Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...

Oracle Java ManagedObjectManagerFactory Security Manager Bypass Remote Code Execution Vulnerabillity

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer CDispNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within styl...

Jira 4.0.1 - Cross-Site Scripting / Information Disclosure

source: https://www.securityfocus.com/bid/42025/info Jira is prone to multiple cross-site scripting vulnerabilities and an information disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to obtain sensitive...

Apple QuickTime MOV File JVTCompEncodeFrame Heap Overflow (CVE-2007-2295)

Apple QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous audio/video formats. One of the supported video format is the ITU-T H.264 standard, also known as MPEG-4 Part 10 or Advanced Video...

SmarterTools SmarterMail 4.3 - 'Subject' HTML Injection

source: https://www.securityfocus.com/bid/27878/info SmarterMail is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the...

Campsite 2.6.1 - 'ArticleTopic.php?g_documentRoot' Remote File Inclusion

source: https://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier versions may also be affected...

BlazeVideo HDTV Player 2.1 - .PLF Local Buffer Overflow

BlazeVideo HDTV Player 2.1 - .PLF Local Buffer Overflow / ======================================================================== 0-day BlazeVideo HDTV Player 30 days of Media Player Exploits by Greg Linares Discovered and Reported By: Greg Linares [email protected] Reported Exploit Date:...