2326 matches found
Artmedic Newsletter 4.1 Log.PHP Remote Script Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18047/info Artmedic Newsletter is prone to a remote PHP code-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to creat...
DansGuardian Webmin Module 0.x Edit.CGI Remote Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9394/info A problem has been identified in the handling of input by scripts packaged with the DansGuardian Webmin Module. Because of this, it is possible for a remote to gain access to potentially sensitive information...
Dotproject 2.0 /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
mcGuestbook 1.3 admin.php lang Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote file...
Quick Classifieds 1.0 - controlpannel/alterCats.php3 DOCUMENT_ROOT Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the applicati...
GNU BinUtils 2.1x GAS Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19555/info GNU binutils GAS GNU assembler is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Remote...
phpldapadmin 0.9.8 search.php scope Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...
Claroline 1.8 tracking/toolaccess_details.php toolId Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30346/info Claroline is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...
Google Chrome <= 6.0.472 'Math.Random()' Random Number Generation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/36185/info Google Chrome is prone to security vulnerability that may allow the application to generate weak random numbers. Successfully exploiting this issue may allow attackers to obtain sensitive information or gain...
PHP Live! 3.2.2 phplive/message_box.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21737/info PHP Live! is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
Telekorn Signkorn Guestbook 1.x includes/functions.admin.php dir_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and t...
FAQ System 1.1 index.php CATEGORY_ID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15640/info FAQ System is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...
NPDS 4.8 News Message HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5797/info Problems with NPDS could make it possible to execute arbitrary script code in a vulnerable client. NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user view...
myPHPNuke 1.8.8 Default_Theme Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6544/info Reportedly, myPHPNuke does not adequately filter HTML code thus making it prone to cross-site scripting attacks. It is possible for a remote attacker to create a malicious link containing script code which will ...
Joomla! Jobads 'type' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37686/info The Jobads component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PhpMyAdmin 2.x sql.php pos Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/21137/info phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTML-injection vulnerability, cross-site scripting vulnerabilities, and information-disclosure vulnerabilities. An attacker could...
Maian Uploader 4.0 - admin/index.php keywords Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...
Ocean12 Membership Manager Pro Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13046/info Ocean12 Membership Manager Pro is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...
Flicks Software AuthentiX 6.3b1 - 'username' Parameter Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/28040/info Flicks Software AuthentiX is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script...
EasyMoblog 0.5 Img.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17199/info EasyMoblog is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...