1237 matches found
[eVuln] Light Weight Calendar PHP Code Execution
New eVuln Advisory: Light Weight Calendar PHP Code Execution http://evuln.com/vulns/29/summary.html --------------------Summary---------------- Software: Light Weight Calendar Sowtware's Web Site: http://sourceforge.net/projects/lwcal/ Versions: 1.0 Critical Level: Dangerous Type: PHP Code...
Sql injection
Eval injection vulnerability in Light Weight Calendar LWC 1.0 20040909 and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php...
EUVD-2006-0214
Eval injection vulnerability in Light Weight Calendar LWC 1.0 20040909 and earlier allows remote attackers to execute arbitrary PHP code via the date parameter in cal.php, which is included by index.php...
[SA18450] Light Weight Calendar "date" PHP Code Execution Vulnerability
TITLE: Light Weight Calendar "date" PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA18450 VERIFY ADVISORY: http://secunia.com/advisories/18450/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Light Weight Calendar 1.x http://secunia.com/product/6810/...
fipsCMS light - vulnerable to script injection.
fipsCMS lights is a freeware product of fipsasp.com. If you log on as admin, you can generate new pages in the CMS system. If you inject the "headline" field with scriptingcode like scriptalert‘code executed’/script, this will automaticly launch when a users visits that site. Please credit to:...
Large traffic network of the classic the invasion of technology-vulnerability warning-the black bar safety net
【Introduction】 According to legend, in the magical world of the Internet, there is a group of habits a nocturnal person, their freedom, against a fee, the same belief is shared in that group of people's eyes, all living beings are equal, there is no strong unbreakable walls, they just--hacker!...
CVE-2005-0805
SQL injection vulnerability in index.php in Subdreamer Light, when magicquotesgpc is enabled, allows remote attackers to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not properly handled by...
subdreamerSQL.txt
//==========================================// \ GHC - Subdreamer - ADVISORY // Product: Subdreamer \ Version: Subdreamer Light // URL: www.subdreamer.com \ VULNERABILITY CLASS: SQL injection //==========================================// Product Description "Powered by PHP and MySQL, Subdreamer...
CVE-2005-0805
SQL injection vulnerability in index.php in Subdreamer Light, when magicquotesgpc is enabled, allows remote attackers to execute arbitrary SQL commands via certain parameters that are used as global variables, as demonstrated using the imageid parameter, which is not properly handled by...
CVE-2005-0805
The CVE-2005-0805 entry describes a SQL injection in Subdreamer Light’s index.php when magic_quotes_gpc is enabled. The vulnerability allows remote attackers to run arbitrary SQL via parameters treated as global variables, demonstrated via the imageid parameter that imagegallery.php fails to sani...
possible SQL injection in Subdreamer
//==========================================// GHC - Subdreamer - ADVISORY // Product: Subdreamer Version: Subdreamer Light // URL: www.subdreamer.com VULNERABILITY CLASS: SQL injection //==========================================// Product Description "Powered by PHP and MySQL, Subdreamer provid...
Subdreamer 1.0 - SQL Injection
Subdreamer 1.0 - SQL Injection source: https://www.securityfocus.com/bid/12839/info Subdreamer is prone to an SQL injection vulnerability. Because of this, a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or th...
Subdreamer 1.0 - SQL Injection
source: https://www.securityfocus.com/bid/12839/info Subdreamer is prone to an SQL injection vulnerability. Because of this, a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. Subdreamer Light is...
CVE-2004-2287
Directory traversal vulnerability in explorer.php in DSM Light Web File Browser 2.0 allows remote attackers to read arbitrary files via .. dot dot in the wdir parameter...
CVE-2004-1459
Cisco Secure Access Control Server ACS 3.2, when configured as a Light Extensible Authentication Protocol LEAP RADIUS proxy, allows remote attackers to cause a denial of service device crash via certain LEAP authentication requests...
Debian DSA-156-1 : epic4-script-light - arbitrary script execution
All versions of the EPIC script Light prior to 2.7.30p5 on the 2.7 branch and prior to 2.8pre10 on the 2.8 branch running on any platform are vulnerable to a remotely-exploitable bug, which can lead to nearly arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
CVE-2002-1549
Buffer overflow in Light HTTPd lhttpd 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request...
CVE-2002-1549
CVE-2002-1549 concerns Light HTTPD (lhttpd) 0.1, where a buffer overflow in processing a long HTTP GET request can allow remote code execution. The issue is tied to the lhttpd 0.1 HTTP server and is documented across multiple sources in the connected set, including CVE records and OpenVAS entries...
dsm light Web file browser 2.0 - Directory Traversal
dsm light Web file browser 2.0 - Directory Traversal source: https://www.securityfocus.com/bid/10381/info DSM Light has been reported to be prone to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI input. This issue woul...
eudora61.pl
Eudora 6.1 on Windows is evil - have tested "Light Mode" free only so far, do not know if "Sponsored Mode" or "Paid Mode" would be any different. Do not use: stay away from Eudora, or maybe use version 6.0.3. --- Attachment spoof, LaunchProtect:...