6308 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 modulekey parameter to a kb/kb.php, b quiz/runquiz.php, c quiz/quiz.php, d forum/forum.php, e forum/byname.php, and f journal/journalview.php in modules...
ProFTPD authentication bypass
There is no check data used for authentication is retrieved by the same authentication module if multiple authentication modules are configured...
CentOS 3 : pam (CESA-2007:0465)
Updated pam packages that resolves several bugs and security flaws are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system whereby administrators ca...
[SECURITY] Fedora Core 6 Update: pam-0.99.6.2-3.22.fc6
PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...
Moderate: Red Hat Security Advisory: pam security and bug fix update
Updated pam packages that resolves several bugs and security flaws are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system whereby administrators ca...
CVE-2007-2891
Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bankdataroot parameter to modules/bank/includes/design/main.inc.php, or the 2 fmdataroot parameter to a includes/config/master.inc.php or b...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bankdataroot parameter to modules/bank/includes/design/main.inc.php, or the 2 fmdataroot parameter to a includes/config/master.inc.php or b...
Sql injection
Multiple SQL injection vulnerabilities in modules/admin/modules/gallery.php in PHPEcho CMS 2.0-rc1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter and possibly other parameters. NOTE: some of these details are obtained from third party information...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
PT-2007-4082
Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description The issue allows remote attackers to determine the existence of certain user accounts. This is possible when OpenSSH is using OPIE One-Time Passwords in Everything for PAM. The system display...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to inject arbitrary web script or HTML via 1 the formmail parameter to contact/contact/index.php; the 2 formmods or 3 formsearchterm parameter to search/list/actionsearch/index.php; 4 the id parameter to...
miniwebshop2-xss.txt
-=--------------------ADVISORY-------------------=- Mini Web Shop V.2 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Mini Web Shop -=+ Version: 2 -=+ Vendor's URL: http://obiewebsite.sourceforge.net/o.php?MiniWebShop -=+ Platform:...
PMECMS 1.0 - config[pathMod] Remote File Inclusion
PMECMS = 1.0 Multiple Remote File Inclusion Vulnerabilities D.Script: http://www.pmecms.com/export/maj/PMECMSStandardos1.0.zip Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Exploit:Path/mod/image/index.php?configpathMod=Shell Exploit:Path/mod/liens/index.php?configpathMod=Shell...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in FireFly 1.1.01 allow remote attackers to execute arbitrary PHP code via a URL in the docroot parameter to 1 localize.php or 2 config.php in modules/admin/include/...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Modules Builder modbuild 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the pathdocroot parameter to 1 config-bak.php or 2 config.php. NOTE: CVE disputes this vulnerability because the unmodified...
CVE-2007-2422
Multiple PHP remote file inclusion vulnerabilities in Modules Builder modbuild 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the pathdocroot parameter to 1 config-bak.php or 2 config.php. NOTE: CVE disputes this vulnerability because the unmodified...
CVE-2007-2422
Multiple PHP remote file inclusion vulnerabilities in Modules Builder modbuild 4.1 for Comdev One Admin allow remote attackers to execute arbitrary PHP code via a URL in the pathdocroot parameter to 1 config-bak.php or 2 config.php. NOTE: CVE disputes this vulnerability because the unmodified...