CVE-2006-0466

Cross-site scripting XSS vulnerability in search.asp in Goldstag Content Management System allows remote attackers to inject arbitrary web script or HTML via the text parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in My Amazon Store Manager 1.0 allows remote attackers to inject arbitrary web script or HTML via the Keywords parameter. NOTE: some sources claim that the affected parameter is "q", but the only public archive of the original researcher...

[SA18529] F-Secure Anti-Virus Archive Handling Vulnerabilities

TITLE: F-Secure Anti-Virus Archive Handling Vulnerabilities SECUNIA ADVISORY ID: SA18529 VERIFY ADVISORY: http://secunia.com/advisories/18529/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: From remote SOFTWARE: F-Secure Personal Express 6.x http://secunia.com/product/688...

CVE-2005-4862

The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password...

SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook

SEC Consult Security Advisory 20051211-0 ========================================================================== title: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook program: Horde Application Framework + Modules vulnerable version:...

CVE-2005-3998

Cross-site scripting XSS vulnerability in search.asp in Solupress News 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the keywords parameter...

CVE-2005-3957

Technical details for CVE-2005-3957 are not publicly available in the provided documents. No concrete affected products, versions, or impact are specified here. Monitor for updates.

CVE-2005-3957

Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors...

Panda Remote Heap Overflow

Date November 29, 2005 Vulnerability The Panda Antivirus Library provides file format support for virus analysis. During decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete control of the systems being protected. This vulnerability can be exploited remote...

CVE-2005-3783

The ptrace functionality ptrace.c in Linux kernel 2.6 before 2.6.14.2, using CLONETHREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service crash...

CVE-2005-3783

The ptrace functionality ptrace.c in Linux kernel 2.6 before 2.6.14.2, using CLONETHREAD, does not use the thread group ID to check whether it is attaching to itself, which allows local users to cause a denial of service crash...

CVE-2004-2559

CVE-2004-2559 affects DokuWiki prior to 2004-10-19. The issue allows remote attackers to access administrative functions (Mediaselectiondialog, Recent changes, feed, search) due to missing ACL checks. This can impact confidentiality, integrity, and availability as reflected by CVSS metrics (AV:N/...

CVE-2004-2559

DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including 1 Mediaselectiondialog, 2 Recent changes, 3 feed, and 4 search, possibly due to the lack of ACL checks...

CVE-2005-2709

The sysctl functionality sysctl.c in Linux kernel before 2.6.14.1 allows local users to cause a denial of service kernel oops and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function...

linux/x86 write(0,"Hello core! ",12); (w/optional 7 byte exit) 36 bytes

Exploit for linux/x86 platform in category shellcode ======================================================================== linux/x86 write0,"Hello core!\n",12; w/optional 7 byte exit 36 bytes ======================================================================== / writehello-core.c by Charle...

DefaultNav checker

This plugin checks for DefaultNav vulnerabilities on the remote web server See the references for more information. SPDX-FileCopyrightText: 2005 Net-Square Solutions Pvt Ltd. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2005-1979

Distributed Transaction Controller in Microsoft Windows allows remote servers to cause a denial of service MSDTC service exception and exit via an "unexpected protocol command during the reconnection request," which is not properly handled by the Transaction Internet Protocol TIP functionality...

TYPO3 Security Bulletin

A bug has been discovered in the "Front End News Submitter" fenews where SQL injection is not safely prevented and thus malicious SQL commands are potentially possible. Since the RTE enabled version fertenews is derived from fenews, it is affected as well. Component Type: Third Party Extension...

xine-cddb-server.pl.txt

!/usr/bin/perl -- xine-cddb-server by Ulf Harnhammar in 2005 I hereby place this program in the public domain. use strict; use IO::Socket; $main::port = 8880; $main::timeout = 5; SUBROUTINES sub mysend$$ my $file = shift; my $str = shift; print $file "$str\n"; print "SENT: $str\n"; sub mysend sub...

CVE-2005-3154

Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in file or directory name...