CVE-2005-0955

SQL injection vulnerability in InterAKT MX Shop 1.1.1 allows remote attackers to execute arbitrary SQL commands via the idctg parameter...

CVE-2005-0956

Multiple SQL injection vulnerabilities in index.php in InterAKT MX Kart 1.1.2 allow remote attackers to execute arbitrary SQL commands via the 1 idp, 2 idctg, or 3 idman parameter...

MX Shop 1.1.1 and MX Kart 1.1.2 are vulnerable to multiple SQL injection vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory http://icis.digitalparadox.org/dcrab http://www.hackerscenter.com/ Severity: Medium Title: MX Shop 1.1.1 and MX Kart 1.1.2 are vulnerable to multiple SQL injection vulnerabilities Date: 1/04/2005 Vendor: InterAKT Vendor...

security flaw

Postfix 2.1.3, when /proc/net/ifinet6 is not available and permitmxbackup is enabled in smtpdrecipientrestrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname...

CVE-2004-2505

Macromedia ColdFusion MX before 6.1 does not restrict the size of error messages, which allows remote attackers to cause a denial of service memory consumption and crash by sending repeated GET or POST requests that trigger error messages that use long strings of data...

CVE-2004-2330

ColdFusion MX 6.1 and 6.1 J2EE allows remote attackers to cause a denial of service via an HTTP request containing a large number of form fields...

CVE-2004-1893

Dreamweaver MX, when "Using Driver On Testing Server" or "Using DSN on Testing Server" is selected, uploads the mmhttpdb.asp script to the web site but does not require authentication, which allows remote attackers to obtain sensitive information and possibly execute arbitrary SQL commands via a...

PT-2004-3225 · Adobe · Coldfusion Mx

Name of the Vulnerable Software and Affected Versions: ColdFusion MX versions 6.1 and 6.1 J2EE Description: The issue allows local users to bypass sandbox security restrictions and obtain sensitive information. This is achieved by using Java reflection methods to access trusted Java objects witho...

coldfusionmx61.txt

Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...

Macromedia ColdFusion MX 6.1 - Template Handling Privilege Escalation

Macromedia ColdFusion MX 6.1 - Template Handling Privilege Escalation source: https://www.securityfocus.com/bid/11316/info Reportedly Macromedia ColdFusion MX is affected by privilege escalation vulnerability when handling templates. This issue is due to an access validation error that allows a...

CFMX vulnerability

Software: Macromedia ColdFusion MX 6.1 Description: There is a vulnerability in the ColdFusion MX 6.1 product. To exploit this, a user needs access to create a cold fusion template on a ColdFusion server with CreateObject or cfobject tags enabled. The code given below writes a java class to the...

[SA12647] ColdFusion MX Sensitive Information Disclosure and Denial of Service

TITLE: ColdFusion MX Sensitive Information Disclosure and Denial of Service SECUNIA ADVISORY ID: SA12647 VERIFY ADVISORY: http://secunia.com/advisories/12647/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information, DoS WHERE: From remote SOFTWARE: Macromedia ColdFusion MX 6.x...

MailEnable SMTP Connector Service DNS MX Response DoS

According to its banner, the remote host is running at least one instance of MailEnable's SMTP Connector service. A flaw exists in both the Standard Edition 1.7x and Professional Edition 1.2x/1.5a-e that results in this service crashing if it receives a DNS response with over 100 MX records. A...

CVE-2004-0407

The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service disk consumption by repeatedly uploading files and interrupting the uploads before they finish...

Network Intelligence Advisory - Denial of Service Vulnerability in ColdFusion MX

Name: Denial of Service Vulnerability in ColdFusion MX Systems Affected: Version 6.0 and earlier Severity: Medium-High Category: Denial of Service Vendor URL: Macromedia ColdFusion MX Discovered by: Network Intelligence I Pvt. Ltd. www.nii.co.in Online location: http://www.nii.co.in/vuln/cfdos.ht...

ColdFusion MX file uploading and error messages memory leak

Memory leak on terminated file upload and oversized error message...

CVE-2004-0407

The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is interrupted, which allows remote attackers to cause a denial of service disk consumption by repeatedly uploading files and interrupting the uploads before they finish...

Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service

Macromedia ColdFusion MX 6.0 - Oversized Error Message Denial of Service source: https://www.securityfocus.com/bid/10163/info A denial of service vulnerability has been reported in Macromedia ColdFusion MX that is reported to occur when the software attempts to write oversized error messages. The...

MPSB04-06 - Security Patch available for ColdFusion MX 6.1 File Upload Denial of service

IMPORTANT: A security issue that may affect ColdFusion MX 6.1 customers has come to our attention recently. To learn about this new issue and what actions you can take to address it, please visit the Macromedia Security Zone: http://www.macromedia.com/security MPSB04-06 - Security Patch available...

CVE-2004-1815

Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service memory consumption...