DEBIAN-CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

Command injection

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie MCOOKIE on the command line, which allows local users to gain privileges by listing the process and its arguments...

Directory traversal

Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the setlng parameter...

CVE-2009-1405

Directory traversal vulnerability in index.php in PastelCMS 0.8.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the setlng parameter...

chCounter 3.1.3 - Authentication Bypass

chCounter 3.1.3 - Authentication Bypass chCounter 3.1.3 Login Bypass ======================================================================================================================= Critical Level : Dangerous Vendor site : http://chcounter.org/ Download :...

Aqua CMS (username) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================== Aqua CMS username SQL Injection Vulnerability =============================================== ================================================================================ Found : halkfild...

Magic ISO Maker <= 5.5 build 274 Buffer Overflow Vulnerability

Magic ISO Maker is prone to heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Magic ISO Maker Buffer Overflow Vulnerability

This host is running Magic ISO Maker and is prone to Heap-Based Buffer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbmagicisomakerbofvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Magic ISO Maker Buffer Overflow Vulnerability Authors: Sujit Ghosal Copyright: Copyright c 2009 Greenbone...

Magic ISO Maker Version Detection

This script finds the installed version of Magic ISO Maker. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Update for file MDKSA-2007:067 (file)

Check for the Version of file OpenVAS Vulnerability Test Mandriva Update for file MDKSA-2007:067 file Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Heap overflow

Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted CCD file...

CVE-2009-1257

Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted CCD file...

CVE-2009-1257

CVE-2009-1257 describes a heap-based buffer overflow in Magic ISO Maker 5.5 build 274 (0274) that can be triggered by a crafted CCD file. This vulnerability permits remote attackers to cause a crash (DoS) or potentially execute arbitrary code. Public records consistently identify the affected pro...

Ubuntu Update for file vulnerability USN-439-2

Ubuntu Update for Linux kernel vulnerabilities USN-439-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN4392.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for file vulnerability USN-439-2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Sql injection

Multiple SQL injection vulnerabilities in CelerBB 0.0.2, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 viewforum.php and 2 viewtopic.php...

Wili-CMS 0.4.0 Multiple Vulnerabilities &#40;Remote/Local File Inclusion - Authentication Bypass&#41;

Salvatore "drosophila" Fresta + Application: Wili-CMS + Version: 0.4.0 + Website: http://wili-cms.sourceforge.net/ + Bugs: A Multiple Remote/Local File Inclusion B Authentication Bypass + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore...

PHP Director 0.21 - SQL Into Outfile &#039;eval()&#039; Injection

include include include include include include / Dork "Powered by PHP Director 0.2" | PHP Director 0.2.1 sql into outfile eval Injection Exploit | Exploit- index.php?cat=%27+UNION+SELECT+1,'lol',3,4,5,6,7,8,9,10,11,12,13,14,15+INTO+OUTFILE+'/var/www/ex.php'/ PHP.ini- Magic Quotes off Written- by...

Zabbix Web Interface extlang[] Parameter Remote Code Execution

The remote web server hosts a version of the Zabbix web interface that is affected by a remote code execution vulnerability. The vulnerability involves the 'extlang' parameter of the 'locales.php' script. Provided PHP's 'magicquotesgpc' setting is disabled, an unauthenticated, remote attacker can...

EZ-Blog 'public/view.php' SQL Injection Vulnerability

EZ-Blog is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...