Joomla! Component com_mygallery - 'cid' SQL Injection

Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied...

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution

Added: 11/20/2009 CVE: CVE-2009-2997 BID: 36638 OSVDB: 58926 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

Expat 2.0.1 UTF-8 Character XML Parsing Remote DOS Vulnerability

Exploit for unknown platform in category dos / poc ============================================================================== Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability ============================================================================== Title:...

Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability

No description provided by source. Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHa...

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat...

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 4 RedHat...

Apache Tomcat URIencoding Directory Traversal (CVE-2007-0450; CVE-2008-2938)

Apache Tomcat is an implementation of the Java Servlet and JavaServer pages technologies. The software provides the servlet container used in development and deployment of Java based web applications. Users access Tomcat applications using web browsers that communicate to the server via the HTTP...

Rhino Software Serv-U FTP Server RNTO Command Directory Traversal (CVE-2008-4501)

Serv-U FTP Server is developed by Rhino Software. It is a widely-used FTP server that includes enterprise-grade features such as SSL support, ODBC and Windows NT/SAM user account management, virtual directories, compression etc. By default configuration, Serv-U FTP Server listens on 21/TCP for...

Gentoo Security Advisory GLSA 200909-06 (amule)

The remote host is missing updates announced in advisory GLSA 200909-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...

Apache Roller 'q' Parameter Cross Site Scripting Vulnerability

This host is running Apache Roller and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbapacherollerxssvulnaug09.nasl 4865 2016-12-28 16:16:43Z teissa $ Apache Roller 'q' Parameter Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009...

Apache Roller 2.x < 4.0.1 XSS Vulnerability

Apache Roller is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:roller...

Preemptive Protection against Sun Solaris sadmind RPC Request Buffer Overflow

A buffer overflow vulnerability was identified in the sadmind service within the Sun Solaris operating system. sadmind is a daemon used to control the servers running Sun Solaris operating system. The vulnerability is due to an input validation error occurring when parsing specially crafted RPC...

httpdx 0.8 - FTP Server DeleteGetCreate DirectoriesFiles

httpdx 0.8 - FTP Server DeleteGetCreate DirectoriesFiles / Httpdx Server FTP v0.8 Remote Arbitrary Directories & files Vulnerability ------------------------------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when...

httpdx <= 0.8 FTP Server Delete/Get/Create Directories/Files Exploit

Exploit for windows platform in category remote exploits ==================================================================== httpdx DELE ../../boot.ini You can get file boot.ini = RETR ../../boot.ini You can creat Directory = MKD ../../poc You can delet Directory = RMD ../../WINDOWS Author:...

httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files

/ Httpdx Server FTP v0.8 Remote Arbitrary Directories & files Vulnerability ------------------------------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when processing FTP requests. This can be exploited to read,...

Apple Safari Multiple Vulnerabilities

The host is running Apple Safari web browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvulnjune09.nasl 5055 2017-01-20 14:08:39Z teissa $ Apple Safari Multiple Vulnerabilities Authors: Sujit Ghosal Copyright: Copyright c 2009 SecPod,...

Apple Safari Multiple Vulnerabilities

Apple Safari web browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...