CVE-2008-1385

Cross-site scripting XSS vulnerability in the Top Referrers aka referrer plugin in Serendipity S9Y before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

Adobe Flash Player 9.0.124.0版本修改多个安全漏洞

BUGTRAQ ID: 27034,28695,26966,28697,26930,28696,28694 CVECAN ID: CVE-2007-5275,CVE-2007-6243,CVE-2007-6637,CVE-2007-6019,CVE-2007-0071,CVE-2008-1655,CVE-2008-1654 Flash Player是一款非常流行的FLASH播放器。 Flash Player 9.0.124.0版本修复了多个安全漏洞，成功利用这些漏洞允许恶意用户绕过安全限制、执行跨站脚本或入侵用户系统，具体包括： 1 处理Declare Function...

RHEL 4 / 5 : squid (RHSA-2008:0214)

The remote Redhat Enterprise Linux 4 / 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2008:0214 advisory. Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. A flaw was found in the way squi...

Drake CMS 0.4.11 - Blind SQL Injection

gid 17. if '' === $gbname = in'gbname', SQL | NOHTML, $POST, '', 50 18. || '' === $gbemail = in'gbemail', SQL | NOHTML, $POST, '', 50 19. || !isemail$gbemail 20. 21. CMSResponse::BackFORMNC; 22. else 23. $gbname = $my-name; 24. $gbemail = $my-email; 25. 26. 27. $timeout = $params-get'timeout',5;...

Sql injection

The pnVarPrepForStore function in PostNuke 0.764 and earlier skips input sanitization when magicquotesruntime is enabled, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via input associated with server variables, as demonstrated by the CLIENTIP...

[MSA02240108] IE7 allows overwriting of several headers leading to Http request Splitting and smuggling.

MSA01240108: IE7 allows overwriting of several headers leading to Http request Splitting and smuggling. Date: March 21th, 2008 Tested Versions: Internet Explorer 7.0.5730.11 Tested OS: Windows XP Professional SP2 Italian Minded Security ReferenceID: MSA02240108 Credits: Discovery by Stefano Di...

VLC Media Player network/httpd.c httpd_FileCallBack Function Connection Parameter Format String

The remote host is running VLC, a popular media player application which can have an embedded web server. The remote version of this software is vulnerable to a format string attack when processing a malformed 'Connection:' http header. An attacker can exploit this flaw to execute arbitrary...

CVE-2008-1398

SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

Sql injection

SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

CVE-2008-1398

SQL injection vulnerability in online.php in AuraCMS 2.0 through 2.2.1 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

CVE-2008-1398

CVE-2008-1398 describes an SQL injection in AuraCMS 2.0–2.2.1 via the X-Forwarded-For HTTP header (HTTP_X_FORWARDED_FOR environment variable) that allows remote execution of arbitrary SQL commands. Affected component is online.php; root cause is improper handling/validation of the header value in...

AuraCMS 2.2.1 - X-Forwarded-For HTTP Header Blind SQL Injection

AuraCMS 2.2.1 - X-Forwarded-For HTTP Header Blind SQL Injection !/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor :...

AuraCMS 2.2.1 - 'X-Forwarded-For' HTTP Header Blind SQL Injection

!/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor : http://www.auracms.org/ ------------------------------------ Audit...

Buffer overflow

Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service device crash or possibly have unspecified other impact via 1 a long username or 2 an HTTP header with a large name and an empty value...

CVE-2008-1266

Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service device crash or possibly have unspecified other impact via 1 a long username or 2 an HTTP header with a large name and an empty value...

Centreon 1.4.2.3 - 'get_image.php' Remote File Disclosure

!/usr/bin/python Date : 20/01/2008 Author : Julien CAYSSOL import sys, urllib2,re useragent = 'Mozilla/6.0 compatible; MSIE 6.0; Windows NT' headers = 'User-Agent' : useragent , 'Accept-Charset' : 'ISO-8859-15' if name == "main": if lensys.argv==2: host = sys.argv1 print " + Host : " + host url =...

CVE-2008-1052

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

Null pointer dereference

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

CVE-2008-1052

The administration web interface in NetWin SurgeFTP 2.3a2 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL pointer dereference when memory allocation fails...

CVE-2008-1052

The CVE-2008-1052 entry concerns NetWin SurgeFTP, specifically versions 2.3a2 and earlier. The issue is a remote denial of service: when an attacker sends a crafted large Content-Length HTTP header, memory exhaustion leads to a NULL pointer dereference and a daemon crash. The description does not...