408 matches found
CVE-2009-1754
The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted...
Ubuntu 5.04 : pike7.6 vulnerability (USN-367-1)
A SQL injection was discovered in Pike's PostgreSQL module. Applications using a PostgreSQL database and uncommon character encodings could be fooled into running arbitrary SQL commands, which could result in privilege escalation within the application, application data exposure, or denial of...
OpenCMS 6.06.2 - Multiple Unauthorized Access Vulnerabilities
OpenCMS 6.06.2 - Multiple Unauthorized Access Vulnerabilities source: https://www.securityfocus.com/bid/19174/info OpenCMS is prone to multiple unauthorized-access vulnerabilities because it fails to properly authenticate users when performing administrative tasks. An attacker can exploit these...
Hogstorps Guestbook 2.0 - Unauthorized Access
Hogstorps Guestbook 2.0 - Unauthorized Access source: https://www.securityfocus.com/bid/18205/info Hogstorps guestbook is prone to an access-authorization vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. An attacker can exploit this issue...
Hogstorps Guestbook 2.0 - Unauthorized Access
source: https://www.securityfocus.com/bid/18205/info Hogstorps guestbook is prone to an access-authorization vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. An attacker can exploit this issue to delete and modify application data. This...
DCP-Portal 6.1.1 - Multiple SQL Injections
DCP-Portal 6.1.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/12573/info DCP-Portal is reportedly affected by multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL queries...
osCommerce 2.1 - Remote File Inclusion
osCommerce 2.1 - Remote File Inclusion source: https://www.securityfocus.com/bid/5037/info osCommerce is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. If the remote file is a PHP script, this may allow for execution of attacker-supplied P...
ftp-ozone.c.txt
/ ftp-ozone.c Demonstrate a basic layer violation in "stateful" firewall inspection of application data within IP packets - @$@$!: http://www.checkpoint.com/techsupport/alerts/pasvftp.html Dug Song / include include include include include include include include include include include include...