3 matches found
CVE-2026-49130
Music Player Daemon MPD before version 0.24.11 contains a CRLF injection vulnerability in the xspfchardata function within the XSPF playlist plugin that allows attackers to embed literal CR/LF bytes in URI fields by supplying a malicious XSPF playlist with XML numeric character references...
SUSE CVE-2006-1905
Multiple format string vulnerabilities in xiTK xitk/main.c in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file...
Social Engine 4.x (Music Plugin) Arbitrary File Upload Vulnerability
No description provided by source. Exploit Title: Social Engine 4.x Music Plugin Arbitrary File Upload Google Dork: inurl:user/auth/forgot Date: 22/12/2010 Author: MyDoom Moroccan Hacker Contact: [email protected] Software Link: http://http://www.socialengine.net Version: Social Engine 4.x...