Sahana Agasti Multiple Remote File Include Vulnerabilities

Sahana Agasti is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Calibre Cross Site Scripting and Directory Traversal Vulnerabilities

Calibre is prone to a cross-site scripting vulnerability and a directory- traversal vulnerability because it fails to sufficiently sanitize user- supplied input. Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context o...

GIMP 2.6.7 - Multiple File Plugins Remote Stack Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/45647/info GIMP is prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate checks on user-supplied input. Successfully exploiting these issues may allow remote attackers to execute arbitrary code in the...

MyBB 1.6 - 'private.php?keywords' SQL Injection

source: https://www.securityfocus.com/bid/45565/info MyBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modif...

The Year of the Sandbox

As predicted by researcher Dino Dai Zovi in these pages in January, 2010 turned out to be the year of the sandbox. Attackers for years have been focusing their attention on browsers and other Web apps and using them as jumping off points for further attacks on compromised PCs. Vendors finally beg...

NCH Software Office Intercom SIP Invite Remote Denial of Service Vulnerability

NCH Software Office Intercom is prone to a remote denial-of-service vulnerability because it fails to properly handle specially crafted SIP INVITE requests. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

GDL 'id' Parameter SQL Injection Vulnerability

GDL Ganesha Digital Library is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilitie...

GDL <= 4.2 SQLi Vulnerability - Active Check

GDL Ganesha Digital Library is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

Novell Groupwise 8.0 - Multiple Remote Vulnerabilities

source: https://www.securityfocus.com/bid/44732/info Novell GroupWise is prone to multiple security vulnerabilities, including multiple remote code-execution vulnerabilities, an information-disclosure issue, and a cross-site scripting issue. Exploiting these issues could allow an attacker to stea...

Dolphin SQL Injection and Information Disclosure Vulnerabilities

Dolphin is prone to an SQL-injection vulnerability and an information- disclosure vulnerability. Exploiting these issues could allow an attacker to obtain sensitive information, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Dolphi...

Bugzilla Response Splitting and Security Bypass Vulnerabilities

Bugzilla is prone to a response-splitting vulnerability and a security- bypass vulnerability. Successfully exploiting these issues may allow an attacker to bypass certain security restrictions; obtain sensitive information; and influence or misrepresent how web content is served, cached, or...

Dolphin <= 7.0.3 Multiple Vulnerabilities

Dolphin is prone to an SQL injection SQLi and an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Update : SQLNinja 0.2.5 - New Version

"Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help a...

Project Jug Directory Traversal Vulnerability

This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Home File Share Server 0.7.2 32 - Directory Traversal

Home File Share Server 0.7.2 32 - Directory Traversal source: https://www.securityfocus.com/bid/44580/info Home File Share Server is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacke...

Aspect Ratio CMS Blind SQL Injection

Author: Stephan Sattler // http://www.solidmedia.de Software Website: http://www.meso.net Software Link: http://www.meso.net/aspekt-ratio Dork: inurl:w3.php?nodeId= Vulnerability Explanation: $GET"nodeId" isn't sanitized before executing the database query. An attacker can use this for a blind SQ...

Aspect Ratio CMS - Blind SQL Injection

Author: Stephan Sattler // http://www.solidmedia.de Software Website: http://www.meso.net Software Link: http://www.meso.net/aspekt-ratio Dork: inurl:w3.php?nodeId= Vulnerability Explanation: $GET"nodeId" isn't sanitized before executing the database query. An attacker can use this for a blind SQ...

Syncrify Multiple Remote Security Bypass Vulnerabilities

Syncrify is prone to multiple remote security-bypass vulnerabilities. Exploiting these issues may allow a remote attacker to bypass certain security restrictions and perform unauthorized actions. Syncrify 2.1 Build 415 and prior are affected. OpenVAS Vulnerability Test $Id: gbsyncrify43333.nasl...

Syncrify Multiple Remote Security Bypass Vulnerabilities

Syncrify is prone to multiple remote security bypass vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

A-Blog <= 2.0 SQLi Vulnerability

A-Blog Simple Blogging System is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...