Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pedro vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-6683
Pedro Lineu Orso chetcpasswd 2.4.1 and previous versions verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote malicious users to bypass intended restrictions implemented through PAM.
Pedro Lineu Orso Chetcpasswd
Pedro Lineu Orso Chetcpasswd 2.1
Pedro Lineu Orso Chetcpasswd 2.3.1
Pedro Lineu Orso Chetcpasswd 2.3.3
Pedro Lineu Orso Chetcpasswd 1.12
Pedro Lineu Orso Chetcpasswd 2.2.1
NA
CVE-2006-6684
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd prior to 2.4 allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; ...
Pedro Lineu Orso Chetcpasswd 2.3.1
Pedro Lineu Orso Chetcpasswd
NA
CVE-2008-0651
SQL injection vulnerability in login.php in Pedro Santana Codice CMS allows remote malicious users to execute arbitrary SQL commands via the username field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Pedro Santana Codice Cms
1 EDB exploit
NA
CVE-2010-3357
gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Pedro Castro Gnome-subtitles 1.0
NA
CVE-2010-3360
Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Pedro Villavicencio Garrido Hipo 0.6.1
NA
CVE-2008-7249
Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and probably later, allows user-assisted remote malicious users to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167.
Pedro Lineu Orso Sarg 2.2.4
NA
CVE-2008-7250
Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.4 allows remote malicious users to inject arbitrary web script or HTML via a JavaScript onload event in the User-Agent header, which is not properly handled when displaying the Squid proxy log....
Pedro Lineu Orso Sarg 2.2.4
NA
CVE-2006-6685
Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details a...
Pedro Lineu Orso Chetcpasswd 2.3.3
NA
CVE-2006-5908
Multiple SQL injection vulnerabilities in the login_user function in yans.func.php in Lucas Rodriguez San Pedro Yet Another News System (YANS) 0.2b allow remote malicious users to execute arbitrary SQL commands via the (1) username or (2) password parameter.
Lucas Rodriguez San Pedro Yet Another News System 0.2b
NA
CVE-2002-2220
Buffer overflow in Pedro Lineu Orso chetcpasswd prior to 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors.
Chetcpasswd Chetcpasswd 1.12
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »