4502 matches found
UTempter 0.5.x Multiple Local Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10178/info It has been reported that utempter is affected by multiple local vulnerabilities. The first issue is due to an input validation error that causes the application to exit improperly; facilitating symbolic link...
Epic Games Unreal Tournament Engine 3 UMOD Manifest.INI Remote Arbitrary File Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10196/info Reportedly the Unreal Tournament Engine is affected by a local file overwrite vulnerability due to the UMOD manifest.ini file. This issue is due to an input validation error that allows a malicious user specify...
RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities
No description provided by source. RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities Vulnerable: v3.0.7.x Vendor: www.rj-itop.comhttp://www.rj-itop.com Category: Input Validation Error Impact: SQL injection Details: ========= Multiple SQL Injection Vulnerabilitie...
VideoLAN VLC ModPlug ReadS3M Stack Buffer Overflow
No description provided by source. $Id: vlcmodplugs3m.rb 12282 2011-04-08 15:48:53Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
dotDefender 4.02 Authentication Bypass Vulnerability
No description provided by source. dotDefender is prone to a XSS because it doesn't satinate the input vars correctly. Injecting obfusctated JavaScript code based on references vars assignment, the dotDefender WAF is vulnerable. Class: Input Validation Error Remote: Yes Credit: David K. SH4V...
Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...
Microburst uDirectory 2.0 - Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2884/info uDirectory is an online directory and listing management system. An input validation error exists in uDirectory that may allow remote users to execute arbitrary commands on a host running the software...
HolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12789/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This is due an input validation error that allows users to submit voting data to an attacker-specified file. It ha...
Py-Membres 4.x Pass_done.PHP Remote SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8500/info A vulnerability has been reported for Py-Membres that allows remote attackers to modify the logic of SQL queries. It has been reported that an input validation error exists in the passdone.php file included with...
Rit Research Labs TinyWeb 1.9.2 Unauthorized Script Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10445/info TinyWeb Server is affected by an unauthorized script disclosure vulnerability. This issue is due to an input validation error that allows malicious users to bypass standard web server rules. This issue will all...
Merak Mail Server 8.2.4 r Arbitrary File Deletion Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14988/info Merak Mail Server is affected by an arbitrary file deletion vulnerability. This issue arises due to an input validation error allowing an attacker to delete files in the context of the Web server running the...
MS HyperV Persistent DoS Vulnerability
No description provided by source. Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ MS HyperV Persistent DoS Vulnerability 1. Advisory Information Title: MS HyperV Persistent DoS Vulnerability Advisory ID: CORE-2011-0203 Advisory URL:...
SSH2 3.0 Short Password Login Vulnerability
source: http://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the password field of the system password...
Mambo Open Source 4.0.14 PollBooth.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL query without proper sanitizati...
phpBB 1.x Page Header Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3167/info An input validation error exists in phpBB, a freely available WWW forums package. The problem is due to improper validation of some variables in phpBB. It is possible for users registered with the phpBB system t...
MS WINS ECommEndDlg Input Validation Error
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ MS WINS ECommEndDlg Input Validation Error 1. Advisory Information Title: MS WINS ECommEndDlg Input Validation Error Advisory ID: CORE-2011-0526 Advisory URL:...
Xpient Cash Drawer Operation Vulnerability
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Xpient Cash Drawer Operation Vulnerability 1. Advisory Information Title: Xpient Cash Drawer Operation Vulnerability Advisory ID: CORE-2013-0517 Advisory URL:...
Confixx 2 DB Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9830/info It has been reported that an input validation error with the potential for use in a SQL injection attack is present in the dbmysqlloeschen2.php script. When a user is requesting the dbmysqlloeschen2.php script,...
PHPNuke 6.0/6.5 Forum Module Viewforum.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7194/info It has been reported that an input validation error exists in the 'viewforum.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through...
Atmail Webmail < 6.5.0 'DOM processor' XSS
According to its version, the Atmail Webmail install on the remote host is a version prior to 6.5.0. It is, therefore, potentially affected by an input validation error related to the 'DOM processor' and 'script' tags that could allow cross-site scripting attacks. %NASLMINLEVEL 70300 C Tenable...