wisp

Wisp — the open-source Ghost alternative, built in Elixir & Ph...

EUVD-2001-1403

Malware in sbrugna...

CVE-2025-9028

A flaw has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /adphar.php. Executing manipulation of the argument phuname can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

Authorization Bypass

aide is vulnerable to authorization bypass. The vulnerability exists as a flaw was discovered in the way file checksums were stored in the AIDE database. A packaging flaw in the Red Hat AIDE rpm resulted in the file database not containing any file checksum information. This could prevent AIDE fr...

libX11: Multiple integer overflows leading to heap-based buffer-overflows

Multiple integer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XQueryFont, 2 XF86BigfontQueryFont, 3 XListFontsWithInfo, 4 XGetMotionEvents, 5 XListHosts, 6...

Microsoft Jet Database Engine Vulnerability (MS08-028)

The remote host is probably affected by the vulnerability described in CVE-2007-6026. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[Full-disclosure] Secunia Research: Tagger LE PHP "eval()" Injection Vulnerabilities

====================================================================== Secunia Research 14/09/2006 - Tagger LE PHP "eval" Injection Vulnerabilities - ====================================================================== Table of Contents Affected...

Hot Links Pro 3.x XSS vuln.

Hot Links Pro 3.x XSS vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/hot-links-pro-3x-xss-vuln.html vendor:http://www.mrcgiguy.com/hl3details.shtml affected version:3.x and prior Product Description: Directory style index allows for easy...

Warm Links XSS vuln.

Warm Links XSS vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/warm-links-xss-vuln.html vendor:http://www.mrcgiguy.com/wldetails.shtml affected version:v.1.0.0 and prior Product Description: Directory style index allows for easy navigation Doe...

CVE-2001-1423

The CVE-2001-1423 entry describes a privilege-escalation vulnerability in Advanced Poll prior to version 1.61 when using a flat-file database. The issue arises when an attacker can set the logged_in parameter to gain elevated privileges remotely. Documented impacts indicate partial confidentialit...

pafileDB31.txt

-= SecurityReason-2005-SRA03 =- -= SQL injection and XSS in paFileDB =- Author: sp3x Date: 12 March 2005 Affected software : =================== paFileDB version : =3.1 Description : ============= paFileDB is designed to allow webmasters have a database of files for download on their site. To add...

X-News Password MD5 Hash Authentication Bypass

X-News is a news management system, written in PHP. X-News uses a flat-file database to store information. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. X-News stores user ids and passwords, as MD5 hashes, in a world- readable file, 'db/users.txt'...

Advanced Poll does not adequately authenticate users

Overview Advanced Poll is a polling system written in PHP for use on web sites. When a flat file database is used, Advanced Poll does not adequately authenticate users, thereby allowing any user to gain Advanced Poll administrative privileges. Description On versions of Advanced Poll older than...

QDAV-2001-7-1

--=====================133743754==.ALT Content-Type: text/plain; charset="us-ascii"; format=flowed Multiple CGI Flat File Database Manipulation Vulnerability qDefense Advisory Number QDAV-2001-7-1 Product: Numerous CGI's Vendor: Numerous Vendors Severity: Remote; Severity varies, but can often be...