9133 matches found
CLUB Nuke 2.0 - Multiple SQL Injections
CLUB Nuke 2.0 - Multiple SQL Injections source: https://www.securityfocus.com/bid/19442/info CLUB-Nuke is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...
security flaw
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...
CVE-2006-3920
The CVE affects Sun Solaris TCP implementation (Solaris 8/9/10) prior to 20060726, where a TCP packet with an incorrect sequence number can trigger an ACK storm and cause remote DoS (resource exhaustion). Root cause: improper TCP sequence handling leading to ACK storm. Affected components: Solari...
phpBB-Auction 1.x - auction_room.php?ar SQL Injection
phpBB-Auction 1.x - auctionroom.php?ar SQL Injection source: https://www.securityfocus.com/bid/19179/info PHPBB-Auction is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. These vulnerabilities...
CVE-2006-3825
The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes that differ from the routing table, possibly facilitating firewall bypass or unauthorized network communication...
LinksCaffe 2.0/3.0 - Authentication Bypass
source: https://www.securityfocus.com/bid/19763/info LinksCaffe is prone to an authentication-bypass vulnerability because of a lack of required authentication on the application's administrative script. An attacker can use administrative functions simply by knowing the script's name and location...
LinksCaffe 3.0 - 'links.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successf...
PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection
PHP Pro Bid 5.2.4 - categories.php?orderType SQL Injection source: https://www.securityfocus.com/bid/19158/info PHP Pro Bid is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize...
LinksCaffe 3.0 - links.php?newdays Cross-Site Scripting
LinksCaffe 3.0 - links.php?newdays Cross-Site Scripting source: https://www.securityfocus.com/bid/19149/info LinksCaffe is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the...
kernel security update
CentOS Errata and Security Advisory CESA-2006:0579-01 Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 32 bit architectures This security advisory has been rated as having important security impact by the Red Hat...
Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability 1
Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability 1. Webapps exploit for php platform source: http://www.securityfocus.com/bid/18984/info Invision Power Board is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize...
SaPHPLesson 2.0 - add.php SQL Injection
SaPHPLesson 2.0 - add.php SQL Injection source: https://www.securityfocus.com/bid/18934/info SaPHPLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit cou...
SaPHPLesson 2.0 - 'add.php' SQL Injection
source: https://www.securityfocus.com/bid/18934/info SaPHPLesson is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the...
CentOS 4 : kernel (CESA-2006:0493)
Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...
Current Versions Release History
Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...
newsPHP 2006 PRO - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/18726/info NewsPHP 2006 PRO is prone to multiple input-validation vulnerabilities. The issues include cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. A...
Netscape NSS Library Memory Leak Vulnerability
Description: Netscape Browser 8.1 is susceptible to affected to DoS-type memory leak vulnerability disclosed in Mozilla Network Security Services library implementation. This library is shipped with the newest Netscape browser. Reportedly the Network Security Services NSS library will leak 256...
OpenGuestbook 0.5 - view.php?offset SQL Injection
OpenGuestbook 0.5 - view.php?offset SQL Injection source: https://www.securityfocus.com/bid/18666/info OpenGuestbook is prone to multiple input-validation vulnerabilities, including cross-site scripting and SQL-injection issues, because the application fails to properly sanitize user-supplied...
Woltlab Burning Board 1.2/2.0/2.3 - 'newthread.php?boardid' SQL Injection
source: https://www.securityfocus.com/bid/18597/info WoltLab Burning Board is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied data before using it in an SQL query. A successful exploit could allow an attacker...
V3 Chat Instant Messenger - expire.php?cust_name Cross-Site Scripting
V3 Chat Instant Messenger - expire.php?custname Cross-Site Scripting source: https://www.securityfocus.com/bid/18543/info V3 Chat Instant Messenger is prone to multiple cross-site scripting and SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitiz...