PHP Content Architect 0.9 pre 1.2 MFA_Theme.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23843/info PHP Content Architect is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and...

SQLiteManager 1.2 Main.PHP Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22731/info SQLiteManager is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script cod...

Move Media Player 1.0 Quantum Streaming ActiveX Control Multiple Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/25529/info Move Media Player is prone to multiple remote buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied data before copying it into insufficiently sized memory buffers...

TinyPHPForum 3.6 Error.PHP Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19278/info TinyPHPForum is prone to an information-disclosure vulnerability. This issue arises when a script allows a remote untrusted source to change a victim user's email address, and have their login credentials...

Vana CMS 'filename' Parameter Remote File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39415/info Vana CMS is prone to a vulnerability that lets attackers download arbitrary files. The issue occurs because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow a...

Magic Photo Storage Website admin/index.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

MyBulletinBoard 1.2 Generic_Error.PHP Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20079/info MyBulletinBoard is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based...

Magic Photo Storage Website admin/membership_pricing.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

RhinoSoft Serv-U FTP Server 7.2.0.1 'rnto' Command Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31563/info RhinoSoft Serv-U FTP server is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue allows an attacker to write arbitrar...

HTTP File Server 2.2 Security Bypass and Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39544/info HTTP File Server is prone to multiple vulnerabilities including a security-bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directorie...

S.T.A.L.K.E.R. 1.0.06 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29723/info S.T.A.L.K.E.R. game servers are prone to a remote denial-of-service vulnerability because the software fails to handle exceptional conditions when processing user nicknames. Successfully exploiting this issue...

Magic Photo Storage Website admin/list_members.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

3D-FTP 8.01 - 'LIST' and 'MLSD' Directory Traversal Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/29749/info 3D-FTP is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues allows an attacker to write arbitrary files to locatio...

Woltlab Burning Board 2.3.6 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22796/info Woltlab Burning Board is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and...

Viennabux Beta! 'cat' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39602/info Viennabux Beta! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...

Easy Web Portal 2.1.2 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20825/info Easy Web Portal is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...

PHP-Nuke 8.0 'main/tracking/userLog.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35117/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Debian 2.1/2.2 - Man Cache File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2815/info A vulnerability exists in the 'man' system manual pager program. It is possible for local users to cause man to cache files in the system cache directory from outside of the configured manual page hierarchy sear...

McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28228/info McAfee Framework is prone to a remote format-string vulnerability. Exploiting this issue will allow attackers to execute arbitrary code with the permissions of the framework or of an application that uses the...

Systeme de vote pour site Web 1.0 Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/25335/info 'Systeme de vote pour site Web' is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromis...