472 matches found
Cross site request forgery (csrf)
The Cisco Wireless LAN Controller WLC, Cisco Catalyst 6500 Wireless Services Module WiSM, and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service device reload via a web...
Design/Logic Flaw
The Cisco Wireless LAN Controller WLC, Cisco Catalyst 6500 Wireless Services Module WiSM, and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service web authentication outage or device reload...
CVE-2009-0059
The Cisco Wireless LAN Controller WLC, Cisco Catalyst 6500 Wireless Services Module WiSM, and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service device reload via a web...
IBM WebSphere Application Server 7.0 < Fix Pack 1 Multiple Vulnerabilities
Binary data 4783.prm...
Potential SQL injection vulnerability in Apache::AuthCAS
Some weeks ago, I sent the following message to David Castro, the author of Apache::AuthCAS. As there hasn't been any reply and the guys at ja-sig.org haven't been able or willing to look into it, perhaps there is somebody here who wants to have a closer look at this? CAS is the Central...
IBM Rational ClearQuest - Web Authentication Bypass SQL Injection
IBM Rational ClearQuest - Web Authentication Bypass SQL Injection +==============================================================+ + IBM Rational ClearQuest Web Login Bypass SQL Injection + +==============================================================+ DISCOVERED BY: ============== SecureState...
IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection
+==============================================================+ + IBM Rational ClearQuest Web Login Bypass SQL Injection + +==============================================================+ DISCOVERED BY: ============== SecureState sasquatch - [email protected] rel1k - [email protected]...
Opera’s HTTP authentication cuts off long server names at the end – Opera Security Advisories
Opera’s HTTP authentication cuts off long server names at the end – Opera Security Advisories OPCOM Team | July 19, 2007 Summary Opera’s HTTP authentication dialog cuts off long server name at the right hand end. Severity: Less severe Problem description Opera’s HTTP authentication dialog is...
Bit 5 Blog 8.1 - 'addcomment.php' HTML Injection
source: https://www.securityfocus.com/bid/16246/info Bit 5 Blog is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be...
Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (1)
source: https://www.securityfocus.com/bid/767/info At installation, the Real Server software randomly selects an unused port as the remote administration port. This port is used by Real Server's remote web administration feature. To access this feature, the correct port must be specified and a...
Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (2)
Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow 2 // source: https://www.securityfocus.com/bid/767/info At installation, the Real Server software randomly selects an unused port as the remote administration port. This port is used by Real Server's remote web administratio...
Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow (1)
Real Networks GameHouse dldisplay ActiveX control - Port Buffer Overflow 1 source: https://www.securityfocus.com/bid/767/info At installation, the Real Server software randomly selects an unused port as the remote administration port. This port is used by Real Server's remote web administration...