CVE-2007-0285

Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and E-Business Suite and Applications 11.5.10CU2 has unknown impact and attack vectors related to Oracle Reports Developer, aka REP01...

PT-2007-1726 · Grsecurity · Grsecurity Patch

Name of the Vulnerable Software and Affected Versions: grsecurity patch affected versions not specified Description: The issue concerns an unspecified vulnerability in the grsecurity patch, which is reported to have remote attack vectors. However, the grsecurity developer has disputed this issue,...

PT-2007-1729 · Grsecurity · Grsecurity Pax

Name of the Vulnerable Software and Affected Versions: grsecurity PaX affected versions not specified Description: The issue concerns an unspecified vulnerability in the expand stack function, potentially allowing local users to gain privileges through unspecified vectors. However, the grsecurity...

CVE-2007-0050

OpenPinboard 2.0 is affected by a PHP remote file inclusion in index.php, exploitable via the language parameter. The underlying issue is contested (variable set before use), with CVE notes indicating a small time window of risk during installation. Affected component: index.php of OpenPinboard 2...

Solaris 2.6 (sparc) : 111685-24

The remote host is missing Sun Security Patch number 111685-24 C++ 5.3: Patch for Forte Developer 6 update 2 C++ compiler. Date this patch was last updated by Sun : Fri Dec 08 02:30:53 MST 2006 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This...

eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion

source: https://www.securityfocus.com/bid/21621/info eXtreme-fusion is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. By combining thi...

TorrentFlux 2.2 - downloaddetails.php Local File Disclosure

TorrentFlux 2.2 - downloaddetails.php Local File Disclosure Description: TorrentFlux fails to sanitise the variable "alias" in downloaddetails.php. This allows an attacker to include any file they want; the contents is displayed at in the spaces provided and the remaning data is displayed as erro...

CVE-2006-6201

Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function...

CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

Serendipity <= 1.0.3 (comment.php) Local File Include Exploit

Exploit for unknown platform in category web applications ============================================================= Serendipity = 1.0.3 comment.php Local File Include Exploit ============================================================= ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :...

MyAlbum 3.02 - language.inc.php Remote File Inclusion

MyAlbum 3.02 - language.inc.php Remote File Inclusion ============================================================================================== MyAlbum WWW.STARHACK.ORG ======= ===============...

CVE-2006-5471

PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the 1 cfgdir and 2 libdir parameters...

CVE-2006-5472

PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the libdir parameter in 1 lib/registry.lib.php, 2 lib/sqlcompose.lib.php, and 3 lib/sqlsearch.lib.php...

CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the libdir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the...

CVE-2006-5471

The CVE-2006-5471 entry documents a PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier. An attacker can cause arbitrary PHP code execution by supplying a URL in the cfg_dir or lib_dir parameters within example/lib/grid3.lib.php. Affected software is Softer...

CVE-2006-5472

CVE-2006-5472 describes a PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier. An attacker can supply a URL in the lib_dir parameter to one of three library scripts (lib/registry.lib.php, lib/sqlcompose.lib.php, lib/sqlsearch.lib.php) to execute arbitrary P...

CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the libdir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the...

CVE-2006-5472

PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the libdir parameter in 1 lib/registry.lib.php, 2 lib/sqlcompose.lib.php, and 3 lib/sqlsearch.lib.php...

CVE-2006-5473

Summary: Softerra PHP Developer Library

PT-2006-6188 · Softerra · Softerra Php Developer Library

Name of the Vulnerable Software and Affected Versions: Softerra PHP Developer Library versions 1.5.3 and earlier Description: A remote file inclusion issue allows remote attackers to execute arbitrary PHP code via the lib dir parameter. Recommendations: For Softerra PHP Developer Library versions...