CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-4412
https://notcve.org/view.php?id=CVE-2013-4412
04 Nov 2019 — slim has NULL pointer dereference when using crypt() method from glibc 2.17 slim presenta una desreferencia del puntero NULL cuando es usado el método crypt() de glibc versión 2.17. • http://www.openwall.com/lists/oss-security/2013/10/09/6 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2008-6100 – Discussion Forums 2k 3.3 - Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2008-6100
10 Feb 2009 — Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter to (a) RSS1.php and (b) RSS2.php in misc/; and the (2) SubID parameter to (c) misc/RSS5.php. Múltiples vulnerabilidades de inyección SQL en Discussion Forums 2k v3.3, cuando "Magic_quotes_gpc están desactivadas, permite a atacantes remotos ejecutar comandos SQL de su elección a través de los parámetros (1) CatID a (a) RSS1... • https://www.exploit-db.com/exploits/6643 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2005-3864 – BerliOS SourceWell 1.1.3 - SQL Injection
https://notcve.org/view.php?id=CVE-2005-3864
29 Nov 2005 — SQL injection vulnerability in index.php in SourceWell 1.1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the cnt parameter. NOTE: various reports indicate that the affected version is 1.1.3, but as of 2005-11-29, the most recent version appears to be 1.1.2. • https://www.exploit-db.com/exploits/26617 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0131
https://notcve.org/view.php?id=CVE-2005-0131
22 Jan 2005 — The Quick Connection dialog in Konversation 0.15 inadvertently uses the user-provided password as the nickname instead of the user-provided nickname when connecting to the IRC server, which could leak the password to other users. El diálogo de Conexión Rápidad en Konversation 0.15 usa inadvertidamente la contraseña suministrada por el usuario como el apodo en lugar del apodo suministrado por el usuario cuando se conecta a un servidor IRC, lo que podría filtrar la contraseña a otros usuarios. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2005-0130
https://notcve.org/view.php?id=CVE-2005-0130
22 Jan 2005 — Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC scripts. Ciertos scripts Perl en Konversation 0.15 permiten a atacantes remotos ejecutar comandos mediante metacaractéres de shell en (1) nombres de canal o (2) nombres de canciones que no son entrecomillados adecuadamente cuando el usuario ejecuta scripts IRC. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html •
CVSS: 9.8EPSS: 14%CPEs: 1EXPL: 1CVE-2005-0129 – konversation irc client 0.15 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2005-0129
22 Jan 2005 — The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing "%" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected. La característica de Botones Rápidos en Konversation 0.15 permite atacantes remotos ejecutar ciertos comandos IRC mediante un nombre de canal conteniendo variables "%", con son expandidas recursivamente por la función Server::parseWildcards cuando el botón "Pa... • https://www.exploit-db.com/exploits/25054 •
CVSS: 9.8EPSS: 74%CPEs: 17EXPL: 5CVE-2004-1388 – Berlios GPSD 2.7 - Remote Format String
https://notcve.org/view.php?id=CVE-2004-1388
31 Dec 2004 — Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls. • https://www.exploit-db.com/exploits/3099 •