3278 matches found
Sql injections in e107 [Admin section]
Hi, There is a sql injection in SMF 1.1 RC3, in admin section : When an administrator is going to add a new board, the "curcat" parameter is not checked properly : File /Sources/ManageBoards.php, Line 609 : :: // Create a new board... :: if isset$POST'add' :: :: // New boards by default go to the...
Sql injections in e107 [Admin section]
Hi, There are several sql injections in e107 0.7.5 admin section : I The "linkopentype", "linkrender" and "linkclass" parameters are passed to "dbInsert" function without checking : File /e107admin/links.php, Line 496 : $sql-dbInsert"links", "0, '$linkname', '$linkurl', '$linkdescription',...
GDB GNU debugger buffer overflow
Buffer overflow on DWARF section parsing...
dragonflyCMS.txt
HeLiOsZ - Dark End Team - Internet Security Team Dragonfly CMS 9.0.6.1 and prior XSS IRC: darkend.sytes.net darkend , http://darkend.sytes.net & http://www.darkend.org Rish : Medium Type : web applet Creator: http://www.cpgnuke.com/ Exploit: - The vuln is in the search section,it don't validate t...
mambo -- multiple SQL injection vulnerabilities
James Bercegay reports: Mambo is vulnerable to an Authentication Bypass issue that is due to an SQL Injection in the login function. The SQL Injection is possible because the $passwd variable is only sanitized when it is not passed as an argument to the function. Omid reports: There are several s...
CVE-2006-4091
Multiple cross-site scripting XSS vulnerabilities in Archangel Management Archangel Weblog 0.90.02 allow remote attackers to inject arbitrary web script or HTML via the 1 Name or 2 Comment section...
CVE-2006-4048
Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the administrator. NOTE: the provenance of this information is unknown; the details are obtained from thi...
CVE-2006-4048
Netious CMS 0.4 initializes session IDs based on the client IP address, which allows remote attackers to gain access to the administration section when originating from the same IP address as the administrator. NOTE: the provenance of this information is unknown; the details are obtained from thi...
CVE-2006-4025
SQL injection vulnerability in profile.php in XennoBB 2.1.0 and earlier allows remote authenticated users to execute arbitrary SQL commands via the 1 bdayday, 2 bdaymonth, and 3 bdayyear parameters in the personal section...
CVE-2006-3583
Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web sessions via a crafted link and the administrator section...
simplog 0.9.3 and prior XSS
HeLiOsZ - Dark End Team - Internet Security Team simplog 0.9.3 and prior XSS IRC: darkend.sytes.net darkend , http://darkend.sytes.net & http://www.darkend.org Rish : Medium Type : web applet Creator: http://www.simplog.org/ Exploit: - The vuln is in the search section,it don't validate the imput...
security flaw
Integer overflow in the Binary File Descriptor BFD library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer...
linux/x86 - re-use of /bin/sh string in .rodata shellcode 16 bytes
linux/x86 re-use of /bin/sh string in .rodata shellcode 16 bytes. Shellcode exploit for linx86 platform / $Id: reusage-linux.c,v 1.3 2004/01/30 20:08:46 raptor Exp $ reusage-linux.c - re-use of "/bin/sh" string in .rodata Copyright c 2003 Marco Ivaldi Short local shellcode for /bin/sh execve. It...
Authentication flaw
Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to editmember and the value parameter to 1...
CVE-2006-2527
Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to editmember and the value parameter to 1...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in PHPKB Knowledge Base allows remote attackers to inject arbitrary web script or HTML via the searchkeyword parameter. NOTE: the issue was originally disputed by the vendor, but on 20060519, the vendor notified CVE that "We have fixed all the...
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow
IHS Iran Homeland Security Public advisory by : c0d3r "Kaveh Razavi" [email protected] Title : Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow information : Quick 'n Easy FTP Server is a simple and handy FTP server which is developed by Pablo van der Meer . there is a unicode...
Design/Logic Flaw
The elfloadfile function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service kernel crash via an ELF interpreter that does not have a PTLOAD section in its header, which triggers a null dereference...
CVE-2006-1589
The elfloadfile function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service kernel crash via an ELF interpreter that does not have a PTLOAD section in its header, which triggers a null dereference...
CVE-2006-1589
The elfloadfile function in NetBSD 2.0 through 3.0 allows local users to cause a denial of service kernel crash via an ELF interpreter that does not have a PTLOAD section in its header, which triggers a null dereference...