3152 matches found
Digi-news and Digi-ads version 1.1 admin access without password
Digi-news and Digi-ads version 1.1 admin access without password .oO Overview Oo. Digi-news and Digi-ads version 1.1 admin access without password Discovered on 2003, March, 30th Vendor: Digi-FX Digi-news 1.1 is a PHP news editor. It allows you to easily add, edit, and delete news. Digi-ad 1.1 is...
CVE-2003-0208
CVE-2003-0208 describes an XSS vulnerability in Macromedia Flash ad user tracking, exploitable via the clickTAG field to inject arbitrary JavaScript. Affected component: Flash ad-tracking capability; root cause: input in clickTAG not properly sanitized. Impact (per provided metrics): partial inte...
KaZaA - Bad Zone
To follow up my mid Oct post: KaZaA is still launching ads in the local zone. KaZaA was contacted 6 Jan 03 via their bug report page. "Pop-up ads are being spawned from the local hard disk. This puts them in the local zone. Scripts running in this zone can be harmful." I am now awaiting their...
Security Patchs for PHP Products
PHPSecure made some patchs for security holes in PHP products. Here is the list : - ALP - Banner Ad 2.0 : http://www.phpsecure.org/index.php?id=1&zone=pDl More details : http://online.securityfocus.com/search?category=22&query=ALP - Tight Auction 3.0 :...
Microsoft SQL Server Administrator Cached Connection Vulnerability
Description Due to a flaw in the handling of specially crafted ad hoc queries, it is possible for a logged in user to utilize the ad hoc query in such a way that the use of the system administrator's cached connection would be invoked rather than that of the user. This would enable the user to...
PHP-Nuke 1.02.53.04.x - Remote Ad Banner URL Change
PHP-Nuke 1.02.53.04.x - Remote Ad Banner URL Change source: https://www.securityfocus.com/bid/2544/info PHP-Nuke is a website creation/maintainence tool written in PHP3. A PHP-Nuke feature supporting cycling ad banners is subject to interference from a remote user. A querystring can be submitted ...
PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change
source: https://www.securityfocus.com/bid/2544/info PHP-Nuke is a website creation/maintainence tool written in PHP3. A PHP-Nuke feature supporting cycling ad banners is subject to interference from a remote user. A querystring can be submitted to an unpatched server which allows the remote user ...
Leif M. Wright - ad.cgi 1.0 Unchecked Input
Leif M. Wright - ad.cgi 1.0 Unchecked Input source: https://www.securityfocus.com/bid/2103/info ad.cgi is an ad rotation script freely available, and written by Leif Wright. A problem exists in the script which may allow access to restricted resources. The problem occurs in the method in which th...
Leif M. Wright - 'ad.cgi' 1.0 Unchecked Input
source: https://www.securityfocus.com/bid/2103/info ad.cgi is an ad rotation script freely available, and written by Leif Wright. A problem exists in the script which may allow access to restricted resources. The problem occurs in the method in which the script checks input. Due to insufficent...
CVE-1999-1520
A configuration problem in the Ad Server Sample directory AdSamples in Microsoft Site Server 3.0 allows an attacker to obtain the SITE.CSC file, which exposes sensitive SQL database information...
Microsoft Site Server Commerce Edition 3.0 alpha - AdSamples Sensitive Information
source: https://www.securityfocus.com/bid/256/info A vulnerability in Microsoft Site Server's Ad Server Sample directory allows the retrieval of a site's configuration file SITE.CSC which contains sensitive information pertaining to an SQL database. The AdSamples directory is a part of the Ad...
Incorrect results when you run AD Windows PowerShell cmdlets on a Windows Server 2012 or Windows Server 2008 R2-based domain controller
None None...