9078 matches found
DUware DUpaypal 3.03.1 - sub.asp?iSub SQL Injection
DUware DUpaypal 3.03.1 - sub.asp?iSub SQL Injection source: https://www.securityfocus.com/bid/14034/info DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit coul...
DUware DUpaypal 3.0/3.1 - 'sub.asp?iSub' SQL Injection
source: https://www.securityfocus.com/bid/14034/info DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fails application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application,...
PeerCast: Format string vulnerability
Background PeerCast is a media streaming system based on P2P technology. Description James Bercegay of the GulfTech Security Research Team discovered that PeerCast insecurely implements formatted printing when receiving a request with a malformed URL. Impact A remote attacker could exploit this...
Mandrake Linux Security Advisory : openssl (MDKSA-2005:096)
Colin Percival reported a cache timing attack that could be used to allow a malicious local user to gain portions of cryptographic keys CVE-2005-0109. The OpenSSL library has been patched to add a new fixed-window modexp implementation as default for RSA, DSA, and DH private key operations. The...
WWWeb Concepts Events System 1.0 - login.asp SQL Injection
WWWeb Concepts Events System 1.0 - login.asp SQL Injection source: https://www.securityfocus.com/bid/13859/info WWWeb Concepts Events System is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp'...
Qualiteam X-Cart 4.0.8 - 'help.php?section' SQL Injection
source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These vulnerabilities could permit remote attackers to pass malicious inpu...
Qualiteam X-Cart 4.0.8 - help.php?section SQL Injection
Qualiteam X-Cart 4.0.8 - help.php?section SQL Injection source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Qualiteam X-Cart 4.0.8 - giftcert.php Multiple SQL Injections
Qualiteam X-Cart 4.0.8 - giftcert.php Multiple SQL Injections source: https://www.securityfocus.com/bid/13817/info X-Cart is prone to SQL injection and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. These...
Warrior Kings 1.3 And Warrior Kings: Battles 1.23 - Remote Format String
source: https://www.securityfocus.com/bid/13711/info Warrior Kings, and Warrior Kings: Battles are vulnerable to a remote format string vulnerability. This issue is due to a failure of the application to securely implement a formatting printing function. This vulnerability allows remote attackers...
MWChat 6.8 - chat.php SQL Injection
MWChat 6.8 - chat.php SQL Injection source: https://www.securityfocus.com/bid/15198/info MWChat is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
CVE-2005-1600
A "mathematical flaw" in the implementation of the El Gamal signature algorithm for LibTomCrypt 1.0 to 1.0.2 allows attackers to generate valid signatures without having the private key...
MidiCart PHP - 'Item_Show.php?Code_No' SQL Injection
source: https://www.securityfocus.com/bid/13515/info MidiCart PHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection
source: https://www.securityfocus.com/bid/13487/info ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...
Dream4 Koobi CMS 4.2.3 - 'index.php?P' SQL Injection
source: https://www.securityfocus.com/bid/13412/info Koobi CMS is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
CartWIZ 1.10 - ProductCatalogSubCats.asp SQL Injection
CartWIZ 1.10 - ProductCatalogSubCats.asp SQL Injection source: https://www.securityfocus.com/bid/13331/info CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to utilizing the data in an SQL query...
CVE-2004-0984
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges...
DUportal Pro 3.4 - 'inc_vote.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/13285/info DUportal Pro is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application,...
DUportal 3.1.2 - inc_rating.asp Multiple SQL Injections
DUportal 3.1.2 - incrating.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13288/info DUportal/DUportal SQL are prone to multiple SQL injection vulnerabilities. These issues exist because the application fails to properly sanitize user-supplied input before using it in SQL...
Libsafe 2.0 - Multi-threaded Process Race Condition Security Bypass
// source: https://www.securityfocus.com/bid/13190/info Libsafe will normally kill an application when certain types of memory corruption are detected, preventing exploitation of some buffer overflow and format string vulnerabilities. A weakness has been reported that may allow Libsafe security...
phpBB 1.x2.0.x - Knowledge Base Module KB.php SQL Injection
phpBB 1.x2.0.x - Knowledge Base Module KB.php SQL Injection source: https://www.securityfocus.com/bid/13219/info Knowledge Base Module is affected by an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQ...