtual Hosting Module mod_mysql_vhost.c sql injection
10573| [12135] Oracle MySQL client/mysql.cc Server Version memory corruption
10574| [66191] Cisco Video Surveillance Operations Manager MySQL Database denial of service
10575| [66079] CSP MySQL User Manager 2.3 Login Page sql injection
10576| [11948] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Error Handling Crash denial of service
10577| [11947] Oracle MySQL Server up to 5.5.34/5.6.14 Replication denial of service
10578| [11946] Oracle MySQL Server up to 5.6.13 Performance Schema Stored denial of service
10579| [11945] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 InnoDB memory corruption
10580| [11944] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Optimizer Crash denial of service
10581| [11943] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
10582| [11942] Oracle MySQL Server up to 5.6.13 FTS Stored denial of service
10583| [11941] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 Privileges Crash denial of service
10584| [11940] Oracle MySQL Server up to 5.5.33/5.6.13 Partition denial of service
10585| [11939] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Optimizer Crash denial of service
10586| [11938] Oracle MySQL Server up to 5.1.71/5.5.33/5.6.13 Locking Crash denial of service
10587| [11937] Oracle MySQL Server up to 5.1.72/5.5.34/5.6.14 InnoDB Crash denial of service
10588| [11936] Oracle MySQL Server up to 5.6.14 InnoDB Stored denial of service
10589| [11935] Oracle MySQL Server up to 5.6.13 InnoDB Stored denial of service
10590| [11934] Oracle MySQL Server up to 5.6.13 Thread Pooling Stored denial of service
10591| [11933] Oracle MySQL Server up to 5.6.13 Stored Procedure denial of service
10592| [11932] Oracle MySQL Server up to 5.6.14 GIS Stored denial of service
10593| [11931] Oracle MySQL Enterprise Monitor up to 2.3.14/3.0.4 Service Manager unknown vulnerability
10594| [10822] Oracle MySQL Server up to 5.6.12 Locking unknown vulnerability
10595| [10821] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
10596| [10820] Oracle MySQL Server up to 5.6.12 Optimizer unknown vulnerability
10597| [10819] Oracle MySQL Server up to 5.1.70/5.5.32/5.6.12 Optimizer memory corruption
10598| [10818] Oracle MySQL Server up to 5.1/5.5.22 Optimizer denial of service
10599| [10817] Oracle MySQL Server up to 5.6.12 InnoDB unknown vulnerability
10600| [10816] Oracle MySQL Server up to 5.5.32/5.6.12 Replication unknown vulnerability
10601| [10815] Oracle MySQL Enterprise Monitor up to 2.3.13 Service Manager privilege escalation
10602| [65143] MariaDB up to 5.5.28 MySQL privilege escalation
10603| [9672] Oracle MySQL Server up to 5.6.11 XA Transactions denial of service
10604| [9671] Oracle MySQL Server up to 5.5.31/5.6.11 Server Replication denial of service
10605| [9670] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
10606| [9669] Oracle MySQL Server up to 5.6.11 Server Privileges unknown vulnerability
10607| [9668] Oracle MySQL Server up to 5.5.30/5.6.10 Server Partition Stored unknown vulnerability
10608| [9667] Oracle MySQL Server up to 5.5.31 Server Parser denial of service
10609| [9666] Oracle MySQL Server up to 5.5.30/5.6.10 Server Options Stored unknown vulnerability
10610| [9665] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Options denial of service
10611| [9664] Oracle MySQL Server up to 5.6.11 Server Optimizer unknown vulnerability
10612| [9663] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Server Optimizer denial of service
10613| [9662] Oracle MySQL Server up to 5.5.30/5.6.10 Prepared Statement Stored unknown vulnerability
10614| [9661] Oracle MySQL Server up to 5.6.11 InnoDB denial of service
10615| [9660] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 Full Text Search denial of service
10616| [9659] Oracle MySQL Server up to 5.6.11 Data Manipulation Language unknown vulnerability
10617| [9658] Oracle MySQL Server up to 5.5.31/5.6.11 Data Manipulation Language denial of service
10618| [9657] Oracle MySQL Server up to 5.5.31/5.6.11 Audit Log information disclosure
10619| [9656] Oracle MySQL Server up to 5.6.11 MemCached unknown vulnerability
10620| [9655] Oracle MySQL Server up to 5.1.69/5.5.31/5.6.11 GIS Crash denial of service
10621| [64198] Wireshark up to 1.8.6 MySQL Dissector Integer denial of service
10622| [64010] Ruby on Rails 3.1.0 MySQL Database Stored unknown vulnerability
10623| [8418] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Server Locking unknown vulnerability
10624| [8416] Oracle MySQL Server up to 5.1.63 Server Types unknown vulnerability
10625| [8415] Oracle MySQL Server up to 5.6.10 Server Privileges denial of service
10626| [8414] Oracle MySQL Server up to 5.6.10 InnoDB denial of service
10627| [8413] Oracle MySQL Server up to 5.5.30/5.6.10 InnoDB unknown vulnerability
10628| [8412] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
10629| [8411] Oracle MySQL Server up to 5.5.30/5.6.10 Stored Procedure unknown vulnerability
10630| [8410] Oracle MySQL Server up to 5.1.67/5.5.29 Server XML denial of service
10631| [8409] Oracle MySQL Server up to 5.5.29 Server Replication denial of service
10632| [8408] Oracle MySQL Server up to 5.1.67/5.5.29 Server Partition unknown vulnerability
10633| [8407] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Optimizer unknown vulnerability
10634| [8406] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 InnoDB unknown vulnerability
10635| [8405] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Information Schema unknown vulnerability
10636| [8404] Oracle MySQL Server up to 5.5.29 Data Manipulation Language denial of service
10637| [8403] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Data Manipulation Language unknown vulnerability
10638| [8402] Oracle MySQL Server up to 5.5.29/5.6.10 Server Optimizer denial of service
10639| [8401] Oracle MySQL Server up to 5.6.10 MemCached denial of service
10640| [8400] Oracle MySQL Server up to 5.1.68/5.5.30/5.6.10 Server Privileges unknown vulnerability
10641| [8399] Oracle MySQL Server up to 5.1.66/5.5.28 Server Privileges unknown vulnerability
10642| [8398] Oracle MySQL Server up to 5.1.67/5.5.29 unknown vulnerability
10643| [8397] Oracle MySQL Server up to 5.1.67/5.5.29/5.6.10 Information Schema unknown vulnerability
10644| [8396] Oracle MySQL Server up to 5.1.67/5.5.29 Server Locking unknown vulnerability
10645| [8395] Oracle MySQL Server up to 5.6.10 Data Manipulation Language denial of service
10646| [10871] Oracle MySQL 5.3.12/5.5.30/10.0.1 MyISAM Engine init_search SELECT Statement denial of service
10647| [8065] Oracle MySQL up to 5.5.27 yaSSL memory corruption
10648| [8064] Oracle MySQL up to 5.5.29 yaSSL memory corruption
10649| [8816] Wireshark up to 1.8.5 MySQL Dissector packet-mysql.c Packet denial of service
10650| [8019] Oracle MySQL 5.2.11 Representation Converter Eingabe Crash denial of service
10651| [7431] Oracle MySQL Server up to 5.5.28 Privileges denial of service
10652| [7430] Oracle MySQL Server up to 5.5.28 Partition denial of service
10653| [7429] Oracle MySQL Server up to 5.5.28 Optimizer denial of service
10654| [7428] Oracle MySQL Server up to 5.1.66/5.5.28 Optimizer unknown vulnerability
10655| [7427] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
10656| [7426] Oracle MySQL Server up to 5.5.28 MyISAM denial of service
10657| [7425] Oracle MySQL Server up to 5.1.66/5.5.28 InnoDB unknown vulnerability
10658| [7424] Oracle MySQL Server up to 5.5.28 InnoDB denial of service
10659| [7423] Oracle MySQL Server up to 5.1.66/5.5.28 Locking unknown vulnerability
10660| [7422] Oracle MySQL Server up to 5.1.66/5.5.28 unknown vulnerability
10661| [7421] Oracle MySQL Server up to 5.1.66/5.1.28 Replication unknown vulnerability
10662| [7419] Oracle MySQL Server up to 5.5.28 Stored Procedure denial of service
10663| [7418] Oracle MySQL Server up to 5.1.66/5.5.28 Server Optimizer unknown vulnerability
10664| [7417] Oracle MySQL Server up to 5.1.66/5.5.28 Information Schema unknown vulnerability
10665| [7416] Oracle MySQL Server up to 5.1.65/5.5.27 GIS Extension denial of service
10666| [7415] Oracle MySQL Server up to 5.1.66/5.5.28 Privileges Stack-based memory corruption
10667| [7414] Oracle MySQL Server up to 5.5.28 Parser Heap-based memory corruption
10668| [63111] Oracle MySQL 5.5.19 Installation denial of service
10669| [7068] Oracle MySQL Server up to 5.5.19 Authentication information disclosure
10670| [7067] Oracle MySQL Server up to 5.5.19 sql/sql_acl.cc acl_get memory corruption
10671| [7066] Oracle MySQL Server up to 5.5.19 SELECT Command Crash denial of service
10672| [7065] Oracle MySQL Server up to 5.5.19 Create Table MDL_key::mdl_key_init memory corruption
10673| [6795] Oracle MySQL Server up to 5.1.64/5.5.26 Server Replication denial of service
10674| [6794] Oracle MySQL Server up to 5.1.63/5.5.25 Server Full Text Search denial of service
10675| [6793] Oracle MySQL Server up to 5.5.25 unknown vulnerability
10676| [6792] Oracle MySQL Server up to 5.5.26 MySQL Client information disclosure
10677| [6791] Oracle MySQL Server up to 5.1.65/5.5.27 Server Optimizer denial of service
10678| [6790] Oracle MySQL Server up to 5.1.64/5.5.26 Server Optimizer denial of service
10679| [6789] Oracle MySQL Server up to 5.5.26 unknown vulnerability
10680| [6788] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB Plugin denial of service
10681| [6787] Oracle MySQL Server up to 5.1.63/5.5.25 InnoDB unknown vulnerability
10682| [6786] Oracle MySQL Server up to 5.5.26 MySQL Client sql injection
10683| [6785] Oracle MySQL Server up to 5.1.65/5.5.27 denial of service
10684| [6784] Oracle MySQL Server up to 5.1.64/5.5.26 Protocol unknown vulnerability
10685| [6783] Oracle MySQL Server up to 5.1.64/5.5.26 Information Schema memory corruption
10686| [62299] SilverStripe up to 2.4.5 MySQL Database sql injection
10687| [61672] MySQL unknown vulnerability
10688| [61567] MySQLDumper 1.24.4 Error Message information disclosure
10689| [61566] MySQLDumper 1.24.4 Restore information disclosure
10690| [61565] MySQLDumper 1.24.4 directory traversal
10691| [61564] MySQLDumper 1.24.4 deletehtaccess cross site request forgery
10692| [61563] MySQLDumper 1.24.4 index.php cross site scripting
10693| [5783] Oracle MySQL Server up to 5.1.62/5.5.22 Server Optimizer denial of service
10694| [5782] Oracle MySQL Server up to 5.1.62/5.5.23 Server Optimizer denial of service
10695| [5781] Oracle MySQL Server up to 5.5.23 denial of service
10696| [5780] Oracle MySQL Server up to 5.5.23 InnoDB denial of service
10697| [5779] Oracle MySQL Server up to 5.1.62/5.5.23 GIS Extension unknown vulnerability
10698| [5778] Oracle MySQL Server up to 5.5.23 Server Optimizer denial of service
10699| [5635] Oracle MySQL Server up to 5.5.25 on Linux InnoDB UPDATE denial of service
10700| [5503] Oracle MySQL up to 5.6.5 Password Authentication sql/password.c memcmp weak authentication
10701| [5168] Oracle MySQL Server Optimizer denial of service
10702| [5166] Oracle MySQL Server up to 5.5.21 Partition denial of service
10703| [5165] Oracle MySQL Server up to 5.5.19 Optimizer denial of service
10704| [5159] Oracle MySQL Server up to 5.1.61/5.5.21 Optimizer denial of service
10705| [5158] Oracle MySQL Server up to 5.1.61/5.5.21 DML denial of service
10706| [5151] Oracle MySQL Server up to 5.1.60/5.5.19 MyISAM denial of service
10707| [5981] Oracle MySQL Server 5.1.62/5.5.23 Sort Order Index Calculation denial of service
10708| [5072] Oracle MySQL Server up to 5.5.21 denial of service
10709| [4627] Oracle MySQL up to 5.5.20 memory corruption
10710| [60055] WordPress up to 1.2 MySQL Database denial of service
10711| [5236] Oracle MySQL Server 5.5.x unknown vulnerability
10712| [5235] Oracle MySQL Server 5.5.x denial of service
10713| [5233] Oracle MySQL Server 5.5.x denial of service
10714| [5232] Oracle MySQL Server 5.5.x denial of service
10715| [5231] Oracle MySQL Server 5.5.x denial of service
10716| [5230] Oracle MySQL Server 5.5.x denial of service
10717| [5229] Oracle MySQL Server 5.5.x denial of service
10718| [5228] Oracle MySQL Server 5.5.x denial of service
10719| [5227] Oracle MySQL Server 5.5.x unknown vulnerability
10720| [5226] Oracle MySQL Server 5.1.x/5.5.x denial of service
10721| [5225] Oracle MySQL Server 5.1.x/5.5.x denial of service
10722| [5224] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10723| [5223] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10724| [5222] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10725| [5221] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10726| [5220] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10727| [5219] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10728| [5218] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10729| [5217] Oracle MySQL Server 5.1.x/5.5.x unknown vulnerability
10730| [5216] Oracle MySQL Server 5.0.x/5.1.x/5.5.x denial of service
10731| [5215] Oracle MySQL Server 5.0.x/5.1.x/5.5.x information disclosure
10732| [5213] Oracle MySQL Server 5.0.x/5.1.x/5.5.x unknown vulnerability
10733| [5212] Oracle MySQL Server 5.0.x/5.1.x denial of service
10734| [5211] Oracle MySQL Server 5.0.x/5.1.x denial of service
10735| [5210] Oracle MySQL Server 5.0.x/5.1.x denial of service
10736| [59882] MySQL 5.5.8 NULL Pointer Dereference denial of service
10737| [59384] Hiroyuki Oyama DBD::mysqlPP up to 0.04 MySQL sql injection
10738| [58706] Taskfreak! Multi-mysql 0.6 Error Message information disclosure
10739| [57356] Trustwave WebDefend 2.0/3.0/5.0 MySQL Database unknown vulnerability
10740| [56109] PHP 5.3.2/5.3.3 mysqli mysqli_fetch_assoc sql injection
10741| [56085] MySQL up to 5.1.25 init_from_wkb denial of service
10742| [56084] MySQL up to 5.1.25 Stored Procedure denial of service
10743| [56083] MySQL Crash denial of service
10744| [56082] MySQL Use-After-Free denial of service
10745| [56081] MySQL Optimizer Crash denial of service
10746| [56080] MySQL up to 5.1.25 Stored denial of service
10747| [56079] MySQL Crash denial of service
10748| [56078] MySQL Create Table Crash denial of service
10749| [56025] MySQL up to 5.1.25 Crash denial of service
10750| [56024] MySQL up to 5.1.25 store denial of service
10751| [56023] MySQL up to 5.1.25 Crash denial of service
10752| [56022] MySQL up to 5.1.25 Crash denial of service
10753| [56021] MySQL up to 5.1.25 Uninitialized Memory denial of service
10754| [56020] MySQL up to 5.1.25 Crash denial of service
10755| [56019] MySQL up to 5.1.25 Crash denial of service
10756| [56018] mysql up to 5.1.25 Configuration Parameter denial of service
10757| [60789] TYPO3 up to 4.4.4 MySQL Database escapeStrForLike information disclosure
10758| [62294] SilverStripe 2.4.0/2.4.1/2.4.2/2.4.3 MySQLDatabase.php unknown vulnerability
10759| [54434] PHP 5.3.0/5.3.1/5.3.2 php_mysqlnd_auth_write sql injection
10760| [54433] PHP 5.3.0/5.3.1/5.3.2 MySQL php_mysqlnd_read_error_from_line memory corruption
10761| [54432] PHP 5.3.0/5.3.1/5.3.2 mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read memory corruption
10762| [54026] MySQL up to 5.1.25 Crash denial of service
10763| [53483] MySQL up to 5.0.0.0 memory corruption
10764| [53482] MySQL up to 5.0.0.0 my_net_skip_rest denial of service
10765| [53481] MySQL up to 5.0.0.0 directory traversal
10766| [53212] mysql 5.1.45 mysql_uninstall_plugin unknown vulnerability
10767| [53118] Csphere ClanSphere up to 2009.0.3 MySQL Database generate.php cs_sql_select sql injection
10768| [53053] TaskFreak TaskFreak! up to 0.1.3 tzn_mysql.php loadByKey sql injection
10769| [52985] Oracle MySQLConnector NET up to 6.0.2 SSL Certificate spoofing
10770| [51369] mysql 5.0.51a CertDecoder::GetName memory corruption
10771| [51581] TYPO3 Kiddog Mysqldumper up to 0.0.3 information disclosure
10772| [50962] MySQL Certificates viosslfactories.c vio_verify_callback spoofing
10773| [50961] mysql GeomFromWKB denial of service
10774| [50960] MySQL up to 5.0.0.0 Access Restriction Symlink privilege escalation
10775| [50531] mysql-ocaml 1.0.4 MySQL mysql_real_escape_string unknown vulnerability
10776| [48981] MySQL up to 4.0.23 sql_parse.cc dispatch_command denial of service
10777| [48263] Surat Kabar phpWebNews 0.2 MySQL index.php sql injection
10778| [48262] Surat Kabar phpWebNews 0.1/0.2 MySQL bukutamu.php sql injection
10779| [47455] auth2db up to 0.2.6 MySQL mysql_real_escape_string sql injection
10780| [46983] MySQL up to 6.0.10-bzr ExtractValue denial of service
10781| [46798] Getmiro Broadcast Machine 0.1 MySQLController.php privilege escalation
10782| [46636] MyBlog MySQL Database Cleartext information disclosure
10783| [46500] ProFTPD 1.3.1 mod_sql_mysql sql injection
10784| [46028] Joey Schulze Mod Auth Mysql 2.x mod_auth_mysql.c sql injection
10785| [45774] Constructr CMS up to 3.02.5 MySQL Database Cleartext information disclosure
10786| [45668] Nodstrum MySQL Calendar 1.1 index.php sql injection
10787| [45669] Nodstrum MySQL Calendar 1.1 unknown vulnerability
10788| [45016] Deeserver Panuwat PromoteWeb MySQL go.php sql injection
10789| [44358] MySQL up to 5.0.67 cross site scripting
10790| [44357] MySQL Quick Admin up to 1.5.5 index.php directory traversal
10791| [44356] MySQL Quick Admin 1.5.5 actions.php directory traversal
10792| [44131] NooMS 1.1 MySQL db.php information disclosure
10793| [44076] MySQL Create Table Symlink privilege escalation
10794| [44075] MySQL 5.0.51a Create Table Symlink privilege escalation
10795| [43987] MySQL Crash denial of service
10796| [43825] Aquagardensoft mysql-lists 1.2 cross site scripting
10797| [43819] Craftysyntax Crafty Syntax Live Help up to 1.7 MySQL Database Cleartext information disclosure
10798| [43625] Keld PHP-MySQL News Script 0.7.1 login.php sql injection
10799| [43123] BlognPlus 2.5.5 MySQL index.php sql injection
10800| [42939] Relative Real Estate Systems up to 3.0 MySQL Database Cleartext information disclosure
10801| [42912] AlstraSoft AskMe 2.1 MySQL Database Cleartext information disclosure
10802| [42868] BlognPlus 2.5.4 MySQL sql injection
10803| [42205] miniBB 2.2 MySQL setup_mysql.php sql injection
10804| [41891] Terong Advanced Web Photo Gallery 1.0 MySQL Database Cleartext information disclosure
10805| [40486] MySQL up to 1.7.5 handshake.cpp processoldclienthello memory corruption
10806| [40219] PHP MySQL Banner Exchange 2.2.1 inc/lib.inc unknown vulnerability
10807| [39993] MySQL denial of service
10808| [3499] Sun MySQL up to 6.0.3 System Table Information privilege escalation
10809| [40030] aurora framework 20071208 MySQL db_mysql.lib pack_var sql injection
10810| [3469] Sun MySQL 5.1.23 Bk InnoDB denial of service
10811| [39991] MySQL up to 6.0.4 denial of service
10812| [39292] Asterisk-Addons 1.2.7/1.4.3 MySQL sql injection
10813| [41090] MySQL Mysql Community Server up to 5.1.4 unknown vulnerability
10814| [38781] PHP 5.2.4 MySQL memory corruption
10815| [38618] PHP 4.4.7/5.2.3 mysqli sql injection
10816| [85747] InterWorx SiteWorx mysql.php cross site scripting
10817| [85735] InterWorx NodeWorx mysql.php cross site scripting
10818| [37818] MySQL Community Server up to 5.0.40 denial of service
10819| [39994] MySQL Federated Crash denial of service
10820| [37641] MySQLDumper htaccess privilege escalation
10821| [86077] NetClassifieds Mysql_db.php information disclosure
10822| [37816] MySQL Community Server up to 5.0.40 Crash denial of service
10823| [36814] MySQL up to 5.1.17 information disclosure
10824| [36669] MySQL 4.0.1 unknown vulnerability
10825| [36813] mysql up to 5.1.17 thd::db_access denial of service
10826| [36812] MySQL up to 5.1.17 unknown vulnerability
10827| [36502] Burnstone burnCMS 0.2 mysql.class.php privilege escalation
10828| [36364] GPL PHP Board unstable-2001.11.14-1 mysqli db.mysql.inc.php privilege escalation
10829| [36700] MySQL up to 5.0.39 item_cmpfunc.cc in_decimal::set denial of service
10830| [35917] Advanced Website Creator MySQL sql injection
10831| [35916] Eve-Nuke Forum 0.1 MySQL db/mysql.php privilege escalation
10832| [35605] bitesser MySQL Commander up to 2.7 ressourcen/dbopen.php privilege escalation
10833| [85480] Fantastico includes/mysqlconfig.php directory traversal
10834| [85141] ActiveCalendar data/mysqlevents.php cross site scripting
10835| [85212] WGS-PPC config/mysql_config.php privilege escalation
10836| [34894] MySQLNewsEngine MySQL affichearticles.php3 privilege escalation
10837| [34576] MyODBC MySQL Database denial of service
10838| [37817] MySQL Community Server up to 5.0.40 Create Table information disclosure
10839| [34117] The Address Book 1.04e MySQL Database export.php information disclosure
10840| [34223] MySQL 5.0.30/5.1.13 sql_select.cc denial of service
10841| [33690] Widcomm BTSaveMySql 1.2 MySQL information disclosure
10842| [33257] iWonder Designs Storystream 0.4.0.0 mysql.php sql injection
10843| [33092] Pentaho Business Intelligence Suite up to 1.1 MySQL sql injection
10844| [32736] MysqlDumper 1.21 B6 sql.php cross site scripting
10845|
10846| MITRE CVE - https://cve.mitre.org:
10847| [CVE-2013-3812] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
10848| [CVE-2013-3811] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3806.
10849| [CVE-2013-3810] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA Transactions.
10850| [CVE-2013-3809] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
10851| [CVE-2013-3808] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
10852| [CVE-2013-3807] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Server Privileges.
10853| [CVE-2013-3806] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than CVE-2013-3811.
10854| [CVE-2013-3805] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
10855| [CVE-2013-3804] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10856| [CVE-2013-3802] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
10857| [CVE-2013-3801] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
10858| [CVE-2013-3798] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote attackers to affect integrity and availability via unknown vectors related to MemCached.
10859| [CVE-2013-3796] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10860| [CVE-2013-3795] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
10861| [CVE-2013-3794] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
10862| [CVE-2013-3793] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
10863| [CVE-2013-3783] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
10864| [CVE-2013-3561] Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.
10865| [CVE-2013-3221] The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database.
10866| [CVE-2013-2395] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-1567.
10867| [CVE-2013-2392] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10868| [CVE-2013-2391] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
10869| [CVE-2013-2389] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10870| [CVE-2013-2381] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server Privileges.
10871| [CVE-2013-2378] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
10872| [CVE-2013-2376] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
10873| [CVE-2013-2375] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
10874| [CVE-2013-1861] MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service (crash) via a crafted geometry feature that specifies a large number of points, which is not properly handled when processing the binary representation of this feature, related to a numeric calculation error.
10875| [CVE-2013-1570] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote attackers to affect availability via unknown vectors related to MemCached.
10876| [CVE-2013-1567] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language, a different vulnerability than CVE-2013-2395.
10877| [CVE-2013-1566] Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10878| [CVE-2013-1555] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, and 5.5.29 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
10879| [CVE-2013-1552] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
10880| [CVE-2013-1548] Unspecified vulnerability in Oracle MySQL 5.1.63 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Types.
10881| [CVE-2013-1544] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
10882| [CVE-2013-1532] Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
10883| [CVE-2013-1531] Unspecified vulnerability in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Privileges.
10884| [CVE-2013-1526] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
10885| [CVE-2013-1523] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Optimizer.
10886| [CVE-2013-1521] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking.
10887| [CVE-2013-1512] Unspecified vulnerability in Oracle MySQL 5.5.29 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
10888| [CVE-2013-1511] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10889| [CVE-2013-1506] Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Locking.
10890| [CVE-2013-1502] Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
10891| [CVE-2013-1492] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.30, has unspecified impact and attack vectors, a different vulnerability than CVE-2012-0553.
10892| [CVE-2013-0389] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10893| [CVE-2013-0386] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
10894| [CVE-2013-0385] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication.
10895| [CVE-2013-0384] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
10896| [CVE-2013-0383] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.
10897| [CVE-2013-0375] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Server Replication.
10898| [CVE-2013-0371] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability, related to MyISAM.
10899| [CVE-2013-0368] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10900| [CVE-2013-0367] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
10901| [CVE-2012-5615] MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
10902| [CVE-2012-5614] Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT command with an UpdateXML command containing XML with a large number of unique, nested elements.
10903| [CVE-2012-5613] ** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
10904| [CVE-2012-5612] Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
10905| [CVE-2012-5611] Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
10906| [CVE-2012-5383] ** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the MySQL installation.
10907| [CVE-2012-5096] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users with Server Privileges to affect availability via unknown vectors.
10908| [CVE-2012-5060] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
10909| [CVE-2012-4452] MySQL 5.0.88, and possibly other versions and platforms, allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of a CVE-2009-4030 regression, which was not omitted in other packages and versions such as MySQL 5.0.95 in Red Hat Enterprise Linux 6.
10910| [CVE-2012-4414] Multiple SQL injection vulnerabilities in the replication code in Oracle MySQL possibly before 5.5.29, and MariaDB 5.1.x through 5.1.62, 5.2.x through 5.2.12, 5.3.x through 5.3.7, and 5.5.x through 5.5.25, allow remote authenticated users to execute arbitrary SQL commands via vectors related to the binary log. NOTE: as of 20130116, Oracle has not commented on claims from a downstream vendor that the fix in MySQL 5.5.29 is incomplete.
10911| [CVE-2012-4255] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
10912| [CVE-2012-4254] MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information (Notices) via a direct request to (1) learn/cubemail/restore.php or (2) learn/cubemail/dump.php.
10913| [CVE-2012-4253] Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php.
10914| [CVE-2012-4252] Multiple cross-site request forgery (CSRF) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to hijack the authentication of administrators for requests that (1) remove file access restriction via a deletehtaccess action, (2) drop a database via a kill value in a db action, (3) uninstall the application via a 101 value in the phase parameter to learn/cubemail/install.php, (4) delete config.php via a 2 value in the phase parameter to learn/cubemail/install.php, (5) change a password via a schutz action, or (6) execute arbitrary SQL commands via the sql_statement parameter to learn/cubemail/sql.php.
10915| [CVE-2012-4251] Multiple cross-site scripting (XSS) vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter to index.php, (2) phase parameter to install.php, (3) tablename or (4) dbid parameter to sql.php, or (5) filename parameter to restore.php in learn/cubemail/.
10916| [CVE-2012-3951] The MySQL component in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) 9.0.1.19899 and earlier has a default password of admin for the (1) scrutinizer and (2) scrutremote accounts, which allows remote attackers to execute arbitrary SQL commands via a TCP session.
10917| [CVE-2012-3441] The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
10918| [CVE-2012-3197] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
10919| [CVE-2012-3180] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10920| [CVE-2012-3177] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server.
10921| [CVE-2012-3173] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB Plugin.
10922| [CVE-2012-3167] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Full Text Search.
10923| [CVE-2012-3166] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10924| [CVE-2012-3163] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema.
10925| [CVE-2012-3160] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.65 and earlier, and 5.5.27 and earlier, allows local users to affect confidentiality via unknown vectors related to Server Installation.
10926| [CVE-2012-3158] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol.
10927| [CVE-2012-3156] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
10928| [CVE-2012-3150] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10929| [CVE-2012-3149] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect confidentiality, related to MySQL Client.
10930| [CVE-2012-3147] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.
10931| [CVE-2012-3144] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server.
10932| [CVE-2012-2750] Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.
10933| [CVE-2012-2749] MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service (mysqld crash) via vectors related to incorrect calculation and a sort order index.
10934| [CVE-2012-2122] sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.
10935| [CVE-2012-2102] MySQL 5.1.x before 5.1.62 and 5.5.x before 5.5.22 allows remote authenticated users to cause a denial of service (assertion failure and mysqld abort) by deleting a record and using HANDLER READ NEXT.
10936| [CVE-2012-1757] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10937| [CVE-2012-1756] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors.
10938| [CVE-2012-1735] Unspecified vulnerability in Oracle MySQL Server 5.5.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10939| [CVE-2012-1734] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10940| [CVE-2012-1705] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10941| [CVE-2012-1703] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10942| [CVE-2012-1702] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors.
10943| [CVE-2012-1697] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.21 and earlier allows remote authenticated users to affect availability via unknown vectors related to Partition.
10944| [CVE-2012-1696] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10945| [CVE-2012-1690] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10946| [CVE-2012-1689] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier, and 5.5.22 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10947| [CVE-2012-1688] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.
