4502 matches found
FreeBSD : drupal -- multiple vulnerabilities (faca0843-6281-11da-8630-00123ffe8333)
Secunia reports : Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions, and conduct script insertion and HTTP response splitting attacks. 1 An input validation error in the filtering of HTML code can be exploited to...
[SA19844] WinAgents TFTP Server Directory Traversal Vulnerability
TITLE: WinAgents TFTP Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19844 VERIFY ADVISORY: http://secunia.com/advisories/19844/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From local network SOFTWARE: WinAgents TFTP Server 3.x...
[SA19868] Linux Kernel CIFS chroot Directory Traversal Vulnerability
TITLE: Linux Kernel CIFS chroot Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19868 VERIFY ADVISORY: http://secunia.com/advisories/19868/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/ DESCRIPTIO...
[SA19869] Linux Kernel SMBFS chroot Directory Traversal Vulnerability
TITLE: Linux Kernel SMBFS chroot Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA19869 VERIFY ADVISORY: http://secunia.com/advisories/19869/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: Local system OPERATING SYSTEM: Linux Kernel 2.6.x http://secunia.com/product/2719/...
Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites
Software : Scry Gallery WebSite :http://scry.org/ discovred by :Moroccan Security Team + Directory Traversal : A remote attacker may employ directory traversal strings '../' to access arbitrary files outside of the webroot directory. This flaw is due to an input validation error in the "index.php...
MonsterTopList- Remote Code Execution bug
MonsterTopList- Remote Code Execution bug discovered By: VietMafia ================================= Developer site: http://www.monstertoplist.com/ Software: MTL 1.4 and prior Risk: Moderate Status: unpatched orginal advisory:http://pridels.blogspot.com/2006/04/monstertoplist.html...
mediaslashInclude.txt
author: Moroccan Security Team Vendor: www.MediaSlash.com Vendor Contacted greetz to : Moroccan Security Team CiM-TeaM and All Freinds Google : Powered by MediaSlash.com Details: MediaSlash Galleryis is vulnerable to remote URL inclusion vulnerability This flaw is due to an input validation error...
[SA19453] v-creator VCEngine.php Shell Command Injection Vulnerability
TITLE: v-creator VCEngine.php Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA19453 VERIFY ADVISORY: http://secunia.com/advisories/19453/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: v-creator 1.x http://secunia.com/product/9080/ DESCRIPTION: A...
CORE-2006-0124: Cross-Site Scripting in Verisign’s haydn.exe CGI script
Core Security Technologies - Corelabs Advisory http://www.coresecurity.com/corelabs/ Cross-Site Scripting in Verisign’s haydn.exe CGI script Date Published: 2006-03-20 Last Update: 2006-03-20 Advisory ID: CORE-2006-0124 Bugtraq ID: None currently assigned CVE Name: None currently assigned Title:...
Cross-Site Scripting in Verisign’s haydn.exe CGI script
Date Published: 2006-03-20 Last Update: 2006-03-20 Advisory ID: CORE-2006-0124 Bugtraq ID: 17170 CVE Name: CVE-2006-1344 Title: Cross-Site Scripting in Verisign’s haydn.exe CGI script Class: Input Validation Error Remotely Exploitable: Yes Locally Exploitable: No Advisory...
HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution
HiveMail 1.2.21.3 - addressbook.update.php?contactgroupid Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL...
HiveMail 1.2.21.3 - folders.update.php?folderid Arbitrary PHP Command Execution
HiveMail 1.2.21.3 - folders.update.php?folderid Arbitrary PHP Command Execution source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection...
HiveMail 1.2.21.3 - index.php $_SERVER[PHP_SELF] Cross-Site Scripting
HiveMail 1.2.21.3 - index.php $SERVERPHPSELF Cross-Site Scripting source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP...
HiveMail 1.2.2/1.3 - 'addressbook.update.php?contactgroupid' Arbitrary PHP Command Execution
source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result of an input-validation error that...
HiveMail 1.2.2/1.3 - 'folders.update.php?folderid' Arbitrary PHP Command Execution
source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result of an input-validation error that...
HiveMail 1.2.2/1.3 - 'index.php' $_SERVER['PHP_SELF'] Cross-Site Scripting
source: https://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result of an input-validation error that...
[SA18480] E-Post Mail Server Products Multiple Vulnerabilities
TITLE: E-Post Mail Server Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18480 VERIFY ADVISORY: http://secunia.com/advisories/18480/ CRITICAL: Highly critical IMPACT: Security Bypass, Exposure of system information, DoS, System access WHERE: From remote SOFTWARE: E-Post Mail Server 4.x...
[VulnWatch] iDefense Security Advisory 01.23.06: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability
Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability iDefense Security Advisory 01.23.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376 January 23, 2006 I. BACKGROUND iTechnology is an integration technology which provides standard...
perl-cal-29920.txt
------=Part1714122617522.1134045408185 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Vendor: Perl-Cal Version tested: Perl-Cal 2.99.20 , other versions may also be affected. Type: Cross Site Scripting Severity: Medium...
rsync path sanitation vulnerability
A vulnerability has been reported in rsync, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...