1085 matches found
Insanely simple blog - Multiple vulnerabilities
Insanely simple blog version 0.5 and below http://sourceforge.net/projects/insanelysimple2 ISB contains multple vulnerabilities including both XSS, and SQL injection. First off, the search action fails to strip user content for html allowing a user to input tags. Next, anonymous blog entries can...
isb05-sql.txt
Insanely simple blog version 0.5 and below http://sourceforge.net/projects/insanelysimple2 ISB contains multple vulnerabilities including both XSS, and SQL injection. First off, the search action fails to strip user content for html allowing a user to input tags. Next, anonymous blog entries can...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Movable Type MT before 3.34 allow remote attackers to inject arbitrary web script or HTML via comments that have 1 a malformed SGML numeric character reference with a '\0' 0x00 character in a javascript: URI or 2 an attribute in an element that...
CVE-2007-3342
Multiple cross-site scripting XSS vulnerabilities in Movable Type MT before 3.34 allow remote attackers to inject arbitrary web script or HTML via comments that have 1 a malformed SGML numeric character reference with a '\0' 0x00 character in a javascript: URI or 2 an attribute in an element that...
Breakthrough space limitations-vulnerability warning-the black bar safety net
About spaces, there are many alternatives, such as TAB spaces, SQL database//, but I found another alternative, has been published in the hacker manual 2006.7 period, here pick its essence, now! For the SQL statement, we also are accustomed to its spaces, such as select id from name, if no...
SOL2617 - Reverse name resolution vulnerability in SSH - CVE-2003-0386
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...
NuclearBB Alpha 1 - Multiple SQL Injections
source: https://www.securityfocus.com/bid/23555/info NuclearBB is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
security flaw
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...
security flaw
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...
security flaw
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...
security flaw
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...
security flaw
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the keylength variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name befo...
CVE-2007-0233
wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tbid parameter. NOTE: it could b...
CVE-2006-5651
list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to obtain sensitive information via a non-numeric page parameter, which displays the installation path in the resulting error message...
security flaw
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...
CVE-2006-4706
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.1.7 allows remote attackers to inject arbitrary web script or HTML via a url BBCode tag that contains a javascript URI with an SGML numeric character reference and an embedded space, as demonstrated usin...
CVE-2006-3761
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javacript"...
CVE-2006-3761
Cross-site scripting XSS vulnerability in inc/functionspost.php in MyBB aka MyBulletinBoard 1.0 RC2 through 1.1.4 allows remote attackers to inject arbitrary web script or HTML via a javascript URI with an SGML numeric character reference in the url BBCode tag, as demonstrated using "javacript"...
security flaw
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...
security flaw
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and other versions, and GraphicsMagick, allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a numeric format string specifier such as %d in the file name...