CVE-2006-5467

The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

ruby -- cgi.rb library Denial of Service

Official ruby site reports: A vulnerability has been discovered in the CGI library cgi.rb that ships with Ruby which could be used by a malicious user to create a denial of service attack DoS. The problem is triggered by sending the library an HTTP request that uses multipart MIME encoding and as...

Debian DSA-1199-1 : webmin - multiple vulnerabilities

Several vulnerabilities have been identified in webmin, a web-based administration toolkit. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-3912 A format string vulnerability in miniserv.pl could allow an attacker to cause a denial of service...

IBM Director < 5.10 (Redirect.bat) Directory Transversal Vulnerability

No description provided by source. There is a vulnerability within the Redirect.bat file on a ibm director cgi which allows a directory transversal to take place which in turn exposes most files on the system to be read without authorization...

CVE-2006-5453

Multiple cross-site scripting XSS vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via 1 page headers using the H1, H2, and H3 HTML tags in...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

JVN#41241092 Kmail CGI authentication bypass vulnerability

Impact A remote attacker may bypass Kmail CGI's user authentication, and view or delete the emails of Kmail users. Solution Products Affected Version 1.0.3 and earlier...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

PHP News Reader 2.6.4 - phpBB.inc.php Remote File Inclusion

PHP News Reader 2.6.4 - phpBB.inc.php Remote File Inclusion !/usr/bin/perl PHP News Reader Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://pnews.sourceforge.net/ use IO::Socket; use LWP::Simple;...

CVE-2006-5211

Trend Micro OfficeScan 6.0 in Client/Server/Messaging CSM Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition OSCE 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes...

CVE-2006-5212

Trend Micro OfficeScan 6.0 in Client/Server/Messaging CSM Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition OSCE 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to delete files via a modified filename parameter in a certain HTTP...

CVE-2006-5211

Trend Micro OfficeScan 6.0 in Client/Server/Messaging CSM Suite for SMB 2.0 before 6.0.0.1385, and OfficeScan Corporate Edition OSCE 6.5 before 6.5.0.1418, 7.0 before 7.0.0.1257, and 7.3 before 7.3.0.1053 allow remote attackers to remove OfficeScan clients via a certain HTTP request that invokes...