469 matches found
DEBIAN-CVE-2007-5105
Cross-site scripting XSS vulnerability in wp-register.php in WordPress 2.0 and 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the useremail parameter...
MDKA-2005:048 : mdkonline
Updated mdkonline packages are now available that change the name of the main binary from MandrakeUpdate to MandrivaUpdate due to Mandriva's name change. As well, this update provides fixes the account creation and authentication based on obsolete architectures versions prior to 2006.0. The user...
ASP-Nuke Community 1.5 - Cookie Privilege Escalation
Title : ASP-Nuke Community Find cookie informations. Change Informations= Cookie Informations: ASPNUKE14%5Fpseudoname , pseudoname = "Welcome USERNAME" see for ASPNUKE14%5Fpseudo , pseudo = Login UserName ASPNUKE14%5Fpseudoid , pseudoid = UserId ASPNUKE14%5Femail , email = User Email Save and go ...
CVE-2006-1222
Multiple cross-site scripting XSS vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the 1 memo box title, 2 user email, and 3 homepage fields...
PHPGedView <= 3.3.7 remote code execution
--- PHPGedView = 3.3.7 Arbitrary local/remote code execution & php injection --- software: site: http://www.phpgedview.net/ description: "PhpGedView is a revolutionary genealogy program which allows you to view and edit your genealogy on your website." - vulnerabilties:...
Geeklog XSS and CRLF Injection
Geeklog XSS and CRLF Injection PROGRAM: Geeklog VENDOR: Tony Bibbs et al. [email protected] HOMEPAGE: http://geeklog.sourceforge.net/ VULNERABLE VERSIONS: 1.3.5sr1, possibly earlier versions as well NOT VULNERABLE VERSIONS: 1.3.5sr2 LOGIN REQUIRED: no SEVERITY: high DESCRIPTION:...
CVE-2001-0660
CVE-2001-0660 affects Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier. The back-end function that processes the Global Address List (GAL) can be accessed without authentication, allowing remote attackers to identify valid user email addresses stored in the GAL. Connected sourc...
Microsoft Outlook 9820002002 - Unauthorized Email Access
Microsoft Outlook 9820002002 - Unauthorized Email Access source: https://www.securityfocus.com/bid/3025/info Microsoft Outlook introduces a vulnerability that may allow attackers to access and manipulate user email. The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View...
CVE-2001-0292
PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id UID and calling user.php with the saveuser operator...