135 matches found
CVE-2008-6297
Cross-site scripting XSS vulnerability in order.php in DHCart allows remote attackers to inject arbitrary web script or HTML via the 1 domain and 2 d1 parameters...
Null pointer dereference
neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...
DEBIAN-CVE-2008-3746
neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...
CVE-2008-3746
neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service NULL pointer dereference and crash via vectors related to Digest authentication, Digest domain parameter support, and the parsedomain function...
CVE-2008-3746
CVE-2008-3746 - neon vulnerability details (supported by connected docs) Affected software: neon 0.28.0 through 0.28.2. The issue is described across multiple advisories as a denial of service caused by a NULL pointer dereference in the digest authentication code, related to Digest authentication...
Input validation
Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...
CVE-2008-1243
Cross-site scripting XSS vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndnsdomain parameter to the default URI...
CVE-2008-1041
Cross-site scripting XSS vulnerability in mwhois.php in Matt Wilson Matt's Whois MWhois allows remote attackers to inject arbitrary web script or HTML via the domain parameter...
Design/Logic Flaw
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in 1 the domain parameter to the dgettext function, the message parameter to the 2 dcgettext or 3 gettext function, the msgid1 parameter to the 4 dngettext or 5 ngettext...
Cross site scripting
Cross-site scripting XSS vulnerability in CMDUSERSTATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508...
CVE-2007-3501
Cross-site scripting XSS vulnerability in CMDUSERSTATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508...
CVE-2007-3501
Cross-site scripting XSS vulnerability in CMDUSERSTATS in DirectAdmin 1.30.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the domain parameter, a different vector than CVE-2007-1508...
CVE-2006-6548
Multiple cross-site scripting XSS vulnerabilities in cPanel WebHost Manager WHM 3.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the domain parameter to 1 scripts2/changeemail, 2 scripts2/limitbw, or 3 scripts/rearrangeacct. NOTE: the feature parameter to...
CVE-2006-2153
Cross-site scripting XSS vulnerability in HTMPASSWD in DirectAdmin Hosting Management allows remote attackers to inject arbitrary web script or HTML via the domain parameter...
CVE-2006-0573
Multiple cross-site scripting XSS vulnerabilies in cPanel 10 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 email parameter to a editquota.html or b dodelpop.html; 2 showtree parameter to c diskusage.html; or the 3 mon, 4 year, 5 target, or 6 domain parameter ...