871 matches found
PEEL (PHP)
Informations : °°°°°°°°°°°°°° Version : 1.0b Website : http://www.mapetite-entreprise.com Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° modeles/haut.php : ----------------------------------------------------------- ? $langfile = $dirroot."/lang/".$SESSION"lang"."/lang.php"; requi...
Benjamin Lefevre Dobermann Forum 0.x - 'index.php?subpath' Remote File Inclusion
source: https://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker may exploit this by supplying a pa...
MySimpleNews 1.0 - PHP Injection
source: https://www.securityfocus.com/bid/5865/info MySimpleNews allows users to enter news articles through a web interface. It will allow PHP code to be injected into URI parameters of the 'users.php' script, which will be stored into a MySimpleNews file news.php3. The injected code may then be...
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow (2)
Linuxconf 1.1.x1.2.x - Local Environment Variable Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. ...
Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (2)
source: https://www.securityfocus.com/bid/5556/info Microsoft Windows operating systems use the Server Message Block SMB protocol to support services such as file and printer sharing. A buffer overflow vulnerability has been reporting in the handling of some malformed SMB requests. An attacker ma...
Mozilla Bonsai 1.3 - Full Path Disclosure
Mozilla Bonsai 1.3 - Full Path Disclosure source: https://www.securityfocus.com/bid/5517/info A path disclosure vulnerability has been reported in Mozilla Bonsai. An attacker can exploit this vulnerability by making a malformed request to Bonsai. This causes Bonsai to return an error page to the...
Bharat Mediratta Gallery 1.x - Remote File Inclusion
Bharat Mediratta Gallery 1.x - Remote File Inclusion source: https://www.securityfocus.com/bid/5375/info Gallery is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Gallery. An...
php breaks safe mode
Laberatoire Contempt Date : 12/06/2001 Author : Joost Pol alias 'Nohican' [email protected] Impact : Minor in most cases. Subject : PHP safemode troubles. 1. PHP Version 4.0.5 breaks safe-mode. 1.0 - Description of the problem An extra 5th parameter was added to the mail command breaking safemode...
MS99-059: Microsoft SQL Server Crafted TCP Packet Remote DoS (uncredentialed check)
The remote Microsoft SQL server can be shut down when it is sent a TCP packet containing more than 2 NULLs. An attacker may use this problem to prevent it from being used by legitimate clients, thus threatening your business. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
DUO-PSA-2017-003: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2017-003 Publication Date: 2018-02-27 Revision Date: 2018-02-27 Status: Confirmed, Fixed Document Revision: 1 Overview Duo Security has identified a security flaw in a third-party library used in the Duo Network Gateway DNG which, under certain...
814078: Security Update (Microsoft Jscript version 5.1, Windows 2000)
A security issue has been identified that could allow an attacker to run programs on a computer running Microsoft® Windows®. The attacker would first have to send you an e-mail message or entice you into visiting a malicious Web site. You can help protect your computer by installing this update...