8100 matches found
DEBIAN-CVE-2008-0665
wmlbackend/p1ipp/ipp.src in Website META Language WML 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file...
PT-2008-1820 · Ge Fanuc · Ge Fanuc Proficy Real-Time Information Portal
Name of the Vulnerable Software and Affected Versions: GE Fanuc Proficy Real-Time Information Portal versions 2.6 and earlier Description: The issue allows remote attackers to steal passwords and gain privileges due to the use of HTTP Basic Authentication, which transmits usernames and passwords ...
PT-2007-7276 · Fonality · Fonality Trixbox
Name of the Vulnerable Software and Affected Versions: Fonality Trixbox version 2.0 Description: The issue allows remote attackers to execute arbitrary commands via a DNS spoofing attack, as the registry.pl script reads and executes commands from a remote web site without proper validation. This...
DEBIAN-CVE-2007-5386
Cross-site scripting XSS vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string...
PT-2007-4905 · Mozilla · Firefox
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox version 2.0.0.4 Description: The issue allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. However, this issue has been disputed by third-party researchers, who claim that they cann...
GDB buffer overflow
Buffer overflow in the 1 DWARF dwarfread.c and 2 DWARF2 dwarf2read.c debugging code in GNU Debugger GDB 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block DWFORMblock that contains a large number of operations...
CVE-2007-2016
Cross-site scripting XSS vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
ScriptMagix Photo Rating <= 2.0 Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Script Name: ScriptMagix Photo Rating = 2.0 viewcomments.php Remote Blind SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.scriptmagix.com $$ : 75$ .. : ajann,Turkey use IO::Socket; if@ARGV 1 print "...
NSS: SSLv2 protocol buffer overflows
Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...
NSS: SSLv2 protocol buffer overflows
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...
NSS: SSLv2 protocol buffer overflows
Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...
NSS: SSLv2 protocol buffer overflows
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote...
NSS: SSLv2 protocol buffer overflows
Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...
PT-2007-1990 · Unknown · Advanced Guestbook
Name of the Vulnerable Software and Affected Versions: Advanced Guestbook version 2.4.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter to API endpoints such as "index.php", "addentry.php", or "picture.php". Recommendations: For...
security flaw
The GdkPixbufLoader function in GIMP ToolKit GTK+ in GTK 2 gtk2 before 2.4.13 allows context-dependent attackers to cause a denial of service crash via a malformed image file...
CVE-2006-6245
Multiple SQL injection vulnerabilities in Photo Organizer PO 2.32b and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
PT-2006-6517 · Speedywiki · Speedywiki
Name of the Vulnerable Software and Affected Versions: Speedywiki version 2.0 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the showRevisions parameter in the "index.php" file. Recommendations: For...
LetterIt v2 (inc/session.php) Remote File Include Vulnerability
No description provided by source. ================================================================================== LetterIt RFI ================================================================================== Info:- Scripts: LetterIt download : http://otterware.net/index.php?dl=45 Version : ...
PT-2006-5967 · Isearch · Isearch
Name of the Vulnerable Software and Affected Versions: iSearch version 2.16 Description: The issue concerns remote file inclusion vulnerabilities that could allow remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the isearch path parameter within various PHP...
PT-2006-5919 · Pkr · Internet Taskjitsu
Name of the Vulnerable Software and Affected Versions: PKR Internet Taskjitsu versions prior to 2.0.6 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the key parameter when the limit query parameter is set to customerid. Recommendations: For...