PHP-Nuke 5.66.x News Module - article.php SQL Injection

PHP-Nuke 5.66.x News Module - article.php SQL Injection source: https://www.securityfocus.com/bid/7172/info It has been reported that an input validation error exists in the article.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious stri...

PHP-Nuke 5.66.x - banners.php Banner Manager Password Disclosure

PHP-Nuke 5.66.x - banners.php Banner Manager Password Disclosure source: https://www.securityfocus.com/bid/7170/info It has been reported that an input validation error exists in the banners.php file included with PHPNuke. Because of this, an attacker could send a malicious string through PHPNuke...

PHP-Nuke 5.6/6.x News Module - 'article.php' SQL Injection

source: https://www.securityfocus.com/bid/7172/info It has been reported that an input validation error exists in the article.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to...

CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent

Core Security Technologies Advisory http://www.coresecurity.com Multiple vulnerabilities in Ximian's Evolution Mail User Agent Date Published: 2003-03-19 Last Update: 2003-03-19 Advisory ID: CORE-20030304-01 Bugtraq IDs: 7117, 7118, 7119 CVE CAN: CAN-2003-0128 CAN-2003-0129 CAN-2003-0130 Title:...

Input Validation Error in vbulletin 2.2.x

Description: --------------- VBulletin discussion forum http://www.vbulletin.com does not properly validate the input for html tag enabled forums, allowing arbitrary JavaScript code to be run for any access level user. Prof of concept: ---------------- b onMouseOver="alertdocument.location;"This...

CVE-2002-1141

An input validation error in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service via malformed fragmented RPC client packets, aka "Denial of service by sending an invalid RPC...

The Books Module for the PostNuke CMS XSS Vulnerability

---------------------------------------------------- Class : input Validation Error Risk : Due to the simplicity of the attack and the number of sites that run module books the risk is classified as Medium to High. URL: Http://pn-mod-books.sourceforge.net -...

Wiki module postnuke Cross Site Scripting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------- Class : input Validation Error Risk : Due to the simplicity of the attack and the number of sites that run phpwiki, the risk is classified as Medium to High. -...

Moderate: Red Hat Security Advisory: openssh security update

Updated openssh packages are now available for Red Hat Linux Advanced Server. These updates fix an input validation error in OpenSSH. OpenSSH provides an implementation of the SSH secure shell protocol used for logging into and executing commands on remote machines. Versions of the OpenSSH server...

PTL-2002-03 Betsie XSS Vuln

PenTest Limited www.pentest-limited.com Security Advisory XSS bug in Betsie Announcement date: 1st July 2002 Reference: ptl-2002-03 Advisory Details ---------------- Product: Betsie Vulnerable versions: 1.5.11 and all versions before Vulnerability Type : Input Validation Error Platforms: All...

Moderate: Red Hat Security Advisory: : : : Updated OpenSSH packages fix various security issues

Updated openssh packages are now available for Red Hat Linux 7, 7.1, 7.2, and 7.3. These updates fix an input validation error in OpenSSH. Updated 16 April 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. OpenSSH provides an implementation of the SSH secure shell protocol...

Revised OpenSSH Security Advisory (adv.iss)

This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the...

[ARL02-A14] ZenTrack System Information Path Disclosure Vulnerability

+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A14 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : ZenTrack System Information...

[ARL02-A15] Multiple Security Issues in MyHelpdesk

+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A15 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : Multiple Security Issues in...

[ARL02-A13] Multiple Security Issues in GeekLog

+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A13 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : Multiple Security Issues in...

[ARL02-A12] PHP(Reactor) Cross Site Scripting Vulnerability

+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A12 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : phpReactor Cross Site Scripti...

BadBlue Web Server v1.7.0 Directory Contents Disclosure

BadBlue Web Server v1.7.0 Directory Contents Disclosure Author: p0p t4rtz and Bit Release Date: May 31, 2002 Class: Input Validation Error Remote/Local: Remote Object: BadBlue v1.7.0 and below Abstract:: ^^^^^^^^^^ BadBlue is a well known small-scale web server for sharing files with remote users...

Snitz Forums 2000 remote SQL query manipulation vulnerability

vulnerable ---------- Product : Snitz Forums 2000 Version : 3.3 3.3.01 3.3.02 3.3.03 last stable version Object : members.asp Class : Input validation error remote SQL query manipulation vulnerability Vendor-URL : http://forum.snitz.com/ Vendor-Status : informed, not patched Remote-Exploit : yes...

Snitz Forums 2000 remote SQL query manipulation vulnerability

vulnerable ---------- Product : Snitz Forums 2000 Version : 3.3 3.3.01 3.3.02 3.3.03 last stable version Object : members.asp Class : Input validation error remote SQL query manipulation vulnerability Vendor-URL : http://forum.snitz.com/ Vendor-Status : informed, not patched Remote-Exploit : yes...

vuln in wwwisis: remote command execution and get files

Name : wwwisis remote command execution and get files Software Package : wwwisis possibly affected : JavaISIS and other tools based on wwwisis Vendor Homepage : http://www.bireme.br/isis/I/wwwi.htm Vulnerable Versions: 3.45 verified, probably others Platforms : Linux verified, probably others...