PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow (1)

PeerCast 0.1216 - nextCGIarg Remote Buffer Overflow 1 / GNU PeerCast include include include include include include include include include struct target char name; int retaddr...

local to local copy uses shell expansion twice

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

Cross site scripting

Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

CVE-2006-0796

Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

CVE-2006-0796

Cross-site scripting XSS vulnerability in default.php in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field when sending private messages privatemessages.php. NOTE: the provenance of this information is unknown; the details are obtained solely fro...

CVE-2006-0796

CVE-2006-0796 affects Clever Copy 3.0: XSS in default.php that allows remote attackers to inject arbitrary web script/HTML via the Subject field when sending private messages (privatemessages.php). This is caused by insufficient input sanitization in the message Subject parameter. The vulnerabili...

[SA18873] Clever Copy Private Message "Subject" Script Insertion Vulnerability

TITLE: Clever Copy Private Message "Subject" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA18873 VERIFY ADVISORY: http://secunia.com/advisories/18873/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Clever Copy 3.x http://secunia.com/product/7899/...

[eVuln] Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities

New eVuln Advisory: Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities http://evuln.com/vulns/64/summary.html --------------------Summary---------------- eVuln ID: EV0064 CVE: CVE-2006-0627 Vendor: 3.0 2.0 2.0a Software: Clever Copy V3 Sowtware's Web Site:...

EV0064.txt

New eVuln Advisory: Clever Copy 'Referer' & 'X-Forwarded-For' XSS Vulnerabilities http://evuln.com/vulns/64/summary.html --------------------Summary---------------- eVuln ID: EV0064 CVE: CVE-2006-0627 Vendor: 3.0 2.0 2.0a Software: Clever Copy V3 Sowtware's Web Site:...

Clever Copy 2.03.0 - Multiple HTML Injection Vulnerabilities

Clever Copy 2.03.0 - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/16607/info Clever Copy is prone to multiple HTML-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content...

[SA18790] Clever Copy HTTP Headers Script Insertion Vulnerabilities

TITLE: Clever Copy HTTP Headers Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA18790 VERIFY ADVISORY: http://secunia.com/advisories/18790/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Clever Copy 2.x http://secunia.com/product/5445/ Clever Copy...

[SA18749] Clever Copy "ID" Parameter SQL Injection Vulnerability

TITLE: Clever Copy "ID" Parameter SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18749 VERIFY ADVISORY: http://secunia.com/advisories/18749/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: Clever Copy 2.x http://secunia.com/product/5445/ Clever Copy 3.x...

Mandrake Linux Security Advisory : openssh (MDKSA-2006:034)

A flaw was discovered in the scp local-to-local copy implementation where filenames that contain shell metacharacters or spaces are expanded twice, which could lead to the execution of arbitrary commands if a local user could be tricked into a scp'ing a specially crafted filename. The provided...

Cross site scripting

Cross-site scripting XSS vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Referer or 2 X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats...

CVE-2006-0627

Cross-site scripting XSS vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Referer or 2 X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats...

CVE-2006-0627

Cross-site scripting XSS vulnerability in Clever Copy 2.0, 2.0a, and 3.0 allows remote attackers to inject arbitrary web script or HTML via the 1 Referer or 2 X-Forwarded-For headers in an HTTP request, which are not properly handled when the administrator accesses Site Stats...

CVE-2006-0627

CVE-2006-0627 affects Clever Copy (versions 2.0, 2.0a, and 3.0). The vulnerability is a cross-site scripting flaw where HTTP Referer and HTTP_X_FORWARDED_FOR headers are not properly handled when an administrator accesses Site Stats, allowing injection of arbitrary script/HTML. The provided docum...

Sql injection

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter...

CVE-2006-0583

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter...

CVE-2006-0583

SQL injection vulnerability in mailarticle.php in Clever Copy 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the ID parameter...