CVE-2006-2162

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

Buffer overflow

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

CVE-2006-2162

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

CVE-2006-2162

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

CVE-2006-2131

include/classpoll.php in Advanced Poll 2.0.4 uses the HTTPXFORWARDEDFOR X-Forwarded-For HTTP header to identify the IP address of a client, which makes it easier for remote attackers to spoof the source IP and bypass voting restrictions...

CVE-2006-2131

include/classpoll.php in Advanced Poll 2.0.4 uses the HTTPXFORWARDEDFOR X-Forwarded-For HTTP header to identify the IP address of a client, which makes it easier for remote attackers to spoof the source IP and bypass voting restrictions...

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...

CVE-2006-1645

CVE-2006-1645 affects ReloadCMS 1.2.5 and earlier. The vulnerability is a Cross-site Scripting (XSS) issue where an attacker can inject arbitrary script or HTML through the User-Agent header, which is reflected in admin/modules/general/statistic.php in the administration panel. Exploitation is re...

CVE-2006-1619

IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of service application crash via an HTTP request with a large header...

Crlf injection

CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...

CVE-2006-1282

CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...

CVE-2006-1282

CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...

Sql injection

SQL injection vulnerability in index.php in DSCounter 1.2, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

CVE-2006-1234

SQL injection vulnerability in index.php in DSCounter 1.2, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

CVE-2006-1234

SQL injection vulnerability in index.php in DSCounter 1.2, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+

Exploit for linux/x86 platform in category shellcode ===================================================== linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ ===================================================== / linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ This shellcode allows you ...

Cross site scripting

Cross-site scripting XSS vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For XFORWARDEDFOR HTTP header, which is not properly handled when adding a comment to an album...

Design/Logic Flaw

Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For XFORWARDEDFOR HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTEADDR...

CVE-2006-1127

Cross-site scripting XSS vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For XFORWARDEDFOR HTTP header, which is not properly handled when adding a comment to an album...

CVE-2006-1126

Gallery 2 up to 2.0.2 allows remote attackers to spoof their IP address via a modified X-Forwarded-For XFORWARDEDFOR HTTP header, which is checked by Gallery before other more reliable sources of IP address information, such as REMOTEADDR...