|
317951
|
7.5 |
HIGH
Network
|
phprank
|
phprank
|
phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, which allows remote attackers to retrieve the administrative password.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2002-1800
|
2024-02-10 12:06 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317952
|
7.5 |
HIGH
Network
|
audiogalaxy
|
audiogalaxy
|
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2001-1536
|
2024-02-10 12:04 |
2001-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317953
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. All references and descriptions in this record have been removed to prevent accidental usage.
|
-
|
CVE-2023-6716
|
2024-02-9 18:15 |
2024-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317954
|
- |
|
georgecurrums
|
open_guestbook
|
Cross-site scripting (XSS) vulnerability in header.php in Open Guestbook 0.5 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2006-3295
|
2024-02-9 12:26 |
2006-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317955
|
- |
|
sun
oracle
|
jsse
java_web_start
jre
|
X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 …
|
CWE-295
Improper Certificate Validation
|
CVE-2003-1229
|
2024-02-9 12:26 |
2003-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317956
|
- |
|
rtfm
|
ssldump
|
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.
|
CWE-787
Out-of-bounds Write
|
CVE-2002-2227
|
2024-02-9 12:26 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317957
|
- |
|
microsoft
|
windows_xp
windows_2000
windows_98
windows_me
windows_98se
windows_nt
internet_explorer
office
outlook_express
|
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Ma…
|
CWE-295
Improper Certificate Validation
|
CVE-2002-0862
|
2024-02-9 12:26 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317958
|
- |
|
cjguestbook_project
|
cjguestbook
|
Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2006-3211
|
2024-02-9 12:21 |
2006-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317959
|
- |
|
fantastic_guestbook_project
|
fantastic_guestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in guestbook.php in Fantastic Guestbook 2.0.1, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2006-3568
|
2024-02-9 12:20 |
2006-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317960
|
- |
|
aol
|
aim
|
Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument.
|
CWE-120
Classic Buffer Overflow
|
CVE-2000-1094
|
2024-02-9 12:20 |
2001-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
