2922 matches found
Gallery Unspecified Security Bypass Vulnerability
Gallery is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP 5 < 5.2.7 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is prior to 5.2.7. It is, therefore, affected by multiple vulnerabilities : - There is a buffer overflow flaw in the bundled PCRE library that allows a denial of service attack. CVE-2008-2371 - Multiple directory traversal...
WordPress cat Parameter Directory Traversal Vulnerability
WordPress is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...
simple-xss.txt
HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...
Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities
HSC Simple Machines Forum Cross-Site Scripting Vulnerabilities Vulnerabilities Simple Machines Forum allows attackers to exploiting this vulnerability by cross-site scripting and they will be able to obtain detailed information. This may help the attacker steal cookie-based authentication...
kav/kis 6/7 vulnerabilities-vulnerability warning-the black bar safety net
Foreign famous Rootkit research site rootkit. com published an article: "Exploiting Kaspersky Antivirus 6.0-7.0" the author as EPXOFF/UG North,is famous for its anti-Rootkit tool Rootkit Unhooker,Process walker developers. The article said that Kaspersky Anti-virus software from 6. 0 to the curre...
FreeBSD : clamav -- heap overflow vulnerability (342d2e48-26db-11db-9275-000475abc56f)
"Clamav team reports : A heap overflow vulnerability was discovered in libclamav which could cause a denial of service or allow the execution of arbitrary code. The problem is specifically located in the PE file rebuild function used by the UPX unpacker. Relevant code from libclamav/upx.c :...
clamav -- heap overflow vulnerability
Clamav team reports: A heap overflow vulnerability was discovered in libclamav which could cause a denial of service or allow the execution of arbitrary code. The problem is specifically located in the PE file rebuild function used by the UPX unpacker. Relevant code from libclamav/upx.c: memcpyds...
Improper Validation of User-mode Pointers
Improper Validation of User-mode Pointers Many of the hooks that KAV installs and even the custom system services suffer from flaws that are detrimental to the operation of the system. For instance, KAV's modified NtOpenProcess attempts to determine if a user address is valid by comparing it to t...
PHP-Fusion <= 4.0.1 'members.php' SQLi Vulnerability
A vulnerability exists in PHP-Fusion that may allow an attacker to inject arbitrary SQL code and possibly execute arbitrary code, due to improper validation of user supplied input in the SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced source...
bluez-utils unauthorized bluethooth access
Improper validation of bluetooth device name...
php-fusion 4.x vuln
TheGreatOne2176, Reapercore I have a found an error in php-fusion 4.x where you can view any thread on the forum. In fusionforum/viewthread.php the $GET variables arent properly checked or queried making it possible to view all threads. The example I tested was...
invisionSQL.txt
Invision Community Blog , is a powerful blogging system that will plug straight into your Invision Power Board. Allow your members to create their own individual blogs. Invision Community Blog is a comprehensive system with a very easy to use interface. Due to improper validation checks in the...
@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion
@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion source: https://www.securityfocus.com/bid/11260/info A vulnerability is reported to exist in the @lexPHPTeam @lex Guestbook software that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a...
@lexPHPTeam @lex Guestbook 3.12 - PHP Remote File Inclusion
source: https://www.securityfocus.com/bid/11260/info A vulnerability is reported to exist in the @lexPHPTeam @lex Guestbook software that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. The issue exists due to improper validati...
rsync sanitize_path() Function Arbitrary File Disclosure
An information disclosure vulnerability exists in rsync due to improper validation of user-supplied input to the sanitizepath function. An unauthenticated, remote attacker can exploit this, via a specially crafted path, to generated an absolute filename in place of a relative filename, resulting...
CVE-2003-1229
X509TrustManager in 1 Java Secure Socket Extension JSSE in SDK and JRE 1.4.0 through 1.4.001, 2 JSSE before 1.0.3, 3 Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and 4 Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in...
Simple File Manager Directory / Filename XSS
The remote Simple File Manager CGI fm.php improperly validates the names of the directories entered and created by the user. As a result, a user could generate a cross-site scripting attack on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
A security vulnerability in S8Forum
INFORMATIONS : ============= - Product : S8Forum - Tested version : 3.0 maybe other versions. - Website : http://www.kellishaver.com/ Vendor Status: not informed yet !!! - Problem : A security vulnerability in S8Forum PROBLEM : ========= This forum writen by PHP. It doesn't use database, instead...
Microsoft Virtual Machine Multiple JDBC Vulnerabilities
Description Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in...