10948| [CVE-2012-0937] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not limit the number of MySQL queries sent to external MySQL database servers, which allows remote attackers to use WordPress as a proxy for brute-force attacks or denial of service attacks via the dbhost parameter, a different vulnerability than CVE-2011-4898. NOTE: the vendor disputes the significance of this issue because an incomplete WordPress installation might be present on the network for only a short time.
10949| [CVE-2012-0882] Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE.
10950| [CVE-2012-0583] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.60 and earlier, and 5.5.19 and earlier, allows remote authenticated users to affect availability, related to MyISAM.
10951| [CVE-2012-0578] Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
10952| [CVE-2012-0574] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors.
10953| [CVE-2012-0572] Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
10954| [CVE-2012-0553] Buffer overflow in yaSSL, as used in MySQL 5.1.x before 5.1.68 and 5.5.x before 5.5.28, has unspecified impact and attack vectors, a different vulnerability than CVE-2013-1492.
10955| [CVE-2012-0540] Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension.
10956| [CVE-2012-0496] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
10957| [CVE-2012-0495] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0493.
10958| [CVE-2012-0494] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows local users to affect availability via unknown vectors.
10959| [CVE-2012-0493] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, and CVE-2012-0495.
10960| [CVE-2012-0492] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0485.
10961| [CVE-2012-0491] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0493, and CVE-2012-0495.
10962| [CVE-2012-0490] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect availability via unknown vectors.
10963| [CVE-2012-0489] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
10964| [CVE-2012-0488] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0487, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
10965| [CVE-2012-0487] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0486, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
10966| [CVE-2012-0486] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
10967| [CVE-2012-0485] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492.
10968| [CVE-2012-0484] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect confidentiality via unknown vectors.
10969| [CVE-2012-0120] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0485, and CVE-2012-0492.
10970| [CVE-2012-0119] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
10971| [CVE-2012-0118] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0113.
10972| [CVE-2012-0117] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0486, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495.
10973| [CVE-2012-0116] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
10974| [CVE-2012-0115] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
10975| [CVE-2012-0114] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows local users to affect confidentiality and integrity via unknown vectors.
10976| [CVE-2012-0113] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect confidentiality and availability via unknown vectors, a different vulnerability than CVE-2012-0118.
10977| [CVE-2012-0112] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, CVE-2012-0485, and CVE-2012-0492.
10978| [CVE-2012-0102] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0101.
10979| [CVE-2012-0101] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0087 and CVE-2012-0102.
10980| [CVE-2012-0087] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x and 5.1.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0101 and CVE-2012-0102.
10981| [CVE-2012-0075] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.0.x, 5.1.x, and 5.5.x allows remote authenticated users to affect integrity via unknown vectors.
10982| [CVE-2011-5049] MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
10983| [CVE-2011-4959] SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
10984| [CVE-2011-4899] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier does not ensure that the specified MySQL database service is appropriate, which allows remote attackers to configure an arbitrary database via the dbhost and dbname parameters, and subsequently conduct static code injection and cross-site scripting (XSS) attacks via (1) an HTTP request or (2) a MySQL query. NOTE: the vendor disputes the significance of this issue
10985| [CVE-2011-4898] ** DISPUTED ** wp-admin/setup-config.php in the installation component in WordPress 3.3.1 and earlier generates different error messages for requests lacking a dbname parameter depending on whether the MySQL credentials are valid, which makes it easier for remote attackers to conduct brute-force attacks via a series of requests with different uname and pwd parameters. NOTE: the vendor disputes the significance of this issue
10986| [CVE-2011-3989] SQL injection vulnerability in DBD::mysqlPP 0.04 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
10987| [CVE-2011-3805] TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files.
10988| [CVE-2011-2688] SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
10989| [CVE-2011-2531] Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect data type to the value column in certain tables, which might allow remote attackers to cause a denial of service (data truncation) by sending a large amount of data.
10990| [CVE-2011-2262] Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote attackers to affect availability via unknown vectors.
10991| [CVE-2011-1906] Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.
10992| [CVE-2011-1513] Static code injection vulnerability in install_.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107_config.php via a crafted MySQL server name.
10993| [CVE-2011-0432] Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE: some of these details are obtained from third party information.
10994| [CVE-2010-5104] The escapeStrForLike method in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 does not properly escape input when the MySQL database is set to sql_mode NO_BACKSLASH_ESCAPES, which allows remote attackers to obtain sensitive information via wildcard characters in a LIKE query.
10995| [CVE-2010-4822] core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
10996| [CVE-2010-4700] The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for context-dependent attackers to conduct SQL injection attacks via crafted input that had been properly handled in earlier PHP versions.
10997| [CVE-2010-3840] The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service (server crash) by calling the PolyFromWKB function with Well-Known Binary (WKB) data containing a crafted number of (1) line strings or (2) line points.
10998| [CVE-2010-3839] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations of a (1) prepared statement or (2) stored procedure that creates a query with nested JOIN statements.
10999| [CVE-2010-3838] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."
11000| [CVE-2010-3837] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.
11001| [CVE-2010-3836] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.
11002| [CVE-2010-3835] MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.
11003| [CVE-2010-3834] Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."
11004| [CVE-2010-3833] MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."
11005| [CVE-2010-3683] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
11006| [CVE-2010-3682] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
11007| [CVE-2010-3681] Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
11008| [CVE-2010-3680] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
11009| [CVE-2010-3679] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind.
11010| [CVE-2010-3678] Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier.
11011| [CVE-2010-3677] Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.
11012| [CVE-2010-3676] storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
11013| [CVE-2010-3064] Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) username or (2) database name argument to the (a) mysql_connect or (b) mysqli_connect function.
11014| [CVE-2010-3063] The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap-based buffer overflow via crafted inputs that cause a negative length value to be used.
11015| [CVE-2010-3062] mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mysqlnd_ok_read function
11016| [CVE-2010-3056] Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.php, (4) js/messages.php, (5) libraries/common.lib.php, (6) libraries/database_interface.lib.php, (7) libraries/dbi/mysql.dbi.lib.php, (8) libraries/dbi/mysqli.dbi.lib.php, (9) libraries/db_info.inc.php, (10) libraries/sanitizing.lib.php, (11) libraries/sqlparser.lib.php, (12) server_databases.php, (13) server_privileges.php, (14) setup/config.php, (15) sql.php, (16) tbl_replace.php, and (17) tbl_sql.php.
11017| [CVE-2010-2008] MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
11018| [CVE-2010-2003] Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
11019| [CVE-2010-1865] Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the IP address to the cs_getip function in generate.php in the Captcha module, or (2) the s_email parameter to the cs_sql_select function in the MySQL database driver (mysql.php).
11020| [CVE-2010-1850] Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to execute arbitrary code via a COM_FIELD_LIST command with a long table name.
11021| [CVE-2010-1849] The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a large number of packets that exceed the maximum length.
11022| [CVE-2010-1848] Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users to bypass intended table grants to read field definitions of arbitrary tables, and on 5.1 to read or delete content of arbitrary tables, via a .. (dot dot) in a table name.
11023| [CVE-2010-1626] MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM table via a symlink attack in conjunction with the DROP TABLE command, a different vulnerability than CVE-2008-4098 and CVE-2008-7247.
11024| [CVE-2010-1621] The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check privileges before uninstalling a plugin, which allows remote attackers to uninstall arbitrary plugins via the UNINSTALL PLUGIN command.
11025| [CVE-2010-1583] SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to execute arbitrary SQL commands via the username field in a login action.
11026| [CVE-2010-0336] Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
11027| [CVE-2010-0124] Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
11028| [CVE-2009-5026] The executable comment feature in MySQL 5.0.x before 5.0.93 and 5.1.x before 5.1.50, when running in certain slave configurations in which the slave is running a newer version than the master, allows remote attackers to execute arbitrary SQL commands via custom comments.
11029| [CVE-2009-4833] MySQL Connector/NET before 6.0.4, when using encryption, does not verify SSL certificates during connection, which allows remote attackers to perform a man-in-the-middle attack with a spoofed SSL certificate.
11030| [CVE-2009-4484] Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a.
11031| [CVE-2009-4030] MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079.
11032| [CVE-2009-4028] The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library.
11033| [CVE-2009-4019] mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement.
11034| [CVE-2009-3696] Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
11035| [CVE-2009-3102] The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
11036| [CVE-2009-2942] The mysql-ocaml bindings 1.0.4 for MySQL do not properly support the mysql_real_escape_string function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
11037| [CVE-2009-2446] Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
11038| [CVE-2009-1246] Multiple directory traversal vulnerabilities in Blogplus 1.0 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) row_mysql_blocks_center_down[file] parameter to includes/block_center_down.php
11039| [CVE-2009-1208] SQL injection vulnerability in auth2db 0.2.5, and possibly other versions before 0.2.7, uses the addslashes function instead of the mysql_real_escape_string function, which allows remote attackers to conduct SQL injection attacks using multibyte character encodings.
11040| [CVE-2009-0919] XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access via (1) the "lampp" default password for the "nobody" account within the included ProFTPD installation, (2) a blank default password for the "root" account within the included MySQL installation, (3) a blank default password for the "pma" account within the phpMyAdmin installation, and possibly other unspecified passwords. NOTE: this was originally reported as a problem in DFLabs PTK, but this issue affects any product that is installed within the XAMPP environment, and should not be viewed as a vulnerability within that product. NOTE: DFLabs states that PTK is intended for use in a laboratory with "no contact from / to internet."
11041| [CVE-2009-0819] sql/item_xmlfunc.cc in MySQL 5.1 before 5.1.32 and 6.0 before 6.0.10 allows remote authenticated users to cause a denial of service (crash) via "an XPath expression employing a scalar expression as a FilterExpr with ExtractValue() or UpdateXML()," which triggers an assertion failure.
11042| [CVE-2009-0617] Cisco Application Networking Manager (ANM) before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files.
11043| [CVE-2009-0543] ProFTPD Server 1.3.1, with NLS support enabled, allows remote attackers to bypass SQL injection protection mechanisms via invalid, encoded multibyte characters, which are not properly handled in (1) mod_sql_mysql and (2) mod_sql_postgres.
11044| [CVE-2008-7247] sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha, when the data home directory contains a symlink to a different filesystem, allows remote authenticated users to bypass intended access restrictions by calling CREATE TABLE with a (1) DATA DIRECTORY or (2) INDEX DIRECTORY argument referring to a subdirectory that requires following this symlink.
11045| [CVE-2008-6992] GreenSQL Firewall (greensql-fw), possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL.
11046| [CVE-2008-6813] SQL injection vulnerability in index.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the id_kat parameter.
11047| [CVE-2008-6812] SQL injection vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition allows remote attackers to execute arbitrary SQL commands via the det parameter.
11048| [CVE-2008-6655] Multiple cross-site scripting (XSS) vulnerabilities in GEDCOM_TO_MYSQL 2 allow remote attackers to inject arbitrary web script or HTML via the (1) nom_branche and (2) nom parameters to php/prenom.php
11049| [CVE-2008-6287] Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
11050| [CVE-2008-6193] Sam Crew MyBlog stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
11051| [CVE-2008-5847] Constructr CMS 3.02.5 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information by reading the hash column.
11052| [CVE-2008-5738] Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to bypass authentication and gain administrative access by setting the nodstrumCalendarV2 cookie to 1. NOTE: some of these details are obtained from third party information.
11053| [CVE-2008-5737] SQL injection vulnerability in index.php in Nodstrum MySQL Calendar 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the username parameter.
11054| [CVE-2008-5069] SQL injection vulnerability in go.php in Panuwat PromoteWeb MySQL, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter.
11055| [CVE-2008-4456] Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document. NOTE: as of 20081031, the issue has not been fixed in MySQL 5.0.67.
11056| [CVE-2008-4455] Directory traversal vulnerability in index.php in EKINdesigns MySQL Quick Admin 1.5.5 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the language cookie.
11057| [CVE-2008-4454] Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php. NOTE: the provenance of this information is unknown
11058| [CVE-2008-4180] Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force attacks against passwords via a username in the g_dbuser parameter and a password in the g_dbpwd parameter, and possibly a "localhost" g_dbhost parameter value, related to a "Mysql Remote Brute Force Vulnerability."
11059| [CVE-2008-4106] WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows remote attackers to change an arbitrary user's password to a random value by registering a similar username and then requesting a password reset, related to a "SQL column truncation vulnerability." NOTE: the attacker can discover the random password by also exploiting CVE-2008-4107.
11060| [CVE-2008-4098] MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL home data directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4097.
11061| [CVE-2008-4097] MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079.
11062| [CVE-2008-3963] MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b'' (b single-quote single-quote) token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service (daemon crash) by using this token in a SQL statement.
11063| [CVE-2008-3846] Cross-site scripting (XSS) vulnerability in mysql-lists 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
11064| [CVE-2008-3840] Crafty Syntax Live Help (CSLH) 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
11065| [CVE-2008-3820] Cisco Security Manager 3.1 and 3.2 before 3.2.2, when Cisco IPS Event Viewer (IEV) is used, exposes TCP ports used by the MySQL daemon and IEV server, which allows remote attackers to obtain "root access" to IEV via unspecified use of TCP sessions to these ports.
11066| [CVE-2008-3582] SQL injection vulnerability in login.php in Keld PHP-MySQL News Script 0.7.1 allows remote attackers to execute arbitrary SQL commands via the username parameter.
11067| [CVE-2008-3090] Multiple SQL injection vulnerabilities in index.php in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL editions allow remote attackers to execute arbitrary SQL commands via the (1) p, (2) e, (3) d, and (4) m parameters, a different vulnerability than CVE-2008-2819.
11068| [CVE-2008-2881] Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
11069| [CVE-2008-2857] AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
11070| [CVE-2008-2819] SQL injection vulnerability in BlognPlus (BURO GUN +) 2.5.4 and earlier MySQL and PostgreSQL editions allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
11071| [CVE-2008-2667] SQL injection vulnerability in the Courier Authentication Library (aka courier-authlib) before 0.60.6 on SUSE openSUSE 10.3 and 11.0, and other platforms, when MySQL and a non-Latin character set are used, allows remote attackers to execute arbitrary SQL commands via the username and unspecified other vectors.
11072| [CVE-2008-2384] SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.
11073| [CVE-2008-2079] MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are within the MySQL home data directory, which can point to tables that are created in the future.
11074| [CVE-2008-2029] Multiple SQL injection vulnerabilities in (1) setup_mysql.php and (2) setup_options.php in miniBB 2.2 and possibly earlier, when register_globals is enabled, allow remote attackers to execute arbitrary SQL commands via the xtr parameter in a userinfo action to index.php.
11075| [CVE-2008-1711] Terong PHP Photo Gallery (aka Advanced Web Photo Gallery) 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information.
11076| [CVE-2008-1567] phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
11077| [CVE-2008-1486] SQL injection vulnerability in Phorum before 5.2.6, when mysql_use_ft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search.
11078| [CVE-2008-0249] PHP Webquest 2.6 allows remote attackers to retrieve database credentials via a direct request to admin/backup_phpwebquest.php, which leaks the credentials in an error message if a call to /usr/bin/mysqldump fails. NOTE: this might only be an issue in limited environments.
11079| [CVE-2008-0227] yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.
11080| [CVE-2008-0226] Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
11081| [CVE-2007-6512] PHP MySQL Banner Exchange 2.2.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain database information via a direct request to inc/lib.inc.
11082| [CVE-2007-6418] The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.
11083| [CVE-2007-6345] SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information.
11084| [CVE-2007-6313] MySQL Server 5.1.x before 5.1.23 and 6.0.x before 6.0.4 does not check the rights of the entity executing BINLOG, which allows remote authorized users to execute arbitrary BINLOG statements.
11085| [CVE-2007-6304] The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
11086| [CVE-2007-6303] MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
11087| [CVE-2007-6081] AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs.
11088| [CVE-2007-5970] MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges.
11089| [CVE-2007-5969] MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file.
11090| [CVE-2007-5925] The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
11091| [CVE-2007-5646] SQL injection vulnerability in Sources/Search.php in Simple Machines Forum (SMF) 1.1.3, when MySQL 5 is used, allows remote attackers to execute arbitrary SQL commands via the userspec parameter in a search2 action to index.php.
11092| [CVE-2007-5626] make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
11093| [CVE-2007-5488] Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons before 1.2.8, and 1.4.x before 1.4.4, allow remote attackers to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
11094| [CVE-2007-4889] The MySQL extension in PHP 5.2.4 and earlier allows remote attackers to bypass safe_mode and open_basedir restrictions via the MySQL (1) LOAD_FILE, (2) INTO DUMPFILE, and (3) INTO OUTFILE functions, a different issue than CVE-2007-3997.
11095| [CVE-2007-3997] The (1) MySQL and (2) MySQLi extensions in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to bypass safe_mode and open_basedir restrictions via MySQL LOCAL INFILE operations, as demonstrated by a query with LOAD DATA LOCAL INFILE.
11096| [CVE-2007-3782] MySQL Community Server before 5.0.45 allows remote authenticated users to gain update privileges for a table in another database via a view that refers to this external table.
11097| [CVE-2007-3781] MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure.
11098| [CVE-2007-3780] MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
11099| [CVE-2007-3567] MySQLDumper 1.21b through 1.23 REV227 uses a "Limit GET" statement in the .htaccess authentication mechanism, which allows remote attackers to bypass authentication requirements via HTTP POST requests.
11100| [CVE-2007-2857] PHP remote file inclusion vulnerability in sample/xls2mysql in ABC Excel Parser Pro 4.0 allows remote attackers to execute arbitrary PHP code via a URL in the parser_path parameter.
11101| [CVE-2007-2766] lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
11102| [CVE-2007-2693] MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement.
11103| [CVE-2007-2692] The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before 5.1.18 does not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allows remote authenticated users to gain privileges.
11104| [CVE-2007-2691] MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
11105| [CVE-2007-2583] The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference.
11106| [CVE-2007-2554] Associated Press (AP) Newspower 4.0.1 and earlier uses a default blank password for the MySQL root account, which allows remote attackers to insert or modify news articles via shows.tblscript.
11107| [CVE-2007-2429] ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown
11108| [CVE-2007-2364] Multiple PHP remote file inclusion vulnerabilities in burnCMS 0.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) mysql.class.php or (2) postgres.class.php in lib/db/
11109| [CVE-2007-2204] Multiple PHP remote file inclusion vulnerabilities in GPL PHP Board (GPB) unstable-2001.11.14-1 allow remote attackers to execute arbitrary PHP code via a URL in the root_path parameter to (1) db.mysql.inc.php or (2) gpb.inc.php in include/, or the (3) theme parameter to themes/ubb/login.php.
11110| [CVE-2007-2016] Cross-site scripting (XSS) vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang[] parameter.
11111| [CVE-2007-1779] Multiple SQL injection vulnerabilities in the MySQL back-end in Advanced Website Creator (AWC) before 1.9.0 might allow remote attackers to execute arbitrary SQL commands via unspecified parameters, related to use of mysql_escape_string instead of mysql_real_escape_string.
11112| [CVE-2007-1778] PHP remote file inclusion vulnerability in db/mysql.php in the Eve-Nuke 0.1 (EN-Forums) module for PHP-Nuke allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
11113| [CVE-2007-1548] SQL injection vulnerability in functions/functions_filters.asp in Web Wiz Forums before 8.05a (MySQL version) does not properly filter certain characters in SQL commands, which allows remote attackers to execute arbitrary SQL commands via \"' (backslash double-quote quote) sequences, which are collapsed into \'', as demonstrated via the name parameter to forum/pop_up_member_search.asp.
11114| [CVE-2007-1455] Multiple absolute path traversal vulnerabilities in Fantastico, as used with cPanel 10.x, allow remote authenticated users to include and execute arbitrary local files via (1) the userlanguage parameter to includes/load_language.php or (2) the fantasticopath parameter to includes/mysqlconfig.php and certain other files.
11115| [CVE-2007-1439] PHP remote file inclusion vulnerability in ressourcen/dbopen.php in bitesser MySQL Commander 2.7 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the home parameter.
11116| [CVE-2007-1420] MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function.
11117| [CVE-2007-1167] inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter.
11118| [CVE-2007-1111] Multiple cross-site scripting (XSS) vulnerabilities in ActiveCalendar 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the css parameter to (1) flatevents.php, (2) js.php, (3) mysqlevents.php, (4) m_2.php, (5) m_3.php, (6) m_4.php, (7) xmlevents.php, (8) y_2.php, or (9) y_3.php in data/.
11119| [CVE-2007-0926] The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql['pass'] and $gbpass variables.
11120| [CVE-2007-0890] Cross-site scripting (XSS) vulnerability in scripts/passwdmysql in cPanel WebHost Manager (WHM) 11.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the password parameter.
11121| [CVE-2007-0828] PHP remote file inclusion vulnerability in affichearticles.php3 in MySQLNewsEngine allows remote attackers to execute arbitrary PHP code via a URL in the newsenginedir parameter.
11122| [CVE-2007-0167] Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/
11123| [CVE-2007-0124] Unspecified vulnerability in Drupal before 4.6.11, and 4.7 before 4.7.5, when MySQL is used, allows remote authenticated users to cause a denial of service by poisoning the page cache via unspecified vectors, which triggers erroneous 404 HTTP errors for pages that exist.
11124| [CVE-2006-7232] sql_select.cc in MySQL 5.0.x before 5.0.32 and 5.1.x before 5.1.14 allows remote authenticated users to cause a denial of service (crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table, as originally demonstrated using ORDER BY.
11125| [CVE-2006-7194] PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter.
11126| [CVE-2006-6948] MyODBC Japanese conversion edition 3.51.06, 2.50.29, and 2.50.25 allows remote attackers to cause a denial of service via a certain string in a response, which has unspecified impact on the MySQL database.
11127| [CVE-2006-6457] tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers to obtain sensitive information (MySQL username and password) via an invalid (large or negative) ver parameter, which leaks the information in an error message.
11128| [CVE-2006-6378] BTSaveMySql 1.2 stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain configuration and save files via direct requests.
11129| [CVE-2006-6254] administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
11130| [CVE-2006-5893] Multiple PHP remote file inclusion vulnerabilities in iWonder Designs Storystream 0.4.0.0 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) mysql.php and (2) mysqli.php in include/classes/pear/DB/.
11131| [CVE-2006-5702] Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and password) via an empty sort_mode parameter in (1) tiki-listpages.php, (2) tiki-lastchanges.php, (3) messu-archive.php, (4) messu-mailbox.php, (5) messu-sent.php, (6) tiki-directory_add_site.php, (7) tiki-directory_ranking.php, (8) tiki-directory_search.php, (9) tiki-forums.php, (10) tiki-view_forum.php, (11) tiki-friends.php, (12) tiki-list_blogs.php, (13) tiki-list_faqs.php, (14) tiki-list_trackers.php, (15) tiki-list_users.php, (16) tiki-my_tiki.php, (17) tiki-notepad_list.php, (18) tiki-orphan_pages.php, (19) tiki-shoutbox.php, (20) tiki-usermenu.php, and (21) tiki-webmail_contacts.php, which reveal the information in certain database error messages.
11132| [CVE-2006-5675] Multiple unspecified vulnerabilities in Pentaho Business Intelligence (BI) Suite before 1.2 RC3 (1.2.0.470-RC3) have unknown impact and attack vectors, related to "MySQL Scripts need changes for security," possibly SQL injection vulnerabilities associated with these scripts.
11133| [CVE-2006-5381] Contenido CMS stores sensitive data under the web root with insufficient access control, which allows remote attackers to obtain database credentials and other information via a direct request to (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysqli.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, (7) db_pgsql.inc, or (8) db_sybase.inc in the conlib/ directory.
11134| [CVE-2006-5264] Cross-site scripting (XSS) vulnerability in sql.php in MysqlDumper 1.21 b6 allows remote attackers to inject arbitrary web script or HTML via the db parameter.
11135| [CVE-2006-5127] Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
11136| [CVE-2006-5079] PHP remote file inclusion vulnerability in class.mysql.php in Matt Humphrey paBugs 2.0 Beta 3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_to_bt_dir parameter.
11137| [CVE-2006-5065] PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter.
11138| [CVE-2006-5029] SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.
11139| [CVE-2006-5027] Jeroen Vennegoor JevonCMS, possibly pre alpha, allows remote attackers to obtain sensitive information via a direct request for php/main/phplib files (1) db_msql.inc, (2) db_mssql.inc, (3) db_mysql.inc, (4) db_oci8.inc, (5) db_odbc.inc, (6) db_oracle.inc, and (7) db_pgsql.inc
11140| [CVE-2006-5014] Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.
11141| [CVE-2006-4994] Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privileges via a malicious program file in %SYSTEMDRIVE%, which is run when XAMPP attempts to execute (1) FileZillaServer.exe, (2) mysqld-nt.exe, (3) Perl.exe, or (4) xamppcontrol.exe with an unquoted "Program Files" pathname.
11142| [CVE-2006-4835] Bluview Blue Magic Board (BMB) (aka BMForum) 5.5 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php, (2) header.php, (3) db_mysql_error.php, (4) langlist.php, (5) sendmail.php, or (6) style.php, which reveals the path in various error messages.
11143| [CVE-2006-4578] export.php in The Address Book 1.04e writes username and password hash information into a publicly accessible file when dumping the MySQL database contents, which allows remote attackers to obtain sensitive information.
11144| [CVE-2006-4380] MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects.
11145| [CVE-2006-4277] Multiple PHP remote file inclusion vulnerabilities in Tutti Nova 1.6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to (1) include/novalib/class.novaAdmin.mysql.php and (2) novalib/class.novaRead.mysql.php. NOTE: the provenance of this information is unknown
11146| [CVE-2006-4276] PHP remote file inclusion vulnerability in Tutti Nova 1.6 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the TNLIB_DIR parameter to novalib/class.novaEdit.mysql.php.
11147| [CVE-2006-4227] MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available using GRANT EXECUTE.
11148| [CVE-2006-4226] MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.
11149| [CVE-2006-4031] MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
11150| [CVE-2006-3965] Banex PHP MySQL Banner Exchange 2.21 stores lib.inc under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as database usernames and passwords.
11151| [CVE-2006-3964] PHP remote file inclusion vulnerability in members.php in Banex PHP MySQL Banner Exchange 2.21 allows remote attackers to execute arbitrary PHP code via a URL in the cfg_root parameter.
11152| [CVE-2006-3963] Multiple SQL injection vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 allow remote attackers to execute arbitrary SQL commands via the (1) site_name parameter to (a) signup.php, and the (2) id, (3) deleteuserbanner, (4) viewmem, (5) viewmemunb, (6) viewunmem,or (7) deleteuser parameters to (b) admin.php.
11153| [CVE-2006-3878] Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions, which allows local users to read the root password for the MySQL MAX database or gain privileges by modifying /etc/init.d/mysql.
11154| [CVE-2006-3486] ** DISPUTED ** Off-by-one buffer overflow in the Instance_options::complete_initialization function in instance_options.cc in the Instance Manager in MySQL before 5.0.23 and 5.1 before 5.1.12 might allow local users to cause a denial of service (application crash) via unspecified vectors, which triggers the overflow when the convert_dirname function is called. NOTE: the vendor has disputed this issue via e-mail to CVE, saying that it is only exploitable when the user has access to the configuration file or the Instance Manager daemon. Due to intended functionality, this level of access would already allow the user to disrupt program operation, so this does not cross security boundaries and is not a vulnerability.
11155| [CVE-2006-3469] Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April 2006 allows remote authenticated users to cause a denial of service (crash) via a format string instead of a date as the first parameter to the date_format function, which is later used in a formatted print call to display the error message.
11156| [CVE-2006-3330] Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
11157| [CVE-2006-3329] SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter.
11158| [CVE-2006-3081] mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.
11159| [CVE-2006-2753] SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
11160| [CVE-2006-2750] Cross-site scripting (XSS) vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary web scripts or HTML via failed SQL queries, which is reflected in an error message.
11161| [CVE-2006-2748] SQL injection vulnerability in the do_mysql_query function in core.php for Open Searchable Image Catalogue (OSIC) before 0.7.0.1 allows remote attackers to inject arbitrary SQL commands via multiple vectors, as demonstrated by the (1) type parameter in adminfunctions.php and the (2) catalogue_id parameter in editcatalogue.php.
11162| [CVE-2006-2742] SQL injection vulnerability in Drupal 4.6.x before 4.6.7 and 4.7.0 allows remote attackers to execute arbitrary SQL commands via the (1) count and (2) from variables to (a) database.mysql.inc, (b) database.pgsql.inc, and (c) database.mysqli.inc.
11163| [CVE-2006-2543] Xtreme Topsites 1.1 allows remote attackers to trigger MySQL errors and possibly conduct SQL injection attacks via unspecified vectors in join.php.
11164| [CVE-2006-2329] AngelineCMS 0.6.5 and earlier allow remote attackers to obtain sensitive information via a direct request for (1) adodb-access.inc.php, (2) adodb-ado.inc.php, (3) adodb-ado_access.inc, (4) adodb-ado_mssql.inc.php, (5) adodb-borland_ibase, (6) adodb-csv.inc.php, (7) adodb-db2.inc.php, (8) adodb-fbsql.inc.php, (9) adodb-firebird.inc.php, (10) adodb-ibase.inc.php, (11) adodb-informix.inc.php, (12) adodb-informix72.inc, (13) adodb-mssql.inc.php, (14) adodb-mssqlpo.inc.php, (15) adodb-mysql.inc.php, (16) adodb-mysqlt.inc.php, (17) adodb-oci8.inc.php, (18) adodb-oci805.inc.php, (19) adodb-oci8po.inc.php, and (20) adodb-odbc.inc.php, which reveal the path in various error messages
11165| [CVE-2006-2042] Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models.
11166| [CVE-2006-1930] ** DISPUTED ** Multiple SQL injection vulnerabilities in userscript.php in Green Minute 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) huserid, (2) pituus, or (3) date parameters. NOTE: this issue has been disputed by the vendor, saying "those parameters mentioned ARE checked (preg_match) before they are used in SQL-query... If someone decided to add SQL-injection stuff to certain parameter, they would see an error text, but only because _nothing_ was passed inside that parameter (to MySQL-database)." As allowed by the vendor, CVE investigated this report on 20060525 and found that the demo site demonstrated a non-sensitive SQL error when given standard SQL injection manipulations.
