Novell Groupwise 2014 < 2014 SP1 File Access Vulnerability - Active Check

Novell Groupwise is prone to an arbitrary file access vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Baidu Spark Browser Denial of Service Vulnerability -01 (Aug 2014) - Windows

Baidu Spark Browser is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apple Safari Multiple Memory Corruption Vulnerabilities-02 (Aug 2014) - Mac OS X

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

VMTurbo Operations Manager '/cgi-bin/vmtadmin.cgi' RCE Vulnerability

VMTurbo Operations Manager is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress dsIDXpress IDX Plugin Cross Site Scripting Vulnerability

WordPress dsIDXpress IDX Plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Plugin FB Gorilla - &#039;game_play.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/69222/info FB Gorilla plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent...

Juniper Networks Junos OS NAT Protocol Translation Denial of Service Vulnerability

DoS in NAT Protocol Translation SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if description...

phpCMS 1.1.7 include/class.cache_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

ImgSvr 0.6 Template Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24853/info ImgSvr is prone to a local file-include vulnerability because it fails to sanitize user-supplied input. Attackers may exploit this issue to access files that may contain sensitive information. UPDATE December 2...

QPopper 4.0.x PopAuth Trace File Shell Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3710/info Qpopper is a freely available, open source Post Office Protocol server. It is maintained and distributed by Qualcomm. When popauth is executed with the trace option, it does not correctly handle user-supplied...

OmniHTTPd 1.1/2.0.x/2.4 test.shtml Sample Application XSS

No description provided by source. source: http://www.securityfocus.com/bid/5568/info Cross site scripting vulnerabilities have been reported in multiple sample scripts including with OmniHTTPD. In particular, test.shtml and test.php contain errors. This type of vulnerability may be used to steal...

Bloq 0.5.4 rss2.php page[path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20512/info Bloq is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to compromise the application and the...

HappyMall E-Commerce Software 4.3/4.4 Normal_HTML.CGI Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7529/info It has been reported that a problem in the HappyMall E-Commerce software package could allow an attacker to pass arbitrary commands through the normalhtml.cgi script. This could lead to attacks against system...

Microsoft Windows 2000 Remote CPU-overload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1415/info Sending a stream of binary zeros to any one of a number of Windows 2000 ports can cause 100% CPU utilization. The ports that were found vulnerable include TCP ports 7, 9, 21, 23, 7778 and UDP ports 53, 67, 68,...

SiteEnable 3.3 Login.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

CarLine Forum Russian Board 4.2 line.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...

PowerPortal 1.1/1.3 index.php search Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16279/info PowerPortal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to hav...

ActiveWeb Contentserver 5.6.2929 Picture_Real_Edit.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24894/info activeWeb contentserver is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

Flip 3.0 'config.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30312/info Flip is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the webserve...

Clever Copy 3.0 - 'postview.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28437/info Clever Copy is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...