Sami HTTP Server 2.0.1 - POST Denial of Service

usr/bin/python import socket print "-------------------------------------------------------------------------" print " Sami HTTP Server 2.0.1 POST request Denial of Service" print " url: http://www.karjasoft.com" print " author: shinnai" print " mail: shinnaiatautisticidotorg" print " site:...

PHPFaber TopSites 3 - adminindex.php Directory Traversal

PHPFaber TopSites 3 - adminindex.php Directory Traversal source: https://www.securityfocus.com/bid/23419/info TopSites is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files...

PHPFaber TopSites 3 - 'admin/index.php' Directory Traversal

source: https://www.securityfocus.com/bid/23419/info TopSites is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserve...

Cross site scripting

Cross-site scripting XSS vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java...

CVE-2007-1939

Cross-site scripting XSS vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java...

CVE-2007-1939

Cross-site scripting XSS vulnerability in the embedded webserver in Daniel Naber LanguageTool before 0.8.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving an error message, possibly the demultiplex method in HTTPServer.java...

MyNews 4.2.2 - Week_Events.php Remote File Inclusion

MyNews 4.2.2 - WeekEvents.php Remote File Inclusion source: https://www.securityfocus.com/bid/23398/info MyNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containin...

MyNews 4.2.2 - 'Week_Events.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/23398/info MyNews is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context o...

PHP 5.1.6 - 'Imap_Mail_Compose()' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/23234/info PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. An attacker can exploit this issue to execute arbitrary machine...

PHP 5.1.6 - Imap_Mail_Compose() Remote Buffer Overflow

PHP 5.1.6 - ImapMailCompose Remote Buffer Overflow source: https://www.securityfocus.com/bid/23234/info PHP is prone to a buffer-overflow vulnerability because the application fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. An attacker ca...

W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities

W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities source: https://www.securityfocus.com/bid/23055/info w-Agora is prone to multiple arbitrary file-upload vulnerabilities. An attacker can exploit these vulnerabilities to upload PHP script code and execute it in the context of the...

PHPX 3.5.153.5.16 - gallery.php SQL Injection

PHPX 3.5.153.5.16 - gallery.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-bas...

PHPX 3.5.153.5.16 - print.php SQL Injection

PHPX 3.5.153.5.16 - print.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

LedgerSMB1.01.1 SQL-Ledger 2.6.x - Login Local File Inclusion Authentication Bypass

LedgerSMB1.01.1 SQL-Ledger 2.6.x - Login Local File Inclusion Authentication Bypass source: https://www.securityfocus.com/bid/23034/info LedgerSMB/SQL-Ledger are prone to a local file-include vulnerability because the application fails to sufficiently sanitize user-supplied input. SQL-Ledger is...

PHPX 3.5.153.5.16 - users.php SQL Injection

PHPX 3.5.153.5.16 - users.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...

PHPX 3.5.153.5.16 - forums.php SQL Injection

PHPX 3.5.153.5.16 - forums.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-base...

PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection

source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...

PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection

source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...

LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass

source: https://www.securityfocus.com/bid/23034/info LedgerSMB/SQL-Ledger are prone to a local file-include vulnerability because the application fails to sufficiently sanitize user-supplied input. SQL-Ledger is also prone to an authentication-bypass vulnerability. A successful exploit would allo...

PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection

source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...