11167| [CVE-2006-1518] Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values.
11168| [CVE-2006-1517] sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
11169| [CVE-2006-1516] The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
11170| [CVE-2006-1451] MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
11171| [CVE-2006-1396] Multiple cross-site scripting (XSS) vulnerabilities in Cholod MySQL Based Message Board allow remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown
11172| [CVE-2006-1395] SQL injection vulnerability in mb.cgi in Cholod MySQL Based Message Board allows remote attackers to execute arbitrary SQL commands via unspecified vectors in a showmessage action, possibly the username parameter. NOTE: the provenance of this information is unknown
11173| [CVE-2006-1324] Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
11174| [CVE-2006-1211] IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
11175| [CVE-2006-1210] The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
11176| [CVE-2006-1112] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
11177| [CVE-2006-1111] Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
11178| [CVE-2006-0909] Invision Power Board (IPB) 2.1.4 and earlier allows remote attackers to view sensitive information via a direct request to multiple PHP scripts that include the full path in error messages, including (1) PEAR/Text/Diff/Renderer/inline.php, (2) PEAR/Text/Diff/Renderer/unified.php, (3) PEAR/Text/Diff3.php, (4) class_db.php, (5) class_db_mysql.php, and (6) class_xml.php in the ips_kernel/ directory
11179| [CVE-2006-0903] MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query.
11180| [CVE-2006-0692] Multiple SQL injection vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 allow remote attackers to execute arbitrary SQL commands via the (1) yr, (2) month, (3) day, and (4) job parameters in (a) index.php and (b) changehrs.php.
11181| [CVE-2006-0369] ** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views
11182| [CVE-2006-0200] Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
11183| [CVE-2006-0146] The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter.
11184| [CVE-2006-0097] Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
11185| [CVE-2006-0056] Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.
11186| [CVE-2005-4713] Unspecified vulnerability in the SQL logging facility in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors, probably involving the pam_mysql_sql_log function when being used in vsftpd, which does not include the IP address argument to an sprintf call.
11187| [CVE-2005-4661] The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.
11188| [CVE-2005-4626] The default configuration of Recruitment Software installs admin/site.xml under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (MySQL database credentials) via a direct request.
11189| [CVE-2005-4237] Cross-site scripting (XSS) vulnerability in MySQL Auction 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the keyword parameter in the SearchZoom module.
11190| [CVE-2005-2865] Multiple PHP remote file inclusion vulnerabilities in aMember Pro 2.3.4 allow remote attackers to execute arbitrary PHP code via the config[root_dir] parameter to (1) mysql.inc.php, (2) efsnet.inc.php, (3) theinternetcommerce.inc.php, (4) cdg.inc.php, (5) compuworld.inc.php, (6) directone.inc.php, (7) authorize_aim.inc.php, (8) beanstream.inc.php, (9) config.inc.php, (10) eprocessingnetwork.inc.php, (11) eway.inc.php, (12) linkpoint.inc.php, (13) logiccommerce.inc.php, (14) netbilling.inc.php, (15) payflow_pro.inc.php, (16) paymentsgateway.inc.php, (17) payos.inc.php, (18) payready.inc.php, or (19) plugnplay.inc.php.
11191| [CVE-2005-2573] The mysql_create_function function in sql_udf.cc for MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta, when running on Windows, uses an incomplete blacklist in a directory traversal check, which allows attackers to include arbitrary files via the backslash (\) character.
11192| [CVE-2005-2572] MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll.
11193| [CVE-2005-2571] FunkBoard 0.66CF, and possibly earlier versions, does not properly restrict access to the (1) admin/mysql_install.php and (2) admin/pg_install.php scripts, which allows attackers to obtain the database username and password or inject arbitrary PHP code into info.php.
11194| [CVE-2005-2558] Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long function_name field.
11195| [CVE-2005-2468] Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) isCorrectPassword or (2) userExist function in class.auth.php, getCustomFieldReport function in (4) custom_fields.php, (5) custom_fields_graph.php, or (6) class.report.php, or the insert function in (7) releases.php or (8) class.release.php.
11196| [CVE-2005-2467] Multiple cross-site scripting (XSS) vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to view.php, (2) release parameter to list.php, or (3) F parameter to get_jsrs_data.php.
11197| [CVE-2005-2174] Bugzilla 2.17.x, 2.18 before 2.18.2, 2.19.x, and 2.20 before 2.20rc1 inserts a bug into the database before it is marked private, which introduces a race condition and allows attackers to access information about the bug via buglist.cgi before MySQL replication is complete.
11198| [CVE-2005-1944] xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
11199| [CVE-2005-1636] mysql_install_db in MySQL 4.1.x before 4.1.12 and 5.x up to 5.0.4 creates the mysql_install_db.X file with a predictable filename and insecure permissions, which allows local users to execute arbitrary SQL commands by modifying the file's contents.
11200| [CVE-2005-1274] Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
11201| [CVE-2005-1121] Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
11202| [CVE-2005-0799] MySQL 4.1.9, and possibly earlier versions, allows remote attackers with certain privileges to cause a denial of service (application crash) via a use command followed by an MS-DOS device name such as (1) LPT1 or (2) PRN.
11203| [CVE-2005-0711] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
11204| [CVE-2005-0710] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udf_init function.
11205| [CVE-2005-0709] MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to execute arbitrary code by using CREATE FUNCTION to access libc calls, as demonstrated by using strcat, on_exit, and exit.
11206| [CVE-2005-0684] Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
11207| [CVE-2005-0646] SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.
11208| [CVE-2005-0544] phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message.
11209| [CVE-2005-0111] Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter.
11210| [CVE-2005-0083] MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference.
11211| [CVE-2005-0082] The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash.
11212| [CVE-2005-0081] MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers.
11213| [CVE-2005-0004] The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files.
11214| [CVE-2004-2632] phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg['Servers'] variables.
11215| [CVE-2004-2398] Netenberg Fantastico De Luxe 2.8 uses database file names that contain the associated usernames, which allows local users to determine valid usernames and conduct brute force attacks by reading the file names from /var/lib/mysql, which is assigned world-readable permissions by cPanel 9.3.0 R5.
11216| [CVE-2004-2357] The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
11217| [CVE-2004-2354] SQL injection vulnerability in 4nGuestbook 0.92 for PHP-Nuke 6.5 through 6.9 allows remote attackers to modify SQL statements via the entry parameter to modules.php, which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.
11218| [CVE-2004-2149] Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
11219| [CVE-2004-2138] Cross-site scripting (XSS) vulnerability in AWSguest.php in AllWebScripts MySQLGuest allows remote attackers to inject arbitrary HTML and PHP code via the (1) Name, (2) Email, (3) Homepage or (4) Comments field.
11220| [CVE-2004-1228] The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
11221| [CVE-2004-0957] Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants privileges to other databases that have similar names, which can allow the user to conduct unauthorized activities.
11222| [CVE-2004-0956] MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
11223| [CVE-2004-0931] MySQL MaxDB before 7.5.00.18 allows remote attackers to cause a denial of service (crash) via an HTTP request to webdbm with high ASCII values in the Server field, which triggers an assert error in the IsAscii7 function.
11224| [CVE-2004-0837] MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs.
11225| [CVE-2004-0836] Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length).
11226| [CVE-2004-0835] MySQL 3.x before 3.23.59, 4.x before 4.0.19, 4.1.x before 4.1.2, and 5.x before 5.0.1, checks the CREATE/INSERT rights of the original table instead of the target table in an ALTER TABLE RENAME operation, which could allow attackers to conduct unauthorized activities.
11227| [CVE-2004-0628] Stack-based buffer overflow in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long scramble string.
11228| [CVE-2004-0627] The check_scramble_323 function in MySQL 4.1.x before 4.1.3, and 5.0, allows remote attackers to bypass authentication via a zero-length scrambled string.
11229| [CVE-2004-0457] The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
11230| [CVE-2004-0388] The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
11231| [CVE-2004-0381] mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
11232| [CVE-2003-1480] MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
11233| [CVE-2003-1421] Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors.
11234| [CVE-2003-1383] WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.
11235| [CVE-2003-1331] Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.
11236| [CVE-2003-0780] Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
11237| [CVE-2003-0515] SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
11238| [CVE-2003-0150] MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
11239| [CVE-2003-0073] Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
11240| [CVE-2002-2043] SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
11241| [CVE-2002-1952] phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users, which could allow remote attackers to authenticate using a NULL password when database errors occur or if the database is unavailable.
11242| [CVE-2002-1923] The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.
11243| [CVE-2002-1921] The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database.
11244| [CVE-2002-1809] The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database.
11245| [CVE-2002-1479] Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users modify databases as the Cacti user and possibly gain privileges.
11246| [CVE-2002-1376] libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
11247| [CVE-2002-1375] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
11248| [CVE-2002-1374] The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password.
11249| [CVE-2002-1373] Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
11250| [CVE-2002-0969] Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group.
11251| [CVE-2002-0229] Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.
11252| [CVE-2001-1454] Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
11253| [CVE-2001-1453] Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
11254| [CVE-2001-1275] MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.
11255| [CVE-2001-1274] Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
11256| [CVE-2001-1255] WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local users to obtain unathorized access the MySQL database.
11257| [CVE-2001-1226] AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database.
11258| [CVE-2001-1044] Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.
11259| [CVE-2001-0990] Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library.
11260| [CVE-2001-0645] Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
11261| [CVE-2001-0407] Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot).
11262| [CVE-2000-0981] MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password.
11263| [CVE-2000-0957] The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes.
11264| [CVE-2000-0707] PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
11265| [CVE-2000-0148] MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
11266| [CVE-2000-0045] MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
11267| [CVE-1999-1188] mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database.
11268|
11269| SecurityFocus - https://www.securityfocus.com/bid/:
11270| [104370] MySQL Multi-Master Replication Manager Multiple Remote Command Injection Vulnerabilities
11271| [103954] Oracle MySQL CVE-2018-2767 Incomplete Fix SSL Certificate Validation Security Bypass Vulnerability
11272| [103876] Oracle MySQL Server CVE-2018-2769 Remote Security Vulnerability
11273| [103845] Oracle MySQL Server CVE-2018-2839 Remote Security Vulnerability
11274| [103838] Oracle MySQL Cluster CVE-2018-2877 Local Security Vulnerability
11275| [103836] Oracle MySQL Server CVE-2018-2812 Remote Security Vulnerability
11276| [103831] Oracle MySQL Server CVE-2018-2805 Remote Security Vulnerability
11277| [103830] Oracle MySQL Server CVE-2018-2813 Remote Security Vulnerability
11278| [103828] Oracle MySQL Server CVE-2018-2771 Remote Security Vulnerability
11279| [103825] Oracle MySQL Server CVE-2018-2781 Remote Security Vulnerability
11280| [103824] Oracle MySQL Server CVE-2018-2818 Remote Security Vulnerability
11281| [103820] Oracle MySQL Server CVE-2018-2761 Remote Security Vulnerability
11282| [103818] Oracle MySQL Server CVE-2018-2817 Remote Security Vulnerability
11283| [103814] Oracle MySQL Server CVE-2018-2819 Remote Security Vulnerability
11284| [103811] Oracle MySQL Server CVE-2018-2773 Local Security Vulnerability
11285| [103807] Oracle MySQL Server CVE-2018-2755 Local Security Vulnerability
11286| [103805] Oracle MySQL Server CVE-2018-2766 Remote Security Vulnerability
11287| [103804] Oracle MySQL Server CVE-2018-2787 Remote Security Vulnerability
11288| [103802] Oracle MySQL Server CVE-2018-2758 Remote Security Vulnerability
11289| [103801] Oracle MySQL Server CVE-2018-2784 Remote Security Vulnerability
11290| [103799] Oracle MySQL Server CVE-2018-2782 Remote Security Vulnerability
11291| [103794] Oracle MySQL Server CVE-2018-2762 Remote Security Vulnerability
11292| [103791] Oracle MySQL Server CVE-2018-2776 Remote Security Vulnerability
11293| [103790] Oracle MySQL Server CVE-2018-2846 Remote Security Vulnerability
11294| [103789] Oracle MySQL Server CVE-2018-2816 Remote Security Vulnerability
11295| [103787] Oracle MySQL Server CVE-2018-2779 Remote Security Vulnerability
11296| [103785] Oracle MySQL Server CVE-2018-2778 Remote Security Vulnerability
11297| [103783] Oracle MySQL Server CVE-2018-2810 Remote Security Vulnerability
11298| [103781] Oracle MySQL Server CVE-2018-2777 Remote Security Vulnerability
11299| [103780] Oracle MySQL Server CVE-2018-2759 Remote Security Vulnerability
11300| [103779] Oracle MySQL Server CVE-2018-2786 Remote Security Vulnerability
11301| [103778] Oracle MySQL Server CVE-2018-2780 Remote Security Vulnerability
11302| [103777] Oracle MySQL Server CVE-2018-2775 Remote Security Vulnerability
11303| [102714] Oracle MySQL Server CVE-2018-2591 Remote Security Vulnerability
11304| [102713] Oracle MySQL Server CVE-2018-2562 Remote Security Vulnerability
11305| [102712] Oracle MySQL Server CVE-2018-2565 Remote Security Vulnerability
11306| [102711] Oracle MySQL Server CVE-2018-2647 Remote Security Vulnerability
11307| [102710] Oracle MySQL Server CVE-2018-2573 Remote Security Vulnerability
11308| [102709] Oracle MySQL Server CVE-2018-2612 Remote Security Vulnerability
11309| [102708] Oracle MySQL Server CVE-2018-2583 Remote Security Vulnerability
11310| [102706] Oracle MySQL Server CVE-2018-2622 Remote Security Vulnerability
11311| [102704] Oracle MySQL Server CVE-2018-2703 Remote Security Vulnerability
11312| [102703] Oracle MySQL Server CVE-2018-2646 Remote Security Vulnerability
11313| [102701] Oracle MySQL Server CVE-2018-2696 Remote Security Vulnerability
11314| [102700] Oracle MySQL Server CVE-2018-2586 Remote Security Vulnerability
11315| [102698] Oracle MySQL Server CVE-2018-2645 Remote Security Vulnerability
11316| [102697] Oracle MySQL Server CVE-2018-2590 Remote Security Vulnerability
11317| [102696] Oracle MySQL Server CVE-2018-2600 Remote Security Vulnerability
11318| [102695] Oracle MySQL Server CVE-2018-2576 Remote Security Vulnerability
11319| [102685] Oracle MySQL Server CVE-2018-2667 Remote Security Vulnerability
11320| [102682] Oracle MySQL Server CVE-2018-2668 Remote Security Vulnerability
11321| [102681] Oracle MySQL Server CVE-2018-2665 Remote Security Vulnerability
11322| [102678] Oracle MySQL Server CVE-2018-2640 Remote Security Vulnerability
11323| [102674] Oracle MySQL Connectors CVE-2018-2585 Remote Security Vulnerability
11324| [101448] Oracle MySQL Server CVE-2017-10313 Remote Security Vulnerability
11325| [101446] Oracle MySQL Server CVE-2017-10311 Remote Security Vulnerability
11326| [101444] Oracle MySQL Server CVE-2017-10294 Remote Security Vulnerability
11327| [101441] Oracle MySQL Server CVE-2017-10276 Remote Security Vulnerability
11328| [101439] Oracle MySQL Connectors CVE-2017-10277 Remote Security Vulnerability
11329| [101433] Oracle MySQL Server CVE-2017-10167 Remote Security Vulnerability
11330| [101429] Oracle MySQL Server CVE-2017-10365 Remote Security Vulnerability
11331| [101424] Oracle MySQL Server CVE-2017-10165 Remote Security Vulnerability
11332| [101420] Oracle MySQL Server CVE-2017-10283 Remote Security Vulnerability
11333| [101415] Oracle MySQL Server CVE-2017-10379 Remote Security Vulnerability
11334| [101410] Oracle MySQL Server CVE-2017-10320 Remote Security Vulnerability
11335| [101406] Oracle MySQL Server CVE-2017-10384 Remote Security Vulnerability
11336| [101402] Oracle MySQL Server CVE-2017-10155 Remote Security Vulnerability
11337| [101397] Oracle MySQL Server CVE-2017-10286 Remote Security Vulnerability
11338| [101390] Oracle MySQL Server CVE-2017-10268 Local Security Vulnerability
11339| [101385] Oracle MySQL Server CVE-2017-10284 Remote Security Vulnerability
11340| [101381] Oracle MySQL Enterprise Monitor CVE-2017-10424 Remote Security Vulnerability
11341| [101375] Oracle MySQL Server CVE-2017-10378 Remote Security Vulnerability
11342| [101373] Oracle MySQL Server CVE-2017-10296 Remote Security Vulnerability
11343| [101337] Oracle MySQL Server CVE-2017-10227 Remote Security Vulnerability
11344| [101324] Oracle MySQL Connectors CVE-2017-10203 Remote Security Vulnerability
11345| [101316] Oracle MySQL Server CVE-2017-10279 Remote Security Vulnerability
11346| [101314] Oracle MySQL Server CVE-2017-10314 Remote Security Vulnerability
11347| [99810] Oracle MySQL Server CVE-2017-3653 Remote Security Vulnerability
11348| [99808] Oracle MySQL Server CVE-2017-3650 Remote Security Vulnerability
11349| [99805] Oracle MySQL Server CVE-2017-3652 Remote Security Vulnerability
11350| [99802] Oracle MySQL Server CVE-2017-3651 Remote Security Vulnerability
11351| [99799] Oracle MySQL Server CVE-2017-3649 Remote Security Vulnerability
11352| [99796] Oracle MySQL Server CVE-2017-3647 Remote Security Vulnerability
11353| [99789] Oracle MySQL Server CVE-2017-3648 Remote Security Vulnerability
11354| [99786] Oracle MySQL Server CVE-2017-3646 Remote Security Vulnerability
11355| [99783] Oracle MySQL Server CVE-2017-3645 Remote Security Vulnerability
11356| [99779] Oracle MySQL Server CVE-2017-3642 Remote Security Vulnerability
11357| [99778] Oracle MySQL Server CVE-2017-3638 Remote Security Vulnerability
11358| [99775] Oracle MySQL Server CVE-2017-3644 Remote Security Vulnerability
11359| [99772] Oracle MySQL Server CVE-2017-3643 Remote Security Vulnerability
11360| [99767] Oracle MySQL Server CVE-2017-3641 Remote Security Vulnerability
11361| [99765] Oracle MySQL Server CVE-2017-3640 Remote Security Vulnerability
11362| [99753] Oracle MySQL Server CVE-2017-3639 Remote Security Vulnerability
11363| [99748] Oracle MySQL Server CVE-2017-3637 Remote Security Vulnerability
11364| [99746] Oracle MySQL Server CVE-2017-3529 Remote Security Vulnerability
11365| [99736] Oracle MySQL Server CVE-2017-3636 Local Security Vulnerability
11366| [99730] Oracle MySQL Connectors/MySQL Server CVE-2017-3635 Remote Security Vulnerability
11367| [99729] Oracle MySQL Server CVE-2017-3634 Remote Security Vulnerability
11368| [99722] Oracle MySQL Server CVE-2017-3633 Remote Security Vulnerability
11369| [99374] Perl DBD::mysql Module CVE-2017-10788 Use After Free Denial of Service Vulnerability
11370| [99364] Perl DBD::mysql Module CVE-2017-10789 Man in the Middle Security Bypass Vulnerability
11371| [97982] Oracle MySQL Connectors CVE-2017-3523 Remote Security Vulnerability
11372| [97960] MySQL-GUI-tools CVE-2010-4178 Local Information Disclosure Vulnerability
11373| [97959] MySQL-GUI-tools CVE-2010-4177 Local Information Disclosure Vulnerability
11374| [97851] Oracle MySQL Server CVE-2017-3462 Remote Security Vulnerability
11375| [97849] Oracle MySQL Server CVE-2017-3463 Remote Security Vulnerability
11376| [97848] Oracle MySQL Server CVE-2017-3468 Remote Security Vulnerability
11377| [97847] Oracle MySQL Server CVE-2017-3459 Remote Security Vulnerability
11378| [97845] Oracle MySQL Server CVE-2017-3457 Remote Security Vulnerability
11379| [97844] Oracle MySQL Enterprise Monitor CVE-2017-3307 Remote Security Vulnerability
11380| [97840] Oracle MySQL Connectors CVE-2017-3590 Local Security Vulnerability
11381| [97837] Oracle MySQL Server CVE-2017-3458 Remote Security Vulnerability
11382| [97836] Oracle MySQL Connectors CVE-2017-3589 Local Security Vulnerability
11383| [97833] Oracle MySQL Workbench CVE-2017-3469 Remote Security Vulnerability
11384| [97831] Oracle MySQL Server CVE-2017-3456 Remote Security Vulnerability
11385| [97826] Oracle MySQL Server CVE-2017-3460 Remote Security Vulnerability
11386| [97825] Oracle MySQL Server CVE-2017-3467 Remote Security Vulnerability
11387| [97822] Oracle MySQL Server CVE-2017-3465 Remote Security Vulnerability
11388| [97820] Oracle MySQL Server CVE-2017-3455 Remote Security Vulnerability
11389| [97818] Oracle MySQL Server CVE-2017-3464 Remote Security Vulnerability
11390| [97815] Oracle MySQL Cluster CVE-2017-3304 Remote Security Vulnerability
11391| [97812] Oracle MySQL Server CVE-2017-3461 Remote Security Vulnerability
11392| [97791] Oracle MySQL Server CVE-2017-3454 Remote Security Vulnerability
11393| [97784] Oracle MySQL Connectors CVE-2017-3586 Remote Security Vulnerability
11394| [97779] Oracle MySQL Server CVE-2017-3452 Remote Security Vulnerability
11395| [97776] Oracle MySQL Server CVE-2017-3453 Remote Security Vulnerability
11396| [97772] Oracle MySQL Server CVE-2017-3331 Remote Security Vulnerability
11397| [97765] Oracle MySQL Server CVE-2017-3600 Remote Security Vulnerability
11398| [97763] Oracle MySQL Server CVE-2017-3329 Remote Security Vulnerability
11399| [97754] Oracle MySQL Server CVE-2017-3599 Remote Security Vulnerability
11400| [97747] Oracle MySQL Server CVE-2017-3450 Remote Security Vulnerability
11401| [97742] Oracle MySQL Server CVE-2017-3309 Remote Security Vulnerability
11402| [97725] Oracle MySQL Server CVE-2017-3308 Remote Security Vulnerability
11403| [97724] Oracle MySQL Enterprise Monitor CVE-2017-3306 Remote Security Vulnerability
11404| [97023] MySQL CVE-2017-3305 Man in the Middle Security Bypass Vulnerability
11405| [96300] PHP 'ext/mysqli/mysqli.c' Denial of Service Vulnerability
11406| [96162] MariaDB and MySQL CVE-2017-3302 Denial of Service Vulnerability
11407| [95592] Oracle MySQL Cluster CVE-2016-5541 Remote Security Vulnerability
11408| [95589] Oracle MySQL Server CVE-2017-3257 Remote Security Vulnerability
11409| [95588] Oracle MySQL Server CVE-2017-3318 Local Security Vulnerability
11410| [95585] Oracle MySQL Server CVE-2017-3317 Local Security Vulnerability
11411| [95583] Oracle MySQL Server CVE-2017-3273 Remote Security Vulnerability
11412| [95580] Oracle MySQL Server CVE-2016-8318 Remote Security Vulnerability
11413| [95575] Oracle MySQL Cluster CVE-2017-3323 Remote Security Vulnerability
11414| [95574] Oracle MySQL Cluster CVE-2017-3322 Remote Security Vulnerability
11415| [95571] Oracle MySQL Server CVE-2017-3238 Remote Security Vulnerability
11416| [95565] Oracle MySQL Server CVE-2017-3244 Remote Security Vulnerability
11417| [95562] Oracle MySQL Cluster CVE-2017-3321 Remote Security Vulnerability
11418| [95560] Oracle MySQL Server CVE-2017-3258 Remote Security Vulnerability
11419| [95542] Oracle MySQL Enterprise Monitor CVE-2016-5590 Remote Security Vulnerability
11420| [95538] Oracle MySQL Server CVE-2017-3243 Remote Security Vulnerability
11421| [95527] Oracle MySQL Server CVE-2017-3313 Local Security Vulnerability
11422| [95520] Oracle MySQL Server CVE-2017-3265 Local Security Vulnerability
11423| [95501] Oracle MySQL Server CVE-2017-3291 Local Security Vulnerability
11424| [95491] Oracle MySQL Server CVE-2017-3312 Local Security Vulnerability
11425| [95486] Oracle MySQL Server CVE-2017-3256 Remote Security Vulnerability
11426| [95482] Oracle MySQL Server CVE-2017-3251 Remote Security Vulnerability
11427| [95479] Oracle MySQL Server CVE-2017-3319 Remote Security Vulnerability
11428| [95470] Oracle MySQL Server CVE-2017-3320 Remote Security Vulnerability
11429| [95146] Pivotal MySQL for PCF CVE-2016-0898 Information Disclosure Vulnerability
11430| [94350] DBD::mysql CVE-2016-1249 Out-Of-Bounds Read Information Disclosure Vulnerability
11431| [93755] Oracle MySQL CVE-2016-8284 Local Security Vulnerability
11432| [93745] Oracle MySQL CVE-2016-8286 Remote Security Vulnerability
11433| [93740] Oracle MySQL CVE-2016-8288 Remote Security Vulnerability
11434| [93737] Oracle MySQL CVE-2016-8283 Remote Security Vulnerability
11435| [93735] Oracle MySQL CVE-2016-5584 Remote Security Vulnerability
11436| [93733] Oracle MySQL CVE-2016-8290 Remote Security Vulnerability
11437| [93727] Oracle MySQL CVE-2016-8287 Remote Security Vulnerability
11438| [93720] Oracle MySQL CVE-2016-8289 Local Security Vulnerability
11439| [93715] Oracle MySQL CVE-2016-5635 Remote Security Vulnerability
11440| [93709] Oracle MySQL CVE-2016-5634 Remote Security Vulnerability
11441| [93702] Oracle MySQL CVE-2016-5633 Remote Security Vulnerability
11442| [93693] Oracle MySQL CVE-2016-5632 Remote Security Vulnerability
11443| [93684] Oracle MySQL CVE-2016-5631 Remote Security Vulnerability
11444| [93678] Oracle MySQL CVE-2016-5507 Remote Security Vulnerability
11445| [93674] Oracle MySQL CVE-2016-5630 Remote Security Vulnerability
11446| [93670] Oracle MySQL CVE-2016-3495 Remote Security Vulnerability
11447| [93668] Oracle MySQL CVE-2016-5629 Remote Security Vulnerability
11448| [93662] Oracle MySQL CVE-2016-5628 Remote Security Vulnerability
11449| [93659] Oracle MySQL CVE-2016-7440 Local Security Vulnerability
11450| [93653] Oracle MySQL Connector CVE-2016-5598 Remote Security Vulnerability
11451| [93650] Oracle MySQL CVE-2016-3492 Remote Security Vulnerability
11452| [93642] Oracle MySQL CVE-2016-5627 Remote Security Vulnerability
11453| [93638] Oracle MySQL CVE-2016-5626 Remote Security Vulnerability
11454| [93635] Oracle MySQL CVE-2016-5624 Remote Security Vulnerability
11455| [93630] Oracle MySQL CVE-2016-5612 Remote Security Vulnerability
11456| [93622] Oracle MySQL CVE-2016-5609 Remote Security Vulnerability
11457| [93617] Oracle MySQL CVE-2016-5625 Local Security Vulnerability
11458| [93614] RETIRED: Oracle MySQL CVE-2016-5616 Local Security Vulnerability
