Cross site scripting

Cross-site scripting XSS vulnerability in PassMasterFlex and PassMasterFlexPlus PassMasterFlex+ 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 username, 2 password, or 3 User-Agent HTTP header in the Hack Log...

CVE-2006-2340

Cross-site scripting XSS vulnerability in PassMasterFlex and PassMasterFlexPlus PassMasterFlex+ 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 username, 2 password, or 3 User-Agent HTTP header in the Hack Log...

[Full-disclosure] [ GLSA 200605-07 ] Nagios: Buffer overflow

Gentoo Linux Security Advisory GLSA 200605-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

CVE-2006-2162

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

CVE-2006-2162

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

Buffer overflow

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

CVE-2006-2162

Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length Content-Length HTTP header...

CVE-2006-2131

include/classpoll.php in Advanced Poll 2.0.4 uses the HTTPXFORWARDEDFOR X-Forwarded-For HTTP header to identify the IP address of a client, which makes it easier for remote attackers to spoof the source IP and bypass voting restrictions...

CVE-2006-2131

include/classpoll.php in Advanced Poll 2.0.4 uses the HTTPXFORWARDEDFOR X-Forwarded-For HTTP header to identify the IP address of a client, which makes it easier for remote attackers to spoof the source IP and bypass voting restrictions...

clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...

CVE-2006-1645

CVE-2006-1645 affects ReloadCMS 1.2.5 and earlier. The vulnerability is a Cross-site Scripting (XSS) issue where an attacker can inject arbitrary script or HTML through the User-Agent header, which is reflected in admin/modules/general/statistic.php in the administration panel. Exploitation is re...

CVE-2006-1619

IBM WebSphere Application Server 4.0.1 through 4.0.3 allows remote attackers to cause a denial of service application crash via an HTTP request with a large header...

Crlf injection

CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...

CVE-2006-1282

CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...

CVE-2006-1282

CRLF injection vulnerability in inc/function.php in MyBulletinBoard MyBB 1.04 allows remote attackers to conduct cross-site scripting XSS, poison caches, or hijack pages via CRLF %0A%0D sequences in the Referrer HTTP header field, possibly when redirecting to other web pages...

CVE-2006-1234

SQL injection vulnerability in index.php in DSCounter 1.2, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

Sql injection

SQL injection vulnerability in index.php in DSCounter 1.2, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

CVE-2006-1234

SQL injection vulnerability in index.php in DSCounter 1.2, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For field HTTPXFORWARDEDFOR environment variable in an HTTP header...

linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+

Exploit for linux/x86 platform in category shellcode ===================================================== linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ ===================================================== / linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ This shellcode allows you ...

CVE-2006-1127

Cross-site scripting XSS vulnerability in Gallery 2 up to 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For XFORWARDEDFOR HTTP header, which is not properly handled when adding a comment to an album...