CVE-2009-3068

creationtimestamp| type| source ---|---|--- 2009-09-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33209 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16789 2018-05-29 15:50:33+00:00| seen|...

JibberBook GuestBook 2.3 Multiple Vulnerabilities

» Script: JibberBook » Language: PHP » Website: http://jibberbook.com » Founder: Onur YILMAZ aka DJR » Site: www.onuryilmaz.info === data source of comments disclosure .xml file === » JibberBook/datalayer/xml/comments.xml === output === message mID="m54a7c965f0318a7.23679427" name/name website /...

tomcat6 Information disclosure in authentication classes

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...

tomcat6 Information disclosure in authentication classes

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...

tomcat6 Information disclosure in authentication classes

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /jsecuritycheck with malformed URL encoding of passwords, related to improper error checking in the 1...

CVE-2009-0609

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

Design/Logic Flaw

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

CVE-2009-0609

Sun Java System Directory Proxy Server in Sun Java System Directory Server Enterprise Edition 6.0 through 6.3, when a JDBC data source is used, does not properly handle 1 a long value in an ADD or 2 long string attributes, which allows remote attackers to cause a denial of service JDBC backend...

CVE-2008-3003

Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD password string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information and obtain access to a remote data source, aka the...

Microsoft Excel Credential Caching Vulnerability

Description Microsoft Excel is prone to a vulnerability that allows unauthorized access to remote data source credentials that have been cached in Excel files. This issue is limited to Microsoft Excel 2007 and Microsoft Office 2008 for Mac. Technologies Affected Avaya Messaging Application Server...

CVE-2007-1201

Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability."...

Microsoft Excel Formula Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file '.xls'. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

Fedora 7 : cacti-0.8.7b-1.fc7 (2008-1737)

XSS vulnerabilities Path disclosure vulnerabilities SQL injection vulnerabilities HTTP response splitting vulnerabilities bug0000855: Unnecessary and faulty DEF generation for CF:AVERAGE bug0001083: Small visual fix for Cacti in 'View Cacti Log File' bug0001089: Graph xport modification to...

CVE-2006-2718

JIWA Financials 6.4.14 passes a Microsoft SQL Server account's username and password, and the name of a data source, to a Crystal Reports .rpt file, which allows remote authenticated users to execute certain standard stored procedures by referencing them in a user-written .rpt file, as demonstrat...

RIblog Remote SQL Injection Exploit

------------------------------------------------------------------ - RIblog Remote SQL Injection Exploit - -= http://colander.altervista.org/advisory/riblog.txt =- ------------------------------------------------------------------ -= RIblog =- Omnipresent April 21, 2006 Vunerabilitys:...