CitrusDB 0.3.6 uploadcc.php Arbitrary Database Injection

No description provided by source. source: http://www.securityfocus.com/bid/12557/info CitrusDB is reportedly affected by an access validation vulnerability during the upload of CSV files. Exploitation of this issue could result in path disclosure or SQL injection. The issue exists because the...

phpCMS 1.1.7 include/class.layout_phpcms.php PHPCMS_INCLUDEPATH Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

Apple Safari Feed URI Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24460/info Apple Safari is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to cause denial-of-service conditions on a user's compute...

Simple PHP Scripts gallery 0.x - index.php Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28056/info Simple PHP Scripts 'gallery' is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Windows NT 4.0 - Remote Registry Request Dos Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1331/info In special circumstances while handling requests to access the Remote Registry Server, Windows NT 4.0 can crash due to winlogon.exe's inability to process specially malformed remote registry requests. Rebooting...

phpMyTourney 2 - tourney/index.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28057/info phpMyTourney is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing maliciou...

CitrusDB 0.3.6 - Remote Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12560/info CitrusDB is reportedly affected by an authentication bypass vulnerability. This issue is due to the application using a static value during the creation of user cookie information. An attacker could exploit thi...

Half-Life 1.1 Client Server Message Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6582/info It has been reported that the Half-Life client contains a format string vulnerability. When receiving messages from an administrator through the adminmod add-on package, the client does not properly handle input...

Hosting Controller 7C FolderManager.ASPX Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21786/info Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to modify or retrieve arbitrary file...

Ahhp Portal Page.PHP Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/23658/info Ahhp Portal is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and...

CitrusDB 0.3.6 Arbitrary Local PHP File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12564/info CitrusDB is reportedly affected by a vulnerability that permits the inclusion of any local PHP file. This issue is due to the application failing to properly sanitize user-supplied input. This issue is reported...

PHPKIT 1.6.1 R2 Include.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17467/info PHPKIT is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

Comus 2.0 Accept.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23661/info Comus is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying...

EZHomePagePro 1.5 users_search.asp Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17236/info EZHomePagePro is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

PHPSavant Savant2 stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

O-Kiraku Nikki 1.3 Nikki.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15657/info O-Kiraku Nikki is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...

RamaCMS ADODB.Inc.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20523/info RamaCMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to compromise the application and the underlyi...

Atrise Everyfind 5.0.2 search Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8740/info It has been reported that Atrise Everyfind is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the search module of the software. This...

phpPass 2 AccessControl.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6594/info A problem with phpPass may allow an attacker to launch a SQL injection attack. The vulnerability exists in the accesscontrol.php script included with phpPass. Due to insufficient sanitization of user-supplied...

Telekorn Signkorn Guestbook 1.x admin/log.php dir_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and t...