PT-2007-1726 · Grsecurity · Grsecurity Patch

Name of the Vulnerable Software and Affected Versions: grsecurity patch affected versions not specified Description: The issue concerns an unspecified vulnerability in the grsecurity patch, which is reported to have remote attack vectors. However, the grsecurity developer has disputed this issue,...

PT-2007-1729 · Grsecurity · Grsecurity Pax

Name of the Vulnerable Software and Affected Versions: grsecurity PaX affected versions not specified Description: The issue concerns an unspecified vulnerability in the expand stack function, potentially allowing local users to gain privileges through unspecified vectors. However, the grsecurity...

CVE-2007-0050

OpenPinboard 2.0 is affected by a PHP remote file inclusion in index.php, exploitable via the language parameter. The underlying issue is contested (variable set before use), with CVE notes indicating a small time window of risk during installation. Affected component: index.php of OpenPinboard 2...

Solaris 2.6 (sparc) : 111685-24

The remote host is missing Sun Security Patch number 111685-24 C++ 5.3: Patch for Forte Developer 6 update 2 C++ compiler. Date this patch was last updated by Sun : Fri Dec 08 02:30:53 MST 2006 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This...

eXtreme-fusion 4.02 - 'Fusion_Forum_View.php' Local File Inclusion

source: https://www.securityfocus.com/bid/21621/info eXtreme-fusion is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. By combining thi...

TorrentFlux 2.2 - downloaddetails.php Local File Disclosure

TorrentFlux 2.2 - downloaddetails.php Local File Disclosure Description: TorrentFlux fails to sanitise the variable "alias" in downloaddetails.php. This allows an attacker to include any file they want; the contents is displayed at in the spaces provided and the remaning data is displayed as erro...

CVE-2006-6201

Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function...

CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

Serendipity <= 1.0.3 (comment.php) Local File Include Exploit

Exploit for unknown platform in category web applications ============================================================= Serendipity = 1.0.3 comment.php Local File Include Exploit ============================================================= ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :...

MyAlbum 3.02 - language.inc.php Remote File Inclusion

MyAlbum 3.02 - language.inc.php Remote File Inclusion ============================================================================================== MyAlbum WWW.STARHACK.ORG ======= ===============...

CVE-2006-5472

PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the libdir parameter in 1 lib/registry.lib.php, 2 lib/sqlcompose.lib.php, and 3 lib/sqlsearch.lib.php...

CVE-2006-5471

PHP remote file inclusion vulnerability in example/lib/grid3.lib.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the 1 cfgdir and 2 libdir parameters...

CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the libdir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the...

CVE-2006-5473

Summary: Softerra PHP Developer Library

CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the libdir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the...

CVE-2006-5472

CVE-2006-5472 describes a PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier. An attacker can supply a URL in the lib_dir parameter to one of three library scripts (lib/registry.lib.php, lib/sqlcompose.lib.php, lib/sqlsearch.lib.php) to execute arbitrary P...

CVE-2006-5471

The CVE-2006-5471 entry documents a PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier. An attacker can cause arbitrary PHP code execution by supplying a URL in the cfg_dir or lib_dir parameters within example/lib/grid3.lib.php. Affected software is Softer...

CVE-2006-5472

PHP remote file inclusion vulnerability in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the libdir parameter in 1 lib/registry.lib.php, 2 lib/sqlcompose.lib.php, and 3 lib/sqlsearch.lib.php...

PT-2006-6188 · Softerra · Softerra Php Developer Library

Name of the Vulnerable Software and Affected Versions: Softerra PHP Developer Library versions 1.5.3 and earlier Description: A remote file inclusion issue allows remote attackers to execute arbitrary PHP code via the lib dir parameter. Recommendations: For Softerra PHP Developer Library versions...

CVE-2003-1307

The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: th...