11459| [93612] Oracle MySQL CVE-2016-6664 Local Security Vulnerability
11460| [93480] Pivotal Cloud Foundry cf-mysql CVE-2016-6653 Information Disclosure Vulnerability
11461| [93337] perl-DBD-MySQL CVE-2016-1246 Remote Buffer Overflow Vulnerability
11462| [92912] Oracle MySQL CVE-2016-6662 Remote Code Execution Vulnerability
11463| [92911] Oracle MySQL CVE-2016-6663 Unspecified Security Vulnerability
11464| [92149] DBD::mysql CVE-2014-9906 Incomplete Fix Use After Free Remote Code Execution Vulnerability
11465| [92118] DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
11466| [91999] Oracle MySQL CVE-2016-3452 Remote Security Vulnerability
11467| [91992] Oracle MySQL CVE-2016-3614 Remote Security Vulnerability
11468| [91987] Oracle MySQL CVE-2016-5444 Remote Security Vulnerability
11469| [91983] Oracle MySQL CVE-2016-3588 Remote Security Vulnerability
11470| [91980] Oracle MySQL CVE-2016-3486 Remote Security Vulnerability
11471| [91976] Oracle MySQL CVE-2016-3424 Remote Security Vulnerability
11472| [91974] Oracle MySQL CVE-2016-5442 Remote Security Vulnerability
11473| [91969] Oracle MySQL CVE-2016-5439 Remote Security Vulnerability
11474| [91967] Oracle MySQL CVE-2016-3518 Remote Security Vulnerability
11475| [91963] Oracle MySQL CVE-2016-5443 Local Security Vulnerability
11476| [91960] Oracle MySQL CVE-2016-3615 Remote Security Vulnerability
11477| [91953] Oracle MySQL CVE-2016-5440 Remote Security Vulnerability
11478| [91949] Oracle MySQL CVE-2016-3501 Remote Security Vulnerability
11479| [91943] Oracle MySQL CVE-2016-3459 Remote Security Vulnerability
11480| [91932] Oracle MySQL CVE-2016-3521 Remote Security Vulnerability
11481| [91917] Oracle MySQL CVE-2016-5437 Remote Security Vulnerability
11482| [91915] Oracle MySQL CVE-2016-5441 Remote Security Vulnerability
11483| [91913] Oracle MySQL CVE-2016-3471 Local Security Vulnerability
11484| [91910] Oracle MySQL CVE-2016-3440 Remote Security Vulnerability
11485| [91906] Oracle MySQL CVE-2016-5436 Remote Security Vulnerability
11486| [91902] Oracle MySQL CVE-2016-3477 Local Security Vulnerability
11487| [90165] MySQL CVE-2005-0799 Denial-Of-Service Vulnerability
11488| [89812] xMySQLadmin CVE-2005-1944 Local Security Vulnerability
11489| [89412] MySQL CVE-2005-2573 Directory Traversal Vulnerability
11490| [88627] MySQL CVE-1999-1188 Local Security Vulnerability
11491| [88032] MySQL CVE-2001-1275 Local Security Vulnerability
11492| [87310] Btsavemysql CVE-2006-6378 Remote Security Vulnerability
11493| [86999] MySQL CVE-2001-1274 Denial-Of-Service Vulnerability
11494| [86513] Oracle MySQL CVE-2016-0665 Remote Security Vulnerability
11495| [86511] Oracle MySQL CVE-2016-0661 Remote Security Vulnerability
11496| [86509] Oracle MySQL CVE-2016-0666 Remote Security Vulnerability
11497| [86506] Oracle MySQL CVE-2016-0662 Remote Security Vulnerability
11498| [86504] Oracle MySQL CVE-2016-0654 Remote Security Vulnerability
11499| [86501] Oracle MySQL CVE-2016-0651 Remote Security Vulnerability
11500| [86498] Oracle MySQL CVE-2016-0649 Remote Security Vulnerability
11501| [86496] Oracle MySQL CVE-2016-0650 Remote Security Vulnerability
11502| [86495] Oracle MySQL CVE-2016-0647 Remote Security Vulnerability
11503| [86493] Oracle MySQL CVE-2016-0659 Remote Security Vulnerability
11504| [86489] Oracle MySQL CVE-2016-3461 Remote Security Vulnerability
11505| [86486] Oracle MySQL CVE-2016-0643 Remote Security Vulnerability
11506| [86484] Oracle MySQL CVE-2016-0667 Remote Security Vulnerability
11507| [86470] Oracle MySQL CVE-2016-0641 Remote Security Vulnerability
11508| [86467] Oracle MySQL CVE-2016-0668 Remote Security Vulnerability
11509| [86463] Oracle MySQL CVE-2016-0658 Remote Security Vulnerability
11510| [86457] Oracle MySQL CVE-2016-0648 Remote Security Vulnerability
11511| [86454] Oracle MySQL CVE-2016-0652 Remote Security Vulnerability
11512| [86451] Oracle MySQL CVE-2016-0663 Remote Security Vulnerability
11513| [86445] Oracle MySQL CVE-2016-0642 Remote Security Vulnerability
11514| [86442] Oracle MySQL CVE-2016-0644 Remote Security Vulnerability
11515| [86439] Oracle MySQL CVE-2016-0653 Remote Security Vulnerability
11516| [86436] Oracle MySQL CVE-2016-0646 Remote Security Vulnerability
11517| [86433] Oracle MySQL CVE-2016-0657 Remote Security Vulnerability
11518| [86431] Oracle MySQL CVE-2016-0656 Remote Security Vulnerability
11519| [86427] Oracle MySQL CVE-2016-0640 Remote Security Vulnerability
11520| [86424] Oracle MySQL CVE-2016-0655 Remote Security Vulnerability
11521| [86418] Oracle MySQL CVE-2016-0639 Remote Security Vulnerability
11522| [85985] MariaDB and MySQL CVE-2015-5969 Local Information Disclosure Vulnerability
11523| [85262] MySQL CVE-2007-5970 Remote Security Vulnerability
11524| [85246] Mysql Community Server CVE-2007-6313 Remote Security Vulnerability
11525| [85215] Mysql Banner Exchange CVE-2007-6512 Denial-Of-Service Vulnerability
11526| [83639] MySQLDumper CVE-2006-5264 Cross-Site Scripting Vulnerability
11527| [83232] MySQL Connector/Net CVE-2006-4227 Remote Security Vulnerability
11528| [83194] MySQL CVE-2004-0628 Denial Of Service Vulnerability
11529| [82913] MySQL CVE-2001-1453 Remote Security Vulnerability
11530| [82911] MySQL CVE-2001-1454 Remote Security Vulnerability
11531| [81810] MariaDB/MySQL/Percona Server CVE-2016-2047 SSL Certificate Validation Security Bypass Vulnerability
11532| [81258] Oracle MySQL CVE-2016-0609 Remote Security Vulnerability
11533| [81253] Oracle MySQL CVE-2016-0605 Remote Security Vulnerability
11534| [81245] Oracle MySQL CVE-2015-7744 Remote Security Vulnerability
11535| [81238] Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
11536| [81226] Oracle MySQL CVE-2016-0608 Remote Security Vulnerability
11537| [81211] Oracle MySQL CVE-2016-0601 Remote Security Vulnerability
11538| [81203] Oracle MySQL CVE-2016-0599 Remote Security Vulnerability
11539| [81198] Oracle MySQL CVE-2016-0610 Remote Security Vulnerability
11540| [81188] Oracle MySQL CVE-2016-0600 Remote Security Vulnerability
11541| [81182] Oracle MySQL CVE-2016-0598 Remote Security Vulnerability
11542| [81176] Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
11543| [81164] Oracle MySQL CVE-2016-0611 Remote Security Vulnerability
11544| [81151] Oracle MySQL CVE-2016-0597 Remote Security Vulnerability
11545| [81136] Oracle MySQL CVE-2016-0502 Remote Security Vulnerability
11546| [81130] Oracle MySQL CVE-2016-0596 Remote Security Vulnerability
11547| [81126] Oracle MySQL CVE-2016-0503 Remote Security Vulnerability
11548| [81121] Oracle MySQL CVE-2016-0595 Remote Security Vulnerability
11549| [81108] Oracle MySQL CVE-2016-0594 Remote Security Vulnerability
11550| [81088] Oracle MySQL CVE-2016-0505 Remote Security Vulnerability
11551| [81077] Oracle MySQL CVE-2016-0504 Remote Security Vulnerability
11552| [81066] Oracle MySQL CVE-2016-0546 Local Security Vulnerability
11553| [79408] Mysql-Ocaml CVE-2009-2942 Remote Security Vulnerability
11554| [79044] kiddog_mysqldumper CVE-2010-0336 Information Disclosure Vulnerability
11555| [78373] MySQL CVE-2011-5049 Denial-Of-Service Vulnerability
11556| [77237] Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
11557| [77234] Oracle MySQL Server CVE-2015-4910 Remote Security Vulnerability
11558| [77232] Oracle MySQL Server CVE-2015-4766 Local Security Vulnerability
11559| [77231] Oracle MySQL Server CVE-2015-4890 Remote Security Vulnerability
11560| [77228] Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
11561| [77222] Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
11562| [77219] Oracle MySQL Server CVE-2015-4904 Remote Security Vulnerability
11563| [77216] Oracle MySQL Server CVE-2015-4800 Remote Security Vulnerability
11564| [77213] Oracle MySQL Server CVE-2015-4791 Remote Security Vulnerability
11565| [77208] Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
11566| [77205] Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
11567| [77199] Oracle MySQL Server CVE-2015-4730 Remote Security Vulnerability
11568| [77196] Oracle MySQL Server CVE-2015-4819 Local Security Vulnerability
11569| [77190] Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
11570| [77187] Oracle MySQL Server CVE-2015-4864 Remote Security Vulnerability
11571| [77171] Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
11572| [77170] Oracle MySQL Server CVE-2015-4833 Remote Security Vulnerability
11573| [77165] Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
11574| [77153] Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
11575| [77147] Oracle MySQL Server CVE-2015-4862 Remote Security Vulnerability
11576| [77145] Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
11577| [77143] Oracle MySQL Server CVE-2015-4905 Remote Security Vulnerability
11578| [77140] Oracle MySQL Server CVE-2015-4879 Remote Security Vulnerability
11579| [77137] Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
11580| [77136] Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
11581| [77134] Oracle MySQL Server CVE-2015-4816 Remote Security Vulnerability
11582| [77132] Oracle MySQL Server CVE-2015-4866 Remote Security Vulnerability
11583| [77015] Oracle MySQL Multiple Buffer Overflow Vulnerabilities
11584| [75849] Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
11585| [75844] Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
11586| [75837] Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
11587| [75835] Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
11588| [75830] Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
11589| [75822] Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
11590| [75815] Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
11591| [75813] Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
11592| [75802] Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
11593| [75785] Oracle MySQL Server CVE-2015-4756 Remote Security Vulnerability
11594| [75781] Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
11595| [75774] Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
11596| [75770] Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
11597| [75762] Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
11598| [75760] Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
11599| [75759] Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
11600| [75753] Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
11601| [75751] Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
11602| [75397] MySql Lite Administrator Multiple Cross Site Scripting Vulnerabilities
11603| [75394] WordPress wp-instance-rename Plugin 'mysqldump_download.php' Arbitrary File Download Vulnerability
11604| [74695] Tiny MySQL 'tinymy.php' Cross Site Scripting Vulnerability
11605| [74398] Oracle MySQL CVE-2015-3152 SSL Certificate Validation Security Bypass Vulnerability
11606| [74137] Oracle MySQL Utilities CVE-2015-2576 Local Security Vulnerability
11607| [74133] Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
11608| [74130] Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
11609| [74126] Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
11610| [74123] Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
11611| [74121] Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
11612| [74120] Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
11613| [74115] Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
11614| [74112] Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
11615| [74110] Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
11616| [74103] Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
11617| [74102] Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
11618| [74098] Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
11619| [74095] Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
11620| [74091] Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
11621| [74089] Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
11622| [74086] Oracle MySQL Server CVE-2015-0508 Remote Security Vulnerability
11623| [74085] Oracle MySQL Server CVE-2015-0439 Remote Security Vulnerability
11624| [74081] Oracle MySQL Server CVE-2015-0500 Remote Security Vulnerability
11625| [74078] Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
11626| [74075] Oracle MySQL Connectors CVE-2015-2575 Remote Security Vulnerability
11627| [74073] Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
11628| [74070] Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
11629| [72728] RubyGems xaviershay-dm-rails 'storage.rb' MySQL Credential Information Disclosure Vulnerability
11630| [72229] Oracle MySQL Server CVE-2015-0385 Remote Security Vulnerability
11631| [72227] Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
11632| [72223] Oracle MySQL Server CVE-2015-0409 Remote Security Vulnerability
11633| [72217] Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
11634| [72214] Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
11635| [72210] Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
11636| [72205] Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
11637| [72200] Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
11638| [72191] Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
11639| [70550] Oracle MySQL Server CVE-2014-6507 Remote Security Vulnerability
11640| [70540] RETIRED: Oracle MySQL Server CVE-2012-5615 Remote Security Vulnerability
11641| [70532] Oracle MySQL Server CVE-2014-6463 Remote Security Vulnerability
11642| [70530] Oracle MySQL Server CVE-2014-6555 Remote Security Vulnerability
11643| [70525] Oracle MySQL Server CVE-2014-6489 Remote Security Vulnerability
11644| [70517] Oracle MySQL Server CVE-2014-4287 Remote Security Vulnerability
11645| [70516] Oracle MySQL Server CVE-2014-6505 Remote Security Vulnerability
11646| [70511] Oracle MySQL Server CVE-2014-6564 Remote Security Vulnerability
11647| [70510] Oracle MySQL Server CVE-2014-6520 Remote Security Vulnerability
11648| [70497] Oracle MySQL Server CVE-2014-6494 Remote Security Vulnerability
11649| [70496] Oracle MySQL Server CVE-2014-6495 Remote Security Vulnerability
11650| [70489] Oracle MySQL Server CVE-2014-6478 Remote Security Vulnerability
11651| [70487] Oracle MySQL Server CVE-2014-6559 Remote Security Vulnerability
11652| [70486] Oracle MySQL Server CVE-2014-6530 Remote Security Vulnerability
11653| [70478] Oracle MySQL Server CVE-2014-6500 Remote Security Vulnerability
11654| [70469] Oracle MySQL Server CVE-2014-6496 Remote Security Vulnerability
11655| [70462] Oracle MySQL Server CVE-2014-6551 Local Security Vulnerability
11656| [70455] Oracle MySQL Server CVE-2014-6484 Remote Security Vulnerability
11657| [70451] Oracle MySQL Server CVE-2014-6464 Remote Security Vulnerability
11658| [70448] Oracle MySQL Server CVE-2014-6474 Remote Security Vulnerability
11659| [70446] Oracle MySQL Server CVE-2014-6469 Remote Security Vulnerability
11660| [70444] Oracle MySQL Server CVE-2014-6491 Remote Security Vulnerability
11661| [69743] Oracle MySQL Client yaSSL Certificate Decode Buffer Overflow Vulnerability
11662| [69732] MySQL MyISAM Insecure Temporary File Creation Vulnerability
11663| [68736] RubyGems lean-ruport MySQL Credential Local Information Disclosure Vulnerability
11664| [68607] Oracle MySQL Server CVE-2014-4214 Remote Security Vulnerability
11665| [68602] Oracle MySQL Server CVE-2014-4240 Local Security Vulnerability
11666| [68598] Oracle MySQL Server CVE-2014-4233 Remote Security Vulnerability
11667| [68593] Oracle MySQL Server CVE-2014-4207 Remote Security Vulnerability
11668| [68587] Oracle MySQL Server CVE-2014-4238 Remote Security Vulnerability
11669| [68579] Oracle MySQL Server CVE-2014-2494 Remote Security Vulnerability
11670| [68573] Oracle MySQL Server CVE-2014-4260 Remote Security Vulnerability
11671| [68564] Oracle MySQL Server CVE-2014-4258 Remote Security Vulnerability
11672| [66896] Oracle MySQL Server CVE-2014-2436 Remote Security Vulnerability
11673| [66890] Oracle MySQL Server CVE-2014-2431 Remote Security Vulnerability
11674| [66885] Oracle MySQL Server CVE-2014-2444 Remote Security Vulnerability
11675| [66880] Oracle MySQL Server CVE-2014-2419 Remote Security Vulnerability
11676| [66872] Oracle MySQL Server CVE-2014-2434 Remote Security Vulnerability
11677| [66863] Oracle MySQL Server CVE-2014-2450 Remote Security Vulnerability
11678| [66858] Oracle MySQL Server CVE-2014-2430 Remote Security Vulnerability
11679| [66853] Oracle MySQL Server CVE-2014-2435 Remote Security Vulnerability
11680| [66850] Oracle MySQL Client CVE-2014-2440 Remote Security Vulnerability
11681| [66846] Oracle MySQL Server CVE-2014-2438 Remote Security Vulnerability
11682| [66835] Oracle MySQL Server CVE-2014-0384 Remote Security Vulnerability
11683| [66828] Oracle MySQL Server CVE-2014-2451 Remote Security Vulnerability
11684| [66823] Oracle MySQL Server CVE-2014-2442 Remote Security Vulnerability
11685| [66153] lighttpd 'mod_mysql_vhost.c' SQL Injection Vulnerability
11686| [65890] InterWorx MySQL Password Information Disclosure Vulnerability
11687| [65621] Percona Toolkit for MySQL Automatic Version Check Information Disclosure Vulnerability
11688| [65298] Oracle MySQL Client 'main()' Function Buffer Overflow Vulnerability
11689| [64908] Oracle MySQL Server CVE-2014-0402 Remote Security Vulnerability
11690| [64904] Oracle MySQL Server CVE-2014-0386 Remote Security Vulnerability
11691| [64898] Oracle MySQL Server CVE-2014-0401 Remote Security Vulnerability
11692| [64897] Oracle MySQL Server CVE-2014-0431 Remote Security Vulnerability
11693| [64896] Oracle MySQL Server CVE-2013-5908 Remote Security Vulnerability
11694| [64895] Oracle MySQL Server CVE-2014-0433 Remote Security Vulnerability
11695| [64893] Oracle MySQL Server CVE-2014-0430 Remote Security Vulnerability
11696| [64891] Oracle MySQL Server CVE-2013-5891 Remote Security Vulnerability
11697| [64888] Oracle MySQL Server CVE-2014-0420 Remote Security Vulnerability
11698| [64885] Oracle MySQL Server CVE-2013-5881 Remote Security Vulnerability
11699| [64880] Oracle MySQL Server CVE-2014-0412 Remote Security Vulnerability
11700| [64877] Oracle MySQL Server CVE-2014-0393 Remote Security Vulnerability
11701| [64873] Oracle MySQL Server CVE-2013-5894 Remote Security Vulnerability
11702| [64868] Oracle MySQL Server CVE-2014-0427 Remote Security Vulnerability
11703| [64864] Oracle MySQL Server CVE-2013-5860 Remote Security Vulnerability
11704| [64854] Oracle MySQL Server CVE-2013-5882 Remote Security Vulnerability
11705| [64849] Oracle MySQL Server CVE-2014-0437 Remote Security Vulnerability
11706| [64731] CSP MySQL User Manager 'login.php' Script SQL Injection Vulnerability
11707| [64630] Zen Cart 'mysql_zencart.sql' Information Disclosure Vulnerability
11708| [63125] Oracle MySQL Server CVE-2012-2750 Remote Security Vulnerability
11709| [63119] Oracle MySQL Server CVE-2013-5770 Remote Security Vulnerability
11710| [63116] Oracle MySQL Server CVE-2013-5793 Remote Security Vulnerability
11711| [63113] Oracle MySQL Server CVE-2013-5767 Remote Security Vulnerability
11712| [63109] Oracle MySQL Server CVE-2013-3839 Remote Security Vulnerability
11713| [63107] Oracle MySQL Server CVE-2013-5786 Remote Security Vulnerability
11714| [63105] Oracle MySQL Server CVE-2013-5807 Remote Security Vulnerability
11715| [62358] Oracle MySQL CVE-2005-2572 Remote Code Execution Vulnerability
11716| [61274] Oracle MySQL Server CVE-2013-3798 Remote Security Vulnerability
11717| [61272] Oracle MySQL Server CVE-2013-3809 Remote Security Vulnerability
11718| [61269] Oracle MySQL Server CVE-2013-3801 Remote Security Vulnerability
11719| [61264] Oracle MySQL Server CVE-2013-3793 Remote Security Vulnerability
11720| [61260] Oracle MySQL Server CVE-2013-3804 Remote Security Vulnerability
11721| [61256] Oracle MySQL Server CVE-2013-3805 Remote Security Vulnerability
11722| [61252] Oracle MySQL Server CVE-2013-3811 Remote Security Vulnerability
11723| [61249] Oracle MySQL Server CVE-2013-3812 Remote Security Vulnerability
11724| [61244] Oracle MySQL Server CVE-2013-3802 Remote Security Vulnerability
11725| [61241] Oracle MySQL Server CVE-2013-3795 Remote Security Vulnerability
11726| [61238] Oracle MySQL Server CVE-2013-3807 Remote Security Vulnerability
11727| [61235] Oracle MySQL Server CVE-2013-3806 Remote Security Vulnerability
11728| [61233] Oracle MySQL Server CVE-2013-3796 Remote Security Vulnerability
11729| [61227] Oracle MySQL Server CVE-2013-3808 Remote Security Vulnerability
11730| [61222] Oracle MySQL Server CVE-2013-3794 Remote Security Vulnerability
11731| [61214] Oracle MySQL Server CVE-2013-3810 Remote Security Vulnerability
11732| [61210] Oracle MySQL Server CVE-2013-3783 Remote Security Vulnerability
11733| [60424] Debian mysql-server CVE-2013-2162 Insecure File Creation Vulnerability
11734| [60001] Wireshark MySQL Dissector Denial of Service Vulnerability
11735| [59242] Oracle MySQL CVE-2013-2391 Local MySQL Server Vulnerability
11736| [59239] Oracle MySQL CVE-2013-1502 Local MySQL Server Vulnerability
11737| [59237] Oracle MySQL CVE-2013-1506 Remote MySQL Server Vulnerability
11738| [59232] Oracle MySQL CVE-2013-1567 Remote MySQL Server Vulnerability
11739| [59229] Oracle MySQL Server CVE-2013-1544 Remote Security Vulnerability
11740| [59227] Oracle MySQL CVE-2013-2376 Remote MySQL Server Vulnerability
11741| [59225] Oracle MySQL CVE-2013-1523 Remote MySQL Server Vulnerability
11742| [59224] Oracle MySQL Server CVE-2013-2392 Remote Security Vulnerability
11743| [59223] Oracle MySQL Server CVE-2013-1548 Remote Security Vulnerability
11744| [59222] RETIRED: Oracle MySQL CVE-2012-5614 Remote MySQL Server Vulnerability
11745| [59218] Oracle MySQL Server CVE-2013-1512 Remote Security Vulnerability
11746| [59217] Oracle MySQL CVE-2013-1526 Remote MySQL Server Vulnerability
11747| [59216] Oracle MySQL CVE-2013-1570 Remote MySQL Server Vulnerability
11748| [59215] Oracle MySQL Server CVE-2013-2381 Remote Security Vulnerability
11749| [59211] Oracle MySQL Server CVE-2013-1532 Remote Security Vulnerability
11750| [59210] Oracle MySQL CVE-2013-1555 Remote MySQL Server Vulnerability
11751| [59209] Oracle MySQL CVE-2013-2375 Remote MySQL Server Vulnerability
11752| [59207] Oracle MySQL Server CVE-2013-2389 Remote Security Vulnerability
11753| [59205] Oracle MySQL Server CVE-2013-1566 Remote Security Vulnerability
11754| [59202] Oracle MySQL CVE-2013-1531 Remote MySQL Server Vulnerability
11755| [59201] Oracle MySQL Server CVE-2013-1511 Remote Security Vulnerability
11756| [59196] Oracle MySQL CVE-2013-1552 Remote MySQL Server Vulnerability
11757| [59188] Oracle MySQL CVE-2013-2378 Remote MySQL Server Vulnerability
11758| [59180] Oracle MySQL CVE-2013-1521 Remote MySQL Server Vulnerability
11759| [59173] Oracle MySQL CVE-2013-2395 Remote MySQL Server Vulnerability
11760| [58511] MySQL and MariaDB Geometry Query Denial Of Service Vulnerability
11761| [57418] Oracle MySQL Server CVE-2013-0386 Remote Security Vulnerability
11762| [57417] Oracle MySQL Server CVE-2013-0389 Remote Security Vulnerability
11763| [57416] Oracle MySQL Server CVE-2013-0384 Remote Security Vulnerability
11764| [57415] Oracle MySQL Server CVE-2013-0371 Remote Security Vulnerability
11765| [57414] Oracle MySQL Server CVE-2012-0574 Remote Security Vulnerability
11766| [57412] Oracle MySQL Server CVE-2013-0385 Local Security Vulnerability
11767| [57411] Oracle MySQL Server CVE-2012-5060 Remote Security Vulnerability
11768| [57410] Oracle MySQL Server CVE-2012-1705 Remote Security Vulnerability
11769| [57408] Oracle MySQL Server CVE-2013-0367 Remote Security Vulnerability
11770| [57405] Oracle MySQL Server CVE-2013-0383 Remote Security Vulnerability
11771| [57400] Oracle MySQL Server CVE-2012-5096 Remote Security Vulnerability
11772| [57397] Oracle MySQL Server CVE-2013-0368 Remote Security Vulnerability
11773| [57391] Oracle MySQL Server CVE-2013-0375 Remote Security Vulnerability
11774| [57388] Oracle MySQL Server CVE-2012-1702 Remote Security Vulnerability
11775| [57385] Oracle MySQL Server CVE-2012-0572 Remote Security Vulnerability
11776| [57334] Oracle MySQL Server CVE-2012-0578 Remote Security Vulnerability
11777| [56837] Oracle MySQL and MariaDB CVE-2012-5627 Insecure Salt Generation Security Bypass Weakness
11778| [56791] Oracle MySQL Remote Code Execution Vulnerability
11779| [56776] Oracle MySQL CVE-2012-5614 Denial of Service Vulnerability
11780| [56772] Oracle MySQL Remote Code Execution Vulnerability
11781| [56771] Oracle MySQL Server Privilege Escalation Vulnerability
11782| [56769] Oracle MySQL and MariaDB 'acl_get()' Buffer Overflow Vulnerability
11783| [56768] Oracle MySQL Server Heap Overflow Vulnerability
11784| [56766] Oracle MySQL Server Username Enumeration Weakness
11785| [56041] Oracle MySQL Server CVE-2012-3173 Remote MySQL Security Vulnerability
11786| [56036] Oracle MySQL Server CVE-2012-3163 Remote MySQL Security Vulnerability
11787| [56028] Oracle MySQL Server CVE-2012-3166 Remote Security Vulnerability
11788| [56027] Oracle MySQL Server CVE-2012-3160 Local Security Vulnerability
11789| [56022] Oracle MySQL Server CVE-2012-3147 Remote Security Vulnerability
11790| [56021] Oracle MySQL Server CVE-2012-3197 Remote Security Vulnerability
11791| [56018] Oracle MySQL Server CVE-2012-3167 Remote Security Vulnerability
11792| [56017] Oracle MySQL Server CVE-2012-3158 Remote Security Vulnerability
11793| [56013] Oracle MySQL Server CVE-2012-3156 Remote Security Vulnerability
11794| [56008] Oracle MySQL Server CVE-2012-3144 Remote Security Vulnerability
11795| [56006] Oracle MySQL Server CVE-2012-3149 Remote Security Vulnerability
11796| [56005] Oracle MySQL Server CVE-2012-3177 Remote Security Vulnerability
11797| [56003] Oracle MySQL Server CVE-2012-3180 Remote Security Vulnerability
11798| [55990] Oracle MySQL Server CVE-2012-3150 Remote Security Vulnerability
11799| [55715] MySQL MyISAM Table Symbolic Link CVE-2012-4452 Local Privilege Escalation Vulnerability
11800| [55120] Oracle MySQL CVE-2012-2749 Denial Of Service Vulnerability
11801| [54551] Oracle MySQL Server CVE-2012-0540 Remote Security Vulnerability
11802| [54549] Oracle MySQL Server CVE-2012-1735 Remote Security Vulnerability
11803| [54547] Oracle MySQL Server CVE-2012-1689 Remote Security Vulnerability
11804| [54540] Oracle MySQL Server CVE-2012-1734 Remote Security Vulnerability
11805| [54526] Oracle MySQL Server CVE-2012-1757 Remote Security Vulnerability
11806| [54524] Oracle MySQL Server CVE-2012-1756 Remote Security Vulnerability
11807| [53922] RETIRED: MySQL and MariaDB 'sql/password.c' Authentication Bypass Vulnerability
11808| [53911] Oracle MySQL CVE-2012-2122 User Login Security Bypass Vulnerability
11809| [53310] MySQLDumper 'menu.php' Remote PHP Code Execution Vulnerability
11810| [53306] MySQLDumper Multiple Security Vulnerabilities
11811| [53074] Oracle MySQL CVE-2012-1690 Remote MySQL Server Vulnerability
11812| [53071] Oracle MySQL CVE-2012-1696 Remote MySQL Server Vulnerability
11813| [53067] Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
11814| [53064] Oracle MySQL CVE-2012-1697 Remote MySQL Server Vulnerability
11815| [53061] Oracle MySQL CVE-2012-0583 Remote MySQL Server Vulnerability
11816| [53058] Oracle MySQL CVE-2012-1703 Remote MySQL Server Vulnerability
11817| [52931] Oracle MySQL Server Multiple Unspecified Security Vulnerabilities
11818| [52154] RETIRED: MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
11819| [51925] MySQL Unspecified Remote Code Execution Vulnerability
11820| [51526] Oracle MySQL CVE-2012-0075 Remote MySQL Server Vulnerability
11821| [51525] Oracle MySQL CVE-2012-0493 Remote Vulnerability
11822| [51524] Oracle MySQL Server CVE-2012-0490 Remote Security Vulnerability
11823| [51523] Oracle MySQL Server CVE-2012-0494 Local Security Vulnerability
11824| [51522] Oracle MySQL Server CVE-2012-0495 Remote Security Vulnerability
11825| [51521] Oracle MySQL Server CVE-2012-0117 Remote MySQL Server Vulnerability
11826| [51520] Oracle MySQL Server CVE-2012-0114 Local Security Vulnerability
11827| [51519] Oracle MySQL Server CVE-2012-0112 Remote MySQL Server Vulnerability
11828| [51518] Oracle MySQL Server CVE-2012-0491 Remote Security Vulnerability
