207 matches found
White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities
WhiteDune 0.29beta791 - Multiple Local Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/27102/info WhiteDune is affected by a format-string vulnerability and a buffer-overflow vulnerability. Exploiting these issues can allow local attackers to execute arbitrary code in the...
Satel Lite - Satellite.php Local File Inclusion
Satel Lite - Satellite.php Local File Inclusion source: https://www.securityfocus.com/bid/23143/info Satel Lite is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to access sensitive information...
Microsoft MFC Library - CFileFind::FindFile Buffer Overflow
Microsoft MFC Library - CFileFind::FindFile Buffer Overflow source: https://www.securityfocus.com/bid/25697/info The CFileFind::FindFile method in the MFC library for Microsoft Windows is prone to a buffer-overflow vulnerability because the method fails to perform adequate boundary checks of...
Jetbox CMS 2.1 Email - FormMail.php Input Validation
Jetbox CMS 2.1 Email - FormMail.php Input Validation source: https://www.securityfocus.com/bid/23989/info Jetbox CMS is prone to an input-validation vulnerabilitiy because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to send spam email in the context of th...
Caucho Resin 3.0.17/3.0.18 - Viewfile Information Disclosure
source: https://www.securityfocus.com/bid/18007/info Resin is prone to an information-disclosure vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from t...
C.J. Steele Tattle - Remote Command Execution
C.J. Steele Tattle - Remote Command Execution source: https://www.securityfocus.com/bid/13883/info tattle is affected by a remote command execution vulnerability. An attacker can supply arbitrary commands prefixed with the '|' character as a value for the 'tld' variable that will be executed in t...
C.J. Steele Tattle - Remote Command Execution
source: https://www.securityfocus.com/bid/13883/info tattle is affected by a remote command execution vulnerability. An attacker can supply arbitrary commands prefixed with the '|' character as a value for the 'tld' variable that will be executed in the context of the application. An attacker can...