NPDS <= 5.10 - Multiple SQL injections

|Description:| Security holes were found in NPDS 5.10. N°1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No check is carried out on nicknames or Id which can allow an attacker to modify a SQL request so as to obtain data. N°2: SQL Injection due to a bad use of "XFORWARDEDFOR" file...

Net Portal Dynamic System (NPDS) 5.10 Remote Code Execution (2)

No description provided by source. ?php /--------------------------------------------------------- NPDS = 5.10 - Remote Code Execution exploit |Description:| Security holes were found in NPDS 5.10. N掳1: Sql Injection in cookies File Mainfile.php lines 655 to 691. No check is carried out on...

CVE-2007-2235

Multiple cross-site scripting XSS vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 Referer HTTP header to misc.php or the 2 category name when deleting a category in admincategories.php...

CVE-2007-2235

Multiple cross-site scripting XSS vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 Referer HTTP header to misc.php or the 2 category name when deleting a category in admincategories.php...

CVE-2007-2046

Multiple CRLF injection vulnerabilities in adclick.php in a Openads phpAdsNew 2.0.11 and earlier and b Openads for PostgreSQL phpPgAds 2.0.11 and earlier allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in 1 the dest parameter...

CVE-2007-1963

CVE-2007-1963 describes an SQL injection in MyBB (MyBulletinBoard) up to version 1.2.3, exploitable through the Client-IP HTTP header in the create_session function of class_session.php. The vulnerability permits remote SQL commands and is a related issue to CVE-2006-3775. The initial description...

Directory traversal

Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. dot dot sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header...

CVE-2006-7172

Multiple SQL injection vulnerabilities in php-stats.recphp.php in PHP-Stats 0.1.9.1b and earlier allow remote attackers to execute arbitrary code via a leading dotted-quad IP address string in the 1 PC-REMOTE-ADDR HTTP header, which is inserted into $SERVER'HTTPPCREMOTEADDR', or 2 ip parameter...

CVE-2007-1501

Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long Content-Type HTTP header...

Stack overflow

Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long Content-Type HTTP header...

CVE-2007-1501

Stack-based buffer overflow in Avant Browser 11.0 build 26 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long Content-Type HTTP header...

CVE-2007-1501

CVE-2007-1501 affects Avant Browser 11.0 build 26, where a stack-based buffer overflow can be triggered by a long Content-Type HTTP header. This may allow remote attackers to cause a crash (DoS) and potentially execute arbitrary code. Exploitation details are not provided in the initial documents...

CVE-2007-1493

nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive regular expression to validate an IP address, which allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172...

Sql injection

nukesentinel.php in NukeSentinel 2.5.06 and earlier uses a permissive regular expression to validate an IP address, which allows remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header, due to an incomplete patch for CVE-2007-1172...

CVE-2007-1406

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

Design/Logic Flaw

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

CVE-2007-1406

CVE-2007-1406 affects Trac before 0.10.3.1. The issue is that Trac did not send a Content-Disposition HTTP header specifying an attachment in certain “unsafe” situations, with the impact and remote attack vectors described as unknown in the sources. The connected records confirm Trac’s version ga...

CVE-2007-1406

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

CVE-2007-1406

Trac before 0.10.3.1 does not send a Content-Disposition HTTP header specifying an attachment in certain "unsafe" situations, which has unknown impact and remote attack vectors...

Stack overflow

Stack-based buffer overflow in the connectHandle function in server.cpp in WebMod 0.48 allows remote attackers to execute arbitrary code via a long string in the Content-Length HTTP header...