11829| [51517] Oracle MySQL CVE-2012-0120 Remote Vulnerability
11830| [51516] Oracle MySQL Server CVE-2012-0492 Remote MySQL Server Vulnerability
11831| [51515] Oracle MySQL Server CVE-2012-0484 Remote Security Vulnerability
11832| [51514] Oracle MySQL Server CVE-2012-0486 Remote Security Vulnerability
11833| [51513] Oracle MySQL Server CVE-2012-0485 Remote Security Vulnerability
11834| [51512] Oracle MySQL CVE-2012-0119 Remote Vulnerability
11835| [51511] Oracle MySQL CVE-2012-0118 Remote MySQL Server Vulnerability
11836| [51510] Oracle MySQL Server CVE-2012-0489 Remote MySQL Server Vulnerability
11837| [51509] Oracle MySQL Server CVE-2012-0087 Remote Security Vulnerability
11838| [51508] Oracle MySQL CVE-2012-0116 Remote MySQL Server Vulnerability
11839| [51507] Oracle MySQL Server CVE-2012-0496 Remote Security Vulnerability
11840| [51506] Oracle MySQL Server CVE-2012-0488 Remote MySQL Server Vulnerability
11841| [51505] Oracle MySQL Server CVE-2012-0101 Remote Security Vulnerability
11842| [51504] Oracle MySQL CVE-2012-0115 Remote Vulnerability
11843| [51503] Oracle MySQL Server CVE-2012-0487 Remote MySQL Server Vulnerability
11844| [51502] Oracle MySQL Server CVE-2012-0102 Remote Security Vulnerability
11845| [51493] Oracle MySQL CVE-2011-2262 Remote MySQL Server Vulnerability
11846| [51488] Oracle MySQL CVE-2012-0113 Remote MySQL Server Vulnerability
11847| [50139] DBD::mysqlPP Unspecified SQL Injection Vulnerability
11848| [48466] MySQLDriverCS SQL Injection Vulnerability
11849| [47919] Zend Framework 'PDO_MySql' Security Bypass Vulnerability
11850| [47871] Oracle MySQL Prior to 5.1.52 Multiple Denial Of Service Vulnerabilities
11851| [47693] DirectAdmin 'mysql_backup' Folder Permissions Information Disclosure Vulnerability
11852| [46655] pywebdav MySQL Authentication Module SQL Injection Vulnerability
11853| [46456] MySQL Eventum 'full_name' Field HTML Injection Vulnerability
11854| [46380] MySQL Eventum Multiple HTML Injection Vulnerabilities
11855| [46056] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
11856| [43884] phpFK - PHP Forum Script ohne MySQL 'page_bottom.php' Local File Include Vulnerability
11857| [43677] Oracle MySQL Prior to 5.1.50 Privilege Escalation Vulnerability
11858| [43676] Oracle MySQL Prior to 5.1.51 Multiple Denial Of Service Vulnerabilities
11859| [42646] Oracle MySQL Prior to 5.1.49 'JOIN' Statement Denial Of Service Vulnerability
11860| [42643] Oracle MySQL Prior to 5.1.49 'DDL' Statements Denial Of Service Vulnerability
11861| [42638] Oracle MySQL Prior to 5.1.49 Malformed 'BINLOG' Arguments Denial Of Service Vulnerability
11862| [42633] Oracle MySQL 'HANDLER' interface Denial Of Service Vulnerability
11863| [42625] Oracle MySQL 'LOAD DATA INFILE' Denial Of Service Vulnerability
11864| [42599] Oracle MySQL 'EXPLAIN' Denial Of Service Vulnerability
11865| [42598] Oracle MySQL 'TEMPORARY InnoDB' Tables Denial Of Service Vulnerability
11866| [42596] Oracle MySQL Prior to 5.1.49 'WITH ROLLUP' Denial Of Service Vulnerability
11867| [42586] RETIRED: Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities
11868| [42417] Zmanda Recovery Manager for MySQL Multiple Local Privilege Escalation Vulnerabilities
11869| [41440] phpFK - PHP Forum Script ohne MySQL 'upload.php' Arbitrary File Upload Vulnerability
11870| [41198] Oracle MySQL 'ALTER DATABASE' Remote Denial Of Service Vulnerability
11871| [40537] MySQL Enterprise Monitor Multiple Unspecified Cross Site Request Forgery Vulnerabilities
11872| [40506] RETIRED: phpGraphy 'mysql_cleanup.php' Remote File Include Vulnerability
11873| [40461] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
11874| [40257] Oracle MySQL DROP TABLE MyISAM Symbolic Link Local Security Bypass Vulnerability
11875| [40109] Oracle MySQL 'COM_FIELD_LIST' Command Packet Security Bypass Vulnerability
11876| [40106] Oracle MySQL 'COM_FIELD_LIST' Command Buffer Overflow Vulnerability
11877| [40100] Oracle MySQL Malformed Packet Handling Remote Denial of Service Vulnerability
11878| [40045] Advanced Poll 'mysql_host' Parameter Cross Site Scripting Vulnerability
11879| [39918] FlexAppsStore Flex MySQL Connector Unauthorized Access Vulnerability
11880| [39543] MySQL UNINSTALL PLUGIN Security Bypass Vulnerability
11881| [38642] Timeclock Software 'mysqldump' Local Information Disclosure Vulnerability
11882| [38043] MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
11883| [37943] MySQL with yaSSL SSL Certificate Handling Remote Stack Buffer Overflow Vulnerability
11884| [37770] TYPO3 kiddog_mysqldumper Unspecified Information Disclosure Vulnerability
11885| [37640] MySQL 5.0.51a Unspecified Remote Code Execution Vulnerability
11886| [37297] MySQL Multiple Remote Denial Of Service Vulnerabilities
11887| [37076] MySQL OpenSSL Server Certificate yaSSL Security Bypass Vulnerability
11888| [37075] MySQL MyISAM Table Symbolic Link Local Privilege Escalation Vulnerability
11889| [36242] MySQL 5.x Unspecified Buffer Overflow Vulnerability
11890| [35858] MySQL Connector/J Unicode Character String SQL Injection Vulnerability
11891| [35609] MySQL 'sql_parse.cc' Multiple Format String Vulnerabilities
11892| [35514] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
11893| [33972] MySQL XPath Expression Remote Denial Of Service Vulnerability
11894| [33392] 'mod_auth_mysql' Package Multibyte Character Encoding SQL Injection Vulnerability
11895| [32978] MySQL Calendar 'username' Parameter SQL Injection Vulnerability
11896| [32914] MySQL Calendar Cookie Authentication Bypass Vulnerability
11897| [32157] MySQL Quick Admin 'actions.php' Local File Include Vulnerability
11898| [32000] Agora 'MysqlfinderAdmin.php' Remote File Include Vulnerability
11899| [31517] MySQL Quick Admin 'index.php' Local File Include Vulnerability
11900| [31486] MySQL Command Line Client HTML Special Characters HTML Injection Vulnerability
11901| [31425] PromoteWeb MySQL 'go.php' SQL Injection Vulnerability
11902| [31081] MySQL Empty Binary String Literal Remote Denial Of Service Vulnerability
11903| [30835] mysql-lists Unspecified Cross Site Scripting Vulnerability
11904| [30529] Keld PHP-MySQL News Script 'login.php' SQL Injection Vulnerability
11905| [30383] phpwebnews-mysql Multiple SQL Injection Vulnerabilities
11906| [29106] MySQL MyISAM Table Privileges Secuity Bypass Vulnerability
11907| [29048] GEDCOM_to_MySQL2 Multiple Cross-Site Scripting Vulnerabilities
11908| [28351] MySQL INFORMATION_SCHEMA Remote Denial Of Service Vulnerability
11909| [27938] DSPAM Debian 'libdspam7-drv-mysql' Cron Job MySQL Calls Local Information Disclosure Vulnerability
11910| [27202] PHP Webquest MySQL Credentials Information Disclosure Vulnerability
11911| [27032] PHP MySQL Open Source Help Desk 'form.php' Code Injection Vulnerability
11912| [26947] MySQL Server Unspecified Remote Arbitrary Command Execution Vulnerability
11913| [26832] MySQL Server Privilege Escalation And Denial Of Service Vulnerabilities
11914| [26829] aurora framework Db_mysql.LIB SQL Injection Vulnerability
11915| [26765] MySQL Server RENAME TABLE System Table Overwrite Vulnerability
11916| [26353] MySQL Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
11917| [26304] AdventNet EventLog Analyzer Insecure Default MySQL Password Unauthorized Access Vulnerability
11918| [26156] Bacula MySQL Password Information Disclosure Vulnerability
11919| [26095] Asterisk 'asterisk-addons' CDR_ADDON_MYSQL Module SQL Injection Vulnerability
11920| [25017] MySQL Access Validation and Denial of Service Vulnerabilities
11921| [24759] MySQLDumper Apache Access Control Authentication Bypass Vulnerability
11922| [24016] MySQL Rename Table Function Access Validation Vulnerability
11923| [24011] MySQL Security Invoker Privilege Escalation Vulnerability
11924| [24008] MySQL Alter Table Function Information Disclosure Vulnerability
11925| [23911] MySQL IF Query Handling Remote Denial Of Service Vulnerability
11926| [23176] Eve-Nuke Forums MySQL.PHP Remote File Include Vulnerability
11927| [22941] MySQL Commander Remote File Include Vulnerability
11928| [22900] MySQL Single Row SubSelect Remote Denial Of Service Vulnerability
11929| [22474] CPanel PassWDMySQL Cross-Site Scripting Vulnerability
11930| [22431] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
11931| [20460] MySQLDumper SQL.PHP Cross-Site Scripting Vulnerability
11932| [20222] PABugs Class.MySQL.PHP Remote File Include Vulnerability
11933| [20165] ZoomStats MySQL.PHP Remote File Include Vulnerability
11934| [19794] MySQL Multiupdate and Subselects Denial Of Service Vulnerability
11935| [19559] MySQL Privilege Elevation and Security Bypass Vulnerabilities
11936| [19279] MySQL MERGE Privilege Revoke Bypass Vulnerability
11937| [19240] Banex PHP MySQL Banner Exchange Multiple Remote Vulnerabilities
11938| [19032] MySQL Server Date_Format Denial Of Service Vulnerability
11939| [18717] PHP/MySQL Classifieds AddAsset1.PHP Multiple HTML Injection Vulnerabilities
11940| [18439] MySQL Server Str_To_Date Remote Denial Of Service Vulnerability
11941| [18219] MySQL Mysql_real_escape Function SQL Injection Vulnerability
11942| [17780] MySQL Remote Information Disclosure and Buffer Overflow Vulnerabilities
11943| [17224] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
11944| [17223] Cholod MySQL Based Message Board Multiple HTML Injection Vulnerabilities
11945| [17147] Woltlab Burning Board Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
11946| [16850] MySQL Query Logging Bypass Vulnerability
11947| [16620] PHP/MYSQL Timesheet Multiple SQL Injection Vulnerabilities
11948| [16564] PAM-MySQL Code Execution And Denial Of Service Vulnerabilities
11949| [16219] PHP MySQLI Error Logging Remote Format String Vulnerability
11950| [16145] PHP MySQL_Connect Remote Buffer Overflow Vulnerability
11951| [15852] MySQL Auction Search Module Cross-Site Scripting Vulnerability
11952| [14509] MySQL User-Defined Function Buffer Overflow Vulnerability
11953| [14437] MySQL Eventum Multiple SQL Injection Vulnerabilities
11954| [14436] MySQL Eventum Multiple Cross-Site Scripting Vulnerabilities
11955| [13913] xMySQLadmin Insecure Temporary File Creation Vulnerability
11956| [13660] MySQL mysql_install_db Insecure Temporary File Creation Vulnerability
11957| [13378] MySQL MaxDB WebDAV IF Parameter Remote Buffer Overflow Vulnerability
11958| [13369] MySQL MaxDB WebDAV Lock Token Remote Buffer Overflow Vulnerability
11959| [13368] MySQL MaxDB HTTP GET Request Remote Buffer Overflow Vulnerability
11960| [12805] MySQL MaxDB WebAgent Input Validation Multiple Remote Denial Of Service Vulnerabilities
11961| [12781] MySQL AB MySQL Multiple Remote Vulnerabilities
11962| [12313] MySQL MaxDB WebAgent Remote Denial of Service Vulnerabilities
11963| [12277] MySQL Database MySQLAccess Local Insecure Temporary File Creation Vulnerability
11964| [12265] MySQL MaxDB WebAgent WebSQL Password Parameter Remote Buffer Overflow Vulnerability
11965| [12133] MySQL Eventum Multiple Input Validation Vulnerabilities
11966| [11844] MySQL MaxDB WebDav Handler Overwrite Header Remote Buffer Overflow Vulnerability
11967| [11843] MySQL MaxDB WAHTTP Server Remote Denial Of Service Vulnerability
11968| [11435] MySQL Database Unauthorized GRANT Privilege Vulnerability
11969| [11432] MySQL Remote FULLTEXT Search Denial Of Service Vulnerability
11970| [11357] MySQL Multiple Local Vulnerabilities
11971| [11346] MySQL MaxDB WebDBM Server Name Denial of Service Vulnerability
11972| [11291] MySQL Unspecified Insecure Temporary File Creation Vulnerability
11973| [11261] MySQL Bounded Parameter Statement Execution Remote Buffer Overflow Vulnerability
11974| [11234] AllWebScripts MySQLGuest HTML Injection Vulnerability
11975| [10986] Ben Yacoub Hatem MySQL Backup Pro Undisclosed 'getbackup()' Vulnerability
11976| [10981] MySQL Mysql_real_connect Function Potential Remote Buffer Overflow Vulnerability
11977| [10969] MySQL Mysqlhotcopy Script Insecure Temporary File Creation Vulnerability
11978| [10655] MySQL Password Length Remote Buffer Overflow Vulnerability
11979| [10654] MySQL Authentication Bypass Vulnerability
11980| [10142] MySQL MYSQLD_Multi Insecure Temporary File Creation Vulnerability
11981| [9976] MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability
11982| [8796] MySQL Multiple Vulnerabilities
11983| [8590] MySQL Password Handler Buffer Overflow Vulnerability
11984| [8245] MySQL AB ODBC Driver Plain Text Password Vulnerability
11985| [7887] MySQL libmysqlclient Library mysql_real_connect() Buffer Overrun Vulnerability
11986| [7500] MySQL Weak Password Encryption Vulnerability
11987| [7052] MySQL mysqld Privilege Escalation Vulnerability
11988| [7041] MySQL Control Center Insecure Default File Permission Vulnerability
11989| [6718] MySQL Double Free Heap Corruption Vulnerability
11990| [6375] MySQL COM_CHANGE_USER Password Memory Corruption Vulnerability
11991| [6374] MySQL libmysqlclient Library Read_One_Row Buffer Overflow Vulnerability
11992| [6373] MySQL COM_CHANGE_USER Password Length Account Compromise Vulnerability
11993| [6370] MySQL libmysqlclient Library Read_Rows Buffer Overflow Vulnerability
11994| [6368] MySQL COM_TABLE_DUMP Memory Corruption Vulnerability
11995| [5948] PHPRank MySQL Error Unauthorized Access Vulnerability
11996| [5853] MySQL DataDir Parameter Local Buffer Overflow Vulnerability
11997| [5513] MySQL Logging Not Enabled Weak Default Configuration Vulnerability
11998| [5511] MySQL Bind Address Not Enabled Weak Default Configuration Vulnerability
11999| [5503] MySQL Null Root Password Weak Default Configuration Vulnerability
12000| [4409] Cyrus SASL LDAP+MySQL Authentication Patch SQL Command Execution Vulnerability
12001| [4026] PHP MySQL Safe_Mode Filesystem Circumvention Vulnerability
12002| [3907] Conectiva Linux MySQL World Readable Log File Vulnerability
12003| [3381] WinMySQLadmin Plain Text Password Storage Vulnerability
12004| [3284] Inter7 vpopmail MySQL Authentication Data Recovery Vulnerability
12005| [3255] Apache mod_auth_mysql Remote SQL Query Manipulation Vulnerability
12006| [2522] MySQL Root Operation Symbolic Link File Overwriting Vulnerability
12007| [2380] MySQL SHOW GRANTS Pasword Hash Disclosure Vulnerability
12008| [2262] Mysql Local Buffer Overflow Vulnerability
12009| [1850] pam_mysql Authentication Input Validation Vulnerability
12010| [1826] MySQL Authentication Algorithm Vulnerability
12011| [1557] PCCS Mysql Database Admin Tool Username/Password Exposure Vulnerability
12012| [975] MySQL Unauthenticated Remote Access Vulnerability
12013| [926] MySQL GRANT Global Password Changing Vulnerability
12014|
12015| IBM X-Force - https://exchange.xforce.ibmcloud.com:
12016| [85724] Oracle MySQL Server XA Transactions denial of service
12017| [85723] Oracle MySQL Server Server Replication denial of service
12018| [85722] Oracle MySQL Server InnoDB denial of service
12019| [85721] Oracle MySQL Server Server Privileges unspecified
12020| [85720] Oracle MySQL Server Server Partition denial of service
12021| [85719] Oracle MySQL Server Server Parser denial of service
12022| [85718] Oracle MySQL Server Server Options denial of service
12023| [85717] Oracle MySQL Server Server Options denial of service
12024| [85716] Oracle MySQL Server Server Optimizer denial of service
12025| [85715] Oracle MySQL Server Server Optimizer denial of service
12026| [85714] Oracle MySQL Server Prepared Statements denial of service
12027| [85713] Oracle MySQL Server InnoDB denial of service
12028| [85712] Oracle MySQL Server Full Text Search denial of service
12029| [85711] Oracle MySQL Server Data Manipulation Language denial of service
12030| [85710] Oracle MySQL Server Data Manipulation Language denial of service
12031| [85709] Oracle MySQL Server Audit Log unspecified
12032| [85708] Oracle MySQL Server MemCached unspecified
12033| [84846] Debian mysql-server package information disclosure
12034| [84375] Wireshark MySQL dissector denial of service
12035| [83554] Oracle MySQL Server Server Partition denial of service
12036| [83553] Oracle MySQL Server Server Locking denial of service
12037| [83552] Oracle MySQL Server Server Install unspecified
12038| [83551] Oracle MySQL Server Server Types denial of service
12039| [83550] Oracle MySQL Server Server Privileges unspecified
12040| [83549] Oracle MySQL Server InnoDB denial of service
12041| [83548] Oracle MySQL Server InnoDB denial of service
12042| [83547] Oracle MySQL Server Data Manipulation Language denial of service
12043| [83546] Oracle MySQL Server Stored Procedure denial of service
12044| [83545] Oracle MySQL Server Server Replication denial of service
12045| [83544] Oracle MySQL Server Server Partition denial of service
12046| [83543] Oracle MySQL Server Server Optimizer denial of service
12047| [83542] Oracle MySQL Server InnoDB denial of service
12048| [83541] Oracle MySQL Server Information Schema denial of service
12049| [83540] Oracle MySQL Server Data Manipulation Language denial of service
12050| [83539] Oracle MySQL Server Data Manipulation Language denial of service
12051| [83538] Oracle MySQL Server Server Optimizer unspecified
12052| [83537] Oracle MySQL Server MemCached denial of service
12053| [83536] Oracle MySQL Server Server Privileges unspecified
12054| [83535] Oracle MySQL Server Server Privileges unspecified
12055| [83534] Oracle MySQL Server Server unspecified
12056| [83533] Oracle MySQL Server Information Schema unspecified
12057| [83532] Oracle MySQL Server Server Locking unspecified
12058| [83531] Oracle MySQL Server Data Manipulation Language denial of service
12059| [83388] MySQL administrative login attempt detected
12060| [82963] Mambo MySQL database information disclosure
12061| [82946] Oracle MySQL buffer overflow
12062| [82945] Oracle MySQL buffer overflow
12063| [82895] Oracle MySQL and MariaDB geometry queries denial of service
12064| [81577] MySQL2JSON extension for TYPO3 unspecified SQL injection
12065| [81325] Oracle MySQL Server Server Privileges denial of service
12066| [81324] Oracle MySQL Server Server Partition denial of service
12067| [81323] Oracle MySQL Server Server Optimizer denial of service
12068| [81322] Oracle MySQL Server Server Optimizer denial of service
12069| [81321] Oracle MySQL Server Server denial of service
12070| [81320] Oracle MySQL Server MyISAM denial of service
12071| [81319] Oracle MySQL Server InnoDB denial of service
12072| [81318] Oracle MySQL Server InnoDB denial of service
12073| [81317] Oracle MySQL Server Server Locking denial of service
12074| [81316] Oracle MySQL Server Server denial of service
12075| [81315] Oracle MySQL Server Server Replication unspecified
12076| [81314] Oracle MySQL Server Server Replication unspecified
12077| [81313] Oracle MySQL Server Stored Procedure denial of service
12078| [81312] Oracle MySQL Server Server Optimizer denial of service
12079| [81311] Oracle MySQL Server Information Schema denial of service
12080| [81310] Oracle MySQL Server GIS Extension denial of service
12081| [80790] Oracle MySQL yaSSL buffer overflow
12082| [80553] Oracle MySQL and MariaDB salt security bypass
12083| [80443] Oracle MySQL Server unspecified code execution
12084| [80442] Oracle MySQL Server acl_get() buffer overflow
12085| [80440] Oracle MySQL Server table buffer overflow
12086| [80435] Oracle MySQL Server database privilege escalation
12087| [80434] Oracle MySQL Server COM_BINLOG_DUMP denial of service
12088| [80433] Oracle MySQL Server Stuxnet privilege escalation
12089| [80432] Oracle MySQL Server authentication information disclosure
12090| [79394] Oracle MySQL Server Server Installation information disclosure
12091| [79393] Oracle MySQL Server Server Replication denial of service
12092| [79392] Oracle MySQL Server Server Full Text Search denial of service
12093| [79391] Oracle MySQL Server Server denial of service
12094| [79390] Oracle MySQL Server Client information disclosure
12095| [79389] Oracle MySQL Server Server Optimizer denial of service
12096| [79388] Oracle MySQL Server Server Optimizer denial of service
12097| [79387] Oracle MySQL Server Server denial of service
12098| [79386] Oracle MySQL Server InnoDB Plugin denial of service
12099| [79385] Oracle MySQL Server InnoDB denial of service
12100| [79384] Oracle MySQL Server Client unspecified
12101| [79383] Oracle MySQL Server Server denial of service
12102| [79382] Oracle MySQL Server Protocol unspecified
12103| [79381] Oracle MySQL Server Information Schema unspecified
12104| [78954] SilverStripe MySQLDatabase.php information disclosure
12105| [78948] MySQL MyISAM table symlink
12106| [77865] MySQL unknown vuln
12107| [77864] MySQL sort order denial of service
12108| [77768] MySQLDumper refresh_dblist.php information disclosure
12109| [77177] MySQL Squid Access Report unspecified cross-site scripting
12110| [77065] Oracle MySQL Server Optimizer denial of service
12111| [77064] Oracle MySQL Server Optimizer denial of service
12112| [77063] Oracle MySQL Server denial of service
12113| [77062] Oracle MySQL InnoDB denial of service
12114| [77061] Oracle MySQL GIS Extension denial of service
12115| [77060] Oracle MySQL Server Optimizer denial of service
12116| [76189] MySQL unspecified error
12117| [76188] MySQL attempts security bypass
12118| [75287] MySQLDumper restore.php information disclosure
12119| [75286] MySQLDumper filemanagement.php directory traversal
12120| [75285] MySQLDumper main.php cross-site request forgery
12121| [75284] MySQLDumper install.php cross-site scripting
12122| [75283] MySQLDumper install.php file include
12123| [75282] MySQLDumper menu.php code execution
12124| [75022] Oracle MySQL Server Server Optimizer denial of service
12125| [75021] Oracle MySQL Server Server Optimizer denial of service
12126| [75020] Oracle MySQL Server Server DML denial of service
12127| [75019] Oracle MySQL Server Partition denial of service
12128| [75018] Oracle MySQL Server MyISAM denial of service
12129| [75017] Oracle MySQL Server Server Optimizer denial of service
12130| [74672] Oracle MySQL Server multiple unspecified
12131| [73092] MySQL unspecified code execution
12132| [72540] Oracle MySQL Server denial of service
12133| [72539] Oracle MySQL Server unspecified
12134| [72538] Oracle MySQL Server denial of service
12135| [72537] Oracle MySQL Server denial of service
12136| [72536] Oracle MySQL Server unspecified
12137| [72535] Oracle MySQL Server denial of service
12138| [72534] Oracle MySQL Server denial of service
12139| [72533] Oracle MySQL Server denial of service
12140| [72532] Oracle MySQL Server denial of service
12141| [72531] Oracle MySQL Server denial of service
12142| [72530] Oracle MySQL Server denial of service
12143| [72529] Oracle MySQL Server denial of service
12144| [72528] Oracle MySQL Server denial of service
12145| [72527] Oracle MySQL Server denial of service
12146| [72526] Oracle MySQL Server denial of service
12147| [72525] Oracle MySQL Server information disclosure
12148| [72524] Oracle MySQL Server denial of service
12149| [72523] Oracle MySQL Server denial of service
12150| [72522] Oracle MySQL Server denial of service
12151| [72521] Oracle MySQL Server denial of service
12152| [72520] Oracle MySQL Server denial of service
12153| [72519] Oracle MySQL Server denial of service
12154| [72518] Oracle MySQL Server unspecified
12155| [72517] Oracle MySQL Server unspecified
12156| [72516] Oracle MySQL Server unspecified
12157| [72515] Oracle MySQL Server denial of service
12158| [72514] Oracle MySQL Server unspecified
12159| [71965] MySQL port denial of service
12160| [70680] DBD::mysqlPP unspecified SQL injection
12161| [70370] TaskFreak! multi-mysql unspecified path disclosure
12162| [68799] mod_authnz_external module for Apache mysql-auth.pl SQL injection
12163| [68294] MySQLDriverCS statement.cs sql injection
12164| [68175] Prosody MySQL denial of service
12165| [67539] Zend Framework MySQL PDO security bypass
12166| [67254] DirectAdmin MySQL information disclosure
12167| [66567] Xoops mysql.sql information disclosure
12168| [65871] PyWebDAV MySQLAuthHandler class SQL injection
12169| [65543] MySQL Select Arbitrary data into a File
12170| [65529] MySQL Eventum full_name field cross-site scripting
12171| [65380] Oracle MySQL Eventum forgot_password.php cross-site scripting
12172| [65379] Oracle MySQL Eventum list.php cross-site scripting
12173| [65266] Accellion File Transfer Appliance MySQL default password
12174| [64878] MySQL Geometry denial of service
12175| [64877] MySQL EXPLAIN EXTENDED denial of service
12176| [64876] MySQL prepared statement denial of service
12177| [64845] MySQL extreme-value denial of service
12178| [64844] MySQL Gis_line_string::init_from_wkb denial of service
12179| [64843] MySQL user-variable denial of service
12180| [64842] MySQL view preparation denial of service
12181| [64841] MySQL prepared statement denial of service
12182| [64840] MySQL LONGBLOB denial of service
12183| [64839] MySQL invocations denial of service
12184| [64838] MySQL Gis_line_string::init_from_wkb denial of service
12185| [64689] MySQL dict0crea.c denial of service
12186| [64688] MySQL SET column denial of service
12187| [64687] MySQL BINLOG command denial of service
12188| [64686] MySQL InnoDB denial of service
12189| [64685] MySQL HANDLER interface denial of service
12190| [64684] MySQL Item_singlerow_subselect::store denial of service
12191| [64683] MySQL OK packet denial of service
12192| [63518] MySQL Query Browser GUI Tools information disclosure
12193| [63517] MySQL Administrator GUI Tools information disclosure
12194| [62272] MySQL PolyFromWKB() denial of service
12195| [62269] MySQL LIKE predicates denial of service
12196| [62268] MySQL joins denial of service
12197| [62267] MySQL GREATEST() or LEAST() denial of service
12198| [62266] MySQL GROUP_CONCAT() denial of service
12199| [62265] MySQL expression values denial of service
12200| [62264] MySQL temporary table denial of service
12201| [62263] MySQL LEAST() or GREATEST() denial of service
12202| [62262] MySQL replication privilege escalation
12203| [61739] MySQL WITH ROLLUP denial of service
12204| [61343] MySQL LOAD DATA INFILE denial of service
12205| [61342] MySQL EXPLAIN denial of service
12206| [61341] MySQL HANDLER denial of service
12207| [61340] MySQL BINLOG denial of service
12208| [61339] MySQL IN() or CASE denial of service
12209| [61338] MySQL SET denial of service
12210| [61337] MySQL DDL denial of service
12211| [61318] PHP mysqlnd_wireprotocol.c buffer overflow
12212| [61317] PHP php_mysqlnd_read_error_from_line buffer overflow
12213| [61316] PHP php_mysqlnd_auth_write buffer overflow
12214| [61274] MySQL TEMPORARY InnoDB denial of service
12215| [59905] MySQL ALTER DATABASE denial of service
12216| [59841] CMySQLite updateUser.php cross-site request forgery
12217| [59112] MySQL Enterprise Monitor unspecified cross-site request forgery
12218| [59075] PHP php_mysqlnd_auth_write() buffer overflow
12219| [59074] PHP php_mysqlnd_read_error_from_line() buffer overflow
12220| [59073] PHP php_mysqlnd_rset_header_read() buffer overflow
12221| [59072] PHP php_mysqlnd_ok_read() information disclosure
12222| [58842] MySQL DROP TABLE file deletion
12223| [58676] Template Shares MySQL information disclosure
12224| [58531] MySQL COM_FIELD_LIST buffer overflow
12225| [58530] MySQL packet denial of service
12226| [58529] MySQL COM_FIELD_LIST security bypass
12227| [58311] ClanSphere the captcha generator and MySQL driver SQL injection
12228| [57925] MySQL UNINSTALL PLUGIN security bypass
12229| [57006] Quicksilver Forums mysqldump information disclosure
12230| [56800] Employee Timeclock Software mysqldump information disclosure
12231| [56200] Flex MySQL Connector ActionScript SQL injection
12232| [55877] MySQL yaSSL buffer overflow
12233| [55622] kiddog_mysqldumper extension for TYPO3 information disclosure
12234| [55416] MySQL unspecified buffer overflow
12235| [55382] Ublog UblogMySQL.sql information disclosure
12236| [55251] PHP-MySQL-Quiz editquiz.php SQL injection
12237| [54597] MySQL sql_table.cc security bypass
12238| [54596] MySQL mysqld denial of service
12239| [54365] MySQL OpenSSL security bypass
12240| [54364] MySQL MyISAM table symlink
12241| [53950] The mysql-ocaml mysql_real_escape_string weak security
12242| [52978] Zmanda Recovery Manager for MySQL mysqlhotcopy privilege escalation
12243| [52977] Zmanda Recovery Manager for MySQL socket-server.pl command execution
12244| [52660] iScouter PHP Web Portal MySQL Password Retrieval
12245| [52220] aa33code mysql.inc information disclosure
12246| [52122] MySQL Connector/J unicode SQL injection
12247| [51614] MySQL dispatch_command() denial of service
12248| [51406] MySQL Connector/NET SSL spoofing
12249| [49202] MySQL UDF command execution
12250| [49050] MySQL XPath denial of service
12251| [48919] Cisco Application Networking Manager MySQL default account password
12252| [48163] libapache2-mod-auth-mysql module for Debian multibyte encoding SQL injection
12253| [47544] MySQL Calendar index.php SQL injection
12254| [47476] MySQL Calendar index.php nodstrumCalendarV2 security bypass
12255| [45649] MySQL MyISAM symlink security bypass
12256| [45648] MySQL MyISAM symlinks security bypass
12257| [45607] MySQL Quick Admin actions.php file include
12258| [45606] MySQL Quick Admin index.php file include
12259| [45590] MySQL command-line client cross-site scripting
12260| [45436] PromoteWeb MySQL go.php SQL injection
12261| [45042] MySQL empty bit-string literal denial of service
12262| [44662] mysql-lists unspecified cross-site scripting
12263| [42267] MySQL MyISAM security bypass
12264| [42211] GEDCOM_to_MySQL2 index.php, info.php and prenom.php cross-site scripting
12265| [42014] miniBB setup_mysql.php and setup_options.php SQL injection
12266| [40920] MySQL sql_select.cc denial of service
12267| [40734] MySQL Server BINLOG privilege escalation
12268| [40350] MySQL password information disclosure
12269| [39415] Debian GNU/Linux libdspam7-drv-mysql cron job password disclosure
12270| [39402] PHP LOCAL INFILE and MySQL extension security bypass
12271| [38999] aurora framework db_mysql.lib SQL injection
12272| [38990] MySQL federated engine denial of service
12273| [38989] MySQL DEFINER value privilege escalation
12274| [38988] MySQL DATA DIRECTORY and INDEX DIRECTORY privilege escalation
12275| [38964] MySQL RENAME TABLE symlink
12276| [38733] ManageEngine EventLog Analyzer MySQL default password
12277| [38284] MySQL ha_innodb.cc convert_search_mode_to_innobase() denial of service
12278| [38189] MySQL default root password
12279| [37235] Asterisk-Addons cdr_addon_mysql module SQL injection
12280| [37099] RHSA update for MySQL case sensistive database name privilege escalation not installed
12281| [36555] PHP MySQL extension multiple functions security bypass
12282| [35960] MySQL view privilege escalation
12283| [35959] MySQL CREATE TABLE LIKE information disclosure
12284| [35958] MySQL connection protocol denial of service
12285| [35291] MySQLDumper main.php security bypass
12286| [34811] MySQL udf_init and mysql_create_function command execution
12287| [34809] MySQL mysql_update privilege escalation
12288| [34349] MySQL ALTER information disclosure
12289| [34348] MySQL mysql_change_db privilege escalation
12290| [34347] MySQL RENAME TABLE weak security
12291| [34232] MySQL IF clause denial of service
12292| [33388] Advanced Website Creator (AWC) mysql_escape_string SQL injection
12293| [33285] Eve-Nuke mysql.php file include
12294| [32957] MySQL Commander dbopen.php file include
12295| [32933] cPanel load_language.php and mysqlconfig.php file include
12296| [32911] MySQL filesort function denial of service
12297| [32462] cPanel passwdmysql cross-site scripting
12298| [32288] RHSA-2006:0544 updates for mysql not installed
12299| [32266] MySQLNewsEngine affichearticles.php3 file include
12300| [31244] The Address Book MySQL export.php password information disclosure
12301| [31037] Php/Mysql Site Builder (PHPBuilder) htm2php.php directory traversal
12302| [30760] BTSaveMySql URL file disclosure
12303| [30191] StoryStream mysql.php and mysqli.php file include
12304| [30085] MySQL MS-DOS device name denial of service
12305| [30031] Agora MysqlfinderAdmin.php file include
12306| [29438] MySQLDumper mysqldumper_path/sql.php cross-site scripting
12307| [29179] paBugs class.mysql.php file include
12308| [29120] ZoomStats MySQL file include
12309| [28448] MySQL case sensitive database name privilege escalation
12310| [28442] MySQL GRANT EXECUTE privilege escalation
12311| [28387] FunkBoard admin/mysql_install.php and admin/pg_install.php unauthorized access
12312| [28202] MySQL multiupdate subselect query denial of service
12313| [28180] MySQL MERGE table security bypass
12314| [28176] PHP MySQL Banner Exchange lib.inc information disclosure
12315| [27995] Opsware Network Automation System MySQL plaintext password
12316| [27904] MySQL date_format() format string
12317| [27635] MySQL Instance Manager denial of service
12318| [27212] MySQL SELECT str_to_date denial of service
12319| [26875] MySQL ASCII escaping SQL injection
12320| [26420] Apple Mac OS X MySQL Manager blank password
12321| [26236] MySQL login packet information disclosure
12322| [26232] MySQL COM_TABLE_DUMP buffer overflow
12323| [26228] MySQL sql_parce.cc information disclosure
12324| [26042] MySQL running
12325| [25313] WoltLab Burning Board class_db_mysql.php cross-site scripting
12326| [24966] MySQL mysql_real_query logging bypass
12327| [24653] PAM-MySQL logging function denial of service
12328| [24652] PAM-MySQL authentication double free code execution
12329| [24567] PHP/MYSQL Timesheet index.php and changehrs.php SQL injection
12330| [24095] PHP ext/mysqli exception handling format string
12331| [23990] PHP mysql_connect() buffer overflow
12332| [23596] MySQL Auction search module could allow cross-site scripting
12333| [22642] RHSA-2005:334 updates for mysql not installed
12334| [21757] MySQL UDF library functions command execution
12335| [21756] MySQL LoadLibraryEx function denial of service
12336| [21738] MySQL UDF mysql_create_function function directory traversal
12337| [21737] MySQL user defined function buffer overflow
12338| [21640] MySQL Eventum multiple class SQL injection
12339| [21638] MySQL Eventum multiple scripts cross-site scripting
12340| [20984] xmysqladmin temporary file symlink
12341| [20656] MySQL mysql_install_db script symlink
12342| [20333] Plans MySQL password information disclosure
12343| [19659] MySQL CREATE TEMPORARY TABLE command creates insecure files
12344| [19658] MySQL udf_init function gain access
12345| [19576] auraCMS mysql_fetch_row function path disclosure
12346| [18922] MySQL mysqlaccess script symlink attack
12347| [18824] MySQL UDF root privileges
12348| [18464] mysql_auth unspecified vulnerability
12349| [18449] Sugar Sales plaintext MySQL password
12350| [17783] MySQL underscore allows elevated privileges
12351| [17768] MySQL MATCH ... AGAINST SQL statement denial of service
12352| [17667] MySQL UNION change denial of service
12353| [17666] MySQL ALTER TABLE RENAME bypass restriction
12354| [17493] MySQL libmysqlclient bulk inserts buffer overflow
12355| [17462] MySQLGuest AWSguest.php script cross-site scripting
12356| [17047] MySQL mysql_real_connect buffer overflow
12357| [17030] MySQL mysqlhotcopy insecure temporary file
12358| [16612] MySQL my_rnd buffer overflow
12359| [16604] MySQL check_scramble_323 function allows unauthorized access
12360| [15883] MySQL mysqld_multi script symlink attack
12361| [15617] MySQL mysqlbug script symlink attack
12362| [15417] Confixx db_mysql_loeschen2.php SQL injection
12363| [15280] Proofpoint Protection Server MySQL allows unauthorized access
12364| [13404] HP Servicecontrol Manager multiple vulnerabilities in MySQL could allow execution of code
12365| [13153] MySQL long password buffer overflow
12366| [12689] MySQL AB ODBC Driver stores ODBC passwords and usernames in plain text
12367| [12540] Teapop PostSQL and MySQL modules SQL injection
12368| [12337] MySQL mysql_real_connect function buffer overflow
12369| [11510] MySQL datadir/my.cnf modification could allow root privileges
12370| [11493] mysqlcc configuration and connection files are world writable
12371| [11340] SuckBot mod_mysql_logger denial of service
12372| [11199] MySQL mysql_change_user() double-free memory pointer denial of service
12373| [10850] MySQL libmysql client read_one_row buffer overflow
12374| [10849] MySQL libmysql client read_rows buffer overflow
12375| [10848] MySQL COM_CHANGE_USER password buffer overflow
12376| [10847] MySQL COM_CHANGE_USER command password authentication bypass
12377| [10846] MySQL COM_TABLE_DUMP unsigned integer denial of service
12378| [10483] Bugzilla stores passwords in plain text in the MySQL database
12379| [10455] gBook MySQL could allow administrative access
12380| [10243] MySQL my.ini "
12381| [9996] MySQL SHOW GRANTS command discloses adminstrator`s encrypted password
12382| [9909] MySQL logging disabled by default on Windows
12383| [9908] MySQL binding to the loopback adapter is disabled
12384| [9902] MySQL default root password could allow unauthorized access
12385| [8748] Cyrus SASL LDAP+MySQL patch allows user unauthorized POP access
12386| [8105] PHP MySQL client library allows an attacker to bypass safe_mode restrictions
12387| [7923] Conectiva Linux MySQL /var/log/mysql file has insecure permissions
12388| [7206] WinMySQLadmin stores MySQL password in plain text
12389| [6617] MySQL "
12390| [6419] MySQL drop database command buffer overflow
12391| [6418] MySQL libmysqlclient.so buffer overflow
12392| [5969] MySQL select buffer overflow
12393| [5447] pam_mysql authentication input
12394| [5409] MySQL authentication algorithm obtain password hash
12395| [5057] PCCS MySQL Database Admin Tool could reveal username and password
12396| [4228] MySQL unauthenticated remote access
12397| [3849] MySQL default test account could allow any user to connect to the database
12398| [1568] MySQL creates readable log files
12399|
12400| Exploit-DB - https://www.exploit-db.com:
12401| [30744] MySQL <= 5.1.23 Server InnoDB CONVERT_SEARCH_MODE_TO_INNOBASE Function Denial Of Service Vulnerability
12402| [30677] Asterisk 'asterisk-addons' 1.2.7/1.4.3 CDR_ADDON_MYSQL Module SQL Injection Vulnerability
12403| [30020] MySQL 5.0.x - IF Query Handling Remote Denial of Service Vulnerability
12404| [29724] MySQL 5.0.x Single Row SubSelect Remote Denial of Service Vulnerability
12405| [29653] Active Calendar 1.2 data/mysqlevents.php css Parameter XSS
12406| [29572] CPanel <= 11 PassWDMySQL Cross-Site Scripting Vulnerability
12407| [29569] MySQLNewsEngine Affichearticles.PHP3 Remote File Include Vulnerability
12408| [28783] MySQLDumper 1.21 SQL.PHP Cross-Site Scripting Vulnerability
12409| [28398] MySQL 4/5 SUID Routine Miscalculation Arbitrary DML Statement Execution
12410| [28308] Banex PHP MySQL Banner Exchange 2.21 members.php cfg_root Parameter Remote File Inclusion
12411| [28307] Banex PHP MySQL Banner Exchange 2.21 admin.php Multiple Parameter SQL Injection
12412| [28306] Banex PHP MySQL Banner Exchange 2.21 signup.php site_name Parameter SQL Injection
12413| [28234] MySQL 4.x/5.x Server Date_Format Denial of Service Vulnerability
12414| [28026] MySQL Server 4/5 Str_To_Date Remote Denial of Service Vulnerability
12415| [27464] Cholod MySQL Based Message Board Mb.CGI SQL Injection Vulnerability
12416| [27444] Woltlab Burning Board 2.3.4 Class_DB_MySQL.PHP Cross-Site Scripting Vulnerability
12417| [27326] MySQL 5.0.18 Query Logging Bypass Vulnerability
12418| [26058] MySQL AB Eventum 1.x get_jsrs_data.php F Parameter XSS
12419| [26057] MySQL AB Eventum 1.x list.php release Parameter XSS
12420| [26056] MySQL AB Eventum 1.x view.php id Parameter XSS
12421| [25211] MySQL 4.x CREATE TEMPORARY TABLE Symlink Privilege Escalation
12422| [25210] MySQL 4.x CREATE FUNCTION mysql.func Table Arbitrary Library Injection
12423| [25209] MySQL 4.x CREATE FUNCTION Arbitrary libc Code Execution
12424| [24805] MySQL MaxDB 7.5 WAHTTP Server Remote Denial of Service Vulnerability
12425| [24669] MySQL 3.x/4.x ALTER TABLE/RENAME Forces Old Permission Checks
12426| [24250] MySQL 4.1/5.0 Authentication Bypass Vulnerability
12427| [23179] Oracle MySQL for Microsoft Windows MOF Execution
12428| [23138] MySQL 3.23.x/4.0.x Password Handler Buffer Overflow Vulnerability
12429| [23083] MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
12430| [23081] MySQL Remote Preauth User Enumeration Zeroday
12431| [23078] MySQL Denial of Service Zeroday PoC
12432| [23077] MySQL (Linux) Database Privilege Elevation Zeroday Exploit
12433| [23076] MySQL (Linux) Heap Based Overrun PoC Zeroday
12434| [23075] MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
12435| [23073] MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)
12436| [22946] MySQL AB ODBC Driver 3.51 Plain Text Password Vulnerability
12437| [22565] MySQL 3.x/4.0.x Weak Password Encryption Vulnerability
12438| [22340] MySQL 3.23.x mysqld Privilege Escalation Vulnerability
12439| [22085] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Memory Corruption Vulnerability
12440| [22084] MySQL 3.23.x/4.0.x COM_CHANGE_USER Password Length Account Compromise Vulnerability
12441| [21726] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (2)
12442| [21725] MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)
12443| [21266] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
12444| [21265] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
12445| [21264] PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
12446| [20718] MySQL 3.20.32 a/3.23.34 Root Operation Symbolic Link File Overwriting Vulnerability
12447| [20581] Mysql 3.22.x/3.23.x Local Buffer Overflow Vulnerability
12448| [20355] Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
12449| [20055] MySQL Squid Access Report 2.1.4 HTML Injection
12450| [20044] Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers
12451| [19721] MySQL 3.22.27/3.22.29/3.23.8 GRANT Global Password Changing Vulnerability
12452| [19092] MySQL Remote Root Authentication Bypass
12453| [18269] MySQL 5.5.8 - Remote Denial of Service (DOS)
12454| [16957] Oracle MySQL for Microsoft Windows Payload Execution
12455| [16850] MySQL yaSSL CertDecoder::GetName Buffer Overflow
12456| [16849] MySQL yaSSL SSL Hello Message Buffer Overflow
12457| [16701] MySQL yaSSL SSL Hello Message Buffer Overflow
12458| [15467] Oracle MySQL < 5.1.49 'WITH ROLLUP' Denial of Service Vulnerability
12459| [14654] CMSQLite <= 1.2 & CMySQLite <= 1.3.1 - Remote Code Execution Exploit
12460| [14537] Oracle MySQL 'ALTER DATABASE' Remote Denial of Service Vulnerability
12461| [14096] CMSQlite & CMySQLite CSRF Vulnerability
12462| [10876] PHP-MySQL-Quiz SQL Injection Vulnerability
12463| [10450] Linkster PHP/MySQL SQL Injection Vulnerability
12464| [10260] Robert Zimmerman PHP / MYSQL Scripts Admin Bypass
12465| [9953] MySQL <= 6.0 yaSSL <= 1.7.5 Hello Message Buffer Overflow
12466| [9085] MySQL <= 5.0.45 COM_CREATE_DB Format String PoC (auth)
12467| [8037] ProFTPd with mod_mysql Authentication Bypass Vulnerability
12468| [7856] MySQL 4/5/6 UDF for Command Execution
12469| [7020] MySQL Quick Admin 1.5.5 - Local File Inclusion Vulnerability
12470| [6641] MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability
12471| [6577] PromoteWeb MySQL (go.php id) Remote SQL Injection Vulnerability
12472| [6136] phpWebNews 0.2 MySQL Edition (SQL) Insecure Cookie Handling Vuln
12473| [5999] phpWebNews 0.2 MySQL Edition (det) SQL Injection Vulnerability
12474| [5998] phpWebNews 0.2 MySQL Edition (id_kat) SQL Injection Vulnerability
12475| [5913] MyBlog: PHP and MySQL Blog/CMS software (SQL/XSS) Vulnerabilities
12476| [4615] MySQL <= 5.0.45 (Alter) Denial of Service Vulnerability
12477| [4392] PHP <= 4.4.7 / 5.2.3 MySQL/MySQLi Safe Mode Bypass Vulnerability
12478| [3685] MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
12479| [3591] PHP-Nuke Module Eve-Nuke 0.1 (mysql.php) RFI Vulnerability
12480| [3468] MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
12481| [3450] NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit
12482| [3344] PHP-Nuke <= 8.0 Final (INSERT) Blind SQL Injection Exploit (mysql)
12483| [3274] MySQL 4.x/5.0 User-Defined Function Command Execution Exploit (win)
12484| [2969] Php/Mysql Site Builder 0.0.2 (htm2php.php) File Disclosure Vulnerability
12485| [2726] Agora 1.4 RC1 (MysqlfinderAdmin.php) Remote File Include Vulnerability
12486| [2554] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit (php)
12487| [2466] cPanel <= 10.8.x (cpwrap via mysqladmin) Local Root Exploit
12488| [2437] paBugs <= 2.0 Beta 3 (class.mysql.php) Remote File Include Exploit
12489| [2420] ZoomStats <= 1.0.2 (mysql.php) Remote File Include Vulnerability
12490| [1742] MySQL (<= 4.1.18, 5.0.20) Local/Remote Information Leakage Exploit
12491| [1741] MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit
12492| [1518] MySQL 4.x/5.0 User-Defined Function Local Privilege Escalation Exploit
12493| [1406] PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit
12494| [1181] MySQL 4.0.17 UDF Dynamic Library Exploit
12495| [1134] MySQL Eventum <= 1.5.5 (login.php) SQL Injection Exploit
12496| [960] MySQL MaxDB Webtool <= 7.5.00.23 Remote Stack Overflow Exploit
12497| [311] MySQL 4.1/5.0 zero-length password Auth. Bypass Exploit
12498| [98] MySQL 3.23.x/4.0.x Remote Exploit
12499|
12500| OpenVAS (Nessus) - http://www.openvas.org:
12501| [902675] MySQLDumper Multiple Vulnerabilities
12502| [881549] CentOS Update for mysql CESA-2012:1551 centos6
12503| [881538] CentOS Update for mysql CESA-2012:1462 centos6
12504| [881225] CentOS Update for mysql CESA-2012:0105 centos6
12505| [881185] CentOS Update for mysql CESA-2012:0127 centos5
12506| [881061] CentOS Update for mysql CESA-2012:0874 centos6
12507| [880760] CentOS Update for mysql CESA-2009:1289 centos5 i386
12508| [880613] CentOS Update for mysql CESA-2010:0109 centos5 i386
12509| [880577] CentOS Update for mysql CESA-2010:0442 centos5 i386
12510| [880452] CentOS Update for mysql CESA-2010:0824 centos4 i386
12511| [880366] CentOS Update for mysql CESA-2010:0110 centos4 i386
12512| [880329] CentOS Update for mysql CESA-2007:1155 centos4 x86_64
12513| [880324] CentOS Update for mysql CESA-2007:1155 centos4 i386
12514| [870870] RedHat Update for mysql RHSA-2012:1551-01
12515| [870861] RedHat Update for mysql RHSA-2012:1462-01
12516| [870778] RedHat Update for mysql RHSA-2012:0874-04
12517| [870736] RedHat Update for mysql RHSA-2011:0164-01
12518| [870647] RedHat Update for mysql RHSA-2012:0105-01
12519| [870547] RedHat Update for mysql RHSA-2012:0127-01
12520| [870357] RedHat Update for mysql RHSA-2010:0824-01
12521| [870356] RedHat Update for mysql RHSA-2010:0825-01
12522| [870272] RedHat Update for mysql RHSA-2010:0442-01
12523| [870218] RedHat Update for mysql RHSA-2010:0110-01
12524| [870216] RedHat Update for mysql RHSA-2010:0109-01
12525| [870195] RedHat Update for mysql RHSA-2007:1155-01
12526| [870069] RedHat Update for mysql RHSA-2008:0364-01
12527| [870033] RedHat Update for mysql RHSA-2008:0768-01
12528| [864951] Fedora Update for mysql FEDORA-2012-19823
12529| [864945] Fedora Update for mysql FEDORA-2012-19833
12530| [864504] Fedora Update for mysql FEDORA-2012-9324
12531| [864474] Fedora Update for mysql FEDORA-2012-9308
12532| [863910] Fedora Update for mysql FEDORA-2012-0972
12533| [863725] Fedora Update for mysql FEDORA-2012-0987
12534| [862844] Fedora Update for mod_auth_mysql FEDORA-2011-0100
12535| [862840] Fedora Update for mod_auth_mysql FEDORA-2011-0114
12536| [862676] Fedora Update for mysql FEDORA-2010-15147
12537| [862444] Fedora Update for mysql FEDORA-2010-15166
12538| [862300] Fedora Update for mysql FEDORA-2010-11126
12539| [862290] Fedora Update for mysql FEDORA-2010-11135
12540| [862149] Fedora Update for mysql FEDORA-2010-9053
12541| [862148] Fedora Update for mysql FEDORA-2010-9061
12542| [862136] Fedora Update for mysql FEDORA-2010-9016
12543| [861948] Fedora Update for mysql FEDORA-2010-7355
12544| [861936] Fedora Update for mysql FEDORA-2010-7414
12545| [861707] Fedora Update for mysql FEDORA-2010-1300
12546| [861651] Fedora Update for mysql FEDORA-2010-1348
12547| [861544] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3369
12548| [861392] Fedora Update for mysql FEDORA-2007-4471
12549| [861180] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3369
12550| [861162] Fedora Update for php-pear-MDB2-Driver-mysql FEDORA-2007-3376
12551| [861108] Fedora Update for php-pear-MDB2-Driver-mysqli FEDORA-2007-3376
12552| [861033] Fedora Update for mysql FEDORA-2007-4465
12553| [855481] Solaris Update for mysql 120292-02
12554| [855333] Solaris Update for mysql 120293-02
12555| [850182] SuSE Update for mysql openSUSE-SU-2012:0860-1 (mysql)
12556| [841248] Ubuntu Update for mysql-5.5 USN-1658-1
12557| [841207] Ubuntu Update for mysql-5.5 USN-1621-1
12558| [841039] Ubuntu Update for mysql-5.5 USN-1467-1
12559| [840989] Ubuntu Update for mysql-5.1 USN-1427-1
12560| [840944] Ubuntu Update for mysql-5.1 USN-1397-1
12561| [840533] Ubuntu Update for MySQL vulnerabilities USN-1017-1
12562| [840442] Ubuntu Update for MySQL vulnerabilities USN-950-1
12563| [840384] Ubuntu Update for MySQL vulnerabilities USN-897-1
12564| [840292] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-671-1
12565| [840240] Ubuntu Update for mysql-dfsg-5.0 regression USN-588-2
12566| [840219] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-588-1
12567| [840106] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-559-1
12568| [840042] Ubuntu Update for mysql-dfsg-5.0 vulnerabilities USN-528-1
12569| [840012] Ubuntu Update for mysql-dfsg-5.0 vulnerability USN-440-1
12570| [835096] HP-UX Update for on HP 9000 Servers Running MySQL HPSBUX00287
12571| [831755] Mandriva Update for mysql MDVSA-2012:178 (mysql)
12572| [831684] Mandriva Update for mysql MDVA-2012:049 (mysql)
12573| [831547] Mandriva Update for mysql MDVA-2012:022 (mysql)
12574| [831532] Mandriva Update for mysql MDVA-2012:005 (mysql)
12575| [831519] Mandriva Update for mysql MDVA-2011:099 (mysql)
12576| [831425] Mandriva Update for mysql MDVA-2011:025 (mysql)
12577| [831327] Mandriva Update for mysql MDVA-2011:005 (mysql)
12578| [831315] Mandriva Update for mysql MDVSA-2011:012 (mysql)
12579| [831295] Mandriva Update for mysql MDVA-2010:240 (mysql)
12580| [831244] Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
12581| [831243] Mandriva Update for mysql MDVSA-2010:222 (mysql)
12582| [831237] Mandriva Update for mysql MDVSA-2010:223 (mysql)
12583| [831202] Mandriva Update for mysql MDVA-2010:210 (mysql)
12584| [831134] Mandriva Update for mysql MDVSA-2010:155 (mysql)
12585| [831049] Mandriva Update for mysql MDVSA-2010:107 (mysql)
12586| [831048] Mandriva Update for mysql MDVSA-2010:101 (mysql)
12587| [831034] Mandriva Update for mysql MDVA-2010:146 (mysql)
12588| [831033] Mandriva Update for mysql MDVSA-2010:093 (mysql)
12589| [830902] Mandriva Update for mysql MDVSA-2010:044 (mysql)
12590| [830821] Mandriva Update for mysql MDVSA-2010:011 (mysql)
12591| [830806] Mandriva Update for mysql MDVSA-2010:012 (mysql)
12592| [830772] Mandriva Update for mysql MDVSA-2008:150 (mysql)
12593| [830664] Mandriva Update for mysql MDVA-2008:018 (mysql)
12594| [830659] Mandriva Update for mysql MDVSA-2008:017 (mysql)
12595| [830513] Mandriva Update for mysql MDVSA-2008:028 (mysql)
12596| [830421] Mandriva Update for mysql MDVSA-2008:149 (mysql)
12597| [830297] Mandriva Update for MySQL MDKSA-2007:177 (MySQL)
12598| [830223] Mandriva Update for perl-DBD-mysql MDKA-2007:066 (perl-DBD-mysql)
12599| [830063] Mandriva Update for MySQL MDKSA-2007:139 (MySQL)
12600| [830032] Mandriva Update for MySQL MDKSA-2007:243 (MySQL)
12601| [801593] Oracle MySQL Eventum Multiple Cross Site Scripting Vulnerabilities
12602| [801205] MySQL Connector/Net SSL Certificate Validation Security Bypass Vulnerability
12603| [103051] PHP MySQLi Extension 'set_magic_quotes_runtime' Function Security-Bypass Weakness
12604| [100662] PHP Mysqlnd Extension Information Disclosure and Multiple Buffer Overflow Vulnerabilities
12605| [71475] Debian Security Advisory DSA 2496-1 (mysql-5.1)
12606| [71233] Debian Security Advisory DSA 2429-1 (mysql-5.1)
12607| [70803] Gentoo Security Advisory GLSA 201201-02 (MySQL)
12608| [70586] FreeBSD Ports: proftpd, proftpd-mysql
12609| [67541] Debian Security Advisory DSA 2057-1 (mysql-dfsg-5.0)
12610| [66577] Fedora Core 11 FEDORA-2009-13504 (mysql)
12611| [66573] Fedora Core 12 FEDORA-2009-13466 (mysql)
12612| [66553] Mandriva Security Advisory MDVSA-2009:189-1 (apache-mod_auth_mysql)
12613| [66508] Fedora Core 10 FEDORA-2009-12180 (mysql)
12614| [66425] Mandriva Security Advisory MDVSA-2009:326 (mysql)
12615| [66256] Fedora Core 11 FEDORA-2009-10701 (ocaml-mysql)
12616| [66251] Fedora Core 10 FEDORA-2009-10582 (ocaml-mysql)
12617| [66056] Debian Security Advisory DSA 1910-1 (mysql-ocaml)
12618| [66035] Mandrake Security Advisory MDVSA-2009:279 (ocaml-mysql)
12619| [65937] SLES10: Security update for MySQL
12620| [65884] SLES10: Security update for MySQL
12621| [65827] SLES10: Security update for MySQL
12622| [65710] SLES11: Security update for MySQL
12623| [65610] SLES9: Security update for MySQL
12624| [65566] SLES9: Security update for MySQL
12625| [65507] SLES9: Security update for MySQL
12626| [65502] SLES9: Security update for mysql
12627| [65426] SLES9: Security update for MySQL
12628| [65385] SLES9: Security update for mysql
12629| [65341] SLES9: Security update for MySQL
12630| [65181] SLES9: Security update for MySQL
12631| [65176] SLES9: Security update for MySQL
12632| [64932] CentOS Security Advisory CESA-2009:1289 (mysql)
12633| [64820] Debian Security Advisory DSA 1877-1 (mysql-dfsg-5.0)
12634| [64532] Mandrake Security Advisory MDVSA-2009:189 (apache-mod_auth_mysql)
12635| [64522] Mandrake Security Advisory MDVSA-2009:179 (mysql)
12636| [64461] Mandrake Security Advisory MDVSA-2009:159 (mysql)
12637| [63872] Mandrake Security Advisory MDVSA-2009:094 (mysql)
12638| [63630] FreeBSD Ports: proftpd, proftpd-mysql
12639| [63171] FreeBSD Ports: mysql-server
12640| [63170] FreeBSD Ports: mysql-server
12641| [63169] FreeBSD Ports: mysql-server
12642| [63168] FreeBSD Ports: mysql-server
12643| [63095] FreeBSD Ports: mysql-server
12644| [61852] Debian Security Advisory DSA 1662-1 (mysql-dfsg-5.0)
12645| [61699] FreeBSD Ports: mysql-client
12646| [61656] FreeBSD Ports: proftpd, proftpd-mysql
12647| [61618] FreeBSD Ports: mysql-server
12648| [61599] Gentoo Security Advisory GLSA 200809-04 (mysql)
12649| [61283] Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)
12650| [60804] Gentoo Security Advisory GLSA 200804-04 (mysql)
12651| [60271] Debian Security Advisory DSA 1478-1 (mysql-dfsg-5.0)
12652| [60106] Debian Security Advisory DSA 1451-1 (mysql-dfsg-5.0)
12653| [60017] Slackware Advisory SSA:2007-348-01 mysql
12654| [59638] Debian Security Advisory DSA 1413-1 (mysql-dfsg, mysql-dfsg-5.0, mysql-dfsg-4.1)
12655| [59245] Gentoo Security Advisory GLSA 200711-25 (mysql)
12656| [58863] FreeBSD Ports: freeradius, freeradius-mysql
12657| [58545] Gentoo Security Advisory GLSA 200708-10 (mysql)
12658| [58261] Gentoo Security Advisory GLSA 200705-11 (MySQL)
12659| [57859] Gentoo Security Advisory GLSA 200608-09 (mysql)
12660| [57725] FreeBSD Ports: proftpd, proftpd-mysql
12661| [57576] FreeBSD Ports: proftpd, proftpd-mysql
12662| [57527] FreeBSD Ports: mysql-server
12663| [57526] FreeBSD Ports: mysql-server
12664| [57337] Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)
12665| [57257] FreeBSD Ports: mysql-server
12666| [57167] Slackware Advisory SSA:2006-211-01 mysql
12667| [57109] Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
12668| [56964] Gentoo Security Advisory GLSA 200606-18 (pam_mysql)
12669| [56940] Gentoo Security Advisory GLSA 200606-13 (MySQL)
12670| [56924] Debian Security Advisory DSA 1092-1 (mysql-dfsg-4.1)
12671| [56861] Slackware Advisory SSA:2006-155-01 mysql
12672| [56850] FreeBSD Ports: mysql-server
12673| [56849] FreeBSD Ports: mysql-server
