883 matches found
CVE-2007-0501
CVE-2007-0501 corresponds to a PHP remote file inclusion vulnerability in Mafia Scum Tools 2.0.0 within Matthew Wardrop Advanced Random Generators (adv-random-gen). The flaw allows an attacker to execute arbitrary PHP code by supplying a URL in the gen parameter, enabling remote code execution. T...
Mafia Scum Tools 2.0.0 (index.php gen) Remote File Include Exploit
No description provided by source. !/usr/bin/perl mafia-2-0-0 Index.phpRemote File Include Vulnerability &n...
haberx.txt
+++++++++++++++++++++++++++++++++++++++++++++++++++ + Haberx v1.1 tr SQL Injection Vulnerability + + Author : Fix TR + + Site : www.hack.gen.tr + + Contact : fixtratbsdmail.com + +++++++++++++++++++++++++++++++++++++++++++++++++++ + Download: http://www.aspindir.com/Goster/3983 + Versions: 1.02...
[SA18715] PHP GEN Unspecified Cross-Site Scripting and SQL Injection
TITLE: PHP GEN Unspecified Cross-Site Scripting and SQL Injection SECUNIA ADVISORY ID: SA18715 VERIFY ADVISORY: http://secunia.com/advisories/18715/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: PHP GEN 1.x...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...
Sql injection
Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors...
CVE-2006-0498
Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...
CVE-2006-0498
Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...
CVE-2006-0497
Multiple SQL injection vulnerabilities in PHP GEN before 1.4 allow remote attackers to inject arbitrary SQL commands via unknown attack vectors...
CVE-2006-0498
CVE-2006-0498 describes multiple cross-site scripting (XSS) vulnerabilities in PHP GEN prior to 1.4, allowing remote attackers to inject arbitrary web script or HTML via unknown attack vectors. The connected documents corroborate the flaw across several sources (NVD entry and multiple mirrors), s...
CVE-2005-4707
An XSS vulnerability affects PHP GEN prior to 1.3, allowing remote attackers to inject arbitrary script/HTML via unknown attack vectors. The NVD entry lists a base score of 4.3 (MEDIUM) with Network attack vector, no confidentiality impact, partial integrity impact, and no availability impact. Af...
CVE-2005-4707
Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...
CVE-2006-0497
CVE-2006-0497 affects PHP GEN before 1.4, with multiple SQL injection vulnerabilities that allow remote attackers to inject arbitrary SQL commands via unknown attack vectors. The vulnerability targets the application’s database interaction (SQL layer) and is documented across multiple sources (NV...
CVE-2005-4707
Multiple cross-site scripting XSS vulnerabilities in PHP GEN before 1.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors...
[SA17560] PHP GEN Cross-Site Scripting Vulnerabilities
TITLE: PHP GEN Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA17560 VERIFY ADVISORY: http://secunia.com/advisories/17560/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: PHP GEN 1.x http://secunia.com/product/6131/ DESCRIPTION: Some vulnerabilities...
[SA17295] phpBB Avatar Script Insertion Vulnerability
TITLE: phpBB Avatar Script Insertion Vulnerability SECUNIA ADVISORY ID: SA17295 VERIFY ADVISORY: http://secunia.com/advisories/17295/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpBB 2.x http://secunia.com/product/463/ DESCRIPTION: K-Gen has discovered a...
CVE-2005-2180
CVE-2005-2180 concerns the GNATS generator, where in GNATS 4.0/4.1.0 (and possibly earlier) if the binary is installed setuid, it fails to properly validate files passed to the -o option and opens the target with write access, enabling a local user to overwrite arbitrary files. This is the core c...
CVE-2005-2180
gen-index in GNATS 4.0, 4.1.0, and possibly earlier versions, when installed setuid, does not properly check files passed to the -o argument and opens the file with write access, which allows local users to overwrite arbitrary files...
gnats.txt
Name: GNATS - gen-index Vendor URL: http://www.gnu.org/software/gnats Author: Adam Zabrocki Date: June 16, 2005 Issue: GNATS - the GNU problem report management system allows attacker to overwrite files with privileges suid root when compiled from sources and there isn't in system gnats user, whe...
GNU GNATS 4.04.1 - Gen-Index Arbitrary Local File DisclosureOverwrite
GNU GNATS 4.04.1 - Gen-Index Arbitrary Local File DisclosureOverwrite source: https://www.securityfocus.com/bid/14169/info GNU GNATS gen-index allows local attackers to disclose and overwrite arbitrary files. A successful attack can result in privilege escalation and a complete compromise of the...