jakcms 2.0 pro rc5 - Stored XSS via useragent http header injection

No description provided by source. Exploit Title: JAKCMS 2.0 PRO RC5 stored XSS via useragent HTTP header Injection Date: 7-2-2011 Author: Saif El-Sherei Software Link: http://php.opensourcecms.com/scripts/redirect/download.php?id=480 Version: JAKCMS PRO 2.0 RC5 and probably earlier version Teste...

Oracle WebCenter Sites Satellite Server - HTTP Header Injection

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20130417-2 ======================================================================= title: HTTP header injection/Cache poisoning in Oracle WebCenter Sites Satellite Server product: Oracle WebCenter Sites Satellite...

Wordpress MU < 2.7 'HOST' HTTP Header XSS Vulnerability

No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-004 - Original release date: December 3rd, 2008 - Last revised: March 10th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.3/10 CVSS scored...

phpLDAPadmin 0.9.4b DoS

No description provided by source. / Exploit Title: phpLDAPadmin 0.9.4b DoS Google Dork: phpLDAPadmin - 0.9.4b Date: 2011-10-23 Author: Alguien Software Link: http://sourceforge.net/projects/phpldapadmin/files/phpldapadmin/0.9.4b/ Version: 0.9.4b Tested on: Red Hat CVE : - Compilation: ----------...

Webmatic 3.1.1 - Blind SQL Injection

No description provided by source. Advisory ID: HTB23096 Product: Webmatic Vendor: valarsoft.com Vulnerable Versions: 3.1.1 and probably prior Tested Version: 3.1.1 Vendor Notification: 13 June 2012 Public Disclosure: 4 July 2012 Vulnerability Type: Blind SQL Injection CVE Reference: CVE-2012-335...

mod_accounting Module 0.5 - Blind SQL Injection

No description provided by source. - Affected Vendor: http://sourceforge.net/projects/mod-acct/files/ - Affected Software: modaccounting - Affected Version: 0.5. Other earlier versions may be affected. - Issue type: Blind SQL injection - Release Date: 20 Sep 2013 - Discovered by: Eldar Wireghoul...

PHP 4.2.3 Header Function Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5669/info PHP is a freely available, open source web scripting language package. It is available for Microsoft Windows, Linux, and Unix operating systems. It has been reported that a vulnerability in the PHP header functi...

Mono <= 2.0 'System.Web' HTTP Header Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30867/info Mono is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sanitize input. By inserting arbitrary headers into an HTTP response, attackers may be able to launch...

Apple QuickTime 5.0 Content-Type Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4064/info Apple QuickTime is a freely available media player. It runs on a number of platforms including MacOS and Windows 9x/ME/NT/2000/XP operating systems. Apple QuickTime For Windows does not perform sufficient bounds...

nginx 0.7.61 - WebDAV Directory Traversal

No description provided by source. Bug Title: nginx webdav copy/move method directory traversal Program: nginx Version: nginx/0.7.61 - other versions may also be affected Website: http://sysoev.ru/nginx/ Severity: Low Date discovered: 23 September 2009 The webdav component has to be enabled and t...

Google Chrome 0.2.149 Malformed 'view-source' HTTP Header Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31035/info Google Chrome is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted HTTP 'view-source' headers. Attackers can exploit this issue to crash the affected...

fresh email script 1.0 - Multiple Vulnerabilities

No description provided by source. 1. +-----------------+-----------------+-----------------+ 2. +-----------------+Fresh Email Script+----------------+ 3. +-----------------versions: 1.0 to 1.11 - all 4. +-----------------exploits: file inclusion & cookie manipulation 5. +-----------------founde...

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

No description provided by source. Device Name: EW-7206APg / EW-7209APg Vendor: Edimax ============ Vulnerable Firmware Releases: ============ Device: EW-7206APg Hardware Version Rev. A Runtime Code Version v1.32 Runtime Code Version V1.33 Device: EW-7209APg Hardware Version Rev. A Runtime Code...

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

Stack overflow

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...