4444 matches found
CVE-2007-4212
Multiple cross-site scripting XSS vulnerabilities in the Search Module in PHP-Nuke allow remote attackers to inject arbitrary web script or HTML via a trailing "" in 1 the onerror attribute of an IMG element, 2 the onload attribute of an IFRAME element, or 3 redirect users to other sites via the...
Code injection
Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results...
Design/Logic Flaw
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/createengine.php followed by a request to...
CVE-2007-2988
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/createengine.php followed by a request to...
CVE-2007-2988
The CVE-2007-2988 entry describes a vulnerability in the Inout Meta Search Engine: an admin script redirects the browser but does not exit when admin credentials are missing, enabling remote attackers to inject arbitrary PHP code via a sequence of requests to admin/create_engine.php and then admi...
CVE-2007-2988
A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/createengine.php followed by a request to...
Remote file inclusion
PHP remote file inclusion vulnerability in MODforumfieldsparse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-1818
PHP remote file inclusion vulnerability in MODforumfieldsparse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-1818
PHP remote file inclusion vulnerability in MODforumfieldsparse.php in the Forum picture and META tags 1.7 module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
CVE-2007-1818
CVE-2007-1818 is a PHP remote file inclusion vulnerability in the MOD_forum_fields_parse.php file of the Forum picture and META tags 1.7 module for phpBB. The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the phpbb_root_path parameter, enabling remote code execution ...
phpBB MOD Forum picture and META tags 1.7 RFI Vulnerability
No description provided by source. Exploitname: phpBB Module Forum picture and META tags 1.7 File Include Vulnerability Vendor: http://www.rfnnet.nl/downloads/phpbb/MODForumpictureandMETAtags.zip Founder: bd0rk Contact: bd0rkathackermail.com Greetings: str0ke, TheJT, Lu7k, CodeR Vulnerable in...
phpBB Module Forum picture and META tags 1.7 File Include Vulnerability
Exploitname: phpBB Module Forum picture and META tags 1.7 File Include Vulnerability Vendor: http://www.rfnnet.nl/downloads/phpbb/MODForumpictureandMETAtags.zip Founder: bd0rk Contact: bd0rkathackermail.com Greetings: str0ke, TheJT, Lu7k, CodeR Vulnerable in MODforumfieldsparse.php:...
phpBB MOD Forum picture and META tags 1.7 RFI Vulnerability
Exploit for unknown platform in category web applications =========================================================== phpBB MOD Forum picture and META tags 1.7 RFI Vulnerability =========================================================== Exploitname: phpBB Module Forum picture and META tags 1.7...
phpBB MOD Forum picture and META tags 1.7 - Remote File Inclusion
Exploitname: phpBB Module Forum picture and META tags 1.7 File Include Vulnerability Vendor: http://www.rfnnet.nl/downloads/phpbb/MODForumpictureandMETAtags.zip Founder: bd0rk Contact: bd0rkathackermail.com Greetings: str0ke, TheJT, Lu7k, CodeR Vulnerable in MODforumfieldsparse.php:...
WEB vulnerabilities mining techniques-vulnerability warning-the black bar safety net
Source: security focus Author: 7all sgh81at163.com WEB vulnerability Mining Technology |=---------------= WEB vulnerability Mining Technology=-----------------------------=| |=-----------------------------------------------------------------=| |=---------------= 7all7all7at163. com...
KDE JPEG KFile Info插件EXIF本地拒绝服务漏洞
JPEG kfile-info插件用于多个KDE应用程序显示图象META信息。 JPEG kfile-info插件在解析图象META信息时存在问题,本地攻击者可以利用漏洞对使用此插件的应用程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 KDE KDE 3.5.5 KDE KDE 3.5.4 KDE KDE 3.5.3 KDE KDE 3.5.2 KDE KDE 3.5 KDE KDE 3.4.3 - Gentoo Linux KDE KDE 3.4.2 KDE KDE 3.4.1 + RedHat Fedora Core4 KDE KDE 3.4 KDE KDE 3.4 KDE KD...
Php5 GPC bypass flaw-vulnerability warning-the black bar safety net
In the discussion of specific defects before we start to learn a little about php security aspect of small things. magicquotesgpc option is php one of the important security settings, when the option is ON that is open at the time, all from GET, POST, COOKie is passed over the data in the'," and,...
Debian DSA-957-2 : imagemagick - missing shell meta sanitising
Florian Weimer discovered that delegate code in ImageMagick is vulnerable to shell command injection using specially crafted file names. This allows attackers to encode commands inside of graphic commands. With some user interaction, this is exploitable through Gnus and Thunderbird. This update...
Debian DSA-998-1 : libextractor - several vulnerabilities
Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in libextractor, a library to extract arbitrary meta-data from files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
brush.txt
Description: yet another 'windows meta file' WMF denial of service exploit. System affected: + Windows XP SP2, + Windows 2003 SP1, + Windows XP SP1, + Windows XP + Windows 2003 Tech info: page fault in gdi32!CreateBrushIndirect because invalid pointer access. Incorrect short to void sign extensio...