12674| [56833] Debian Security Advisory DSA 1079-1 (mysql-dfsg)
12675| [56789] Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)
12676| [56788] Debian Security Advisory DSA 1071-1 (mysql)
12677| [56730] Slackware Advisory SSA:2006-129-02 mysql
12678| [56728] Gentoo Security Advisory GLSA 200605-13 (MySQL)
12679| [56714] FreeBSD Ports: mysql-server
12680| [55520] Debian Security Advisory DSA 833-2 (mysql-dfsg-4.1)
12681| [55514] Debian Security Advisory DSA 833-1 (mysql-dfsg-4.1)
12682| [55493] Debian Security Advisory DSA 829-1 (mysql)
12683| [55492] Debian Security Advisory DSA 831-1 (mysql-dfsg)
12684| [55164] Debian Security Advisory DSA 783-1 (mysql-dfsg-4.1)
12685| [54884] Gentoo Security Advisory GLSA 200503-19 (mysql)
12686| [54819] Gentoo Security Advisory GLSA 200501-33 (mysql)
12687| [54713] Gentoo Security Advisory GLSA 200410-22 (MySQL)
12688| [54659] Gentoo Security Advisory GLSA 200409-02 (MySQL)
12689| [54580] Gentoo Security Advisory GLSA 200405-20 (MySQL)
12690| [54483] FreeBSD Ports: proftpd, proftpd-mysql
12691| [54201] FreeBSD Ports: mysql-server
12692| [53776] Debian Security Advisory DSA 013-1 (mysql)
12693| [53755] Debian Security Advisory DSA 483-1 (mysql)
12694| [53750] Debian Security Advisory DSA 707-1 (mysql)
12695| [53666] Debian Security Advisory DSA 381-1 (mysql)
12696| [53595] Debian Security Advisory DSA 303-1 (mysql)
12697| [53585] Debian Security Advisory DSA 212-1 (mysql)
12698| [53481] Debian Security Advisory DSA 647-1 (mysql)
12699| [53251] Debian Security Advisory DSA 562-1 (mysql)
12700| [53230] Debian Security Advisory DSA 540-1 (mysql)
12701| [52466] FreeBSD Ports: exim, exim-ldap2, exim-mysql, exim-postgresql
12702| [52459] FreeBSD Ports: mysql-client
12703| [52419] FreeBSD Ports: mysql-scripts
12704| [52406] FreeBSD Ports: mysql-server
12705| [52375] FreeBSD Ports: mysql-server, mysql-client
12706| [52274] FreeBSD Ports: mysql-server
12707| [52273] FreeBSD Ports: mysql-server
12708| [52272] FreeBSD Ports: mysql-server
12709| [52271] FreeBSD Ports: mysql-server
12710| [52270] FreeBSD Ports: mysql-server
12711| [52233] FreeBSD Ports: mysql-scripts
12712| [52158] FreeBSD Ports: mysql-server
12713| [16093] MySQL Eventum Multiple flaws
12714| [12639] MySQL Authentication bypass through a zero-length password
12715| [10783] PCCS-Mysql User/Password Exposure
12716|
12717| SecurityTracker - https://www.securitytracker.com:
12718| [1028790] MySQL Multiple Bugs Let Remote Users Deny Service and Partially Access and Modify Data
12719| [1028449] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service and Partially Access and Modify Data
12720| [1028004] MySQL Multiple Bugs Let Remote Authenticated Users Take Full Control or Deny Service and Let Local Users Access and Modify Data
12721| [1027829] MySQL Bug in UpdateXML() Lets Remote Authenticated Users Deny Service
12722| [1027828] MySQL Heap Overflow May Let Remote Authenticated Users Execute Arbitrary Code
12723| [1027827] MySQL Stack Overflow May Let Remote Authenticated Users Execute Arbitrary Code
12724| [1027665] MySQL Multiple Bugs Let Remote Authenticated Users Access and Modify Data and Deny Service and Local Users Access Data
12725| [1027263] MySQL Multiple Bugs Let Remote Authenticated Users Deny Service
12726| [1027143] MySQL memcmp() Comparison Error Lets Remote Users Bypass Authentication
12727| [1026934] MySQL Multiple Bugs Let Remote Users Deny Service
12728| [1026896] MySQL Unspecified Flaws Have Unspecified Impact
12729| [1026659] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
12730| [1026530] MySQL Multiple Bugs Let Local and Remote Users Partially Access and Modifiy Data and Partially Deny Service
12731| [1024508] MySQL Replication Flaw Lets Remote Authenticated Users Gain Elevated Privileges
12732| [1024507] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
12733| [1024360] MySQL Multiple Flaws Let Remote Authenticated Users Deny Service
12734| [1024160] MySQL ALTER DATABASE Processing Error Lets Remote Authenticated Users Deny Service
12735| [1024033] MySQL COM_FIELD_LIST Packet Buffer Overflow Lets Remote Authenticated Users Execute Arbitrary Code
12736| [1024032] MySQL Large Packet Processing Flaw in my_net_skip_rest() Lets Remote Users Deny Service
12737| [1024031] MySQL COM_FIELD_LIST Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges
12738| [1024004] MySQL mi_delete_table() Symlink Flaw Lets Remote Authenticated Users Delete Data and Index Files
12739| [1023402] MySQL Unspecified Flaw Lets Remote Users Execute Arbitrary Code
12740| [1023220] MySQL Client Fails to Check Server Certificates in Certain Cases
12741| [1022812] MySQL Unspecified Buffer Overflow Lets Remote Users Execute Arbitrary Code
12742| [1022533] MySQL Format String Bug in dispatch_command() Lets Remote Users Deny Service
12743| [1022482] MySQL Connector/Net is Missing SSL Certificate Validation
12744| [1021786] MySQL Bug in ExtractValue()/UpdateXML() in Processing XPath Expressions Lets Remote Authenticated Users Deny Service
12745| [1021714] (Red Hat Issues Fix) mod_auth_mysql Input Validation Flaw Lets Remote Users Inject SQL Commands
12746| [1020858] MySQL Item_bin_string::Item_bin_string() Binary Value Processing Bug Lets Remote Authenticated Users Deny Service
12747| [1019995] MySQL MyISAM Options Let Local Users Overwrite Table Files
12748| [1019085] MySQL Bugs Let Remote Authenticated Users Gain Elevated Privileges and Deny Service
12749| [1019084] MySQL DATA DIRECTORY and INDEX DIRECTORY Options May Let Remote Authenticated Users Gain Elevated Privileges
12750| [1019083] MySQL BINLOG Filename Path Bug May Let Remote Authenticated Users Gain Elevated Privileges
12751| [1019060] MySQL Rename Table Bug Lets Remote Authenticated Users Modify System Table Information
12752| [1018978] MySQL convert_search_mode_to_innobase() Bug Lets Remote Authenticated Users Deny Service
12753| [1018824] Asterisk-Addons Input Validation Flaw in cdr_addon_mysql Lets Remote Users Inject SQL Commands
12754| [1018663] MySQL Table View Access Bug Lets Remote Authenticated Users Gain Elevated Privileges
12755| [1018629] MySQL Authentication Protocol Bug Lets Remote Users Deny Service
12756| [1018071] MySQL ALTER TABLE Function Lets Remote Authenticated Users Obtain Potentially Sensitive Information
12757| [1018070] MySQL SQL SECURITY INVOKER Routines Let Remote Authenticated Users Gain Elevated Privileges
12758| [1018069] MySQL Lets Remote Authenticated Users Issue the RENAME TABLE Command
12759| [1017746] MySQL Single Row Subselect Statements Let Remote Users Deny Service
12760| [1016790] MySQL Replication Error Lets Local Users Deny Service
12761| [1016710] MySQL Case-Sensitive Database Names May Let Users Access Restricted Databases
12762| [1016709] MySQL Error in Checking suid Routine Arguments May Let Users Gain Elevated Privileges
12763| [1016617] MySQL MERGE Access Control Error May Let Users Access a Restricted Table
12764| [1016566] Opsware Network Automation System Discloses MySQL Password to Local Users
12765| [1016216] MySQL Error in Parsing Multibyte Encoded Data in mysql_real_escape() Lets Remote Users Inject SQL Commands
12766| [1016077] Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database
12767| [1016017] MySQL Anonymous Login Processing May Disclose Some Memory Contents to Remote Users
12768| [1016016] MySQL COM_TABLE_DUMP Processing Lets Remote Authenticated Users Execute Arbitrary Code or Obtain Information
12769| [1015789] Woltlab Burning Board Input Validation Hole in 'class_db_mysql.php' Permits Cross-Site Scripting Attacks
12770| [1015693] MySQL Query Bug Lets Remote Users Bypass Query Logging
12771| [1015603] PAM-MySQL pam_get_item() Double Free May Let Remote Users Execute Arbitrary Code
12772| [1015485] PHP mysqli Extension Error Mode Format String Flaw May Let Users Execute Arbitrary Code
12773| [1014603] MySQL Eventum Input Validation Hole in 'class.auth.php' Permits SQL Injection and Other Input Validation Bugs Permit Cross-Site Scripting Attacks
12774| [1014172] xMySQLadmin Lets Local Users Delete Files
12775| [1013995] MySQL 'mysql_install_db' Uses Unsafe Temporary Files and May Let Local Users Gain Elevated Privilege
12776| [1013994] MySQL Non-existent '--user' Error May Allow the Database to Run With Incorrect Privileges
12777| [1013415] MySQL CREATE FUNCTION Lets Authenticated Users Invoke libc Functions to Execute Arbitrary Code
12778| [1013414] MySQL udf_init() Path Validation Flaw Lets Authenticated Users Execute Arbitrary Libraries
12779| [1013413] MySQL CREATE TEMPORARY TABLE Uses Predictable Temporary Files That May Let Users Gain Elevated Privileges
12780| [1012914] MySQL 'mysqlaccess.sh' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
12781| [1012893] MySQL MaxDB Buffer Overflow in websql Password Parameter Lets Remote Users Execute Arbitrary Code
12782| [1012500] mysql_auth Memory Leak Has Unspecified Impact
12783| [1011741] MySQL Access Control Error in Databases With Underscore Wildcard Character May Grant Unauthorized Access
12784| [1011606] MySQL May Let Remote Authenticated Users Access Restricted Tables or Crash the System
12785| [1011408] MySQL libmysqlclient Buffer Overflow in Executing Prepared Statements Has Unspecified Impact
12786| [1011376] MySQLGuest Lack of Input Validation Lets Remote Users Conduct Cross-Site Scripting Attacks
12787| [1011008] MySQL Buffer Overflow in mysql_real_connect() May Let Remote Users Execute Arbitrary Code
12788| [1010979] MySQL 'mysqlhotcopy' Unsafe Temporary Files May Let Local Users Gain Elevated Privileges
12789| [1010645] MySQL check_scramble_323() Zero-Length Comparison Lets Remote Users Bypass Authentication
12790| [1009784] MySQL 'mysqld_multi' Temporary File Flaw Lets Local Users Overwrite Files
12791| [1009554] MySQL 'mysqlbug' Temporary File Flaw Lets Local Users Overwrite Files
12792| [1007979] MySQL mysql_change_user() Double Free Error Lets Remote Authenticated Users Crash mysqld
12793| [1007673] MySQL acl_init() Buffer Overflow Permits Remote Authenticated Administrators to Execute Arbitrary Code
12794| [1007518] DWebPro Discloses MySQL Database Password to Local Users
12795| [1007312] MySQL World-Writable Configuration File May Let Local Users Gain Root Privileges
12796| [1006976] MySQL Buffer Overflow in 'mysql_real_connect()' Client Function May Let Remote or Local Users Execute Arbitrary Code
12797| [1005800] MySQL Overflow and Authentication Bugs May Let Remote Users Execute Code or Access Database Accounts
12798| [1005345] MySQL Buffer Overflow Lets Local Users Gain System Privileges on Windows NT
12799| [1004506] vBulletin PHP-based Forum Software Has Unspecified Security Flaw in the 'db_mysql.php' Module
12800| [1004172] PHP-Survey Script Discloses Underlying MySQL Database Username and Password to Remote Users
12801| [1003955] 3rd Party Patch for Cyrus SASL ('auxprop for mysql and ldap') Lets Remote Users Access Protected POP Mail Accounts Without Authentication
12802| [1003290] Conectiva Linux MySQL Distribution May Allow Local Users to Obtain Sensitive Information
12803| [1002993] PurePostPro Script Add-on for PureFTPd and MySQL Allows Remote Users to Execute SQL Commands on the Server
12804| [1002485] WinMySQLadmin Database Administration Tool Discloses MySQL Password to Local Users
12805| [1002324] Vpopmail Mail Server Discloses Database Password to Local Users When Installed with MySQL
12806| [1001411] phpMyAdmin Administration Tool for MySQL Allows Remote Users to Execute Commands on the Server
12807| [1001118] MySQL Database Allows Authorized Users to Modify Server Files to Deny Service or Obtain Additional Access
12808|
12809| OSVDB - http://www.osvdb.org:
12810| [95337] Oracle MySQL Server XA Transactions Subcomponent Unspecified Remote DoS
12811| [95336] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
12812| [95335] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
12813| [95334] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue
12814| [95333] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
12815| [95332] Oracle MySQL Server Parser Subcomponent Unspecified Remote DoS
12816| [95331] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3801)
12817| [95330] Oracle MySQL Server Options Subcomponent Unspecified Remote DoS (2013-3808)
12818| [95329] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3796)
12819| [95328] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2013-3804)
12820| [95327] Oracle MySQL Server Prepared Statements Subcomponent Unspecified Remote DoS
12821| [95326] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
12822| [95325] Oracle MySQL Server Full Text Search Subcomponent Unspecified Remote DoS
12823| [95324] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3795)
12824| [95323] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-3793)
12825| [95322] Oracle MySQL Server Audit Log Subcomponent Unspecified Remote Issue
12826| [95321] Oracle MySQL Server MemCached Subcomponent Unspecified Remote Issue
12827| [95131] AutoMySQLBackup /usr/sbin/automysqlbackup Database Name Arbitrary Code Injection
12828| [94076] Debian Linux MySQL Server mysql-server-5.5.postinst Race Condition debian.cnf Plaintext Credential Local Disclosure
12829| [93505] Wireshark MySQL Dissector (packet-mysql.c) Malformed Packet Handling Infinite Loop Remote DoS
12830| [93174] MySQL Crafted Derived Table Handling DoS
12831| [92967] MySQL2JSON (mn_mysql2json) Extension for TYPO3 Unspecified SQL Injection
12832| [92950] MySQL Running START SLAVE Statement Process Listing Plaintext Local Password Disclosure
12833| [92485] Oracle MySQL Server Partition Subcomponent Unspecified Local DoS
12834| [92484] Oracle MySQL Server Locking Subcomponent Unspecified Remote DoS (2013-1506)
12835| [92483] Oracle MySQL Server Install Subcomponent Unspecified Local Issue
12836| [92482] Oracle MySQL Server Types Subcomponent Unspecified Remote DoS
12837| [92481] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2381)
12838| [92480] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1566)
12839| [92479] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-1511)
12840| [92478] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1567)
12841| [92477] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
12842| [92476] Oracle MySQL Server Replication Subcomponent Unspecified Remote DoS
12843| [92475] Oracle MySQL Server Partition Subcomponent Unspecified Remote DoS
12844| [92474] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS
12845| [92473] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-2389)
12846| [92472] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
12847| [92471] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1512)
12848| [92470] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-1544)
12849| [92469] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote Issue
12850| [92468] Oracle MySQL Server MemCached Subcomponent Unspecified Remote DoS
12851| [92467] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-2375)
12852| [92466] Oracle MySQL Server Privileges Subcomponent Unspecified Remote Issue (2013-1531)
12853| [92465] Oracle MySQL Server Server Subcomponent Unspecified Remote Issue
12854| [92464] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Issue
12855| [92463] Oracle MySQL Server Locking Subcomponent Unspecified Remote Issue (2013-1521)
12856| [92462] Oracle MySQL Server Data Manipulation Language Subcomponent Unspecified Remote DoS (2013-2395)
12857| [91536] Oracle MySQL yaSSL Unspecified Overflow (2012-0553)
12858| [91534] Oracle MySQL yaSSL Unspecified Overflow (2013-1492)
12859| [91415] MySQL Raw Geometry Object String Conversion Remote DoS
12860| [91108] Juju mysql Charm Install Script mysql.passwd MySQL Password Plaintext Local Disclosure
12861| [89970] Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access
12862| [89265] Oracle MySQL Server Server Privileges Subcomponent Unspecified Remote DoS
12863| [89264] Oracle MySQL Server Server Partition Subcomponent Unspecified Remote DoS
12864| [89263] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-0578)
12865| [89262] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-1705)
12866| [89261] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-0574)
12867| [89260] Oracle MySQL Server MyISAM Subcomponent Unspecified Remote DoS
12868| [89259] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2012-0572)
12869| [89258] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS (2013-0368)
12870| [89257] Oracle MySQL Server Server Locking Subcomponent Unspecified Remote DoS
12871| [89256] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-1702)
12872| [89255] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote Issue
12873| [89254] Oracle MySQL Server Server Replication Subcomponent Unspecified Local Issue
12874| [89253] Oracle MySQL Server Stored Procedure Subcomponent Unspecified Remote DoS
12875| [89252] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS
12876| [89251] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote DoS
12877| [89250] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
12878| [89042] ViciBox Server MySQL cron Service Default Credentials
12879| [88415] Oracle MySQL Server COM_CHANGE_USER Account Password Brute-Force Weakness
12880| [88118] Oracle MySQL Server FILE Privilege Database Privilege Escalation
12881| [88067] Oracle MySQL Server Authentication Error Message User Enumeration
12882| [88066] Oracle MySQL Server for Linux Access Rights Checking Routine Database Name Handling Stack Buffer Overflow
12883| [88065] Oracle MySQL Server COM_BINLOG_DUMP Invalid Data Handling DoS
12884| [88064] Oracle MySQL Server Multiple-Table DELETE Heap Buffer Overflow
12885| [87704] CodeIgniter MySQL / MySQLi Driver Database Client Multi-byte Character Set Unspecified SQL Injection
12886| [87507] Oracle MySQL Statement Logging Multiple Log Plaintext Local Password Disclosure
12887| [87501] Oracle MySQL optimizer_switch Malformed Value Processing Local DoS
12888| [87494] Oracle MySQL on Windows Field_new_decimal::store_value dbug_buff Variable Overflow DoS
12889| [87480] MySQL Malformed XML Comment Handling DoS
12890| [87466] MySQL SSL Certificate Revocation Weakness
12891| [87356] Oracle MySQL do_div_mod DIV Expression Handling Remote DoS
12892| [87355] Oracle MySQL handler::pushed_cond Table Cache Handling mysqld DoS
12893| [87354] Oracle MySQL Polygon Union / Intersection Spatial Operations DoS
12894| [86273] Oracle MySQL Server Server Installation Subcomponent Unspecified Local Information Disclosure
12895| [86272] Oracle MySQL Server Server Replication Subcomponent Unspecified Remote DoS
12896| [86271] Oracle MySQL Server Server Full Text Search Subcomponent Unspecified Remote DoS
12897| [86270] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3156)
12898| [86269] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Information Disclosure
12899| [86268] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3180)
12900| [86267] Oracle MySQL Server Server Optimizer Subcomponent Unspecified Remote DoS (2012-3150)
12901| [86266] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3144)
12902| [86265] Oracle MySQL Server InnoDB Plugin Subcomponent Unspecified Remote DoS
12903| [86264] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
12904| [86263] Oracle MySQL Server MySQL Client Subcomponent Unspecified Remote Issue
12905| [86262] Oracle MySQL Server Server Subcomponent Unspecified Remote DoS (2012-3177)
12906| [86261] Oracle MySQL Server Protocol Subcomponent Unspecified Remote Issue
12907| [86260] Oracle MySQL Server Information Schema Subcomponent Unspecified Remote Code Execution
12908| [86175] Oracle MySQL on Windows Path Subversion Arbitrary DLL Injection Code Execution
12909| [85155] Icinga module/idoutils/db/scripts/create_mysqldb.sh Icinga User Database Access Restriction Bypass
12910| [84755] Oracle MySQL Sort Order Index Calculation Remote DoS
12911| [84719] MySQLDumper index.php page Parameter XSS
12912| [84680] MySQL Squid Access Report access.log File Path XSS
12913| [83980] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1689)
12914| [83979] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1734)
12915| [83978] Oracle MySQL Server Subcomponent Unspecified Remote DoS
12916| [83977] Oracle MySQL Server InnoDB Subcomponent Unspecified Remote DoS
12917| [83976] Oracle MySQL Server GIS Extension Subcomponent Unspecified Remote DoS
12918| [83975] Oracle MySQL Server Optimizer Subcomponent Unspecified Remote DoS (2012-1735)
12919| [83661] Oracle MySQL Unspecified Issue (59533)
12920| [82804] Oracle MySQL Authentication Protocol Token Comparison Casting Failure Password Bypass
12921| [82803] Oracle MySQL Unspecified Issue (59387)
12922| [82120] Oracle MySQL Version Specific Comment Handling Arbitrary SQL Command Execution
12923| [81897] Viscacha classes/database/mysql.inc.php Multiple Parameter SQL Injection
12924| [81616] MySQLDumper Multiple Script Direct Request Information Disclosure
12925| [81615] MySQLDumper filemanagement.php f Parameter Traversal Arbitrary File Access
12926| [81614] MySQLDumper File Upload PHP Code Execution
12927| [81613] MySQLDumper main.php Multiple Function CSRF
12928| [81612] MySQLDumper restore.php filename Parameter XSS
12929| [81611] MySQLDumper sql.php Multiple Parameter XSS
12930| [81610] MySQLDumper install.php Multiple Parameter XSS
12931| [81609] MySQLDumper install.php language Parameter Traversal Arbitrary File Access
12932| [81378] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1690)
12933| [81377] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1696)
12934| [81376] Oracle MySQL Server Server DML Component Unspecified Remote DoS
12935| [81375] Oracle MySQL Server Partition Component Unspecified Remote DoS
12936| [81374] Oracle MySQL Server MyISAM Component Unspecified Remote DoS
12937| [81373] Oracle MySQL Server Server Optimizer Component Unspecified Remote DoS (2012-1703)
12938| [81059] Oracle MySQL Server Multiple Unspecified Issues
12939| [79038] Webmin Process Listing MySQL Password Local Disclosure
12940| [78919] Oracle MySQL Unspecified Pre-authentication Remote Code Execution
12941| [78710] WordPress wp-admin/setup-config.php MySQL Query Saturation Brute-Force Proxy Weakness
12942| [78708] WordPress wp-admin/setup-config.php MySQL Database Verification Code Injection Weakness
12943| [78707] WordPress wp-admin/setup-config.php MySQL Credentials Error Message Brute-Force Weakness
12944| [78394] Oracle MySQL Server Unspecified Remote DoS (2012-0493)
12945| [78393] Oracle MySQL Server Unspecified Remote DoS (2012-0492)
12946| [78392] Oracle MySQL Server Unspecified Remote DoS (2012-0117)
12947| [78391] Oracle MySQL Server Unspecified Remote DoS (2012-0112)
12948| [78390] Oracle MySQL Server Unspecified Remote DoS (2012-0495)
12949| [78389] Oracle MySQL Server Unspecified Remote DoS (2012-0491)
12950| [78388] Oracle MySQL Server Unspecified Remote DoS (2012-0490)
12951| [78387] Oracle MySQL Server Unspecified Remote DoS (2012-0489)
12952| [78386] Oracle MySQL Server Unspecified Remote DoS (2012-0488)
12953| [78385] Oracle MySQL Server Unspecified Remote DoS (2012-0487)
12954| [78384] Oracle MySQL Server Unspecified Remote DoS (2012-0486)
12955| [78383] Oracle MySQL Server Unspecified Remote DoS (2012-0485)
12956| [78382] Oracle MySQL Server Unspecified Remote DoS (2012-0120)
12957| [78381] Oracle MySQL Server Unspecified Remote DoS (2012-0119)
12958| [78380] Oracle MySQL Server Unspecified Remote DoS (2012-0115)
12959| [78379] Oracle MySQL Server Unspecified Remote DoS (2012-0102)
12960| [78378] Oracle MySQL Server Unspecified Remote DoS (2012-0101)
12961| [78377] Oracle MySQL Server Unspecified Remote DoS (2012-0087)
12962| [78376] Oracle MySQL Server Unspecified Remote DoS (2011-2262)
12963| [78375] Oracle MySQL Server Unspecified Local DoS
12964| [78374] Oracle MySQL Server Unspecified Remote Issue (2012-0075)
12965| [78373] Oracle MySQL Server Unspecified Local Issue
12966| [78372] Oracle MySQL Server Unspecified Remote Information Disclosure
12967| [78371] Oracle MySQL Server Unspecified Remote Issue (2012-0496)
12968| [78370] Oracle MySQL Server Unspecified Remote Issue (2012-0118)
12969| [78369] Oracle MySQL Server Unspecified Remote Issue (2012-0116)
12970| [78368] Oracle MySQL Server Unspecified Remote Issue (2012-0113)
12971| [78283] Oracle MySQL NULL Pointer Dereference Packet Parsing Remote DoS
12972| [77042] e107 CMS install_.php MySQL Server Name Parsing Remote PHP Code Execution
12973| [77040] DBD::mysqlPP Unspecified SQL Injection
12974| [75888] TaskFreak! multi-mysql Multiple Script Direct Request Path Disclosure
12975| [74120] Apache HTTP Server mod_authnz_external mysql/mysql-auth.pl user Field SQL Injection
12976| [73555] Prosody MySQL Value Column Invalid Data Type Handling DoS
12977| [73387] Zend Framework PDO_MySql Character Set Security Bypass
12978| [72836] Arctic Fox CMS Multiple Script Direct Request MySQL Settings Disclosure
12979| [72660] MySQL GUI Tools Administrator / Query Browser Command Line Credentials Local Disclosure
12980| [72120] DirectAdmin mysql_backups Folder MySQL Database Backup Local Disclosure
12981| [71368] Accellion File Transfer Appliance Weak MySQL root Password
12982| [70967] MySQL Eventum Admin User Creation CSRF
12983| [70966] MySQL Eventum preferences.php full_name Parameter XSS
12984| [70961] MySQL Eventum list.php Multiple Parameter XSS
12985| [70960] MySQL Eventum forgot_password.php URI XSS
12986| [70947] PyWebDAV DAVServer/mysqlauth.py get_userinfo() Multiple Parameter SQL Injection
12987| [70610] PHP MySQLi Extension set_magic_quotes_runtime Function mysqli_fetch_assoc Function Interaction Weakness
12988| [69885] SilverStripe modules/sapphire/trunk/core/model/MySQLDatabase.php showqueries Parameter SQL Command Disclosure
12989| [69395] MySQL Derived Table Grouping DoS
12990| [69394] MySQL Temporary Table Expression Re-Evaluation DoS
12991| [69393] MySQL GROUP_CONCAT() WITH ROLLUP Modifier DoS
12992| [69392] MySQL Extreme-Value Functions Mixed Arguments DoS
12993| [69391] MySQL Stored Procedures / Prepared Statements Nested Joins DoS
12994| [69390] MySQL Extreme-Value Functions Argument Parsing Type Error DoS
12995| [69389] MySQL CONVERT_TZ() Function Empty SET Column DoS
12996| [69388] MySQL InnoDB Storage Engine Table Handling Overflow
12997| [69387] MySQL LIKE Predicates Pre-Evaluation DoS
12998| [69001] MySQL PolyFromWKB() Function WKB Data Remote DoS
12999| [69000] MySQL HANDLER Interface Unspecified READ Request DoS
13000| [68997] MySQL Prepared-Statement Mode EXPLAIN DoS
13001| [68996] MySQL EXPLAIN EXTENDED Statement DoS
13002| [68995] MySQL GeometryCollection non-Geometry Value Assignment DoS
13003| [67488] phpMyAdmin libraries/dbi/mysqli.dbi.lib.php Unspecified Parameter XSS
13004| [67487] phpMyAdmin libraries/dbi/mysql.dbi.lib.php Unspecified Parameter XSS
13005| [67421] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_rset_header_read Function Overflow
13006| [67420] PHP Mysqlnd Extension mysqlnd_wireprotocol.c php_mysqlnd_ok_read Function Arbitrary Memory Content Disclosure
13007| [67419] PHP Mysqlnd Extension php_mysqlnd_read_error_from_line Function Negative Buffer Length Value Overflow
13008| [67418] PHP Mysqlnd Extension php_mysqlnd_auth_write Function Multiple Overflows
13009| [67384] MySQL LOAD DATA INFILE Statement Incorrect OK Packet DoS
13010| [67383] MySQL EXPLAIN Statement Item_singlerow_subselect::store Function NULL Dereference DoS
13011| [67381] MySQL InnoDB Temporary Table Handling DoS
13012| [67380] MySQL BINLOG Statement Unspecified Argument DoS
13013| [67379] MySQL Multiple Operation NULL Argument Handling DoS
13014| [67378] MySQL Unique SET Column Join Statement Remote DoS
13015| [67377] MySQL DDL Statement Multiple Configuration Parameter DoS
13016| [66800] PHP Multiple mysqlnd_* Function Unspecified Overflow
13017| [66799] PHP mysqlnd Error Packet Handling Multiple Overflows
13018| [66731] PHP Bundled MySQL Library Unspecified Issue
13019| [66665] PHP MySQL LOAD DATA LOCAL open_basedir Bypass
13020| [65851] MySQL ALTER DATABASE #mysql50# Prefix Handling DoS
13021| [65450] phpGraphy mysql_cleanup.php include_path Parameter Remote File Inclusion
13022| [65085] MySQL Enterprise Monitor Unspecified CSRF
13023| [64843] MySQL DROP TABLE Command Symlink MyISAM Table Local Data Deletion
13024| [64588] MySQL sql/net_serv.cc my_net_skip_rest Function Large Packet Handling Remote DoS
13025| [64587] MySQL COM_FIELD_LIST Command Packet Table Name Argument Overflow
13026| [64586] MySQL COM_FIELD_LIST Command Packet Authentication Bypass
13027| [64524] Advanced Poll misc/get_admin.php mysql_host Parameter XSS
13028| [64447] Tirzen Framework (TZN) tzn_mysql.php Username Parameter SQL Injection Authentication Bypass
13029| [64320] ClanSphere MySQL Driver s_email Parameter SQL Injection
13030| [63903] MySQL sql/sql_plugin.cc mysql_uninstall_plugin Function UNINSTALL PLUGIN Command Privilege Check Weakness
13031| [63115] Quicksilver Forums mysqldump Process List Database Password Disclosure
13032| [62830] Employee Timeclock Software mysqldump Command-line Database Password Disclosure
13033| [62640] PHP mysqli_real_escape_string() Function Error Message Path Disclosure
13034| [62216] Flex MySQL Connector ActionScript SQL Query Arbitrary Code Execution
13035| [61752] kiddog_mysqldumper Extension for TYPO3 Unspecified Information Disclosure
13036| [61497] microTopic admin/mysql.php rating Parameter SQL Injection
13037| [60665] MySQL CREATE TABLE MyISAM Table mysql_unpacked_real_data_home Local Restriction Bypass
13038| [60664] MySQL sql/sql_table.cc Data Home Directory Symlink CREATE TABLE Access Restriction Bypass
13039| [60516] RADIO istek scripti estafresgaftesantusyan.inc Direct Request MySQL Database Credentials Disclosure
13040| [60489] MySQL GeomFromWKB() Function First Argument Geometry Value Handling DoS
13041| [60488] MySQL SELECT Statement WHERE Clause Sub-query DoS
13042| [60487] MySQL vio_verify_callback() Function Crafted Certificate MiTM Weakness
13043| [60356] MySql Client Library (libmysqlclient) mysql_real_connect Function Local Overflow
13044| [59907] MySQL on Windows bind-address Remote Connection Weakness
13045| [59906] MySQL on Windows Default Configuration Logging Weakness
13046| [59616] MySQL Hashed Password Weakness
13047| [59609] Suckbot mod_mysql_logger Shared Object Unspecified Remote DoS
13048| [59495] Cyrus SASL LDAP / MySQL Authentication Patch password Field SQL Injection Authentication Bypass
13049| [59062] phpMyAdmin Extension for TYPO3 MySQL Table Name Unspecified XSS
13050| [59045] phpMyAdmin Crafted MYSQL Table Name XSS
13051| [59030] mysql-ocaml for MySQL mysql_real_escape_string() Function Character Escaping Weakness
13052| [57587] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Local Privilege Escalation
13053| [57586] Zmanda Recovery Manager for MySQL socket-server.pl system() Function Remote Shell Command Execution
13054| [56741] MySQL Connector/J Unicode w/ SJIS/Windows-31J Charset SQL Injection
13055| [56134] Virtualmin MySQL Module Execute SQL Feature Arbitrary File Access
13056| [55734] MySQL sql_parse.cc dispatch_command() Function Format String DoS
13057| [55566] MySQL Connector/NET SSL Certificate Verification Weakness
13058| [53525] MyBlog /config/mysqlconnection.inc Direct Request Information Disclosure
13059| [53524] blog+ includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
13060| [53523] blog+ includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
13061| [53522] blog+ includes/block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
13062| [53521] blog+ includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
13063| [53520] blog+ includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
13064| [53519] blog+ includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
13065| [53366] GEDCOM_TO_MYSQL php/info.php Multiple Parameter XSS
13066| [53365] GEDCOM_TO_MYSQL php/index.php nom_branche Parameter XSS
13067| [53364] GEDCOM_TO_MYSQL php/prenom.php Multiple Parameter XSS
13068| [53360] Blogplus includes/window_top.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
13069| [53359] Blogplus includes/window_down.php row_mysql_bloginfo[theme] Parameter Traversal Local File Inclusion
13070| [53358] Blogplus includes/block_right.php row_mysql_blocks_right[file] Parameter Traversal Local File Inclusion
13071| [53357] Blogplus includes/block_left.php row_mysql_blocks_left[file] Parameter Traversal Local File Inclusion
13072| [53356] Blogplus block_center_top.php row_mysql_blocks_center_top[file] Parameter Traversal Local File Inclusion
13073| [53355] Blogplus includes/block_center_down.php row_mysql_blocks_center_down[file] Parameter Traversal Local File Inclusion
13074| [53110] XOOPS Cube Legacy ErrorHandler::show() Function MySQL Error Message XSS
13075| [52729] Asterisk-addon cdr_addon_mysql.c Call Detail Record SQL Injection
13076| [52728] Tribox cdr_addon_mysql.c Call Detail Record XSS
13077| [52727] FreePBX cdr_addon_mysql.c Call Detail Record XSS
13078| [52726] Areski cdr_addon_mysql.c Call Detail Record XSS
13079| [52464] MySQL charset Column Truncation Weakness
13080| [52453] MySQL sql/item_xmlfunc.cc ExtractValue() / UpdateXML() Functions Scalar XPath DoS
13081| [52378] Cisco ANM MySQL root Account Default Password
13082| [52264] Broadcast Machine MySQLController.php controllers/baseDir Parameter Remote File Inclusion
13083| [51923] Apache HTTP Server mod-auth-mysql Module mod_auth_mysql.c Multibyte Character Encoding SQL Injection
13084| [51171] MySQL InnoDB convert_search_mode_to_innobase Function DoS
13085| [50892] MySQL Calendar index.php username Parameter SQL Injection
13086| [50827] Nodstrum MySQL Calendar nodstrumCalendarV2 Cookie Manipulation Admin Authentication Bypass
13087| [49875] PromoteWeb MySQL go.php id Parameter SQL Injection
13088| [48710] MySQL Command Line Client HTML Output XSS
13089| [48709] MySQL Quick Admin actions.php lang Parameter Traversal Local File Inclusion
13090| [48708] MySQL Quick Admin index.php language Cookie Traversal Local File Inclusion
13091| [48021] MySQL Empty Bit-String Literal Token SQL Statement DoS
13092| [47789] mysql-lists Unspecified XSS
13093| [47394] Keld PHP-MySQL News Script login.php username Parameter SQL Injection
13094| [45073] MySQLDumper Extension for TYPO3 Unspecified Authentication Bypass
13095| [44937] MySQL MyISAM Table CREATE TABLE Privilege Check Bypass
13096| [44138] Debian GNU/Linux libdspam7-drv-mysql Cron MySQL dspam Database Password Local Disclosure
13097| [44071] Phorum /include/db/mysql.php Unspecified Search SQL Injection
13098| [43180] MySQL sql_select.cc INFORMATION_SCHEMA Table Crafted Query Remote DoS
13099| [43179] MySQL Server BINLOG Statement Rights Checking Failure
13100| [42610] MySQL DEFINER View Value Crafted Statements Remote Privilege Escalation
13101| [42609] MySQL Federated Engine SHOW TABLE STATUS Query Remote DoS
13102| [42608] MySQL RENAME TABLE Symlink System Table Overwrite
13103| [42607] MySQL Multiple table-level DIRECTORY Remote Privilege Escalation
13104| [42460] MySQLDumper HTTP POST Request Remote Authentication Bypass
13105| [42423] AdventNet EventLog Analyzer MySQL Installation Default root Account
13106| [41861] Bacula make_catalog_backup Function MySQL Director Password Cleartext Disclosure
13107| [40232] PHP MySQL Banner Exchange inc/lib.inc Direct Request Database Disclosure
13108| [40188] Password Manager Pro (PMP) mysql Unspecified Remote Command Injection
13109| [39279] PHP mysql_error() Function XSS
13110| [39145] aurora framework db_mysql.lib pack_var() value Parameter SQL Injection
13111| [38567] NetClassifieds Mysql_db.php Halt_On_Error Setting Error Message Path Disclosure
13112| [38112] Excel Parser Pro sample/xls2mysql parser_path Parameter Remote File Inclusion
13113| [37880] Asterisk-Addons source/destination Numbers cdr_addon_mysql Module SQL Injection
13114| [37784] PHP MySQL Extension Multiple Function Security Restriction Bypass
13115| [37783] MySQL Community Server CREATE TABLE LIKE Table Structure Disclosure
13116| [37782] MySQL Community Server External Table View Privilege Escalation
13117| [37781] MySQL ALTER TABLE Information Disclosure
13118| [37539] GPL PHP Board db.mysql.inc.php root_path Parameter Remote File Inclusion
13119| [37195] Eve-Nuke Module for PHP-Nuke db/mysql.php phpbb_root_path
13120| [37015] paBugs class.mysql.php path_to_bt_dir Parameter Remote File Inclusion
13121| [36868] PHP MySQLi Extension LOCAL INFILE Operation Security Restriction Bypass
13122| [36867] PHP MySQL Extension LOCAL INFILE Operation Security Restriction Bypass
13123| [36771] InterWorx-CP SiteWorx mysql.php PATH_INFO Parameter XSS
13124| [36757] InterWorx-CP NodeWorx mysql.php PATH_INFO Parameter XSS
13125| [36732] MySQL Community Server Connection Protocol Malformed Password Packet Remote DoS
13126| [36251] Associated Press (AP) Newspower Default MySQL root Password
13127| [35168] Study Planner (Studiewijzer) db/mysql/db.inc.php SPL_CFG[dirroot] Parameter Remote File Inclusion
13128| [35037] Fantastico for cPanel includes/mysqlconfig.php fantasticopath Parameter Traversal Local File Inclusion
13129| [34780] Backup Manager Command Line Cleartext MySQL Password Disclosure
13130| [34766] MySQL RENAME TABLE Statement Arbitrary Table Name Modification
13131| [34765] MySQL mysql_change_db Function THD::db_access Privilege Escalation
13132| [34734] MySQL Crafted IF Clause Divide-by-zero NULL Dereference DoS
13133| [34038] MySQL Commander ressourcen/dbopen.php home Parameter Remote File Inclusion
13134| [33974] MySQL information_schema Table Subselect Single-Row DoS
13135| [33678] MySQLNewsEngine affichearticles.php3 newsenginedir Parameter Remote File Inclusion
13136| [33447] WGS-PPC (PPC Search Engine) config/mysql_config.php INC Parameter Remote File Inclusion
13137| [33372] deV!L'z Clanportal inc/filebrowser/browser.php MySQL Data Disclosure
13138| [33147] ActiveCalendar data/mysqlevents.php css Parameter XSS
13139| [32784] Storystream mysqli.php baseDir Parameter Remote File Inclusion
13140| [32783] Storystream mysql.php baseDir Parameter Remote File Inclusion
13141| [32421] Contenido CMS conlib/db_mysqli.inc Direct Request Path Disclosure
13142| [32272] JevonCMS /phplib/db_mysql.inc Direct Request Path Disclosure
13143| [32171] Blue Magic Board db_mysql_error.php Direct Request Path Disclosure
13144| [32056] BTSaveMySql Direct Request Config File Disclosure
13145| [32044] cPanel WebHost Manager (WHM) scripts/passwdmysql password Parameter XSS
13146| [32024] TikiWiki tiki-wiki_rss.php ver MySQL Credential Disclosure
13147| [31963] Agora MysqlfinderAdmin.php _SESSION[PATH_COMPOSANT] Parameter Remote File Inclusion
13148| [31431] ZoomStats libs/dbmax/mysql.php GLOBALS[lib][db][path] Parameter Remote File Inclusion
13149| [30172] TikiWiki Multiple Script Empty sort_mode Parameter MySQL Authentication Credential Disclosure
13150| [29696] MySQLDumper sql.php db Parameter XSS
13151| [29453] ConPresso CMS db_mysql.inc.php msg Parameter XSS
13152| [29122] cPanel mysqladmin/hooksadmin Unspecified Privilege Escalation
13153| [28296] MySQL Crafted multiupdate / subselects Query Local DoS
13154| [28288] MySQL Instance_options::complete_initialization Function Overflow
13155| [28030] Tutti Nova class.novaRead.mysql.php TNLIB_DIR Parameter Remote File Inclusion
13156| [28029] Tutti Nova class.novaAdmin.mysql.php TNLIB_DIR Parameter Remote File Inclusion
13157| [28028] Tutti Nova class.novaEdit.mysql.php TNLIB_DIR Parameter Remote File Inclusion
13158| [28013] MySQL SUID Routine Miscalculation Arbitrary DML Statement Execution
13159| [28012] MySQL Case Sensitivity Unauthorized Database Creation
13160| [27919] MySQL VIEW Access information_schema.views Information Disclosure
13161| [27703] MySQL MERGE Table Privilege Persistence
13162| [27593] Drupal database.mysqli.inc Multiple Parameter SQL Injection
13163| [27549] Opsware NAS /etc/init.d/mysqll MySQL root Cleartext Password Local Disclosure
13164| [27416] MySQL Server time.cc date_format Function Format String
13165| [27054] MySQL mysqld str_to_date Function NULL Argument DoS
13166| [26923] PHP/MySQL Classifieds (PHP Classifieds) search.php rate Parameter SQL Injection
13167| [26922] PHP/MySQL Classifieds (PHP Classifieds) AddAsset1.php Multiple Field XSS
13168| [26822] Bee-hive Lite include/listall.inc.php mysqlcall Parameter Remote File Inclusion
13169| [26821] Bee-hive Lite conad/include/mysqlCall.inc.php config Parameter Remote File Inclusion
13170| [26820] Bee-hive Lite conad/logout.inc.php mysqlCall Parameter Remote File Inclusion
13171| [26819] Bee-hive Lite conad/login.inc.php mysqlCall Parameter Remote File Inclusion
13172| [26818] Bee-hive Lite conad/checkPasswd.inc.php mysqlCall Parameter Remote File Inclusion
13173| [26817] Bee-hive Lite conad/changeUserDetails.inc.php mysqlCall Parameter Remote File Inclusion
13174| [26816] Bee-hive Lite conad/changeEmail.inc.php mysqlCall Parameter Remote File Inclusion
13175| [26125] Open Searchable Image Catalogue core.php do_mysql_query Function Error Message XSS
13176| [26123] Open Searchable Image Catalogue core.php do_mysql_query Function SQL Injection
13177| [25987] MySQL Multibyte Encoding SQL Injection Filter Bypass
13178| [25908] Drupal database.mysql.inc Multiple Parameter SQL Injection
13179| [25595] Apple Mac OS X MySQL Manager Blank root Password
13180| [25228] MySQL Crafted COM_TABLE_DUMP Request Arbitrary Memory Disclosure
13181| [25227] MySQL COM_TABLE_DUMP Packet Overflow
13182| [25226] MySQL Malformed Login Packet Remote Memory Disclosure
13183| [24245] Cholod Mysql Based Message Board Unspecified XSS
13184| [24244] Cholod Mysql Based Message Board mb.cgi showmessage Action SQL Injection
13185| [23963] WoltLab Burning Board class_db_mysql.php SQL Error Message XSS
13186| [23915] Netcool/NeuSecure MySQL Database Connection Restriction Bypass
13187| [23611] Aztek Forum index.php msg Variable Forced MySQL Error Information Disclosure
13188| [23526] MySQL Query NULL Charcter Logging Bypass
13189| [23157] PHP/MYSQL Timesheet changehrs.php Multiple Parameter SQL Injection
13190| [23156] PHP/MYSQL Timesheet index.php Multiple Parameter SQL Injection
13191| [22995] PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation
13192| [22994] PAM-MySQL SQL Logging Facility Segfault DoS
13193| [22485] Recruitment Software admin/site.xml MySQL Authentication Credential Disclosure
13194| [22479] PHP mysqli Extension Error Message Format String
13195| [22232] PHP Pipe Variable mysql_connect() Function Overflow
13196| [21685] MySQL Auction Search Module keyword XSS
13197| [20698] Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
13198| [20145] Proofpoint Protection Server Embedded MySQL Server Unpassworded root Account
13199| [19457] aMember Pro mysql.inc.php Remote File Inclusion
13200| [19377] MAXdev MD-Pro /MySQL_Tools/admin.php Path Disclosure
13201| [18899] MySQL UDF Library Arbitrary Function Load Privilege Escalation
13202| [18898] MySQL UDF LoadLibraryEx Function Nonexistent Library Load DoS
13203| [18897] MySQL on Windows UDF Create Function Traversal Privilege Escalation
13204| [18896] MySQL User-Defined Function init_syms() Function Overflow
13205| [18895] MySQL libmysqlclient.so host Parameter Remote Overflow
13206| [18894] MySQL drop database Request Remote Overflow
13207| [18622] FunkBoard mysql_install.php Email Field Arbitrary PHP Code Injection
13208| [18620] FunkBoard mysql_install.php Admin/Database Password Manipulation
13209| [18406] MySQL Eventum releases.php SQL Injection
13210| [18405] MySQL Eventum custom_fields_graph.php SQL Injection
13211| [18404] MySQL Eventum custom_fields.php SQL Injection
13212| [18403] MySQL Eventum login.php email Parameter SQL Injection Authentication Bypass
13213| [18402] MySQL Eventum get_jsrs_data.php F Parameter XSS
13214| [18401] MySQL Eventum list.php release Parameter XSS
13215| [18400] MySQL Eventum view.php id Parameter XSS
13216| [18173] MySQL on Windows USE Command MS-DOS Device Name DoS
13217| [17801] Bugzilla MySQL Replication Race Condition Information Disclosure
13218| [17223] xMySQLadmin Symlink Arbitrary File Deletion
13219| [16727] MySQL Nonexistent '--user' Error Incorrect Privilege Database Invocation
13220| [16689] MySQL mysql_install_db Symlink Arbitrary File Overwrite
13221| [16056] Plans Unspecified mySQL Remote Password Disclosure
13222| [15993] MySQL MaxDB Webtool Remote getIfHeader() WebDAV Function Remote Overflow
13223| [15817] MySQL MaxDB Web Tool getLockTokenHeader() Function Remote Overflow
13224| [15816] MySQL MaxDB Web Administration Service Malformed GET Request Overflow
13225| [15451] paNews auth.php mysql_prefix Parameter SQL Injection
13226| [14748] MySQL MS-DOS Device Names Request DoS
13227| [14678] MySQL CREATE FUNCTION Arbitrary libc Code Execution
13228| [14677] MySQL CREATE FUNCTION mysql.func Table Arbitrary Library Injection
13229| [14676] MySQL CREATE TEMPORARY TABLE Symlink Privilege Escalation
13230| [14386] phpMyAdmin mysqli.dbi.lib.php Path Disclosure
13231| [14052] Symantec Brightmail AntiSpam Multiple Default MySQL Accounts
13232| [13086] MySQL MaxDB Web Agent Malformed HTTP Header DoS
13233| [13085] MySQL MaxDB Web Agent WebDAV sapdbwa_GetUserData() Function Remote DoS
13234| [13013] MySQL mysqlaccess.sh Symlink Arbitrary File Manipulation
13235| [12919] MySQL MaxDB WebAgent websql Remote Overflow
13236| [12779] MySQL User Defined Function Privilege Escalation
13237| [12609] MySQL Eventum projects.php Multiple Parameter XSS
13238| [12608] MySQL Eventum preferences.php Multiple Parameter XSS
13239| [12607] MySQL Eventum forgot_password.php email Parameter XSS
13240| [12606] MySQL Eventum index.php email Parameter XSS
13241| [12605] MySQL Eventum Default Vendor Account
13242| [12275] MySQL MaxDB Web Tools wahttp Nonexistent File Request DoS
13243| [12274] MySQL MaxDB Web Tools WebDAV Handler Remote Overflow
13244| [11689] Roxen Web Server MySQL Socket Permission Weakness
13245| [10985] MySQL MATCH..AGAINST Query DoS
13246| [10959] MySQL GRANT ALL ON Privilege Escalation
13247| [10660] MySQL ALTER TABLE/RENAME Forces Old Permission Checks
13248| [10659] MySQL ALTER MERGE Tables to Change the UNION DoS
13249| [10658] MySQL mysql_real_connect() Function Remote Overflow
13250| [10532] MySQL MaxDB webdbm Server Field DoS
13251| [10491] AWS MySQLguest AWSguest.php Script Insertion
13252| [10244] MySQL libmysqlclient Prepared Statements API Overflow
13253| [10226] MySQLGuest AWSguest.php Multiple Field XSS
13254| [9912] PHP safe_mode MySQL Database Access Restriction Bypass
13255| [9911] Inter7 vpopmail MySQL Module Authentication Credential Disclosure
13256| [9910] MySQL mysql_change_user() Double-free Memory Pointer DoS
13257| [9909] MySQL datadir/my.cnf Modification Privilege Escalation
13258| [9908] MySQL my.ini Initialization File datadir Parameter Overflow
13259| [9907] MySQL SELECT Statement String Handling Overflow
13260| [9906] MySQL GRANT Privilege Arbitrary Password Modification
13261| [9509] teapop MySQL Authentication Module SQL Injection
13262| [9018] MySQL Backup Pro getbackup() Method Unspecified Issue
13263| [9015] MySQL mysqlhotcopy Insecure Temporary File Creation
13264| [8997] Cacti config.php MySQL Authentication Credential Cleartext Disclosure
13265| [8979] MySQL SHOW GRANTS Encrypted Password Disclosure
13266| [8889] MySQL COM_TABLE_DUMP Package Negative Integer DoS
13267| [8888] MySQL COM_CHANGE_USER Command Long Repsonse Overflow
13268| [8887] MySQL COM_CHANGE_USER Command One Character Password Brute Force
13269| [8886] MySQL libmysqlclient Library read_one_row Overflow
13270| [8885] MySQL libmysqlclient Library read_rows Overflow
13271| [7476] MySQL Protocol 4.1 Authentication Scramble String Overflow
13272| [7475] MySQL Zero-length Scrambled String Crafted Packet Authentication Bypass
13273| [7245] MySQL Pluggable Authentication Module (pam_mysql) Password Disclosure
13274| [7128] MySQL show database Database Name Exposure
13275| [6716] MySQL Database Engine Weak Authentication Information Disclosure
13276| [6605] MySQL mysqld Readable Log File Information Disclosure
13277| [6443] PowerPhlogger db_dump.php View Arbitrary mySQL Dump
13278| [6421] MySQL mysqld_multi Symlink Arbitrary File Overwrite
13279| [6420] MySQL mysqlbug Symlink Arbitrary File Overwrite
13280| [2537] MySQL sql_acl.cc get_salt_from_password Function Password Handling Remote Overflow
13281| [2144] WinMySQLadmin my.ini Cleartext Password Disclosure
13282| [653] PCCS-Linux MySQL Database Admin Tool Authentication Credential Disclosure
13283| [520] MySQL Database Name Traversal Arbitrary File Modification
13284| [380] MySQL Server on Windows Default Null Root Password
13285| [261] MySQL Short Check String Authentication Bypass
13286Running (JUST GUESSING): Fortinet embedded (87%)
13287OS CPE: cpe:/h:fortinet:fortigate_100d
13288Aggressive OS guesses: Fortinet FortiGate 100D firewall (87%)
13289No exact OS matches for host (test conditions non-ideal).
13290Service Info: OS: Linux; CPE: cpe:/o:redhat:enterprise_linux:7
13291
13292TRACEROUTE (using port 110/tcp)
13293HOP RTT ADDRESS
132941 138.23 ms 10.250.200.1
132952 142.85 ms 94.242.54.1
132963 142.36 ms bg.rnet.ru (94.242.0.1)
132974 140.27 ms spb-sel-cr1.ae61-1251.rascom.as20764.net (81.27.241.22)
132985 ...
132996 148.79 ms be4338.204.ccr21.sto01.atlas.cogentco.com (149.6.168.137)
133007 148.85 ms be3376.ccr21.sto03.atlas.cogentco.com (130.117.50.225)
133018 169.46 ms be2281.ccr41.ham01.atlas.cogentco.com (154.54.63.1)
133029 172.83 ms be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205)
1330310 255.34 ms be12266.ccr42.par01.atlas.cogentco.com (154.54.56.174)
1330411 248.04 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185)
1330512 251.65 ms be3362.ccr31.jfk04.atlas.cogentco.com (154.54.3.10)
1330613 255.87 ms telefonica.jfk04.atlas.cogentco.com (154.54.11.234)
1330714 ...
1330815 379.41 ms 176.52.248.54
1330916 379.03 ms 5.53.7.171
1331017 ... 18
1331119 373.54 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
1331220 370.28 ms 186-148-24-2.static.mundo.movistar.cl (186.148.24.2)
1331321 ... 30
13314
13315NSE: Script Post-scanning.
13316Initiating NSE at 15:34
13317Completed NSE at 15:34, 0.00s elapsed
13318Initiating NSE at 15:34
13319Completed NSE at 15:34, 0.00s elapsed
13320######################################################################################################################################
13321Starting Nmap 7.80 ( https://nmap.org ) at 2019-10-29 15:34 EDT
13322NSE: Loaded 47 scripts for scanning.
13323NSE: Script Pre-scanning.
13324Initiating NSE at 15:34
13325Completed NSE at 15:34, 0.00s elapsed
13326Initiating NSE at 15:34
13327Completed NSE at 15:34, 0.00s elapsed
13328Initiating Parallel DNS resolution of 1 host. at 15:34
13329Completed Parallel DNS resolution of 1 host. at 15:34, 0.32s elapsed
13330Initiating UDP Scan at 15:34
13331Scanning servidor.agenciacatedral.com (201.217.241.118) [15 ports]
13332Completed UDP Scan at 15:34, 3.06s elapsed (15 total ports)
13333Initiating Service scan at 15:34
13334Scanning 13 services on servidor.agenciacatedral.com (201.217.241.118)
13335Service scan Timing: About 7.69% done; ETC: 15:55 (0:19:36 remaining)
13336Completed Service scan at 15:35, 102.60s elapsed (13 services on 1 host)
13337Initiating OS detection (try #1) against servidor.agenciacatedral.com (201.217.241.118)
13338Retrying OS detection (try #2) against servidor.agenciacatedral.com (201.217.241.118)
13339Initiating Traceroute at 15:36
13340Completed Traceroute at 15:36, 7.60s elapsed
13341Initiating Parallel DNS resolution of 1 host. at 15:36
13342Completed Parallel DNS resolution of 1 host. at 15:36, 0.00s elapsed
13343NSE: Script scanning 201.217.241.118.
13344Initiating NSE at 15:36
13345Completed NSE at 15:36, 7.15s elapsed
13346Initiating NSE at 15:36
13347Completed NSE at 15:36, 1.04s elapsed
13348Nmap scan report for servidor.agenciacatedral.com (201.217.241.118)
13349Host is up (0.14s latency).
13350
13351PORT STATE SERVICE VERSION
1335253/udp open|filtered domain
1335367/udp open|filtered dhcps
1335468/udp open|filtered dhcpc
1335569/udp open|filtered tftp
1335688/udp open|filtered kerberos-sec
13357123/udp open|filtered ntp
13358137/udp filtered netbios-ns
13359138/udp filtered netbios-dgm
13360139/udp open|filtered netbios-ssn
13361161/udp open|filtered snmp
13362162/udp open|filtered snmptrap
13363389/udp open|filtered ldap
13364500/udp open|filtered isakmp
13365|_ike-version: ERROR: Script execution failed (use -d to debug)
13366520/udp open|filtered route
133672049/udp open|filtered nfs
13368Too many fingerprints match this host to give specific OS details
13369
13370TRACEROUTE (using port 138/udp)
13371HOP RTT ADDRESS
133721 ... 5
133736 137.68 ms 10.250.200.1
133747 ...
133758 144.13 ms 10.250.200.1
133769 144.10 ms 10.250.200.1
1337710 ...
1337811 133.15 ms 10.250.200.1
1337912 133.11 ms 10.250.200.1
1338013 133.78 ms 10.250.200.1
1338114 133.79 ms 10.250.200.1
1338215 ...
1338316 133.03 ms 10.250.200.1
1338417 ... 18
1338519 132.48 ms 10.250.200.1
1338620 133.45 ms 10.250.200.1
1338721 ... 24
1338825 133.57 ms 10.250.200.1
1338926 ... 29
1339030 134.68 ms 10.250.200.1
13391
13392NSE: Script Post-scanning.
13393Initiating NSE at 15:36
13394Completed NSE at 15:36, 0.00s elapsed
13395Initiating NSE at 15:36
13396Completed NSE at 15:36, 0.00s elapsed
13397######################################################################################################################################
13398=====
13399
13400address mac name os_name os_flavor os_sp purpose info comments
13401------- --- ---- ------- --------- ----- ------- ---- --------
13402201.217.241.118 servidor.agenciacatedral.com embedded device
13403
13404Services
13405========
13406
13407host port proto name state info
13408---- ---- ----- ---- ----- ----
13409201.217.241.118 22 tcp ssh closed
13410201.217.241.118 25 tcp smtp closed
13411201.217.241.118 26 tcp rsftp closed
13412201.217.241.118 53 tcp domain open ISC BIND 9.11.4-P2 RedHat Enterprise Linux 7
13413201.217.241.118 53 udp domain unknown
13414201.217.241.118 67 udp dhcps unknown
13415201.217.241.118 68 udp dhcpc unknown
13416201.217.241.118 69 udp tftp unknown
13417201.217.241.118 80 tcp http open LiteSpeed httpd
13418201.217.241.118 88 udp kerberos-sec unknown
13419201.217.241.118 110 tcp pop3 closed
13420201.217.241.118 123 udp ntp unknown
13421201.217.241.118 137 udp netbios-ns filtered
13422201.217.241.118 138 udp netbios-dgm filtered
13423201.217.241.118 139 tcp netbios-ssn closed
13424201.217.241.118 139 udp netbios-ssn unknown
13425201.217.241.118 143 tcp imap closed
13426201.217.241.118 161 udp snmp unknown
13427201.217.241.118 162 udp snmptrap unknown
13428201.217.241.118 389 udp ldap unknown
13429201.217.241.118 443 tcp ssl/http open LiteSpeed httpd
13430201.217.241.118 445 tcp microsoft-ds closed
13431201.217.241.118 465 tcp smtps closed
13432201.217.241.118 500 udp isakmp unknown
13433201.217.241.118 520 udp route unknown
13434201.217.241.118 587 tcp submission closed
13435201.217.241.118 993 tcp imaps closed
13436201.217.241.118 995 tcp pop3s closed
13437201.217.241.118 1295 tcp ehtp open
13438201.217.241.118 2049 tcp nfs closed
13439201.217.241.118 2049 udp nfs unknown
13440201.217.241.118 2077 tcp tsrmagt closed
13441201.217.241.118 2078 tcp tpcsrvr closed
13442201.217.241.118 2079 tcp idware-router closed
13443201.217.241.118 2080 tcp autodesk-nlm closed
13444201.217.241.118 2082 tcp infowave open
13445201.217.241.118 2083 tcp ssl/radsec open
13446201.217.241.118 2086 tcp gnunet open
13447201.217.241.118 2087 tcp ssl/eli open
13448201.217.241.118 2095 tcp nbx-ser open
13449201.217.241.118 2096 tcp ssl/nbx-dir open
13450201.217.241.118 3071 tcp csd-mgmt-port closed
13451201.217.241.118 3306 tcp mysql open MySQL unauthorized
13452#######################################################################################################################################
13453 Anonymous JTSEC #OpChili Full Recon #1