Design/Logic Flaw

Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify...

CVE-2007-6722

Vidalia bundle before 0.1.2.18, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify...

CVE-2006-4499

CVE-2006-4499 affects ModernBill 5.0.4 and earlier. The root cause is insecure cURL SSL settings (CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST) that do not verify certificates, allowing remote attackers to read network traffic via a MITM. The connected documents confirm the MITM risk and tra...

malicious PHP source injection in phpBB

JCC Security Advisory June 16, 2002 malicious PHP source injection in phpBB Description phpBB is one of popular PHP bulletin board systems. When allowurlfopen = On and registerglobals = On in php.ini, phpBB has vulnerability because install.php contains dangerous codes. So an attacker can include...