MDKA-2006:049 : desktop-common-data

There were some problems with the menu system in Mandriva Linux 2007. Some menu categories were not displayed or properly translated, and editing the menus with the GNOME menu editor alacarte was not working. This update fixes these problems. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been...

MDKA-2007:005 : nmap

The version of nmap shipped with Mandriva Linux 2007 was built against the system copies of the libpcap and libdnet libraries. However, nmap actually requires changes to be made to these libraries which have not yet been made to the upstream versions, and consequently should be compiled against i...

CVE-2006-7023

Multiple cross-site scripting XSS vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inject arbitrary HTML or web script via 1 the search box, and the 2 url, 3 website, 4 comment, and 5 signature fields in the profile, and possibly 6 a menu item...

CVE-2006-7023

Multiple cross-site scripting XSS vulnerabilities in fx-APP 0.0.8.1 allow remote attackers to inject arbitrary HTML or web script via 1 the search box, and the 2 url, 3 website, 4 comment, and 5 signature fields in the profile, and possibly 6 a menu item...

Cross site scripting

Cross-site scripting XSS vulnerability in liens.php3 in liensdynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu...

CVE-2007-0331

Cross-site scripting XSS vulnerability in liens.php3 in liensdynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu...

CVE-2007-0331

Cross-site scripting XSS vulnerability in liens.php3 in liensdynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu...

trevorchan07-rfi.txt

------------------------------------------------------------------------------------------------------------------- AYYILDIZ.ORG PreSents... Script:Trevorchan v0.7 Download: http://rel.trevorchan.org/Releasev07.zip Contact: ilker Kandemir Code: requireonce$tcconfig'rootdir'."/inc/functions.php";...

PT-2006-7341 · Unknown · Phpprofiles

Name of the Vulnerable Software and Affected Versions: phpProfiles versions 3.1.2b and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the menu parameter to various PHP files, including "include/body.inc.php" and "include/body admin.inc.php", or a...

CVE-2006-5969

CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308...

CVE-2006-5969

CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308...

DEBIAN-CVE-2006-5969

CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308...

CVE-2003-1308

CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename...

MyNewsGroups layersmenu.inc.php远程文件包含漏洞

MyNewsGroups是具有WEB界面的USENET新闻组客户端。 MyNewsGroups的lib/tree/layersmenu.inc.php文件中没有正确的过滤对myngroot参数的输入，允许攻击者可以通过包含本地或外部资源执行任意PHP代码。 漏洞相关的代码如下： ..... ?php // PHP Layers Menu 2.3.5 C 2001-2003 Marco Pratesi marco at telug dot it requireonce $myngroot."/pear/PEAR.php"; ..... MyNewsGroups MyNewsGroups =...

Debian DSA-1007-1 : drupal - several vulnerabilities

The Drupal Security Team discovered several vulnerabilities in Drupal, a fully-featured content management and discussion engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1225 Due to missing input sanitising a remote attacker could inject...

CliServ Web Community 0.65 - 'cl_headers' Include

/ + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - CliServ Web Community menu.php3 line 4-8: .... include$clheaders; $query = "DELETE FROM clnotice WHERE nexpire login.php3 line 4-8: .... include$clheader; ? .... ++++++++++++++++++++++++++++++++++++++++++++++++++ /...

mynewsgroups06b.txt

+-------------------------------------------------------------------- + + MyNewsGroups : v. 0.6b = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: MyNewsGroups : v. 0.6b + Venedor ...........: http://mynewsgroups.sourceforge.n...

MyNewsGroups <= 0.6b (myng_root) Remote Inclusion Vulnerability

+-------------------------------------------------------------------- + + MyNewsGroups : v. 0.6b = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: MyNewsGroups : v. 0.6b + Venedor ...........: http://mynewsgroups.sourceforge.n...

CVE-2006-3966

PHP remote file inclusion vulnerability in /lib/tree/layersmenu.inc.php in the PHP Layers Menu 2.3.5 package for MyNewsGroups : 0.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myngroot parameter...

CVE-2006-3966

PHP remote file inclusion vulnerability in /lib/tree/layersmenu.inc.php in the PHP Layers Menu 2.3.5 package for MyNewsGroups : 0.6b and earlier allows remote attackers to execute arbitrary PHP code via a URL in the myngroot parameter...