1719 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 quantity or 2 Add Engraving fields to the default URI; 3 Quantity field to phpcart.php; 4 Name, 5 Company, 6 Address, 7 City, and 8...
CVE-2008-7108
Multiple cross-site scripting XSS vulnerabilities in Carmosa phpCart 3.4 through 4.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 quantity or 2 Add Engraving fields to the default URI; 3 Quantity field to phpcart.php; 4 Name, 5 Company, 6 Address, 7 City, and 8...
TortoiseSVN < 1.5.6 / 1.6.0-1.6.3 Multiple Integer Overflows
Binary data 5139.prm...
Fedora 9 : gallery2-2.2.5-1.fc9 (2008-5576)
Wed Jun 18 2008 John Berninger - 2.2.5-1 - update to upstream 2.2.5 for security vulns - Tue Apr 22 2008 John Berninger - 2.2.4-4 - update version for tag conflict due to devel build prior to update of cvs checkout Note that Tenable Network Security has extracted the preceding description block...
SA-2008-023 - Ubercart - Cross site scripting
During checkout in Ubercart enabled stores, customers have text fields in which to enter their address and order information. Some stores will have modules enabled that restrict what sort of values are accepted in these fields, but this is not the case for everyone. This provides an opportunity f...
SunShop Shopping Cart <= 3.5 (abs_path) RFI Vulnerabilities
No description provided by source. sunshop 4 index.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- scripts : SunShop v3.5 Discovered By : irvian scripts site : http://www.turnkeywebtools.com/sunshop/ Thanks To :...
CVE-2006-0477
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...
Buffer overflow
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...
CVE-2006-0477
CVE-2006-0477 describes a buffer overflow in Git’s git-checkout-index, affecting Git versions prior to 1.1.5. An attacker could cause remote arbitrary code execution by providing an index file containing a long symbolic link. The vulnerability is triggered during index handling by git-checkout-in...
CVE-2006-0477
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link...
DEBIAN-CVE-2004-0180
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...
security flaw
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...
osCommerce 2.12.2 - Checkout_Payment.php Error Output Cross-Site Scripting
osCommerce 2.12.2 - CheckoutPayment.php Error Output Cross-Site Scripting source: https://www.securityfocus.com/bid/7155/info Error output is not sufficiently sanitized of HTML and script code by osCommerce. This may allow for cross-site scripting attacks as remote users could create a malicious...
CVE-2002-1018
The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service resource exhaustion by checking out the same book multiple times...
CVE-2002-1020
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available...
CVE-2002-1019
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp...
CVE-2002-1020
The CVE-2002-1020 entry concerns Adobe Content Server 3.0. The vulnerability arises in the library feature used for the Add to bookbag operation: when the server reports that no more copies are available, a remote attacker can still check out an eBook. This implies an underlying logic flaw where ...
CVE-2002-1018
The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service resource exhaustion by checking out the same book multiple times...
CVE-2002-1020
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available...