5327 matches found
[SA15297] Quick.Cart "sWord" Cross-Site Scripting Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Quick.Cart "sWord" Cross-Site Scripting Vulnerability...
[SA15251] CodeThatShoppingCart Multiple Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: CodeThatShoppingCart Multiple Vulnerabilities SECUNIA...
ZeroBoard - Worm Source Code
ZeroBoard - Worm Source Code / The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include include include include include include include include include ifdef sun include endif / SunOS / define DEBUGING undef...
ZeroBoard Worm Source Code
No description provided by source. / The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include stdio.h include unistd.h include stdlib.h include sys/socket.h include netdb.h include netinet/in.h include signal...
[SA15232] FishCart Cross-Site Scripting and SQL Injection Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: FishCart Cross-Site Scripting and SQL Injection...
[SA15208] eSKUeL "ConfLangCookie" and "lang_config" Local File Inclusion
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: eSKUeL "ConfLangCookie" and "langconfig" Local File...
[SA15181] ViArt Shop Enterprise Cross-Site Scripting and Script Insertion
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: ViArt Shop Enterprise Cross-Site Scripting and Script...
siteEnable.txt
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: SiteEnable CMS Multiple Severe XSS and Sql injections Risk: High Date: 1/04/2005 Vendor: http://www.siteenable.com/default.asp Quote from the Vendor: "SiteEnable starts at only $189.00" I could test...
IBM WebSphere application server information leak
It's possible to obtain JSP page source code by requesting non-existing virtual host...
IBM WebSphere Application Server Malformed Host Header JSP Source Disclosure
It is possible to make the remote web server disclose the source code of its JSP pages by requesting the pages with a nonexistent hostname in the HTTP 'Host' header request when WebSphere Application is sharing the document root of the web server. An attacker may use this flaw to get the source...
IBM Websphere 5.05.16.0 - Application Server Web Server Root JSP Source Code Disclosure
IBM Websphere 5.05.16.0 - Application Server Web Server Root JSP Source Code Disclosure source: https://www.securityfocus.com/bid/13160/info A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to...
kdegraphics security update
CentOS Errata and Security Advisory CESA-2005:021-01 Updated kdegraphics packages that resolve multiple security issues in kfax are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team The kdegraphics package contains graphics...
AN HTTPD 1.42 - Arbitrary Log Content Injection
AN HTTPD 1.42 - Arbitrary Log Content Injection source: https://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs ma...
AN HTTPD 1.42 - Arbitrary Log Content Injection
source: https://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs may result in concealing attacks and/or misleading...
Icecast Multiple Vulnerabilities
Binary data 2724.prm...
CVE-2003-1127
CVE-2003-1127 affects Whale Communications e-Gap 2.5 on Windows 2000. The vulnerability allows remote attackers to obtain the login page source code by using the HTTP TRACE method, bypassing the preprocessor. Documented impact is partial confidentiality loss with no indicated integrity or availab...
CVE-2003-1127
Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor...
CVE-2003-1102
CVE-2003-1102 affects Hummingbird CyberDOCS versions 3.5, 3.9, and 4.0 when run on IIS. The root cause is insecure permissions on script source code files, enabling remote attackers to read the source code. The connected documents confirm the same description across multiple records (NVD, CVE Lis...
CVE-2003-1102
Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code...
CVE-2005-0622
RaidenHTTPD 1.1.32 (and possibly earlier than 1.1.34) is affected by CVE-2005-0622. The issue allows remote attackers to view the PHP source code by issuing an HTTP GET for a filename that ends with a trailing dot or a trailing space. The vulnerability impacts confidentiality (partial) and is exp...