Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for webadmin by alt-n
CVE-2003-1463 (GCVE-0-2003-1463)
Vulnerability from cvelistv5 – Published: 2007-10-24 23:00 – Updated: 2024-08-08 02:28
VLAI
Summary
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/7438 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/7439 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/3286 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/319735 | mailing-listx_refsource_BUGTRAQ |
Date Public
2003-04-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/319735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/319735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/319735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1463",
"datePublished": "2007-10-24T23:00:00.000Z",
"dateReserved": "2007-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:28:03.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4620 (GCVE-0-2006-4620)
Vulnerability from cvelistv5 – Published: 2006-09-07 00:00 – Updated: 2024-08-07 19:14
VLAI
Summary
The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/445153/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/28548 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21727 | third-party-advisoryx_refsource_SECUNIA |
| http://www.teklow.com/advisories/TTG0602.txt | x_refsource_MISC |
| http://files.altn.com/WebAdmin/Release/RelNotes_en.txt | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/1516 | third-party-advisoryx_refsource_SREASON |
Date Public
2006-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060904 TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/445153/100/0/threaded"
},
{
"name": "28548",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28548"
},
{
"name": "21727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.teklow.com/advisories/TTG0602.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "webadmin-mdaemon-privilege-escalation(28776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28776"
},
{
"name": "1516",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060904 TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/445153/100/0/threaded"
},
{
"name": "28548",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28548"
},
{
"name": "21727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.teklow.com/advisories/TTG0602.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "webadmin-mdaemon-privilege-escalation(28776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28776"
},
{
"name": "1516",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060904 TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445153/100/0/threaded"
},
{
"name": "28548",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28548"
},
{
"name": "21727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21727"
},
{
"name": "http://www.teklow.com/advisories/TTG0602.txt",
"refsource": "MISC",
"url": "http://www.teklow.com/advisories/TTG0602.txt"
},
{
"name": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt",
"refsource": "CONFIRM",
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "webadmin-mdaemon-privilege-escalation(28776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28776"
},
{
"name": "1516",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4620",
"datePublished": "2006-09-07T00:00:00.000Z",
"dateReserved": "2006-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4370 (GCVE-0-2006-4370)
Vulnerability from cvelistv5 – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3333 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://securityreason.com/securityalert/1455 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/444012/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19631 | vdb-entryx_refsource_BID |
| http://files.altn.com/WebAdmin/Release/RelNotes_en.txt | x_refsource_CONFIRM |
| http://secunia.com/advisories/21558 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "webadmin-userlist-privilege-escalation(28489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28489"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "19631",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21558"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator\u0027s password and gain privileges via the userlist.wdm file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "webadmin-userlist-privilege-escalation(28489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28489"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "19631",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21558"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator\u0027s password and gain privileges via the userlist.wdm file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "webadmin-userlist-privilege-escalation(28489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28489"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "19631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19631"
},
{
"name": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt",
"refsource": "CONFIRM",
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21558"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4370",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4371 (GCVE-0-2006-4371)
Vulnerability from cvelistv5 – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3333 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19620 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/28122 | vdb-entryx_refsource_OSVDB |
| http://www.osvdb.org/28123 | vdb-entryx_refsource_OSVDB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://securityreason.com/securityalert/1455 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/444012/100… | mailing-listx_refsource_BUGTRAQ |
| http://files.altn.com/WebAdmin/Release/RelNotes_en.txt | x_refsource_CONFIRM |
| http://secunia.com/advisories/21558 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "19620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19620"
},
{
"name": "28122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28122"
},
{
"name": "28123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28123"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "webadmin-multiple-directory-traversal(28488)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28488"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21558"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "19620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19620"
},
{
"name": "28122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28122"
},
{
"name": "28123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28123"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "webadmin-multiple-directory-traversal(28488)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28488"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21558"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "19620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19620"
},
{
"name": "28122",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28122"
},
{
"name": "28123",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28123"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "webadmin-multiple-directory-traversal(28488)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28488"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt",
"refsource": "CONFIRM",
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21558"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4371",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0318 (GCVE-0-2005-0318)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1013038 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/12395 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110692897003614&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2005-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users\u0027 account information via a modified user parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users\u0027 account information via a modified user parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1013038",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "12395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0318",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0319 (GCVE-0-2005-0319)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/12395 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110692897003614&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2005-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webadmin-html-injection(19162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19162"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "webadmin-html-injection(19162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19162"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webadmin-html-injection(19162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19162"
},
{
"name": "12395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0319",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0317 (GCVE-0-2005-0317)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1013038 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/12395 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110692897003614&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/14079 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2005-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "webadmin-usereditaccountwdm-xss(19161)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19161"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
