CuteNews flood.db.php HTTP Header PHP Code Injection

Binary data 3230.prm...

CuteNews flood.db.php Client-IP HTTP Header Arbitrary Code Injection

The version of CuteNews installed on the remote host fails to properly sanitize the IP addresses of clients using the system before logging them to a known file. An attacker can exploit this flaw to inject arbitrary PHP code through a Client-IP request header and then execute that code by...

CVE-2005-2888

Multiple SQL injection vulnerabilities in MyBulletinBoard MyBB Preview Release 2 allow remote attackers to execute arbitrary SQL commands via the 1 fid parameter to misc.php or 2 Content-Disposition field in the HTTP header to newreply.php...

[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 805-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2806

client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service application hang via an HTTP header containing only a ":" colon, possibly leading to an integer signedness error due to a missing field name or value...

CVE-2005-2806

BNBT EasyTracker (Windows BNBT EasyTracker, client.cpp) vulnerability CVE-2005-2806 affects version 7.7r3.2004.10.27 and earlier. A remote attacker can cause a denial of service (application hang) by sending an HTTP header containing only a ":". The description notes this may involve an integer s...

BTDT BitTorent port DoS

Null HTTP header integer underflow...

CVE-2005-2721

Multiple cross-site scripting XSS vulnerabilities in 1 index.php or 2 admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header...

CVE-2005-2728

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service memory consumption via an HTTP header with a large Range field...

CVE-2005-2728

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service memory consumption via an HTTP header with a large Range field...

CVE-2005-2728

Apache httpd is affected by CVE-2005-2728 due to a flaw in the byte-range filter that can cause memory exhaustion and denial of service when handling HTTP requests with a large Range header, as described in multiple connected advisories. The issue affects Apache httpd 2.0.x before 2.0.54 (and var...

CVE-2005-2721

Multiple cross-site scripting XSS vulnerabilities in 1 index.php or 2 admin.php in Foojan PHP Weblog allow remote attackers to inject arbitrary web script or HTML via the Referer field in the HTTP header...

foojanInject.txt

Vendor : http://foojan.soltoononline.com A complete Persian PHP Weblog WMS Example Information Disclosure: http://target/foojan/adminmodules/daylinks/index.php http://target/foojan/index.php?daylinkspage=-1 Refferer Html Injection Where : in gmain.php $Weblog- query "INSERT INTO visits id , ip ,...

FreeBSD : opera -- download dialog spoofing vulnerability (a2aa24fd-00d4-11da-bc08-0001020eed82)

A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...

opera -- download dialog spoofing vulnerability

A Secunia Advisory reports: Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...

Advanced Guestbook User-Agent Header HTML Injection

The remote host is running Advanced Guestbook, a free guestbook written in PHP. The installed version of Advanced Guestbook fails to properly sanitize the 'HTTPUSERAGENT' environment variable before using it in dynamically-generated content. An attacker can exploit this flaw to launch cross-site...

MercuryBoard User-Agent HTTP Header SQL Injection

Binary data 3024.prm...

Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service

/usr/bin/perl -w use IO::Socket::INET; usage unless @ARGV == 2; my $host = shift@ARGV; my $port = shift@ARGV; sub usage print "\n"; print "\n Apache HTTPd Arbitrary Long HTTP Headers DoS \n"; print " Tested Versions : 2 newproto='tcp', PeerAddr=$host, PeerPort=$port; $socket or die "Cannot connec...

CVE-2005-1576

Affected software: Mozilla Firefox on Windows (versions 0.10.1 and 1.0). Vulnerability: The file download dialog uses the Content-Type HTTP header to determine file type, but when selecting “Save to Disk,” it preserves the original file extension, allowing remote attackers to mask the true file t...

CVE-2005-1575

The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows allows remote attackers to hide the real file types of downloaded files via the Content-Type HTTP header and a filename containing whitespace, dots, or ASCII byte 160...