208 matches found
CVE-2009-3112
Unspecified vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 allows remote attackers to gain administrator privileges and access the shop backend via a crafted parameter...
Easy Chat Server Authentication Request Buffer Overflow
Added: 08/03/2009 Background Easy Chat Server is a web-based chat server for Microsoft Windows. Problem The server is vulnerable to a remote buffer-overflow attack which can be triggered by sending a specially crafted password parameter to chat.ghp. Resolution Easy Chat Server 2.2 and earlier are...
Integer overflow
Integer underflow in Windows HTTP Services aka WinHTTP in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote HTTP servers to execute arbitrary code via crafted parameter values in a response, related to error handling, aka "Windo...
CVE-2008-1966
Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service instance crash via a call to the 1 RECOVERJAR or 2 REMOVEJAR procedure with a...
GLSA-200711-05 : SiteBar: Multiple issues
"The remote host is affected by the vulnerability described in GLSA-200711-05 SiteBar: Multiple issues Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the 'dir' parameter CVE-2007-5491, CVE-2007-5694 %NASLMINLEVEL 70300 C Tenable Network...
backupword-rfi.txt
--------------------------------- Xmors Underground Team ! -------------------------------------- Title : BackUpWordPress = 0.4.2b Remote File Inclusion Vulnerability -------------------------------------------------------------------------------- Author: S.W.A.T. cont@ct: [email protected]...
Design/Logic Flaw
view.php in KnowledgeTree Open Source 3.0.3 and earlier allows remote attackers to obtain the full installation path via a crafted fDocumentId parameter, which displays the path in the resulting error message. NOTE: this might be resultant from another vulnerability, since this vector also produc...
Cross site scripting
The cross-site scripting XSS countermeasures in class.inputfilter.php in Joomla! 1.0.7 allow remote attackers to cause a denial of service via a crafted mosmsg parameter to index.php with a malformed sequence of multiple tags, as demonstrated using "AAA", possibly due to nested or empty tags...