CVE-2015-1546

Double free vulnerability in the getvrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service crash via a crafted search query with a matched values control...

CVE-2015-1546

Double free vulnerability in the getvrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service crash via a crafted search query with a matched values control...

CVE-2015-1546

Double free vulnerability in the getvrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service crash via a crafted search query with a matched values control...

Wordpress CM Download Manager 2.0.0 /lib/controllers/CMdownloadController.php 代码执行漏洞

The code injection vulnerability has been found and confirmed within the software as an anonymous user. A successful attack could allow an anonymous attacker gains full control of the application and the ability to use any operating system functions that are available to the scripting environment...

Soulseek 157 NS x / 156.x - Remote Distributed Search Code Execution

No description provided by source. ============================================= - Release date: May 24th, 2009 - Discovered by: Laurent Gaffié - Severity: critical ============================================= I. VULNERABILITY ------------------------- Soulseek 157 NS & 156. Remote Distributed...

CVE-2013-0191

libpam-pgsql aka pampgsql 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password...

CVE-2013-2219

The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute...

Design/Logic Flaw

The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute...

UBUNTU-CVE-2013-2219

The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute...

CVE-2013-2219

The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict access to entity attributes, which allows remote authenticated users to obtain sensitive information via a search query for the attribute...

CVE-2012-1164

slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service assertion failure and daemon exit via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned...

CVE-2012-1164

slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service assertion failure and daemon exit via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned...

socialware V2.2 XSS / Upload Vulnerability

Exploit for php platform in category web applications ========================================== socialware V2.2 XSS / Upload Vulnerability ========================================== Exploit Title:Upload Vulnerability and XSS in socialware V2.2 www.iscripts.com Version: Web Application vendor...

Socialware 2.2 - Upload Cross-Site Scripting

Socialware 2.2 - Upload Cross-Site Scripting Exploit Title:Upload Vulnerability and XSS in socialware V2.2 www.iscripts.com Version: Web Application vendor :www.iscripts.com Date: 29 apr,2010 Dork:Powered by iScripts SocialWare Author:Sid3^effects Code :...

HLstatsX Community Edition 1.6.5 Cross Site Scripting

------------------------------------------- HLstatsX CE 1.6.5 XSS Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ DESCRIPTION: HLstatsX Community Edition suffers from a XSS vulnerability. PoC:...

Oracle Secure Enterprise Search XSS

Digital Security Research Group DSecRG Advisory DSECRG-09-025 http://dsecrg.com/pages/vul/show.php?id=125 Application: Oracle Secure Enterprise Search SES Versions Affected: Oracle Secure Enterprise Search SES version 10.1.8.2.0 Vendor URL: http://www.oracle.com Bugs: XSS Exploits: YES Reported:...

[DSECRG-09-025] Oracle Secure Enterprise Search 10.1.8 Linked XSS vulnerability

Digital Security Research Group DSecRG Advisory DSECRG-09-025 http://dsecrg.com/pages/vul/show.php?id=125 Application: Oracle Secure Enterprise Search SES Versions Affected: Oracle Secure Enterprise Search SES version 10.1.8.2.0 Vendor URL: http://www.oracle.com Bugs: XSS Exploits: YES Reported:...

Stack overflow

Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary code via a long search query...

CVE-2009-1830

Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary code via a long search query...

CVE-2009-1468

Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the 1 sql and 2 orderby elements in an XML search query...