CVE-2004-2573

PHP remote file inclusion vulnerability in tablesupdate.inc.php in phpGroupWare 0.9.14.005 and earlier allows remote attackers to execute arbitrary PHP code via an external URL in the appdir parameter...

CVE-2004-2425

Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent and possibly other shell metacharacters in the query string to virtualinput.cgi...

Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution

Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution source: https://www.securityfocus.com/bid/12097/info WPKontakt is reported prone to a potential script execution vulnerability. It is reported that this issue may allow remote attackers to execute arbitrary script code on a vulnerable...

Wirtualna Polska WPKontakt 3.0.1 - Remote Script Execution

source: https://www.securityfocus.com/bid/12097/info WPKontakt is reported prone to a potential script execution vulnerability. It is reported that this issue may allow remote attackers to execute arbitrary script code on a vulnerable computer, which may lead to various attacks. Arbitrary script...

Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/11735/info It is reported that Soldier of Fortune 2 is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to perform sufficient bounds checking on user-supplied input prior to copying it to a fixed-sized memo...

RHEL 3 : gaim (RHSA-2004:604)

An updated gaim package that fixes security issues, fixes various bugs, and includes various enhancements for Red Hat Enterprise Linux 3 is now available. The gaim application is a multi-protocol instant messaging client. A buffer overflow has been discovered in the MSN protocol handler. When...

HP WebJetadmin code execution

No description provided...

Webmin 1.x - HTML Email Command Execution

Webmin 1.x - HTML Email Command Execution source: https://www.securityfocus.com/bid/11122/info Webmin / Usermin are reportedly affected by a command execution vulnerability when rendering HTML email messages. This issue is due to a failure to sanitize HTML email messages and may allow an attacker...

IlohaMail Multiple External Programs Arbitrary Command Execution

The target is running at least one instance of IlohaMail version 0.8.6. This version may contain flaws in the spell check and GnuPG features that allow an authenticated attacker to run arbitrary commands with the privileges of the web user simply by enclosing them in backticks when spell checking...

CVE-2004-0028

jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands...

CVE-2002-1478

Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode...

[SECURITY] [DSA 542-1] New Qt packages fix arbitrary code execution and denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 542-1 [email protected] http://www.debian.org/security/ Martin Schulze August 30th, 2004 http://www.debian.org/security/faq -...

Painkiller <= 1.3.1 Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include "winerr.h" define close closesocket else include unistd.h include sys/socket.h include sys/types.h include arpa/inet.h include netdb.h endif define VER...

Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution

Axis Network Camera 2.x And Video Server 1-3 - virtualinput.cgi Arbitrary Command Execution source: https://www.securityfocus.com/bid/11011/info 1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Othe...

Axis Network Camera 2.x And Video Server 1-3 - 'virtualinput.cgi' Arbitrary Command Execution

source: https://www.securityfocus.com/bid/11011/info 1. A shell metacharacter command-execution vulnerability allows an anonymous user to download the contents of the '/etc/passwd' file on the device. Other commands are also likely to work, facilitating other attacks. This issue is reported to...

Qualcomm Eudora Hidden Attachment Execution Vulnerability

Binary data 1287.prm...

Mandrake Linux Security Advisory : kde (MDKSA-2003:004-1)

Multiple instances of improperly quoted shell command execution exist in KDE 2.x up to and including KDE 3.0.5. KDE fails to properly quote parameters of instructions passed to the shell for execution. These parameters may contain data such as filenames, URLs, email address, and so forth; this da...

Microsoft Outlook Express - JavaScript Execution

Microsoft Outlook Express - JavaScript Execution From: To: Subject:MSOE Scripting Example Content-Type:text/html click here to test milw0rm.com 2004-07-13...

Microsoft Outlook Express - JavaScript Execution

From: To: Subject:MSOE Scripting Example Content-Type:text/html click here to test milw0rm.com 2004-07-13...

Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation

Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation source: https://www.securityfocus.com/bid/10685/info Sun Java Virtual Machine is a component of the Sun Java infrastructure that performs the handling of Java applets and other programs. It is available for Uni...