Cross site scripting

Cross-site scripting XSS vulnerability in Ultimate PHP Board UPB 2.2.2, 2.2.1, and earlier 2.x versions allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header...

Squid 2.7 / 3.0 Information Disclosure Vulnerability

According to its version number, the remote version of Squid is prone to an information disclosure vulnerability related to the interpretation of the Host HTTP header. Specifically, this issue occurs when the proxy makes a forwarding decision based on the Host HTTP header instead of the destinati...

X10media Mp3 Search Engine 1.6.2 - Admin Access

X10media Mp3 Search Engine 1.6.2 - Admin Access THUNDER Product: X10media Mp3 Search Engine v1.x Admin Access Vulnerability Author : THUNDER File : admin/admin.php Vulnerable Code / User not an administrator, redirect to main page automatically. / if!$session-isAdmin header"Location: ../main.php"...

Sql injection

SQL injection vulnerability in func/login.php in MercuryBoard 1.1.5 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Agent HTTP header $SERVER'HTTPUSERAGENT'...

CVE-2009-1227

NOTE: this issue has been disputed by the vendor. Buffer overflow in the PKI Web Service in Check Point Firewall-1 PKI Web Service allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 Authorization or 2 Referer HTTP header to TCP port 18624...

Cross site scripting

Cross-site scripting XSS vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances ASA 5520 with software 7.2430 and earlier 7.2 versions including 7.2222, and 8.0428 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject...

Check Point Firewall-1 PKI Web Service buffer overflow

Multiple buffer overflows on HTTP headers parsing...

Heap overflow

Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header...

CVE-2009-0840

Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header...

CVE-2009-0840

CVE-2009-0840 affects MapServer’s mapserv CGI: a heap-based buffer overflow can be triggered by a crafted Content-Length header, enabling remote code execution. Impacted are MapServer 4.x up to 4.10.4 and 5.x up to 5.2.2. Debian/OSS advisories note an incomplete fix also affecting CVE-2009-2281 a...

Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow

Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow - Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow - Description The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long...

Check Point Firewall-1 - PKI Web Service HTTP Header Remote Overflow

Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow - Description The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long HTTP headers. This was discovered during a pen-test where the client...

Check Point Firewall-1 Overflow

Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow - Description The Check Point Firewall-1 PKI Web Service, running by default on TCP port 18264, is vulnerable to a remote overflow in the handling of very long HTTP headers. This was discovered during a pen-test where the client...

Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow

Exploit for hardware platform in category dos / poc ================================================================== Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow ================================================================== - Check Point Firewall-1 PKI Web Service HTT...

DEBIAN-CVE-2009-1149

CRLF injection vulnerability in bsdispasmimetype.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the 1 ctype and possibly 2 filetype parameters...

CVE-2009-1066

SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...

Sql injection

SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...

Heap overflow

Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via 1 a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or 2 a long Accept-Language HTTP header,...

CVE-2009-1066

SQL injection vulnerability in the referral function in admin/lib/liblogs.php in Pixie CMS 1.01a allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header in a request...

Debian: Security Advisory (DSA-1740-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...