},
{
"name": "14079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "webadmin-usereditaccountwdm-xss(19161)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19161"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
},
{
"name": "14079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1013038",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "webadmin-usereditaccountwdm-xss(19161)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19161"
},
{
"name": "12395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
},
{
"name": "14079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0317",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0471 (GCVE-0-2003-0471)
Vulnerability from cvelistv5 – Published: 2003-06-28 04:00 – Updated: 2024-08-08 01:58
VLAI
Summary
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/8024 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=105648385900792&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/2207 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=105647081418155&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2003-06-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:58:10.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8024",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8024"
},
{
"name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105648385900792\u0026w=2"
},
{
"name": "2207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2207"
},
{
"name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105647081418155\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-06-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8024",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8024"
},
{
"name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105648385900792\u0026w=2"
},
{
"name": "2207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2207"
},
{
"name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105647081418155\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0471",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8024"
},
{
"name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105648385900792\u0026w=2"
},
{
"name": "2207",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2207"
},
{
"name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105647081418155\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0471",
"datePublished": "2003-06-28T04:00:00.000Z",
"dateReserved": "2003-06-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:58:10.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4620 (GCVE-0-2006-4620)
Vulnerability from nvd – Published: 2006-09-07 00:00 – Updated: 2024-08-07 19:14
VLAI
Summary
The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/445153/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/28548 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/21727 | third-party-advisoryx_refsource_SECUNIA |
| http://www.teklow.com/advisories/TTG0602.txt | x_refsource_MISC |
| http://files.altn.com/WebAdmin/Release/RelNotes_en.txt | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/1516 | third-party-advisoryx_refsource_SREASON |
Date Public
2006-08-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:14:47.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060904 TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/445153/100/0/threaded"
},
{
"name": "28548",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28548"
},
{
"name": "21727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21727"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.teklow.com/advisories/TTG0602.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "webadmin-mdaemon-privilege-escalation(28776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28776"
},
{
"name": "1516",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060904 TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/445153/100/0/threaded"
},
{
"name": "28548",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28548"
},
{
"name": "21727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21727"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.teklow.com/advisories/TTG0602.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "webadmin-mdaemon-privilege-escalation(28776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28776"
},
{
"name": "1516",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4620",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The useredit_account.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox of another account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060904 TTG0602 - Alt-N WebAdmin MDaemon Account Hijacking",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/445153/100/0/threaded"
},
{
"name": "28548",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28548"
},
{
"name": "21727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21727"
},
{
"name": "http://www.teklow.com/advisories/TTG0602.txt",
"refsource": "MISC",
"url": "http://www.teklow.com/advisories/TTG0602.txt"
},
{
"name": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt",
"refsource": "CONFIRM",
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "webadmin-mdaemon-privilege-escalation(28776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28776"
},
{
"name": "1516",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4620",
"datePublished": "2006-09-07T00:00:00.000Z",
"dateReserved": "2006-09-06T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:14:47.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4370 (GCVE-0-2006-4370)
Vulnerability from nvd – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator's password and gain privileges via the userlist.wdm file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3333 | vdb-entryx_refsource_VUPEN |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://securityreason.com/securityalert/1455 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/archive/1/444012/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/19631 | vdb-entryx_refsource_BID |
| http://files.altn.com/WebAdmin/Release/RelNotes_en.txt | x_refsource_CONFIRM |
| http://secunia.com/advisories/21558 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "webadmin-userlist-privilege-escalation(28489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28489"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "19631",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21558"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator\u0027s password and gain privileges via the userlist.wdm file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "webadmin-userlist-privilege-escalation(28489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28489"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "19631",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21558"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated domain administrators to change a global administrator\u0027s password and gain privileges via the userlist.wdm file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "webadmin-userlist-privilege-escalation(28489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28489"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "19631",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19631"
},
{
"name": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt",
"refsource": "CONFIRM",
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21558"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4370",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4371 (GCVE-0-2006-4371)
Vulnerability from nvd – Published: 2006-08-26 01:00 – Updated: 2024-08-07 19:06
VLAI
Summary
Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://www.vupen.com/english/advisories/2006/3333 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/19620 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/28122 | vdb-entryx_refsource_OSVDB |
| http://www.osvdb.org/28123 | vdb-entryx_refsource_OSVDB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://securityreason.com/securityalert/1455 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/444012/100… | mailing-listx_refsource_BUGTRAQ |
| http://files.altn.com/WebAdmin/Release/RelNotes_en.txt | x_refsource_CONFIRM |
| http://secunia.com/advisories/21558 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "19620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19620"
},
{
"name": "28122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28122"
},
{
"name": "28123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28123"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "webadmin-multiple-directory-traversal(28488)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28488"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21558"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "19620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19620"
},
{
"name": "28122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28122"
},
{
