2022 matches found
ATutor 1.4.3 - search.php Multiple Cross-Site Scripting Vulnerabilities
ATutor 1.4.3 - search.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13972/info ATutor is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker...
BookReview 1.0 - 'add_booklist.htm?node' Cross-Site Scripting
source: https://www.securityfocus.com/bid/13783/info BookReview is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
phpMyAdmin 2.x - 'server_databases.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/15196/info phpMyAdmin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code executed in...
Serendipity < 0.80 RC7 Multiple Vulnerabilities
Binary data 2920.prm...
Multiple XSS issues in Sun AnswerBook2
PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...
answerbook2.txt
PTT SECURITY ADVISORY DATE: 08-02-2005 AUTHOR: THOMAS LIAM ROMANIS CURRENT EMPLOYER: Echelon Ltd VENDOR: Sun PRODUCT: Sun AnswerBook2 VERSIONS TESTED: 1.4.4 on Solaris 8.0 Sparc TITLE: Multiple issues in Sun Answerbook2 Full Disclosure. Summary. A number of issues have been identified in Sun...
Smail 3.2.0.120 Remote Root Heap Overflow Exploit
Exploit for linux platform in category remote exploits ================================================= Smail 3.2.0.120 Remote Root Heap Overflow Exploit ================================================= / 0 smail preparseaddress1 heap bof remote root exploit infamous42md AT hotpop DOT com Shout...
kayakoXSS2.txt
GulfTech Security Research March 22, 2005 Vendor : Kayako Web Solutions URL : http://www.kayako.com/ Version : Kayako eSupport v2.3 Risk : Cross Site Scripting Description: Kayako eSupport is a popular helpdesk, and support software. It is used by many businesses for customer support purposes...
PHP-Fusion 5.0 - BBCode IMG Tag Script Injection
PHP-Fusion 5.0 - BBCode IMG Tag Script Injection source: https://www.securityfocus.com/bid/12751/info PHP-Fusion is reported prone to a script injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input prior to including it in dynamically...
Sylpheed < 1.0.3 Invalid Header Overflow
Binary data 2672.prm...
CVE-2005-0593
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via 1 a web site that does not finish loading, which shows the lock of the previous site, 2 a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake ...
CVE-2004-1390
Multiple buffer overflows in the PPPoE daemon PPPoEd in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the 1 -F, 2 name, 3 en, 4 upscript, 5 downscript, 6 retries, 7 timeout, 8 scriptdetach, 9 noscript, 10 nodetach, 11 remotemac, or 12 localmac flags...
[Full-Disclosure] Password Disclosure for SMB Shares in KDE's Konqueror
------------------------------------------------------------------------- | Password Disclosure for SMB Shares in KDE's Konqueror | ------------------------------------------------------------------------- Date: Nov. 29, 2004 Author: Daniel Fabian Product: KDE, Konquerer Vendor: KDE e. V...
Microsoft SQL Server 7.0 - Remote Denial of Service (2)
Microsoft SQL Server 7.0 - Remote Denial of Service 2 // source: https://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An...
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be...
CVE-2004-1244
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large 1 width or 2 height values, aka the "PNG Processing Vulnerability."...
KpyM Telnet Server DoS
The remote host is running KpyM Telnet Server, a Telnet server for Windows. According to its banner, the installed version of KpyM is older than 1.06. Such versions mark a connection as free before all components, such as sockets and threads, are shut down. By flooding the service with connection...
ProjectForum 8.4.2.1 - Find Request Denial of Service
ProjectForum 8.4.2.1 - Find Request Denial of Service source: https://www.securityfocus.com/bid/9271/info It has been reported that ProjectForum may be prone to a denial of service vulnerability that may allow an attacker to cause the server to crash by sending an excessively long string via the...
CVE-2003-0860
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors...
Vivisimo Clustering Engine - Search Script Cross-Site Scripting
Vivisimo Clustering Engine - Search Script Cross-Site Scripting source: https://www.securityfocus.com/bid/8862/info Vivisimo Clustering Engine reported prone to cross-site scripting vulnerability. The problem occurs due to insufficient sanitization of parameters passed to the search script. As a...