profitcode software payprocart 3.0 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13006/info ProfitCode Software PayProCart may allow a remote attacker to carry out directory traversal attacks. It is reported that this issue can be exploited by issuing a specially crafted HTTP GET request and supplying...

Phil's Bookmark Script Admin.PHP Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17878/info Phil's Bookmark script is prone to an authentication-bypass vulnerability. The issue occurs because the affected script fails to prompt for authentication credentials. An attacker can exploit this issue to bypa...

cURL 6.1 - 7.4 - Remote Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that cURL...

CPanel 11 Beta Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21287/info cPanel is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

MyBB 1.1.7 - Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19718/info MyBB is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would...

W-Agora 4.0 - moderate_notes.php bn_dir_default Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

Battle.net Clan Script 1.5.x 'index.php' Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30565/info Battle.net Clan Script is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an...

212cafeBoard Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22167/info 212cafeBoard is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

netKar PRO 1.1 - '.nkuser' File Creation NULL Pointer Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39558/info netKar PRO is prone to a remote denial-of-service vulnerability because it fails to adequately sanitize user-supplied input. Exploiting this issue will cause the server to copy data to a NULL pointer, which wil...

osCommerce 2.2 admin/specials.php page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/20343/info osCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

Claroline 1.8.9 phpbb/viewtopic.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/30269/info Claroline is prone to multiple input-validation vulnerabilities: 1. Multiple cross-site scripting vulnerabilities. 2. A remote URI-redirection vulnerability. An attacker may leverage these issues to execute...

Macromedia JRun 4.0 build 61650 Administrative Interface Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9112/info A number of cross-site scripting vulnerabilities have been reported for Macromedia Jrun, specifically in the administrative interface. The problem is said to occur due to insufficient sanitization of URI...

Netzbrett 1.5.1 P_Entry Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15593/info Netzbrett is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

phpBB 2.0.21 Privmsg.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22001/info phpBB is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code...

SX Design sipd 0.1.2/0.1.4 - Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9236/info sipd has been reported prone to a format string vulnerability that may be triggered remotely. It has been reported that sip URI arguments passed to the affected server are not sufficiently handled. An attacker m...

SturGeoN Upload Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18764/info SturGeoN Upload is prone to an arbitrary file-upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitat...

phpBB <= 2.0.10 Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; @@@@@@@ @@@ @@@ @@@@@@ @@@ @@@ @@! @@@ @@! @@@ !@@ @@! @@@ @!@!!@! @!@ !@! !@@!! @!@!@!@! !!: :!! !!: !!! !:! !!: !!! : : : :.:: : ::.: : : : : phpBB = 2.0.10 remote commands exec exploit based on...

Mountain Network Systems WebCart 8.4 Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3453/info Mountain Network Systems WebCart is a cgi based online shopping suite. An error in the webcart.cgi script allows a remote user to pass an arbitrary shell command which will be executed by the script. WebCart...

LiteWEB Web Server 2.7 Invalid Page Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24628/info LiteWeb webserver is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denyi...

Novell Client 4.91 SP4 - Privilege Escalation Exploit

No description provided by source. Novell Client 4.91 SP3/4 Privilege escalation exploit Download link: http://download.novell.com/Download?buildid=SyZ1G2ti7wU SecurityFocus: http://www.securityfocus.com/bid/27209/info CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5762 Patch:...