1151 matches found
CVE-2008-7123
Static code injection vulnerability in admin/configuration/modifier.php in zKup CMS 2.0 through 2.3 allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte %00 in the login parameter in an ajout action, which bypasses the regular expression check...
CVE-2008-7123
CVE-2008-7123 affects zKup CMS 2.0–2.3. The vulnerability is a static code injection in admin/configuration/modifier.php that allows remote attackers to inject arbitrary PHP code into fichiers/config.php via a null byte (%00) in the login parameter during an ajout action, bypassing the regular ex...
CVE-2008-7068
The dbareplace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service file truncation via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modify or add database entries but does not have...
GnuTLS library certificate spoofing
It's possible to spoof cerificate name with NULL byte; weak MD2-hashed signatures are accepted...
Debian Security Advisory DSA 1852-1 (fetchmail)
The remote host is missing an update to fetchmail announced via advisory DSA 1852-1. OpenVAS Vulnerability Test $Id: deb18521.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1852-1 fetchmail Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Cross site scripting
CA SiteMinder allows remote attackers to bypass cross-site scripting XSS protections for J2EE applications via a request containing a %00 encoded null byte...
PT-2009-5092 · Ca · Ca Siteminder
Name of the Vulnerable Software and Affected Versions: CA SiteMinder affected versions not specified Description: The issue allows remote attackers to bypass cross-site scripting XSS protections for J2EE applications. This is achieved through a request containing a %00 encoded null byte...
apr-util single NULL byte buffer overflow
Off-by-one error in the aprbrigadevprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service application crash via crafted input...
apr-util single NULL byte buffer overflow
Off-by-one error in the aprbrigadevprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service application crash via crafted input...
S-CMS 2.0b3 - Multiple Local File Inclusions
|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! ---------------------------------------------------------------------------------------------- | MULTIPLE LOC...
FreeBSD : apr -- multiple vulnerabilities (eb9212f7-526b-11de-bbf2-001b77d09812)
Secunia reports : Some vulnerabilities have been reported in APR-util, which can be exploited by malicious users and malicious people to cause a DoS Denial of Service. A vulnerability is caused due to an error in the processing of XML files and can be exploited to exhaust all available memory via...
Webboard <= v.2.90 beta Remote File Disclosure Vulnerability
No description provided by source. Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There...
Webboard 2.90 Beta File Disclosure
Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There are 3 vulnerable calls to fopen in...
Design/Logic Flaw
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as...
CVE-2009-1537
Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted QuickTime media file, as...
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends...
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There are 3 vulnerable calls to fopen in...
Zubrag Smart File Download 1.3 Arbitrary File Download Vulnerability
No description provided by source. --------------------------------------------------- "File Download 1.3" Remote File Download Exploit. --------------------------------------------------- By :Aodrulez. Email :[email protected] Blog :aodrulez.blogspot.com...
Zubrag Smart File Download 1.3 - Arbitrary File Download
Zubrag Smart File Download 1.3 - Arbitrary File Download --------------------------------------------------- "File Download 1.3" Remote File Download Exploit. --------------------------------------------------- By :Aodrulez. Email :[email protected] Blog :aodrulez.blogspot.com...
Zubrag Smart File Download 1.3 - Arbitrary File Download
--------------------------------------------------- "File Download 1.3" Remote File Download Exploit. --------------------------------------------------- By :Aodrulez. Email :[email protected] Blog :aodrulez.blogspot.com. --------------------------------------------------- Script Name:File...