Easy Chat Server 安全漏洞

Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server has a security vulnerability that causes a denial-of-service attack. This vulnerability could allow remote attackers to cause the application to crash by sending excessively large dat...

CVE-2019-20896

WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...

EUVD-2006-3330

Malware in sbrugna...

Huawei 多款产品缓冲区错误漏洞

The Huawei CloudEngine 12800 is a 12800 series data center switch, and the Huawei Cloudengine 5800 is a 5800 series data center switch. Buffer overflow vulnerability exists in several Huawei products. The vulnerability stems from insufficient validation of certain parameters in messages, which ca...

CVE-2021-44228 Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message...

PT-2021-5169

Name of the Vulnerable Software and Affected Versions Apache Log4j2 versions 2.0-beta9 through 2.15.0 Apache Log4j2 version 2.16.0 and later are not affected, as the vulnerable functionality has been completely removed. Description The vulnerability in Apache Log4j2 is related to the JNDI feature...

FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection

Exploit Title: FS Olx Clone 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/olx-clone/ Demo: http://olx-clone.demonstration.co.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in gb.cgi in MRCGIGUY MCG Guestbook 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, 3 website, and 4 message parameters...

CVE-2008-6359

Cross-site scripting XSS vulnerability in index.php in Max's Guestbook allows remote attackers to inject arbitrary web script or HTML via the 1 name, 2 email, and 3 message parameters...

CVE-2007-1304

Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook 23.11.2006, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 country, 3 email, 4 website, and 5 message parameters...

CVE-2007-1304

Multiple SQL injection vulnerabilities in add2.php in Sava's Guestbook 23.11.2006, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 name, 2 country, 3 email, 4 website, and 5 message parameters...