CVE-2007-5976

SQL injection vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter...

php multiple integer overflows in gd

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

CVE-2003-1470

Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service crash and execute arbitrary code via a CREATE command with a long mailbox name...

php multiple integer overflows in gd

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

Immunity Canvas: TIKIWIKI_EXEC

Name| tikiwikiexec ---|--- CVE| CVE-2007-5423 Exploit Pack| CANVAS Description| TikiWiki function create exploit Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Tikiwiki CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5423 CVE Name: CVE-2007-5423...

PT-2007-6420 · Viart · Viart Shopping Cart

Name of the Vulnerable Software and Affected Versions: ViArt Shopping Cart affected versions not specified Description: The issue concerns a directory traversal vulnerability in the iDEAL transaction handler, specifically in the payments/ideal process.php file. This vulnerability allows remote...

Engraved disc break employees Computer password restrictions-vulnerability warning-the black bar safety net

In the enterprise because the employees separation from service caused by your computer not password and not use things often happen, this also increases the burden on administrators. In order to take important data copied out, and many of my friends had to reinstall the system, or even remove th...

php multiple integer overflows in gd

Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large 1 srcW or 2 srcH value to the a gdImageCopyResized function, or a large 3 sy height or 4 sx width value to the b...

New release of MySQL fixes security bugs

MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

CVE-2007-4220

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. dot dot in a Send request, probably related to the 1 Send and 2 Exchange services...

GLSA-200708-10 : MySQL: Denial of Service and information leakage

The remote host is affected by the vulnerability described in GLSA-200708-10 MySQL: Denial of Service and information leakage Dormando reported a vulnerability within the handling of password packets in the connection protocol CVE-2007-3780. Andrei Elkin also found that the 'CREATE TABLE LIKE'...

MySQL: Denial of Service and information leakage

Background MySQL is a popular multi-threaded, multi-user SQL server. Description Dormando reported a vulnerability within the handling of password packets in the connection protocol CVE-2007-3780. Andrei Elkin also found that the "CREATE TABLE LIKE" command didn't require SELECT privileges on the...

Borland Interbase 2007 SP1 - Create-Request Remote Overflow

Borland Interbase 2007 SP1 - Create-Request Remote Overflow / http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064882.html Groetjes aan mijn sletjes: Doopie, Sjaakhans, PS en Sleepwalker :P All your base are belong to FD2K2! / include include include include include pragma...

Borland Interbase ibserver.exe create buffer overflow

Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe , allows remote attackers to execute arbitrary commands by sending a speciall...

Borland Interbase database server buffer overflow

Buffer overflow on oversized TCP/3050 CREATE 0x14 request...

Microsoft Windows Vista/2003/XP/2000 file management security issues

Title: Microsoft Windows Vista/2003/XP/2000 file management security issues Author: 3APA3A, http://securityvulns.com/ Vendor: Microsoft and potentially another vendors Products: Microsoft Windows Vista/2003/XP/2000, Microsoft resource kit for Windows 2000 and different utilities. Access Vector:...

CVE-2007-3494

Papoo CMS 3.6, and possibly earlier, does not verify user privileges when accessing the backend administration plugins, which allows remote authenticated users to 1 read the entire database by accessing the database backup plugin via a devtools/templates/newdumpbackend.html argument in the templa...