1096 matches found
CVE-2009-0622
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.2 and Cisco ACE 4710 Application Control Engine Appliance before A18a allows remote authenticated users to execute arbitrary operating-system commands through a command...
QUICK CART OS command injection vulnerability
Overview QUICK CART is a shopping cart system that provides functionalities used for managing an Internet store. An OS command injection vulnerability exists in QUICK CART as it does not properly validate the user input. Impact A remote attacker could execute arbitrary operating system commands o...
WordPress 2.1.1 - wp-includestheme.php?iz Arbitrary Command Execution
WordPress 2.1.1 - wp-includestheme.php?iz Arbitrary Command Execution source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will...
WordPress 2.1.1 - Arbitrary Command Execution
WordPress 2.1.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject...
WordPress Core 2.1.1 - '/wp-includes/theme.php?iz' Arbitrary Command Execution
source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject PHP code or execute operating system commands...
WordPress Core 2.1.1 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject PHP code or execute operating system commands...
CVE-2007-0565
CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors...
CVE-2007-0565
CGI-Rescue Shopping Basket Professional 7.50 and earlier allows remote attackers to inject arbitrary operating system commands via unspecified vectors...
JVN#10222000 QUICK CART OS command injection vulnerability
Impact A remote attacker could execute arbitrary operating system commands on a server running QUICK CART. Solution Products Affected QUICK CART Ver 1 QUICK CART Ver 2 QUICK CART Free QUICK CART Pro QUICK CART Plugin for Movable Type 3.2...
Snitz Forums 2000 SQL injection
The remote host is using Snitz Forum 2000 This version allow an attacker to execute stored procedures and non-interactive operating system commands on the system. The problem stems from the fact that the 'Email' variable in the register.asp module fails to properly validate and strip out maliciou...
Snitz Forums 2000 SQL injection
The remote host is using Snitz Forum 2000 which allows an attacker to execute stored procedures and non-interactive operating system commands on the system. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
CVE-2003-0118
SQL injection vulnerability in the Document Tracking and Administration DTA website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to 1 rawdocdata.asp or 2 RawCustomSearchField.asp containing an embedded SQL statement...
CVE-2003-0118
SQL injection vulnerability in the Document Tracking and Administration DTA website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to 1 rawdocdata.asp or 2 RawCustomSearchField.asp containing an embedded SQL statement...
Microsoft SQL Server 2000 - sp_MScopyscript SQL Injection
Microsoft SQL Server 2000 - spMScopyscript SQL Injection source: https://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the abili...
Update: Microsoft Security Bulletin (MS00-086)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-086 - -------------------------------------- Patch...
Security Bulletin (MS00-086)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-086 - -------------------------------------- Patch...