EUVD-2011-1588

Malware in sbrugna...

Langley Online Banking System 代码注入漏洞

Langley Online Banking System is an online banking system from Langley Corporation. A code injection vulnerability exists in the Langley Online Banking System, which originates from a misuse of the parameter Error in file /connectionerror.php and could lead to a cross-site scripting attack...

CVE-2025-11125 langleyfcu Online Banking System Error Message connection_error.php cross site scripting

A vulnerability was found in langleyfcu Online Banking System up to 57437e6400ce0ae240e692c24e6346b8d0c17d7a. Affected by this vulnerability is an unknown functionality of the file /connectionerror.php of the component Error Message Handler. Performing manipulation of the argument Error results i...

CVE-2020-6835

An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking...

OESA-2024-2580 socat security update

Socat is a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device serial line etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc., th...

AZL-53978 CVE-2024-54661 affecting package socat for versions less than 1.7.4.3-2

readline.sh in socat before1.8.0.2 relies on the /tmp/$USER/stderr2 file...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework. A denial of service vulnerability exists in GPAC MP4Box version 1.1.0, which originates from a stack buffer overflow at src/utils/error.c:1769 that can be exploited by an attacker to cause a denial of service...

Laurent Rineau CGAL 输入验证错误漏洞

CGAL is an open source application by Laurent Rineau. It provides easy access to efficient and reliable geometric algorithms in the form of C libraries. CGAL libcgal CGAL-5.1.1 version contains a code execution vulnerability that can be exploited by attackers to cause out-of-bounds reads and type...

CVE-2021-32298

An issue was discovered in libiff through 20190123. A global-buffer-overflow exists in the function IFFerrorId located in error.c. It allows an attacker to cause code Execution...

ALPINE-CVE-2019-12219

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is an invalid free error in the SDL function SDLSetErrorREAL at SDLerror.c...

CVE-2019-12215

A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this...

Google gRPC heap buffer overflow vulnerability (CNVD-2017-08554)

Google gRPC is the United States Google Google company developed a mobile and HTTP/2 design for open source, general-purpose RPC framework, with two-way flow, flow control, header compression, a single TCP connection on the multiple multiplexing requests and other features. A heap buffer overflow...

Accellion FTA Device SQL Injection Vulnerability (CNVD-2017-07454)

Accellion FTA devices is a file transfer device from Accellion USA. The device supports file transfer, file sharing, file transfer tracking and reporting, and more. A SQL injection vulnerability exists in the reporterror.php file in versions of Accellion FTA devices prior to FTA912180. A remote...

CVE-2014-9445

SQL injection vulnerability in incl/create.inc.php in Installatron GQ File Manager 0.2.5 allows remote attackers to execute arbitrary SQL commands via the create parameter to index.php. NOTE: this can be leveraged for cross-site scripting XSS attacks by creating a file that generates an error...

Jakarta Tomcat 3.x/4.0 Error Message Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of the JSP file on the webserver...

CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...

CVE-2013-2777

sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the ttytickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling...

Vivvo CMS-local file include and fix-vulnerability warning-the black bar safety net

Title: Vivvo CMS - Local File include ! Author: JaBrOtxHaCkEr www. Email My ^ ^ ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Defects program Vivvo CMS is an intuitive content management system atop a powerful programming framework, empowering numerous industry leading online newspapers,...

philboard1-sql.txt

Philboard W1L3D4 v1.0 Multiple SQL İnjection Vulnerable Author : U238 mail : setuid.noexec0x1aqhotmaildotcom webpage: http://noexec.blogspot.com Script : http://www.aspindir.com/Goster/4703 Script2: http://rapidshare.de/files/39107179/philboardtrge.zip.html...

W1L3D4 philboard 1.0 - philboard_reply.asp SQL Injection

W1L3D4 philboard 1.0 - philboardreply.asp SQL Injection Philboard W1L3D4 v1.0 Multiple SQL Ä°njection Vulnerable Author : U238 mail : setuid.noexec0x1aqhotmaildotcom webpage: http://noexec.blogspot.com Script : http://www.aspindir.com/Goster/4703 Script2:...