Kayako Live Response 2.0 - index.php Calendar Feature Multiple SQL Injections

Kayako Live Response 2.0 - index.php Calendar Feature Multiple SQL Injections source: https://www.securityfocus.com/bid/14425/info Kayako LiveResponse is prone to multiple cross-site scripting, SQL injection, and HTML injection vulnerabilties. These issues are all related to input validation...

[SECURITY] [DSA 745-1] New drupal package fixes multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA 745-1 [email protected] http://www.debian.org/security/ Michael Stone July 10, 2005 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

NPDS 4.8 5.0 - links.php?Query SQL Injection

NPDS 4.8 5.0 - links.php?Query SQL Injection source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attack...

NPDS 4.8 < 5.0 - 'faq.php?categories' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 5.0 - faq.php?categories Cross-Site Scripting

NPDS 4.8 5.0 - faq.php?categories Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 < 5.0 - 'sdv_infos.php?sitename' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 5.0 - sdv_infos.php?sitename Cross-Site Scripting

NPDS 4.8 5.0 - sdvinfos.php?sitename Cross-Site Scripting source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL...

NPDS 4.8 < 5.0 - 'reviews.php?title' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

NPDS 4.8 /5.0 - 'modules.php?Lettre' Cross-Site Scripting

source: https://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may result in the theft of...

GLSA-200503-37 : LimeWire: Disclosure of sensitive information

The remote host is affected by the vulnerability described in GLSA-200503-37 LimeWire: Disclosure of sensitive information Two input validation errors were found in the handling of Gnutella GET requests CAN-2005-0788 and magnet requests CAN-2005-0789. Impact : A remote attacker can craft a specif...

awstats -- arbitrary command execution

Several input validation errors exist in AWStats that allow a remote unauthenticated attacker to execute arbitrary commands with the priviliges of the web server. These programming errors involve CGI parameters including loadplugin, logfile, pluginmode, update, and possibly others. Additionally,...

[SA12789] IceWarp Web Mail Cross-Site Scripting Vulnerabilities

TITLE: IceWarp Web Mail Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA12789 VERIFY ADVISORY: http://secunia.com/advisories/12789/ CRITICAL: Moderately critical IMPACT: Unknown, Cross Site Scripting WHERE: From remote SOFTWARE: IceWarp Web Mail 5.x http://secunia.com/product/3775/...

Fastream NETFile FTP/Web Server Input validation Errors

Fastream NETFile FTP/Web Server Input validation Errors -------------------------------------------------------- Release Date: 4 July 2004 Severity: High Systems Affected: Fastream NETFile FTP/Web Server =v.6.7.2.1085 Systems Not Affected: Fastream NETFile FTP/Web Server v6.7.3 Vendor URL:...

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections source: https://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL...

InstaBoard 1.3 - index.cfm SQL Injection

InstaBoard 1.3 - index.cfm SQL Injection source: https://www.securityfocus.com/bid/7338/info It has been reported that multiple input validation errors exist in the index.cfm file included with InstaBoard. Because of this issue, remote attackers may launch SQL injection attacks through the...

InstaBoard 1.3 - 'index.cfm' SQL Injection

source: https://www.securityfocus.com/bid/7338/info It has been reported that multiple input validation errors exist in the index.cfm file included with InstaBoard. Because of this issue, remote attackers may launch SQL injection attacks through the software. The consequences may vary depending o...

CSS in blackboard

Product: Blackboard 5 Vendor: Blackboard inc Website: www.Blackboard.com Reported: 24 apr 2002: Discovered CSS in blackboard program and company.blackboard.com. Reported CSS in blackboard program at http://company.blackboard.com/contactus/Suggestions.cgi. Reported CSS in company.blackboard.com to...