59 matches found
DEBIAN-CVE-2010-4759
Open Ticket Request System OTRS before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service daemon hang via a fulltext search...
CVE-2010-4759
Open Ticket Request System OTRS before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service daemon hang via a fulltext search...
CVE-2010-4759
Open Ticket Request System OTRS before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service daemon hang via a fulltext search...
CVE-2010-4759
Open Ticket Request System OTRS before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service daemon hang via a fulltext search...
CVE-2010-4759
OTRS before 3.0.0-beta7 is affected by a DoS in fulltext ticket search due to improper restriction of ticket ages within a search scope. Impact: remote authenticated users can cause a daemon hang. Affected product/version details are documented across multiple sources (OTRS
CVE-2009-0469
Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to gain administrative privileges via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to gain administrative privileges via unknown vectors...
CVE-2009-0469
The CVE-2009-0469 issue affects futomi’s CGI Cafe Fulltext search CGI (ver. 1.1.2). A vulnerability in Fulltext search CGI allows a remote attacker to gain administrative privileges, effectively impersonating an administrator. The underlying vectors are not specified in the base CVE description; ...
CVE-2009-0469
Unspecified vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 allows remote attackers to gain administrative privileges via unknown vectors...
Fulltext search CGI vulnerability allows third party to gain administrative privileges
Overview Fulltext search CGI from futomi's CGI Cafe contains a vulnerability that allows an attacker to gain administrative privileges. Fulltext search CGI is a website search software from futomi's CGI Cafe. Fulltext search CGI contains a vulnerability that allows an attacker to gain...
JVN#80771386 Fulltext search CGI vulnerability allows third party to gain administrative privileges
Fulltext search CGI is a website search software from futomi's CGI Cafe. Fulltext search CGI contains a vulnerability that allows an attacker to gain administrative privileges. Impact A remote attacker could impersonate an administrator of fulltext search CGI. Solution Update the Software Update ...
CVE-2008-5786
Cross-site scripting XSS vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter...
CVE-2008-5786
CVE-2008-5786 describes a cross-site scripting (XSS) vulnerability in the Silva Find extension. The issue affects Silva Find extension 1.1.5 and earlier within Silva 1.x up to 1.6.3.2, Silva 2.0 up to 2.0.12.2, and Silva 2.1 up to 2.1.0.2, where an attacker could inject arbitrary web script or HT...
Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting
Overview Fulltext search CGI from futomi's CGI Cafe contains a cross-site scripting vulnerability. Fulltext search CGI, website search software from futomi's CGI Cafe, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...
CVE-2008-1486
SQL injection vulnerability in Phorum before 5.2.6, when mysqluseft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search...
Sql injection
SQL injection vulnerability in Phorum before 5.2.6, when mysqluseft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search...
CVE-2008-1486
SQL injection vulnerability in Phorum before 5.2.6, when mysqluseft is disabled, allows remote attackers to execute arbitrary SQL commands via the non-fulltext search...
JVN#43091983 Fulltext search CGI from futomi's CGI Cafe vulnerable to cross-site scripting
Fulltext search CGI, website search software from futomi's CGI Cafe, contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest updates provided by the vendor. Products Affected Ver 1.1.0 and...
Oracle MySQL < 4.0.21 Remote FULLTEXT Search DoS
Binary data 2369.prm...