CVE-2006-6361

Heap-based buffer overflow in the uploadprogressphprfc1867file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted HTTP POST fileupload requests...

CVE-2006-6361

Heap-based buffer overflow in the uploadprogressphprfc1867file function in uploadprogress.c in Bitflux Upload Progress Meter before 8276 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted HTTP POST fileupload requests...

CVE-2006-4517

Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service crash in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference...

Novell iManager DoS

Oversized TREE parameter of HTTP POST request causes NULL pointer dereference...

Novell GroupWise Messenger fails to properly handle HTTP POST requests.

Overview Novell GroupWise Messenger fails to properly handle HTTP POST requests. This vulnerability may allow a remote attacker to cause a denial of service condition. Description Novell GroupWise Messenger fails to properly handle HTTP POST requests. This vulnerability may be triggered by sendin...

CVE-2006-4511

Messenger Agents nmma.exe in Novell GroupWise 2.0.2 and 1.0.6 allows remote attackers to cause a denial of service crash via a crafted HTTP POST request to TCP port 8300 with a modified val parameter, which triggers a null dereference related to "zero-size strings in blowfish routines."...

iDefense Security Advisory 10.02.06: Novell GroupWise Messenger nmma.exe DoS Vulnerability

Novell GroupWise Messenger nmma.exe DoS Vulnerability iDefense Security Advisory 10.02.06 http://www.idefense.com/intelligence/vulnerabilities/ Oct 02, 2006 I. BACKGROUND Novell Messenger is a corporate, cross-platform instant messaging product that is based on Novell eDirectory. More information...

CVE-2006-3819

Eval injection vulnerability in the configure script in TWiki 4.0.0 through 4.0.4 allows remote attackers to execute arbitrary Perl code via an HTTP POST request containing a parameter name starting with "TYPEOF"...

CVE-2006-3758

CVE-2006-3758 pertains to MyBB (aka MyBulletinBoard) 1.1.4 where inc/init.php in Archive Mode (Light) calls PHP’s extract with EXTR_OVERWRITE on HTTP POST/GET variables, allowing a remote attacker to overwrite arbitrary variables. The vulnerability is demonstrated via an SQL injection using the _...

imgsvrDoS.txt

I have provided the fillowing proof of concept.. Afected-softwear Credit's :n00b. http://freshmeat.net/projects/imgsvr/ Exploit, !/usr/bin/perl Proof of concept. Credit's:to n00b for finding this bug. Afected :ImgSvr.exe Download softwear: http://freshmeat.net/projects/imgsvr/ Crash the server wi...

ImgSvr <= 0.6.5 (long http post) Denial of Service Exploit

No description provided by source. !/usr/bin/perl Proof of concept. Credit's:to n00b for finding this bug. Afected :ImgSvr.exe Download softwear: http://freshmeat.net/projects/imgsvr/ Crash the server with overly long http post request.. Main site of affected product...

ImgSvr <= 0.6.5 (long http post) Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================== ImgSvr = 0.6.5 long http post Denial of Service Exploit ========================================================== !/usr/bin/perl Proof of concept. Credit's:to n00b for finding this bug...

ImgSvr 0.6.5 - POST Denial of Service

!/usr/bin/perl Proof of concept. Credit's:to n00b for finding this bug. Afected :ImgSvr.exe Download softwear: http://freshmeat.net/projects/imgsvr/ Crash the server with overly long http post request.. Main site of affected product. http://freshmeat.net/projects/imgsvr/ Sending an overly long po...

Cross site scripting

Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified backurl during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of the term...

CVE-2006-2478

Bitrix Site Manager 4.1.x allows remote attackers to redirect users to other websites via a modified backurl during a HTTP POST request. NOTE: this issue has been referred to as "cross-site scripting," but that is inconsistent with the common use of the term...

CVE-2006-2478

Bitrix Site Manager 4.1.x is affected by CVE-2006-2478: remote attackers can redirect users to other websites by supplying a modified back_url in a HTTP POST request. The root cause and impact are limited to redirects as described; exploitation details or in‑the‑wild status are not provided in th...

PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities

PHPWebFTP 2.3 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/17688/info phpWebFTP is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input using the HTTP 'POST'...

Directory traversal

Directory traversal vulnerability in inc/functions.inc.php in CuteNews 1.4.1 and possibly other versions, when registerglobals is enabled, allows remote attackers to include arbitrary files via a .. dot dot sequence and trailing NULL %00 byte in the archive parameter in an HTTP POST or COOKIE...

ShoutLIVE 1.1.0 - savesettings.php Remote Code Execution

ShoutLIVE 1.1.0 - savesettings.php Remote Code Execution !/usr/bin/perl ShoutLIVE | +---------------------------------------------+ | Coded by DarkFig | +------------------+ ";exit sub headers print "\n +----------------------------------------------+ | ShoutLIVE "$host", PeerPort = "80", Proto =...

EV0086.txt

New eVuln Advisory: Simple Machines Forum - SMF 'X-Forwarded-For' XSS Vulnerability http://evuln.com/vulns/86/summary.html --------------------Summary---------------- eVuln ID: EV0086 CVE: CVE-2006-0896 Software: Simple Machines Forum - SMF Sowtware's Web Site: http://www.simplemachines.org/...