HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution

HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL...

HiveMail 1.2.21.3 - index.php $_SERVER[PHP_SELF] Cross-Site Scripting

HiveMail 1.2.21.3 - index.php $SERVERPHPSELF Cross-Site Scripting source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP...

Webeveyn Whomp! Real Estate Manager 2005 - Login SQL Injection

source: https://www.securityfocus.com/bid/16544/info Whomp! Real Estate Manager is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker t...

Design/Logic Flaw

The E4X implementation in Mozilla Firefox before 1.5.0.1, Thunderbird 1.5 if running Javascript in mail, and SeaMonkey before 1.0 exposes the internal "AnyName" object to external interfaces, which allows multiple cooperating domains to exchange information in violation of the same origin...

CVE-2006-0299

CVE-2006-0299 affects Mozilla Firefox up to 1.5.0.1, Thunderbird 1.5 (when JavaScript runs in mail), and SeaMonkey before 1.0. The issue arises from the E4X implementation exposing the internal AnyName object to external interfaces, allowing multiple cooperating domains to exchange information an...

SZUserMgnt 1.4 - Username SQL Injection

SZUserMgnt 1.4 - Username SQL Injection source: https://www.securityfocus.com/bid/16454/info SZUserMgnt is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...

Programming cheats: the C language efficient four trick-vulnerability warning-the black bar safety net

Writing efficient and simple C language code, many software engineers are pursuing. This article is for the programming work of some of the experience and experience to do the relevant elaboration. The first trick: to space for time Computer program the greatest paradox in space and time the...

With a Winsock implementation on the website of the database data injection-vulnerability warning-the black bar safety net

In writing this article before, it is necessary to"inject"one word describes it. The difference to the usualSQL injection, where the injection actually just construct an HTTP request packet to a program instead of a WEB page is submitted, data is automatically submitted. Hey, speaking of which, I...

UBBCentral UBB.Threads 6.3 - 'showflat.php' SQL Injection

source: https://www.securityfocus.com/bid/16520/info UBB.Threads is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could allow an attacker to compromise th...

AndoNET Blog 2004.9.2 - Comentarios.php SQL Injection

AndoNET Blog 2004.9.2 - Comentarios.php SQL Injection source: https://www.securityfocus.com/bid/16393/info AndoNET Blog is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successfu...

miniBloggie 1.0 - 'login.php' SQL Injection

source: https://www.securityfocus.com/bid/16367/info miniBloggie is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

e-moBLOG 1.3 - Multiple SQL Injections

e-moBLOG 1.3 - Multiple SQL Injections source: https://www.securityfocus.com/bid/16344/info The e-moBLOG application is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

Ubuntu 4.10 / 5.04 / 5.10 : apache2, apache vulnerabilities (USN-241-1)

The 'modimap' module which provides support for image maps did not properly escape the 'referer' URL which rendered it vulnerable against a cross-site scripting attack. A malicious web page or HTML email could trick a user into visiting a site running the vulnerable modimap, and employ...

WebspotBlogging 3.0 - login.php SQL Injection

WebspotBlogging 3.0 - login.php SQL Injection source: https://www.securityfocus.com/bid/16319/info WebspotBlogging is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

ASPThai Forums 8.0 - login.asp SQL Injection

ASPThai Forums 8.0 - login.asp SQL Injection source: https://www.securityfocus.com/bid/16404/info ASPThai Forums is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

aoblogger 2.3 - 'create.php' Entry Creation

source: https://www.securityfocus.com/bid/16286/info AOblogger is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities could allow an attacker to: -...

Technical analysis:“the meat machine”on encounters of an unknown virus-vulnerability warning-the black bar safety net

5 month 1 3 day morning, the author in the online test MySQL Fun vulnerability, in fact, can not say that the vulnerability can only be said to be a technology only, use the MySQL Fun to overcome a Xeon host, inside, the want to do some testing, but stumbled across this station the host of the...

Venom Board - Post.php3 Multiple SQL Injections

Venom Board - Post.php3 Multiple SQL Injections source: https://www.securityfocus.com/bid/16176/info Venom Board is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

Foro Domus 2.10 - Multiple Input Validation Vulnerabilities

Foro Domus 2.10 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/16154/info Foro Domus is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation...

OnePlug CMS - '/services/details.asp?Service_ID' SQL Injection

source: https://www.securityfocus.com/bid/16155/info OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could allow an attacker to...