Page 4 of 46 results (0.004 seconds)

CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 6

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PHPOpenChat, (7) MAXdev MD-Pro, and (8) MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via the sql parameter. • https://www.exploit-db.com/exploits/1663 http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html http://secunia.com/advisories/17418 http://secunia.com/advisories/18233 http://secunia.com/advisories/18254 http://secunia.com/advisories/18260 http://secunia.com/advisories/18267 http://secunia.com/advisories/18276 http://secunia.com/advisories/18720 http://secunia.com/advisories/19555 http://secunia.com/advisories/19563 http://secunia.com/advisories/19590 http://secunia. • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 5

Dynamic code evaluation vulnerability in tests/tmssql.php test script in ADOdb for PHP before 4.70, as used in multiple products including (1) Mantis, (2) PostNuke, (3) Moodle, (4) Cacti, (5) Xaraya, (6) PhpOpenChat, possibly (7) MAXdev MD-Pro, and (8) Simplog, allows remote attackers to execute arbitrary PHP functions via the do parameter, which is saved in a variable that is then executed as a function, as demonstrated using phpinfo. • https://www.exploit-db.com/exploits/1663 http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.html http://retrogod.altervista.org/simplog_092_incl_xpl.html http://secunia.com/advisories/17418 http://secunia.com/advisories/18233 http://secunia.com/advisories/18254 http://secunia.com/advisories/18260 http://secunia.com/advisories/18267 http://secunia.com/advisories/18276 http://secunia.com/advisories/19555 http://secunia.com/advisories/19590 http://secunia.com/advisories/19591& •

CVSS: 5.0EPSS: 1%CPEs: 6EXPL: 1

CRLF injection vulnerability in Mantis 1.0.0rc3 and earlier allows remote attackers to modify HTTP headers and conduct HTTP response splitting attacks via (1) the return parameter in login_cookie_test.php and (2) ref parameter in login_select_proj_page.php. • http://secunia.com/advisories/18181 http://secunia.com/advisories/18221 http://secunia.com/advisories/18481 http://sourceforge.net/project/shownotes.php?release_id=377932&group_id=14963 http://sourceforge.net/project/shownotes.php?release_id=377934&group_id=14963 http://www.debian.org/security/2005/dsa-944 http://www.gentoo.org/security/en/glsa/glsa-200512-12.xml http://www.securityfocus.com/bid/16046 http://www.trapkit.de/advisories/TKADV2005-11-002.txt http://www.vupen. •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 1

Unspecified "port injection" vulnerabilities in filters in Mantis 1.0.0rc3 and earlier have unknown impact and attack vectors. NOTE: due to a lack of relevant details in the vendor changelog, which is the source of this description, it is unclear whether this is a duplicate of another CVE. • http://secunia.com/advisories/18181 http://secunia.com/advisories/18221 http://secunia.com/advisories/18481 http://sourceforge.net/project/shownotes.php?release_id=377932&group_id=14963 http://sourceforge.net/project/shownotes.php?release_id=377934&group_id=14963 http://www.debian.org/security/2005/dsa-944 http://www.gentoo.org/security/en/glsa/glsa-200512-12.xml http://www.osvdb.org/22488 http://www.securityfocus.com/bid/16046 http://www.trapkit.de/advisories/TKADV2005-11& •

CVSS: 5.0EPSS: 0%CPEs: 6EXPL: 1

Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. • http://secunia.com/advisories/18481 http://sourceforge.net/project/shownotes.php?release_id=377934&group_id=14963 http://www.debian.org/security/2005/dsa-944 http://www.trapkit.de/advisories/TKADV2005-11-002.txt http://www.vupen.com/english/advisories/2005/3064 •