96 matches found
CVE-2007-5429
The CVE-2007-5429 entry concerns Nucleus CMS version 3.01, where the vulnerability exists in index.php via the archive parameter. The issue is a cross-site scripting (XSS) flaw that could allow remote attackers to inject arbitrary web script or HTML. The available connected documents confirm the ...
CVE-2007-2101
FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2007-2101
FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
CVE-2007-1802
CVE-2007-1802 describes a cross-site scripting (XSS) vulnerability in MailDwarf 3.01 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (per the NVD entry), potentially affecting users of the MailDwarf CGI form. The CVSS v2 base score is 6...
Remote file inclusion
PHP remote file inclusion vulnerability in bnsmrep1.php in BinGoPHP News BP News 3.01 allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter, a different vector than CVE-2006-4648 and CVE-2006-4649...
CVE-2007-0145
CVE-2007-0145 concerns a PHP remote file inclusion in BinGo News (BP News) 3.01 and earlier. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a URL in the bnrep parameter, with the vulnerable entry point documented as bn_smrep1.php in the Initial description, and re...
QK SMTP 3.01 - RCPT TO Remote Buffer Overflow (2)
QK SMTP 3.01 - RCPT TO Remote Buffer Overflow 2 !/bin/perl https://www.securityfocus.com/bid/20681 tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal bind a remote cmd.exe on target host on 4444 port; based on expanders original exploit...
QK SMTP 3.01 - 'RCPT TO' Remote Buffer Overflow (2)
!/bin/perl https://www.securityfocus.com/bid/20681 tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal bind a remote cmd.exe on target host on 4444 port; based on expanders original exploit credit to Greg Linares for discovered the...
CVE-2006-6141
Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window...
CVE-2006-6141
Buffer overflow in Tftpd32 3.01 allows remote attackers to cause a denial of service via a long GET or PUT request, which is not properly handled when the request is displayed in the title of the gauge window...
QK SMTP <= 3.01 (RCPT TO) Remote Denial of Service Exploit
No description provided by source. / ============================================================= 0-day RCPT TO DoS Exploit for QK SMTP version 3.01 and lower. ============================================================= Exploit affects a format string error in the RCPT TO command in which the...
CVE-2006-4648
PHP remote file inclusion vulnerability in bpncom.php in BinGo News BP News 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter...
CVE-2006-3793
CVE-2006-3793 affects SiteDepth CMS 3.01 and earlier. The vulnerability is a PHP remote file inclusion in constants.php triggered by a URL in the SD_DIR parameter, enabling an attacker to execute arbitrary PHP code. The NVD listing notes a CVSS v2 base score of 5.1 (Medium) with network attack ve...
Mandrake Linux Security Advisory : kdegraphics (MDKSA-2006:012)
Multiple heap-based buffer overflows in the DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions in the DCT stream parsing code Stream.cc in xpdf 3.01 and earlier, allow user-complicit attackers to cause a denial of service heap corruption and possibly execute arbitrary code via...
Security fix for the ALT Linux 5 package xpdf version 3.01-alt3
Jan. 13, 2006 Victor Forsyuk 3.01-alt3 - Security fix CVE-2005-3191. Apply both recent security patches from Fedora package...
DSA-931-1 xpdf - buffer overflows
Bulletin has no description...
CVE-2005-4623
upload.exe in eFileGo 3.01 allows remote attackers to cause a denial of service CPU consumption via an argument with an invalid directory name...
CVE-2005-4622
Directory traversal vulnerability in eFileGo 3.01 allows remote attackers to execute arbitrary code, read arbitrary files, and upload arbitrary files via a ... triple dot in 1 the URL on port 608 and 2 the argument to upload.exe...
CVE-2005-4622
The CVE-2005-4622 entry describes a directory traversal vulnerability in eFileGo 3.01. The risk stems from an input handling flaw that allows an attacker to traverse directories and execute arbitrary code, read arbitrary files, and upload arbitrary files via a crafted request (notably in the URL ...
CVE-2005-4623
CVE-2005-4623 affects eFileGo 3.01 where upload.exe can be driven to a denial of service (CPU consumption) by supplying an invalid directory name. The vulnerability is described across multiple sources as enabling remote DoS via a crafted argument. No explicit exploitation details, affected versi...