809 matches found
CVE-2006-5477
Drupal 4.6.x before 4.6.10 and 4.7.x before 4.7.4 allows form submissions to be redirected, which allows remote attackers to obtain arbitrary form information via a crafted URL...
drupal -- cross site request forgeries
The Drupal Team reports: Visiting a specially crafted page, anywhere on the web, may allow that page to post forms to a Drupal site in the context of the visitor's session. To illustrate; suppose one has an active user 1 session, the most powerful administrator account for a site, to a Drupal sit...
CVE-2006-2814
Multiple buffer overflows in the 1 vGetPost and 2 main functions in easy-scart.c through easy-scart6.c in iShopCart allow remote attackers to execute arbitrary code by sending a large amount of data containing "Submit" in an sslinvoice action, and allow remote attackers to have an unknown impact...
CVE-2004-2248
Technical details about CVE-2004-2248 are not provided in the supplied documents; no concrete affected products, versions, or exploit information are disclosed. Monitor for updates.
CVE-2004-2248
Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions."...
ShowOff! Digital Media Software <= 1.5.4 Multiple Remote Vulnerabilities
The version of ShowOff! Digital Media Software installed on the remote host suffers from multiple vulnerabilities: - A Denial of Service Vulnerability If Picture Submissions has been enabled it is off by default, an attacker can cause the software to stop listening for requests by sending a...
CVE-2004-2248
Unknown vulnerability in RemoteEditor before 0.1.1 has unknown impact and attack vectors, related to "oversize submissions."...
Mandrake Linux Security Advisory : LPRng (MDKSA-2002:042)
Matthew Caron pointed out that using the LPRng default configuration, the lpd daemon will accept job submissions from any remote host. These updated LPRng packages modify the job submission policy in /etc/lpd.perms to refuse print jobs from remote hosts by default. %NASLMINLEVEL 70300 C Tenable...
Important: Red Hat Security Advisory: : Relaxed LPRng job submission policy
The LPRng print spooler, as shipped in Red Hat Linux 7.x, accepts all remote print jobs by default. With its default configuration, LPRng will accept job submissions from any host, which is not appropriate in a workstation environment. We are grateful to Matthew Caron for pointing out this...