635 matches found
CVE-2006-2483
CVE-2006-2483 : A PHP remote file inclusion vulnerability exists in Squirrelcart 2.2.2 and earlier. The issue resides in cart_content.php where an attacker can supply a URL to the cart_isp_root parameter, allowing arbitrary PHP code execution on the affected server. This is a remote code executio...
PT-2006-3431 · Squirrelcart · Squirrelcart
Name of the Vulnerable Software and Affected Versions: Squirrelcart versions 2.2.2 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the cart isp root parameter in the cart content.php file. Recommendations: For Squirrelcart version...
Remote file inclusion
DISPUTED PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under t...
CVE-2006-2315
PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web ro...
CVE-2005-4346
phpBB Blog 2.2.2 and earlier: A function in blog.php causes an invalid SQL query when the permalink parameter to index.php is cleansed to empty (non-digit chars stripped), leading to a SQL syntax error that leaks the full application pathname. This is not a true SQL injection in practice, but the...
INN buffer overflow
The remote host is running INN InterNetNews. The remote version of this server does not do proper bounds checking. An attacker may exploit this issue to crash the remote service by overflowing some of the buffers by sending a maliciously formatted news article. OpenVAS Vulnerability Test $Id:...
INN buffer overflow
The remote version of this INN InterNetNews server does not do proper bounds checking. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2005-2673
CVE-2005-2673 concerns a SQL injection in the modcp.php script of Wol tlab Burning Board, affecting versions 2.2.2 and 2.3.3. The vulnerability arises from unsafely using user-supplied input in the queries for parameters (1) x and (2) y without proper sanitization, allowing remote authenticated a...
[SECURITY] [DSA 714-1] New kdelibs packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 714-1 [email protected] http://www.debian.org/security/ Martin Schulze April 26th, 2005 http://www.debian.org/security/faq -...
CVE-2004-1628
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code...
INN < 2.2.2 Crafted Article Handling Remote Overflow
The remote host is running INN InterNetNews. The remote version of this server does not do proper bounds checking. An attacker may exploit this issue to crash the remote service by overflowing some of the buffers by sending a maliciously formatted news article. C Tenable Network Security, Inc...
DSA-235 kdegraphics - several vulnerabilities
Bulletin has no description...
CVE-2000-0472
CVE-2000-0472 describes a buffer overflow in INN (innd) 2.2.2 that allows a remote attacker to execute arbitrary commands via a cancel request containing a long message ID. Documents indicate the impact is remote code execution and that remediation is to upgrade to version 2.2.3 or disable the ve...
ISC innd 2.x - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/1316/info innd 2.2.2 contains a remotely exploitable buffer overflow in code reached when a cancel request is sent to the "control" newsgroup, under the following condition: the cancel request contains a valid Message-ID but the From/Sender fields diff...
CVE-2000-0472
Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel request containing a long message ID...