kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c

A vulnerability was found in the Linux kernel's generic WiFi ESSID handling implementation. The flaw allows a system to join a wireless network where the ESSID is longer than the maximum length of 32 characters, which can cause the system to crash or execute code...

Veris: Unauthenticated CSRF(User can input any value for CSRF Token)

Hello Veris, I believe you have implemented CSRF token on the registration for a reason. In my research, I found that a user supplied CSRF Token would be accepted and even saved in the browser cookie and will be the set token on subsequent request. This report is limited to the Register and Login...

forumv04c.txt

!/usr/bin/perl Affected.scr..: µforum v0.4c Poc.ID........: 08060901 Type..........: Member's passwords are stored in .dat file no protected by a .htaccess file Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.forum.1568.html Poc.link......:...

CVE-2006-2061

SQL injection vulnerability in lib/functaskmanager.php in Invision Power Board IPB 2.1.x and 2.0.x before 20060425 allows remote attackers to execute arbitrary SQL commands via the ck parameter, which can inject at most 32 characters...