6 matches found
PT-2026-35257
Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a 6000-byte payload into the Name field and click Register to trigger a denial of service condition...
EUVD-2009-3175
Malware in sbrugna...
Online Voting System SQL Injection Vulnerability
Online Voting System is an online voting system by the individual developer Carlo Montero. A SQL injection vulnerability exists in Online Voting System Project v1.0, which stems from the username parameter in regaction.php that does not validate received characters and is sent to the database...
CVE-2009-3192
Multiple cross-site scripting XSS vulnerabilities in index.php in LinkorCMS 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the searchstr parameter in a search action; or the 2 nikname, 3 realname, 4 homepage, or 5 city parameter in a registration action...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in LinkorCMS 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the searchstr parameter in a search action; or the 2 nikname, 3 realname, 4 homepage, or 5 city parameter in a registration action...
CVE-2009-3192
Multiple cross-site scripting XSS vulnerabilities in index.php in LinkorCMS 1.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the searchstr parameter in a search action; or the 2 nikname, 3 realname, 4 homepage, or 5 city parameter in a registration action...