3211 matches found
CVE-2005-3308
Multiple cross-site scripting XSS vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 comment parameter in detail.php, 3 the username parameter in get.php, and 4 the search parameter in index.php...
gforgeexec.txt
-------------------------------------------------------------------------- Vendor : Gforge http://gforge.org Product : gforge Affected versions : = 4.0 & Debian pkg 3.1-30 Vulnerability : Input validation flaw Problem-Type : remote Severity : High, arbitrary command execution Author : Filippo Spi...
CVE-2005-2191
Multiple cross-site scripting XSS vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter to comersusbackofficelistAssignedPricesToCustomer.asp or 2 message parameter to comersusbackofficemessage.asp...
CVE-2002-1899
IceWarp Web Mail versions 3.3.3 and 3.4.5 are affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the Full Name (addressname) parameter. The connected sources confirm the affected product and the vulnerable input, but do n...
CVE-2005-1292
Multiple cross-site scripting XSS vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to 1 tellAFriend.asp or 2 addToWishlist.asp, redirect parameter to 3 access.asp or 4 login.asp, message parameter to 5 login.asp or 6...
CVE-2005-1292
Multiple cross-site scripting XSS vulnerabilities in CartWIZ ASP Cart allow remote attackers to inject arbitrary web script or HTML via the idProduct parameter to 1 tellAFriend.asp or 2 addToWishlist.asp, redirect parameter to 3 access.asp or 4 login.asp, message parameter to 5 login.asp or 6...
PT-2005-1333 · Biborb · Biborb
Name of the Vulnerable Software and Affected Versions: BibORB versions 1.3.2 and earlier Description: The issue allows remote attackers to delete arbitrary files via a Delete action and .. dot dot sequences in the database name parameter in index.php. Recommendations: For BibORB versions 1.3.2 an...
CVE-2003-0942
Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa...
Choutcast buffer overflow
Buffer overflow on oversized icy-name and icy-url parameters...
CVE-2002-0947
Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter...
Mirabilis ICQ 0.9998.0 a2000.0 A99a - Remote Denial of Service
Mirabilis ICQ 0.9998.0 a2000.0 A99a - Remote Denial of Service // source: https://www.securityfocus.com/bid/1463/info The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. / ICQ...