229 matches found
Multiple IBM DB2 Product File Disclosure Vulnerabilities
IBM DB2 is a set of relational database management system developed by IBM in the United States, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. A file disclosure vulnerability exists in IBM DB2 versio...
CVE-2014-6154
Directory traversal vulnerability in IBM Optim Performance Manager for DB2 4.1.0.1 through 4.1.1 on Linux, UNIX, and Windows and IBM InfoSphere Optim Performance Manager for DB2 5.1 through 5.3.1 on Linux, UNIX, and Windows allows remote attackers to access arbitrary files via a .. dot dot in a U...
vBulletin PHP Forum Version
Software: vBulletin PHP Forum Version Vendor: Jelsoft Enterprises Ltd http://www.vbulletin.com Versions: 3.0.0 Release Candidate 4 Platforms: Unix/Windows Bug: Cross Site Scripting Vulnerabillity Risk: Low Exploitation: Remote with browser Date: 24 Jan 2004 Author: Rafel Ivgi, The-Insider e-mail:...
phpPhotoAlbum.txt
PhotoAlbum 0.9.9 explorer.php Vulnerability + Advisory by pestilence www.synnergy.net |===============================================| Affected program: PhotoAlbum v0.9.9 previous ? System : Linux, UNIX, Windows Problem : Problem located within the explorer.php script. Discovery :...
Flowerfire Sawmill 5.0.21 - File Access
Flowerfire Sawmill 5.0.21 - File Access source: https://www.securityfocus.com/bid/1402/info Sawmill is a site statistics package for Unix, Windows and Mac OS. A specially crafted request can disclose the first line of any world readable file for which the full pathname is known, for example...
Flowerfire Sawmill 5.0.21 - Weak Password Encryption
Flowerfire Sawmill 5.0.21 - Weak Password Encryption // source: https://www.securityfocus.com/bid/1403/info Sawmill is a site statistics package for Unix, Windows and Mac OS. Passwords are encrypted using a weak hash function. This combined with the file disclosure vulnerability in Sawmill bid =...
Flowerfire Sawmill 5.0.21 - File Access
source: https://www.securityfocus.com/bid/1402/info Sawmill is a site statistics package for Unix, Windows and Mac OS. A specially crafted request can disclose the first line of any world readable file for which the full pathname is known, for example /etc/passwd. The output of the request is...
calendar.pl.vuln
Evening, I wouldnt normally post a small thing like this to bugtraq but i checked out cgi-resources.com and it seems to be damn popular so someone here may care. Oh yeah I notified Matt the vendor and he figured it wasnt really an issue. Oh well. Visit www.suid.kg/advisories/ for more crap like...
htdig.txt
software: ht://Dig URL: http://www.htdig.org/ Version: 3.1.4, 3.2.0b1 and previous Platforms: Unix, Win32, MacOS, Mac OS X Server Type: CGI, Input validation problem Vendor status: Notified, patch already available Date: 02/28/2000 Summary: Any remote user can view arbitrary files on your system...