ASP Inline Corporate Calendar 3.6.3 - 'Defer.asp' SQL Injection

source: https://www.securityfocus.com/bid/13485/info ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...

ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection

source: https://www.securityfocus.com/bid/13487/info ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...

[Full-Disclosure] iDEFENSE Security Advisory 10.07.04: RealNetworks Helix Server Content-Length Denial of Service Vulnerability

RealNetworks Helix Server Content-Length Denial of Service Vulnerability iDEFENSE Security Advisory 10.07.04: www.idefense.com/application/poi/display?id=151&type=vulnerabilities October 7, 2004 I. BACKGROUND RealNetworks Helix Universal Server is a universal digital media delivery platform with...

Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit

Exploit for linux platform in category dos / poc ==================================================================== Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit ==================================================================== /...

DEBIAN-CVE-2003-0771

Gallery.pm in Apache::Gallery aka A::G uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does...

Apache::Gallery local webserver compromise, privilege escalation

Greetings, Apache::Gallery http://apachegallery.dk is a free and popular perl module that, in combination with modperl and Apache, provides a powerful and customizable web gallery of your photographs. A::G unfortunately misuse Inline::C to created shared libraries. From the Inline::C documentatio...

CVE-2002-0616

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."...

CVE-2001-0726

CVE-2001-0726 concerns Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server. The issue arises when OWA is used with Internet Explorer and fails to properly detect certain inline script in HTML emails, which can allow remote attackers to perform arbitrary actions on a user’s Exchange mailbox....

~..~!guano

Wednesday, 28 March, 2001 The BAT! .. is a feisty multi-tasking email client that is rapidly gaining popularity and for good reason. Cursory examination of it reveals solid effective security measures on all fronts, including non-browser dependent html viewing with on/off switch, random named fil...

XSS vulnerability on asset view

Impact Mautic versions before 3.3.4 / 4.0.0 are vulnerable to an inline JS XSS attack when viewing Mautic assets by utilizing inline JS in the title and adding a broken image URL as a remote asset. This can only be leveraged by an authenticated user with permission to create or edit assets. Patch...

XSS vulnerability on contacts view

Impact Mautic versions before 3.3.4/4.0.0 are vulnerable to an inline JS XSS attack through the contact's first or last name and triggered when viewing a contact's details page then clicking on the action drop down and hovering over the Campaigns button. Contact first and last name can be populat...