4504 matches found
Confixx 2 - 'DB' SQL Injection
source: https://www.securityfocus.com/bid/9830/info It has been reported that an input validation error with the potential for use in a SQL injection attack is present in the "dbmysqlloeschen2.php" script. When a user is requesting the "dbmysqlloeschen2.php" script, one of the parameters that can...
Xtreme ASP Photo Gallery
Tripbit Security Research tripbit.org Security Advisory Advisory ID: TA-150104 Release Date: January 15th, 2004 Application: Xtreme ASP Photo Gallery 2.0 Severity: Medium/High Impact: Admin access Class: Input Validation Error Vendor: http:// www.pensacolawebdesigns.com/ Overview...
TA-150104.txt
Tripbit Security Research tripbit.org Security Advisory Advisory ID: TA-150104 Release Date: January 15th, 2004 Application: Xtreme ASP Photo Gallery 2.0 Severity: Medium/High Impact: Admin access Class: Input Validation Error Vendor: http:// www.pensacolawebdesigns.com/ Overview...
Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injections
source: https://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL query without proper sanitization of SQL syntax. As a result, a...
Py-Membres 4.x - Pass_done.php SQL Injection
Py-Membres 4.x - Passdone.php SQL Injection source: https://www.securityfocus.com/bid/8500/info A vulnerability has been reported for Py-Membres that allows remote attackers to modify the logic of SQL queries. It has been reported that an input validation error exists in the passdone.php file...
Py-Membres 4.x - 'Pass_done.php' SQL Injection
source: https://www.securityfocus.com/bid/8500/info A vulnerability has been reported for Py-Membres that allows remote attackers to modify the logic of SQL queries. It has been reported that an input validation error exists in the passdone.php file included with Py-Membres. Because of this, a...
ImageMagick's Overflow
ImageMagick's Overflow Rosiello Security's Advisory & DTORS http://www.rosiello.org I. BACKGROUND The ImageMagick display is an image viewer. ImageMagick is part of the KDE desktop and is bundled with all major Linux distributions. II. DESCRIPTION A vulnerability was found in this application tha...
Verity-K2Toolkit-Eng.txt
STG Security Advisory: SSA-20030701-02 Verity K2 Toolkit Query Builder XSS Vulnerability Revision 1.0 Date Published: 2003-07-01 KST Last Update: 2003-07-01 Disclosed by SSR Team [email protected] Summary =================== Verity's K2 Toolkit provides e-commerce developers with text...
SECNAP Security Advisory: Invalid HTML processing in GoldMine(tm)
Weakness in GoldMinetm Email Manager allows arbitrary code execution Systems: GoldMine 5.70 and 6.00 prior to version 30503 Vulnerable: 5.70.11111,5.70.20404,6.00.21021,6.00.30203,6.00.30403 Not Vulnerable: 5.70.30503, 6.00.30503 Severity: Serious Category: Arbitrary Execution of Code of Hackers...
XMMS Remote input validation error
Overview There is an input validation error in the stand-alone SOAP server XMMS Remote which allows unauthorized remote command execution. Description XMMS Remote is a stand-alone XML/SOAP HTTP server implemented in PERL created by X2 Studios. It is used to monitor a running xmms media player...
Flaw in Microsoft VM Could Enable System Compromise
TITLE : Microsoft Virtual Machine Bytecode Verifier Vulnerability CRITICAL : Highly critical IMPACT : System access OPERATING SYSTEM: Microsoft Windows 95 Microsoft Windows 98 and 98SE Microsoft Windows Millennium Microsoft Windows NT 4.0, beginning with Service Pack 1 Microsoft Windows 2000...
Py-Membres 4.0 - SQL Injection
Py-Membres 4.0 - SQL Injection source: https://www.securityfocus.com/bid/7301/info A vulnerability has been reported for Py-Membres 4.0 that allows remote attackers to modify the logic of SQL queries. It has been reported that an input validation error exists in the login.php file included with...
Py-Membres 4.0 - SQL Injection
source: https://www.securityfocus.com/bid/7301/info A vulnerability has been reported for Py-Membres 4.0 that allows remote attackers to modify the logic of SQL queries. It has been reported that an input validation error exists in the login.php file included with Py-Membres. Because of this, a...
Invision Board 1.1.1 - 'functions.php' SQL Injection
source: https://www.securityfocus.com/bid/7290/info An input validation error has been reported in Invision Board which may result in the manipulation of SQL queries. This vulnerability exists in the functions.php script file. An attacker may be able to exploit this vulnerability by manipulating...
Mod_Survey ENV tag vulnerability
Attached is a security advisory for ModSurvey, which is a modperl module for apache see attachment. The advisory was first published 2003-03-23 at http://gathering.itm.mh.se/modsurvey/SA20030323.txt More info about ModSurvey can be found on its home page, which is available at...
PHP-Nuke 6.06.5 Forum Module - viewforum.php SQL Injection
PHP-Nuke 6.06.5 Forum Module - viewforum.php SQL Injection source: https://www.securityfocus.com/bid/7194/info It has been reported that an input validation error exists in the 'viewforum.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a...
PHP-Nuke 6.06.5 Forum Module - viewtopic.php SQL Injection
PHP-Nuke 6.06.5 Forum Module - viewtopic.php SQL Injection source: https://www.securityfocus.com/bid/7193/info It has been reported that an input validation error exists in the 'viewtopic.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a...
PHP-Nuke 6.0/6.5 Forum Module - 'viewforum.php' SQL Injection
source: https://www.securityfocus.com/bid/7194/info It has been reported that an input validation error exists in the 'viewforum.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker ...
PHP-Nuke 6.0/6.5 Forum Module - 'viewtopic.php' SQL Injection
source: https://www.securityfocus.com/bid/7193/info It has been reported that an input validation error exists in the 'viewtopic.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker ...
PHP-Nuke 5.66.x News Module - index.php SQL Injection
PHP-Nuke 5.66.x News Module - index.php SQL Injection source: https://www.securityfocus.com/bid/7173/info It has been reported that an input validation error exists in the index.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string...