660 matches found
CVE-2005-2464
login.php in PCXP/TOPPE CMS allows remote attackers to bypass authentication and gain privileges by modifying the cookie to match the target userid...
CVE-2005-4139
Multiple SQL injection vulnerabilities in ThWboard before 3 Beta 2.84 allow remote attackers to execute arbitrary SQL commands via the 1 year parameter in calendar.php, 2 user parameter array in vprofile.php, and 3 the userid parameter in misc.php...
OvBB SQL vulnerabilities.
OvBB SQL vulnerabilities. Vuln. dicovered by : r0t Date: 24 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/ovbb-sql-vulnerabilities.html Vendor:http://www.ovbb.org/ affected version: V0.08a and prior Vuln. description: Input passed to the "threadid" parameter in "thread.php" isn't...
CVE-2005-3383
SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...
CVE-2005-3386
SQL injection vulnerability in Techno Dreams Web Directory script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...
CVE-2005-3383
SQL injection vulnerability in Techno Dreams Announcement script allows remote attackers to execute arbitrary SQL commands and bypass authentication via the userid parameter in admin/login.asp...
CVE-2005-3385
The CVE-2005-3385 entry describes a SQL injection vulnerability in Techno Dreams Mailing List script that allows remote attackers to execute arbitrary SQL and bypass authentication via the userid parameter in admin/login.asp. Affected component: the Mailing List script; vulnerability type: SQL in...
CVE-2005-3024
Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 announcement parameter to announcement.php, the 2 threadforumid or 3 criteria parameters to thread.php, 4 userid parameter to user.php, the 5...
CVE-2005-2441
Multiple cross-site scripting XSS vulnerabilities in VBzoom allow remote attackers to inject arbitrary web script and HTML via the 1 UserName parameter to profile.php or 2 UserID parameter to login.php...
MSN Messenger UserID Detection (deprecated)
Binary data 2600.prm...
CVE-2005-0216
Cross-site scripting XSS vulnerability in formmail.php in Woltlab Burning Board Lite 1.0.0, 1.0.1e, and possibly other versions, allows remote attackers to inject arbitrary web script and HTML via the userid parameter...
CVE-2002-1264
Buffer overflow in Oracle iSQLPlus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL...
kerio563.txt
/ Remote Buffer Overflow Exploit for Kerio MailServer 5.6.3 / / ========================================================= / / By B-r00t ok rcpt to: [email protected] 550 5.1.1 Mailbox does not exist rcpt to:[email protected] 250 2.1.5 Recipient ok local ok local user fred seems to...
CVE-2002-2219
chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user userid field...
CVE-2001-1016
The CVE-2001-1016 entry affects PGP Corporate Desktop < 7.1 , Personal Security < 7.0.3 , Freeware < 7.0.3 , and E-Business Server
Проблемы с отображением недействительных ключей в PGP
Если в ключ с подписаным USERID добавить второй USERID он будет отображаться как подписаный...
xinetd 2.3.0 audit status
Hi, As some of you may know, I've performed an audit of the xinetd 2.3.0 source code for certain classes of vulnerabilities. The audit has resulted in a significant number of fixes many are for non-security issues. The patch was over 100 KB large and got incorporated into xinetd starting with...
Oracle 8i - TNS Listener Buffer Overflow
// source: https://www.securityfocus.com/bid/2941/info Oracle 8i ships with a component called TNS Listener. TNS Listener is used to arbitrate communication between remote database clients/applications and the database server. There exists a remotely exploitable buffer overflow in TNS Listener...
SCO Open Server 5.0.6 - lpshut Buffer Overflow
source: https://www.securityfocus.com/bid/2555/info SCO OpenServer 5.0.6 and possibly earlier versions ships with several suid bin executables used in printer administration and related tasks. This includes lpshut, a component used to shut down the LP print service. 'lpshut' contains a locally...
perliis.txt
http://www.rootshell.com/ From [email protected] Sun Jul 12 17:42:29 1998 Date: Mon, 13 Jul 1998 01:31:11 +0100 From: Mnemonix To: [email protected] Subject: New Perl.exe, IIS exploit Russ Cooper of ntbugtraq seems unwilling to publish this information - perhaps it shows how to exploit th...