113 matches found
BusyBox 1.01 - HTTPd Directory Traversal
source: https://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the...
XennoBB 1.0.5/1.0.6/2.1/2.2 - 'profile.php' Directory Traversal
source: https://www.securityfocus.com/bid/19446/info XennoBB is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected...
MyBulletinBoard (MyBB) 1.x - usercp.php Directory Traversal
MyBulletinBoard MyBB 1.x - usercp.php Directory Traversal source: https://www.securityfocus.com/bid/19195/info MyBulletinBoard is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrar...
MidiRecord2 MidiRecord.CC - Local Buffer Overflow
MidiRecord2 MidiRecord.CC - Local Buffer Overflow // source: https://www.securityfocus.com/bid/19190/info Midirecord is prone to a local buffer-overflow vulnerability because it fails to do proper bounds checking on user-supplied data before using it in a finite-sized buffer. An attacker can...
GnuPG 1.4/1.9 - Parse_Comment Remote Buffer Overflow
source: https://www.securityfocus.com/bid/19110/info GnuPG is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue may allow remote attackers to execute arbitrary machin...
Chameleon LE 1.203 - index.php Directory Traversal
Chameleon LE 1.203 - index.php Directory Traversal source: https://www.securityfocus.com/bid/19107/info Chameleon LE is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files fr...
Chameleon LE 1.203 - 'index.php' Directory Traversal
source: https://www.securityfocus.com/bid/19107/info Chameleon LE is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the...
Microsoft PowerPoint 2003 - powerpnt.exe Remote Overflow
Microsoft PowerPoint 2003 - powerpnt.exe Remote Overflow / source: https://www.securityfocus.com/bid/18993/info Microsoft PowerPoint is prone to multiple remote vulnerabilities. Three proof-of-concept exploit files designed to trigger vulnerabilities in PowerPoint have been released. It is...
Phils Bookmark Script - admin.php Authentication Bypass
Phils Bookmark Script - admin.php Authentication Bypass source: https://www.securityfocus.com/bid/17878/info Phil's Bookmark script is prone to an authentication-bypass vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. An attacker can...
W3C Amaya 9.4 - textarea rows Attribute Value Overflow
source: https://www.securityfocus.com/bid/17507/info W3C Amaya is susceptible to multiple remote buffer-overflow vulnerabilities. These issues are due to the application's failure to properly bounds-check user-supplied data before copying it to insufficiently sized memory buffers. Remote attacker...
LANChat Pro Revival 1.666c - UDP Processing Remote Denial of Service
LANChat Pro Revival 1.666c - UDP Processing Remote Denial of Service source: https://www.securityfocus.com/bid/12439/info LANChat Pro Revival is reported prone to a remote denial of service vulnerability. It is reported that the issue presents itself when the vulnerable client processes a malform...
gbook.cgi.txt
Bug Report 1. Name: gbook.cgi remote command execution vulnerability 2. Release Date: 2000.11.10 3. Affected Application: GBook - A web site guestbook By Bill Kendrick [email protected] http://zippy.sonoma.edu/kendrick/ 4. Author: [email protected] 5. Type: Input validation Error 6...
[hacksware] gbook.cgi remote command execution vulnerability
Bug Report 1. Name: gbook.cgi remote command execution vulnerability 2. Release Date: 2000.11.10 3. Affected Application: GBook - A web site guestbook By Bill Kendrick [email protected] http://zippy.sonoma.edu/kendrick/ 4. Author: [email protected] 5. Type: Input validation Error 6...