"name": "28123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28123"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "webadmin-multiple-directory-traversal(28488)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28488"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21558"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4371",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 running with MDaemon 9.0.5, and possibly earlier, allow remote authenticated global administrators to read arbitrary files via a .. (dot dot) in the file parameter to (1) logfile_view.wdm and (2) configfile_view.wdm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3333"
},
{
"name": "19620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19620"
},
{
"name": "28122",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28122"
},
{
"name": "28123",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28123"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/048959.html"
},
{
"name": "1455",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1455"
},
{
"name": "webadmin-multiple-directory-traversal(28488)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28488"
},
{
"name": "20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444012/100/0/threaded"
},
{
"name": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt",
"refsource": "CONFIRM",
"url": "http://files.altn.com/WebAdmin/Release/RelNotes_en.txt"
},
{
"name": "21558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21558"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4371",
"datePublished": "2006-08-26T01:00:00.000Z",
"dateReserved": "2006-08-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:06:07.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0318 (GCVE-0-2005-0318)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users' account information via a modified user parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1013038 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/12395 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110692897003614&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2005-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users\u0027 account information via a modified user parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "useredit_account.wdm in Alt-N WebAdmin 3.0.4 does not properly validate account edits by the logged in user, which allows remote authenticated users to edit other users\u0027 account information via a modified user parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1013038",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "12395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0318",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0319 (GCVE-0-2005-0319)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/12395 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110692897003614&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2005-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webadmin-html-injection(19162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19162"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "webadmin-html-injection(19162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19162"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Direct remote injection vulnerability in modalfram.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to load external webpages that appear to come from the WebAdmin server, which allows remote attackers to inject arbitrary HTML or web script to facilitate cross-site scripting (XSS) and phishing attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webadmin-html-injection(19162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19162"
},
{
"name": "12395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0319",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0317 (GCVE-0-2005-0317)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:05
VLAI
Summary
Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1013038 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/12395 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=110692897003614&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/14079 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2005-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:05:25.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "webadmin-usereditaccountwdm-xss(19161)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19161"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
},
{
"name": "14079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14079"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1013038",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "webadmin-usereditaccountwdm-xss(19161)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19161"
},
{
"name": "12395",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
},
{
"name": "14079",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14079"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in useredit_account.wdm in Alt-N WebAdmin 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the user parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1013038",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013038"
},
{
"name": "webadmin-usereditaccountwdm-xss(19161)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19161"
},
{
"name": "12395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12395"
},
{
"name": "20050128 Multiple vulnerabilities in Alt-N WebAdmin \u003c= 3.0.2",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110692897003614\u0026w=2"
},
{
"name": "14079",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14079"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0317",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:05:25.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1463 (GCVE-0-2003-1463)
Vulnerability from nvd – Published: 2007-10-24 23:00 – Updated: 2024-08-08 02:28
VLAI
Summary
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/7438 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/bid/7439 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/3286 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/319735 | mailing-listx_refsource_BUGTRAQ |
Date Public
2003-04-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "7438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/319735"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "7438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/319735"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "7438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7438"
},
{
"name": "7439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7439"
},
{
"name": "webadmin-webadmindll-path-disclosure(11874)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11874"
},
{
"name": "3286",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3286"
},
{
"name": "webadmin-webadmindll-view-files(11875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11875"
},
{
"name": "20030425 Path disclosure and file access on WebAdmin",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/319735"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1463",
"datePublished": "2007-10-24T23:00:00.000Z",
"dateReserved": "2007-10-24T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:28:03.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0471 (GCVE-0-2003-0471)
Vulnerability from nvd – Published: 2003-06-28 04:00 – Updated: 2024-08-08 01:58
VLAI
Summary
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/8024 | vdb-entryx_refsource_BID |
| http://marc.info/?l=bugtraq&m=105648385900792&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.osvdb.org/2207 | vdb-entryx_refsource_OSVDB |
| http://marc.info/?l=bugtraq&m=105647081418155&w=2 | mailing-listx_refsource_BUGTRAQ |
Date Public
2003-06-24 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:58:10.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8024",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/8024"
},
{
"name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105648385900792\u0026w=2"
},
{
"name": "2207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/2207"
},
{
"name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105647081418155\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-06-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8024",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/8024"
},
{
"name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105648385900792\u0026w=2"
},
{
"name": "2207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/2207"
},
{
"name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105647081418155\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0471",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8024",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8024"
},
{
"name": "20030624 Re: WebAdmin from ALT-N remote exploit PoC",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105648385900792\u0026w=2"
},
{
"name": "2207",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2207"
},
{
"name": "20030624 Remote Buffer Overrun WebAdmin.exe",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105647081418155\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0471",
"datePublished": "2003-06-28T04:00:00.000Z",
"dateReserved": "2003-06-26T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:58:10.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}