Sql injection

SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...

CVE-2008-2762

SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...

CVE-2008-2759

Multiple cross-site scripting XSS vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 showfields, 2 text, and 3 submissions parameters to search.asp and the 4 name parameter to users.asp. NOTE: some of these details are...

CVE-2008-2762

SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...

CVE-2008-2759

Multiple cross-site scripting XSS vulnerabilities in Xigla Absolute Form Processor XE 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 showfields, 2 text, and 3 submissions parameters to search.asp and the 4 name parameter to users.asp. NOTE: some of these details are...

CVE-2008-2762

SQL injection vulnerability in search.asp in Xigla Absolute Form Processor XE 4.0 allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter...

CVE-2008-2762

The CVE-2008-2762 entry describes a SQL injection in the search.asp component of Xigla Absolute Form Processor XE 4.0. The vulnerability allows remote authenticated administrators to execute arbitrary SQL commands via the orderby parameter, indicating a server-side input handling flaw in the sear...

CVE-2008-2759

The CVE-2008-2759 entry concerns the Xigla Absolute Form Processor XE 4.0, with multiple XSS vulnerabilities. The issue affects parameters in search.asp (showfields, text, submissions) and users.asp (name), enabling remote attackers to inject arbitrary web script or HTML. The description does not...

Stack overflow

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

[SECURITY] Fedora 7 Update: openoffice.org-2.3.0-6.9.fc7

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

[SECURITY] Fedora 9 Update: openoffice.org-2.4.1-17.3.fc9

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

absolute-screwups.txt

www.BugReport.ir AmnPardaz Security Research Team Title: Xigla Multiple Products - Multiple Vulnerabilities Vendor: http://www.xigla.com/ Exploit: N/A Impact: Medium Fix: N/A Original Advisory: http://bugreport.ir/index.php?/41 1. Description: Xigla company has several web based products From...

Debian: Security Advisory (DSA-1575-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

tomcat DoS

Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service CPU consumption via a large number of simultaneous requests to list a web directory that has a large number of files...

DSA-1575-1 linux-2.6 - denial of service

Bulletin has no description...

OllyDBG DoS

Invalid processing of processor bits leads to traced application crash...

adv94-K-159-2008.txt

ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni...

Memory corruption

Unspecified vulnerability in the Supervisor Engine 32 Sup32, Supervisor Engine 720 Sup720, and Route Switch Processor 720 RSP720 for multiple Cisco products, when using Multi Protocol Label Switching MPLS VPN and OSPF sham-link, allows remote attackers to cause a denial of service blocked queue,...