[ GLSA 200406-18 ] gzip: Insecure creation of temporary files

Gentoo Linux Security Advisory GLSA 200406-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

PHPX 3.x - forums.php Cross-Site Request Forgery Arbitrary Command Execution

PHPX 3.x - forums.php Cross-Site Request Forgery Arbitrary Command Execution source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properl...

PHPX 3.x - '/forums.php' Cross-Site Request Forgery / Arbitrary Command Execution

source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative commands. This issue could permit a remot...

PHPX 3.x - '/page.php' Cross-Site Request Forgery / Arbitrary Command Execution

source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative commands. This issue could permit a remot...

Coppermine Photo Gallery 1.2.2b - theme.php Remote File Inclusion

Coppermine Photo Gallery 1.2.2b - theme.php Remote File Inclusion source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the...

Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied inp...

Coppermine Photo Gallery 1.2.2b - menu.inc.php Cross-Site Scripting

Coppermine Photo Gallery 1.2.2b - menu.inc.php Cross-Site Scripting source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the...

Coppermine Photo Gallery 1.2.0 RC4 - init.inc.php Remote File Inclusion

Coppermine Photo Gallery 1.2.0 RC4 - init.inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because t...

[SECURITY] [DSA 496-1] New eterm packages fix indirect arbitrary command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 496-1 [email protected] http://www.debian.org/security/ Martin Schulze April 29th, 2004 http://www.debian.org/security/faq -...

CVE-2004-0151

Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands...

CVE-2004-0377

CVE-2004-0377: A buffer overflow in the win32_stat wrapper used by ActivePerl (ActiveState) and Larry Wall’s Perl up to 5.8.3 allows local or remote code execution when a filename ends with a backslash. Exploitation depends on how the vulnerable Perl is used by an application; Windows environment...

Aborior Encore Web Forum - Arbitrary Command Execution

Aborior Encore Web Forum - Arbitrary Command Execution source: https://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's...

Aborior Encore Web Forum - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's failure to properly validate user-supplied URI input. ...

SpiderSales Shopping Cart SQL injection

The remote host is running the SpiderSales Shopping Cart CGI suite. There is a bug in this suite which may allow an attacker to force it to execute arbitrary SQL statements on the remote host. An attacker may use this flaw to gain the control of the remote website and possibly execute arbitrary...

AllMyLinks PHP Code Injection vulnerability

AllMyLinks PHP Code Injection vulnerability Product : AllMyLinks Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/footer.inc.php -------------------------------------------------------------- $AMLfooterget =...

AllMyVisitors PHP Code Injection vulnerability

AllMyVisitors PHP Code Injection vulnerability Product : AllMyVisitors Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/info.inc.php -------------------------------------------------------------- $AMVinfoget =...

AllMyVisitors 0.x - info.inc.php Arbitrary Code Execution

AllMyVisitors 0.x - info.inc.php Arbitrary Code Execution source: https://www.securityfocus.com/bid/9664/info Reportedly the AllMyPHP applications AllMyGuests, AllMyLinks and AllMyVisitors are prone to a remote file include vulnerability. The issue is due to insufficient filtering of URI passed...

AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution

source: https://www.securityfocus.com/bid/9664/info Reportedly the AllMyPHP application AllMyGuests is prone to a remote file include vulnerability. The issue is due to insufficient filtering of URI passed variables that are used in a 'requireonce' call. This issue may allow a remote attacker to...

Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution

source: https://www.securityfocus.com/bid/9621/info The Microsoft Windows XP HCP URI handler has been reported prone to a vulnerability that may provide for arbitrary command execution. The issue is reported to present itself when a specially formatted HCP URI that references a local resource is...

Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution

Microsoft Windows XP - HCP URI Handler Arbitrary Command Execution source: https://www.securityfocus.com/bid/9621/info The Microsoft Windows XP HCP URI handler has been reported prone to a vulnerability that may provide for arbitrary command execution. The issue is reported to present itself when...