Webmin < 1.550 XSS Vulnerability (Mar 2018) - Windows

Webmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:webmin:webmin"; if...

CommunityPortals 1.0 Bug.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20466/info CommunityPortals is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in the...

MySQL 3.23.x mysqld Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7052/info A vulnerability has been discovered for MySQL that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line...

OTRS Multiple XSS Vulnerabilities (OSA-2011-01)

Open Ticket Request System OTRS is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

ProArcadeScript - &#039;search.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/39749/info ProArcadeScript is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

Sendmail 8.12.x - &#039;X-header&#039; Remote Heap Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/34944/info Sendmail is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to an insufficiently sized buffer. Successfully exploiting this issue may allow an attacker to...

NewsCMSLite - Insecure Cookie Authentication Bypass

NewsCMSLite - Insecure Cookie Authentication Bypass source: https://www.securityfocus.com/bid/33467/info NewsCMSLite is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication. Attackers can exploit this...

Cisco User-Changeable Password (UCP) 3.3.4.12.5 - CSuserCGI.exe Multiple Remote Vulnerabilities

Cisco User-Changeable Password UCP 3.3.4.12.5 - CSuserCGI.exe Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/28222/info Cisco User-Changeable Password UCP is prone to multiple remote vulnerabilities, including cross-site scripting and buffer-overflow vulnerabilities...

PHPbasic basicFramework 1.0 - &#039;Includes.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/26194/info basicFramework is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are...

PHPAccounts 0.5 - &#039;index.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/24572/info PHP Accounts is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. PHP Accounts 0.5 is vulnerable;...

Chucky A. Ivey N.T. 1.1 - index.php Multiple HTML Injection Vulnerabilities

Chucky A. Ivey N.T. 1.1 - index.php Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/17387/info N.T. is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically generated...