WebScripts WebBBS 4.x/5.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5048/info WebBBS does not sufficiently filter shell metacharacters from CGI parameters. As a result, remote attackers may execute arbitrary commands on the underlying shell of the system hosting the vulnerable software...

WinSyslog Interactive Syslog Server 4.21/ long Message Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8821/info WinSyslog is prone to a remotely exploitable denial of service vulnerability. The issue exists in the Interactive Syslog Server specifically. This occurs when the program receives multiple excessive syslog...

HP JetDirect PJL Query Execution

No description provided by source. Exploit Title: HP JetDirect PJL Query Execution Date: Aug 7, 2011 Author: Myo Soe YGN Ethical Hacker Group - http://yehg.net/ Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the Metasploit Framework a...

Suidperl 5.00503 Mail Shell Escape Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1547/info The interaction between some security checks performed by suidperl, the setuid version of perl, and the /bin/mail program creates a scenario that allows local malicious users to execute commands with root...

interactive story 1.3 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3028/info Interactive Story is a web-based application written in Perl and is distributed as freeware. Interactive Story does not filter '../' sequences from user input submitted to a hidden file called 'next'. Remote...

id Software Quake 3 Arena Server 1.29 Possible Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3123/info Quake3 Arena Server is a software package designed to host multiple Quake 3 players over a network for interactive play. A vulnerability exists in this software that can allow a malicious user to remotely crash ...

F@cile Interactive Web <= 0.8x Remote (Include / XSS) Vulnerabilities

No description provided by source. F@cile Interactive Web = 0.8x Multiple Remote Vulnerabilities Contacts ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploits works on F@cile Interactive Web = 0.8x Original advisory can be found at: http://www.nukedx.com/?viewdoc=35 File...

Freeform Interactive Purge 1.4.7/Purge Jihad 2.0.1 Game Client Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9671/info Freeform Interactive Purge and Purge Jihad game clients have been reported prone to a remotely exploitable buffer overflow condition. The issue presents itself in the client network connection routines used by t...

IceBB 1.0-rc10 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22688 Reference: http://www.htbridge.ch/advisory/sqlinjectioninicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection Status:...

Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC

No description provided by source. ?php / Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC .oce by rgod found a local vector for this: http://retrogod.altervista.org/9sgoracledatadirect.htm http://www.exploit-db.com/exploits/18007/ This poc will create a...

Xpressions Interactive Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7804/info Several software products maintained by Xpressions Interactive are prone to SQL injection attacks. The vulnerability exists in the login.asp page. Specifically, user-supplied input is not sufficiently sanitized ...

Commercial Interactive Media SCOOP! 2.3 articleZone.asp Invalid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Commercial Interactive Media SCOOP! 2.3 lostPassword.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Commercial Interactive Media SCOOP! 2.3 prePurchaserRegistration.asp Invalid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Commercial Interactive Media SCOOP! 2.3 category.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Commercial Interactive Media SCOOP! 2.3 requestDemo.asp Invalid Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

Commercial Interactive Media SCOOP! 2.3 account_login.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16015/info Commercial Interactive Media SCOOP! is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

openSUSE Security Update : dropbear (openSUSE-SU-2013:1696-1)

dropbear was updated to version 2013.60 to fix following bugs : - Fix 'make install' so that it doesn't always install to /bin and /sbin - Fix 'make install MULTI=1', installing manpages failed - Fix 'make install' when scp is included since it has no manpage - Make --disable-bundled-libtom work ...

Adobe Flash Player: Multiple vulnerabilities

Background The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Description Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact A remote attacke...

CVE-2013-4727

DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to obtain sensitive information via a request to Admin/top.aspx...