Cisco Application Networking Manager Default User Credentials Security Bypass (CVE-2009-0616)

Cisco Application Networking Manager ANM is a network management application that manages Cisco Application Control Engine ACE modules or appliances. The vulnerability is due to a design error in the ANM that does not force credential changes during installation. A remote attacker may exploit thi...

PT-2009-2912

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel versions 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 Excel Viewer 2003 Gold and SP3 Excel Viewer Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Microsoft Office 2004 and 2008 for Mac Description ...

CVE-2008-5174

SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter...

CVE-2008-5170

SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter...

CVE-2008-5168

SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter...

Sql injection

SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter...

Sql injection

SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter...

Sql injection

SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter...

CVE-2008-5169

CVE-2008-5169 is a SQL injection vulnerability affecting Drinks Complete Website 2.1.0, described as allowing remote attackers to execute arbitrary SQL commands through the drinkid parameter in drinks/drink.php. The vulnerability is confirmed by multiple sources (NVD entry and related CVE records...

CVE-2008-5168

SQL injection vulnerability in tip.php in Tips Complete Website 1.2.0 allows remote attackers to execute arbitrary SQL commands via the tipid parameter...

CVE-2008-5174

SQL injection vulnerability in joke.php in Jokes Complete Website 2.1.3 allows remote attackers to execute arbitrary SQL commands via the jokeid parameter...

CVE-2008-5174

CVE-2008-5174 affects Jokes Complete Website 2.1.3, where a SQL injection in joke.php via the jokeid parameter allows remote attackers to execute arbitrary SQL commands. The NVD entry documents a base score of 7.5 (HIGH) with network attack vector, low complexity, and no authentication required, ...

CVE-2008-5168

The CVE-2008-5168 entry describes a SQL injection vulnerability in tip.php of Tips Complete Website 1.2.0, exploitable via the tipid parameter. The underlying issue is an improper input handling in the affected code path, allowing remote attackers to execute arbitrary SQL commands. Reports across...

CVE-2008-5170

SQL injection vulnerability in item.php in Cheats Complete Website 1.1.1 allows remote attackers to execute arbitrary SQL commands via the itemid parameter...

CVE-2008-5170

The CVE-2008-5170 entry concerns Cheats Complete Website 1.1.1 and identifies a vulnerability in the item.php component. The issue is a SQL injection via the itemid parameter , which allows remote attackers to execute arbitrary SQL commands. The description explicitly states this as a remote comm...

PHPWind passport_client.php文件UPDATE参数远程SQL注入漏洞

PHPWind的实现上存在变量过滤漏洞，远程攻击者可能利用此漏洞执行SQL注入攻击，非授权操作数据库，完全控制论坛。 PHPWind的passportclient.php文件里变量没有初始化，可以通过构造特定的变量值判断： codeif!$passportifopen || $passporttype != 'client' exit"Passport closedPHPWind"; //可以提交“passportifopen =1&passporttype=client”绕过 ifmd5$action.$userdb.$forward.$passportkey != $verify...

Microsoft MS08-0 1 4 high-risk vulnerability interpretation-vulnerability warning-the black bar safety net

MS08-0 1 4vulnerabilityis Microsoft 3 month release of a high-risk vulnerability, which the official described: if a user opens a specially crafted Excel file, the vulnerability could allow remote code execution. Successful exploitation of these vulnerabilities the attacker can take complete...

Atomic Photo Album 1.1.0pre4 - Insecure Cookie Handling

Atomic Photo Album 1.1.0pre4 Insecure Cookie Handling Vulnerability + Discovered By Stack + Greetz : All my freind javascript:document.cookie = "apacookielogin=foo; path=/;"; javascript:document.cookie = "apacookiepassword=bar; path=/;"; milw0rm.com 2008-09-26...

Microsoft Office OneNote URL Validation Error (MS08-055; CVE-2008-3007)

Microsoft Office OneNote is a tool for note-taking, information gathering, and multi-user collaboration that visualizes notes as a two-dimensional page. A remote code execution vulnerability has been reported in the way that Microsoft Office handles specially crafted OneNote files. The...

ESET Smart Security easdrv.sys Local Privilege Escalation Vulnerability

ESET Smart Security is prone to a local privilege escalation vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...