4 matches found
Modern Bag contact-list.php File SQL Injection Vulnerability
Modern Bag is an online management system. Modern Bag suffers from an SQL injection vulnerability that stems from an error in the parameter idStatus in file /admin/contact-list.php that lacks validation of externally entered SQL statements. An attacker can use this vulnerability to execute illega...
CVE-2017-5668
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service NULL pointer dereference and crash and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for...
CVE-2006-3250
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List .ctt file, which triggers the overflow when it is imported by the user...
CVE-2006-3250
Heap-based buffer overflow in Windows Live Messenger 8.0 allows user-assisted attackers to execute arbitrary code via a crafted Contact List .ctt file, which triggers the overflow when it is imported by the user...