Kentico CMS < 8.2.42 Multiple Vulnerabilities

According to its self-reported version number, the version of Kentico CMS on the remote host is prior to 8.2.42. It is, therefore, affected by multiple vulnerabilities : - Multiple cross-site scripting XSS vulnerabilities exist in the UIPage.aspx parameter name and the CMSBodyClass cookie variabl...

[PT-2011-20] Authorization bypass vulnerability in OneOrZero AIMS

---------------------------------------------------------------------- PT-2011-20 Positive Technologies Security Advisory Authorization bypass vulnerability in OneOrZero AIMS ---------------------------------------------------------------------- ---Vulnerable software OneOrZero AIMS Version: 2.7....

PT-2011-20: Authorization bypass vulnerability in OneOrZero AIMS

Positive Research Center has discovered authorization bypass vulnerability in OneOrZero AIMS. Vulnerability exists due incorrect logic of authorization using $COOKIE variables - predictable session value, stored in $COOKIE'oozimsrememberme' variable. Attacker, have valid username which registered...

Stack overflow

Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable...

DeluxeBB 1.3 newpost. php page SQL injection vulnerability-vulnerability warning-the black bar safety net

DeluxeBB is a PHP-based Forum application. DeluxeBB of newpost. php page does not properly filter user submitted the SQL query parameters: //inserting thread $db-unbufferedquery"INSERT INTO ".$ prefix."threads VALUES NULL, ’$infofid’, ’".$ COOKIE’memberid’."’, ’$subject’, ’$posticon’, ’0’, ’0’,...