925 matches found
UBUNTU-CVE-2017-0372
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities...
DEBIAN-CVE-2017-0372
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities...
AbiWord Parameter Injection Vulnerability
AbiWord is a free word processing program similar to Microsoft Word for a variety of word processing tasks. A security vulnerability exists in the af/util/xp/utgofile.cpp file in AbiWord version 3.0.2-2, which originates from the program not validating strings before starting the program. A remot...
Bernard Parisse Giac Parameter Injection Vulnerability
Bernard Parisse Giac is an open source computer algebra system written in C++ for Windows, Mac OS X, Unix and Linux. A security vulnerability exists in the Input.cc file in Bernard Parisse Giac version 1.2.3.57, which originates from the program failing to validate strings before starting the...
PasDoc Parameter Injection Vulnerability
PasDoc is a set of open source Pascal and Object Pascal source code documentation generation tools . A security vulnerability exists in the delphigui/WWWBrowserRunnerDM.pas file in PasDoc version 0.14, which originates from the program not validating strings before starting the program. A remote...
Geomview Parameter Injection Vulnerability
Geomview is an interactive 3D graphics viewing program for Unix-like systems. The program supports the use of the mouse to rotate, zoom in or out of graphics, and more. A security vulnerability exists in the common/help.c file in Geomview version 1.9.5, which originates from the program not...
ScummVM Parameter Injection Vulnerability
ScummVM is a graphics engine for point-and-click adventure games. A security vulnerability exists in the backends/platform/sdl/posix/posix.cpp file in ScummVM version 1.9.0, which originates from a program that does not validate strings before starting the program. A remote attacker could exploit...
KildClient Parameter Injection Vulnerability
KildClient is a MUD client written in GTK+ Window Toolkit. A parameter injection vulnerability exists in KildClient 3.1.0. The vulnerability arises because KildClient does not validate strings before starting a program specified by the BROWSER environment variable. A remote attacker can exploit...
nip2 Parameter Injection Vulnerability
nip2 is a GUI for the VIPS image processing library. A parameter injection vulnerability exists in nip2 8.4.0. The vulnerability arises because boxes.c in nip2 does not validate strings before starting a program specified by the BROWSER environment variable. A remote attacker could exploit this...
Reddit Terminal Viewer (RTV) Parameter Injection Vulnerability
Reddit Terminal Viewer RTV is a simple terminal viewer for Reddit. A parameter injection vulnerability exists in Reddit Terminal Viewer RTV 1.19.0. The vulnerability arises because scripts/inspectwebbrowser.py in RTV does not validate strings before launching a program specified by the BROWSER...
FontForge uiutil.c file injection vulnerability
FontForge is an open source font editing tool that supports multiple languages. A security vulnerability exists in the uiutil.c file in FontForge 20170731 and earlier versions, which stems from the program failing to validate strings before starting the program. A remote attacker can exploit the...
SWI-Prolog library/www_browser.pl file injection vulnerability
SWI-Prolog is a fee-compliant compiler for the Prolog language. A security vulnerability exists in the library/wwwbrowser.pl file in SWI-Prolog version 7.2.3, which stems from the program failing to validate strings before starting the program. A remote attacker can exploit the vulnerability to...
Sylpheed libsylph/utils.c File Injection Vulnerability
Sylpheed is a lightweight email client using GTK+ Graphical Interface Creation Kit. A security vulnerability exists in the libsylph/utils.c file in Sylpheed 3.6 and earlier versions, which stems from the program failing to validate strings before starting the program. A remote attacker can exploi...
CVE-2017-17511
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c...
Sql injection
FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php florig or fldest parameter...
sensible-utils sensible-browser injection vulnerability
sensible-utils is a toolkit for analyzing and launching appropriate browsers, editors and pagers. sensible-browser is one of the browser selection tools. A security vulnerability exists in sensible-browser in versions of sensible-utils prior to 0.0.11, which stems from an undetected string before...
LilyPond lilypond-invoke-editor injection vulnerability
LilyPond is a set of open source audio editing software. lilypond-invoke-editor is one of the tools used to invoke the editor. A security vulnerability exists in lilypond-invoke-editor in LilyPond version 2.19.80, which stems from a failure to detect strings before starting the program. A remote...
Vastal I-Tech Agent Zone - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Vastal I-Tech Agent Zone - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://vastal.com/ Software http://vastal.com/agent-zone-real-estate-script.html Demo: http://agentzone.vastal.com/demo/ Version: N/A Category:...
Basic B2B Script - SQL Injection
Exploit Title: Basic B2B Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.phpscriptsmall.com/ Software Link: http://www.exclusivescript.com/product/nC3F4570353/php-scripts/basic-b2b-script Demo: http://readymadeb2bscript.com/product/entrepreneur/ Version: N/A Category...
Job Board Script - 'nice_theme' SQL Injection
Exploit Title: Job Board Script - SQL Injection Dork: N/A Date: 30.10.2017 Vendor Homepage: http://www.nicephpscripts.com/ Software http://www.nicephpscripts.com/jobboardscript.htm Demo: http://www.nicephpscripts.com/scripts/faqscript/ Version: N/A Category: Webapps Tested on: WiN7x64/KaLiLinuXx6...