2869 matches found
Stanford university SCARF user editing
vendor:Someone at Stanford university site:http://sourceforge.net/projects/scarf/ vuln: There is no admin check on the file generaloptions.php So anyone can go in and make some changes. One thing to do would be create a user, then go into general options and change your user to an admin. You can...
Debian DSA-1116-1 : gimp - buffer overflow
Henning Makholm discovered a buffer overflow in the XCF loading code of Gimp, an image editing program. Opening a specially crafted XCF image might cause the application to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Sql injection in Mambo & Joomla
Hi, There are several sql injections in Mambo 4.6 RC2 & Joomla 1.0.10 and maybe other versions : The codes are from Mambo 4.6 RC2 & some may be different in Joomla When a user edits a content, the "id" parameter is not checked properly in /components/comcontent/content.php, which can cause 2 sql...
mambo -- multiple SQL injection vulnerabilities
James Bercegay reports: Mambo is vulnerable to an Authentication Bypass issue that is due to an SQL Injection in the login function. The SQL Injection is possible because the $passwd variable is only sanitized when it is not passed as an argument to the function. Omid reports: There are several s...
уязвимость в Sad Raven's guestbook
доброе время суток. Недавно я нашел уязвимость в Sad Raven's guestbook версии 1.1, которая позволяет любому пользователю получить доступ в админ-центр. Заранее прошу извинить, если эту уязвимость уже кто-то нашел, но я не нашел нигде о ней никакого упоминания. Все говорят только о том, что пароли...
Super Link Exchange Script v1.0
Super Link Exchange Script v1.0 Homepage: http://www.ebizunion.com/guidetosuper.php Description: Main Features: 1. Add unlimited nested category/sub-category, 2. Can check reciprocal link back, 3. Can hide and delete no link back sites. 4. Template can be edited and suitable to fit your current...
CVE-2006-2582
The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors...
Avactis Shopping Cart vuln.
Avactis Shopping Cart vuln. Vuln. discovered by : r0t Date: 1 may 2006 vendor:http://www.avactis.com affected versions:0.1.2 and prior orginal advisory: http://pridels.blogspot.com/2006/05/avactis-shopping-cart-vuln.html Vuln. Description: 1. sql inj. Avactis Shopping Cart contains a flaw that...
Cartweaver ColdFusion vuln.
Cartweaver ColdFusion vuln. Vuln. discovered by : r0t Date: 25 april 2006 vendorlink:www.cartweaver.com affected versions:2.16.11 and previous orginal advisory:http://pridels.blogspot.com/2006/04/cartweaver-coldfusion-vuln.html Vuln. Description: 1. SQL Injection vuln. Cartweaver ColdFusion...
security flaw
The WYSIWYG rendering engine "rich mail" editor in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which i...
CVE-2006-1910
config.php in S9Y Serendipity 1.0 beta 2 allows remote attackers to inject arbitrary PHP code by editing values that are stored in config.php and later executed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
phpLinks <= 2.1.3.1 XSS vuln.
phpLinks = 2.1.3.1 XSS vuln. Vuln. discovered by : r0t Date: 16 april 2006 vendorlink:http://sourceforge.net/projects/phplinks/ affected versions:phpLinks 2.1.3.1 and previous orginal advisory: http://pridels.blogspot.com/2006/04/phplinks-2131-xss-vuln.html Vuln. Description: phpLinks contains a...
phpWebFTP index.php language Parameter Local File Inclusion
The remote host is running phpWebFTP, a web-based FTP client written in PHP. The version of phpWebFTP installed on the remote host fails to sanitize user-supplied input to the 'language' parameter of the 'index.php' script before using it in a PHP 'include' function. An unauthenticated attacker m...
Musicbox vuln.
Musicbox vuln. Vuln. discovered by : r0t Date: 16 april 2006 vendorlink:http://www.musicboxv2.com/ affected versions:2.3.3 and previous orginal advisory:http://pridels.blogspot.com/2006/04/musicbox-vuln.html Vuln. Description: 1. Input passed to the "term" parameter when performing a search isn't...
APT-webshop-system vuln.
APT-webshop-system vuln. Vuln. discovered by : r0t Date: 9 april 2006 vendor:http://www.apt-webservice.de/shopsoftware/ affected versions: 4.0 PRO 3.0 BASIC 3.0 LIGHT orginal advisory: http://pridels.blogspot.com/2006/04/apt-webshop-system-vuln.html Vuln. description: 1. SQL injection vuln...
classifiedZONE v1.2 XSS vuln.
classifiedZONE v1.2 XSS vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.fusionzone.com/applications/classifieds/ affected versions:v.1.2 and prior Vuln. Description: classifiedZONE contains a flaw that allows a remote cross site scripting attack. This flaw exists because inp...
couponZONE v.4.2 Multiple vuln.
couponZONE v.4.2 Multiple vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.fusionzone.com/applications/coupons affected versions:v.4.2 and prior orginal advisory:http://pridels.blogspot.com/2006/03/couponzone-v42-multiple-vuln.html Vuln. Description: 1. SQL vuln. couponZONE...
[SA19415] Absolute Live Support XE Script Insertion Vulnerability
TITLE: Absolute Live Support XE Script Insertion Vulnerability SECUNIA ADVISORY ID: SA19415 VERIFY ADVISORY: http://secunia.com/advisories/19415/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Absolute Live Support XE 2.x http://secunia.com/product/8929/...
SweetSuite.NET - ssCMS 2.1.x XSS vuln.
SweetSuite.NET - ssCMS 2.1.x XSS vuln. Vuln. discovered by : r0t Date: 25 march 2006 vendor: www.sweetsuite.net/ssCMSMain.aspx affected versions: 2.1.0 and prior orginal advisory: http://pridels.blogspot.com/2006/03/sweetsuitenet-sscms-21x-xss-vuln.html Vuln. Description: ssCMS contains a flaw th...
security flaw
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235...