2880 matches found
alstrasoft-multi.txt
AlstraSoft Multiple products multiple Vulnerabilities Vendor urL:http://www.alstrasoft.com/products.htm Advisore url:http://lostmon.blogspot.com/2007/07/ alstrasoft-multiple-products-multiple.html Vendor notify:yes webform Exploit included: yes Multiple products of Alstrasoft Are prone vulnerable...
Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting
Alstrasoft Sms Text Messaging Enterprise 2.0 - adminedituser.php?userid Cross-Site Scripting source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplie...
Alstrasoft Sms Text Messaging Enterprise 2.0 - adminmembersearch.php Multiple Cross-Site Scripting Vulnerabilities
Alstrasoft Sms Text Messaging Enterprise 2.0 - adminmembersearch.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly...
Alstrasoft Sms Text Messaging Enterprise 2.0 - '/admin/membersearch.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...
Alstrasoft Sms Text Messaging Enterprise 2.0 - '/admin/edituser.php?userid' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25022/info SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browse...
Microsoft Security Bulletin MS07-019 Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261)
Microsoft Security Bulletin MS07-019 Vulnerability in Universal Plug and Play Could Allow Remote Code Execution 931261 Published: April 10, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity...
CVE-2006-6876
Buffer overflow in the fetchsms function in the SMS handling module libsmsgetsms.c in OpenSER 1.2.0 and earlier allows remote attackers to cause a denial of service crash via a crafted SMS message, triggering memory corruption when the "beginning" buffer is copied to the third pdu argument...
CVE-2006-6876
OpenSER 1.2.0 and earlier contains a buffer overflow in fetchsms (libsms_getsms.c) that can be triggered by a crafted SMS message. The vulnerability causes memory corruption when the beginning buffer is copied to the third (pdu) argument, enabling a remote denial of service (crash). Affected vers...
CVE-2006-6876
Buffer overflow in the fetchsms function in the SMS handling module libsmsgetsms.c in OpenSER 1.2.0 and earlier allows remote attackers to cause a denial of service crash via a crafted SMS message, triggering memory corruption when the "beginning" buffer is copied to the third pdu argument...
Multiple OpenSER vulnerabilities
Memory corruption on SMS parsing, buffer overflow on OSP parsing, on QuickCAM objects parsing...
SMS handling OpenSER remote code executing
Synopsis: SMS handling OpenSER remote code executing Product: OpenSER Version: =1.1.0 Issue: ====== A critical security vulnerability has been found in OpenSER SMS handling module. The vulnerable function should read the SMS from the SIM-memory. Details: ======== int fetchsmsstruct modem mdm, int...
CVE-2006-6674
Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate registry key, which allows local users to obtain sensitive information...
CVE-2006-6674
The CVE concerns Ozeki HTTP-SMS Gateway 1.0 (and possibly earlier) where credentials are stored in plaintext in the registry key HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate. This plaintext storage enables local users to obtain usernames and passwords, yielding partial confide...
Solaris 5.8 (sparc) : 112481-15
SMS 1.2: fomd, hwad, esmd, pcd patch. Date this patch was last updated by Sun : Dec/01/03 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Solaris 5.9 (sparc) : 112481-15
SMS 1.2: fomd, hwad, esmd, pcd patch. Date this patch was last updated by Sun : Dec/01/03 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if !...
Debian DSA-1049-1 : ethereal - several vulnerabilities
Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1932 The OID printing routine is susceptible to an off-by-one error. - CVE-2006-1933 The UMA and BER...
CVE-2006-3349
Multiple SQL injection vulnerabilities in SmS Script allow remote attackers to execute arbitrary SQL commands via the CatID parameter in 1 cat.php and 2 add.php...
CVE-2006-3349
CVE-2006-3349: The connected sources confirm multiple SQL injection vulnerabilities in SmS Script, exploitable remotely via the CatID parameter in cat.php and add.php. The NVD entry documents the impact as arbitrary SQL execution with partial confidentiality/integrity/availability effects (CVSS v...
CVE-2006-3349
Multiple SQL injection vulnerabilities in SmS Script allow remote attackers to execute arbitrary SQL commands via the CatID parameter in 1 cat.php and 2 add.php...
SmSSQL.txt
================================ By: Breeeeh [email protected] example:- /sms/cat.php?CatID=SQL Injection /add.php?CatID=SQL Injection ================================...