PHP iCalendar 1.1/2.x year.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

ProjectApp 3.3 login.asp ret_page Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16011/info ProjectApp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

PHPFreeNews 1.40 SearchResults.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/14589/info PHPFreeNews is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

RepairShop2 index.php Prod Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/38907/info RepairShop 2 is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how th...

Digital Reality Game Engine 1.0.x Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9736/info It has been reported that the Digital Reality Game engine is prone to a remote denial of service vulnerability. This issue is due to a failure of the application to validate packet data size input supplied by a...

Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion DoS

No description provided by source. source: http://www.securityfocus.com/bid/36408/info Wireshark is prone to multiple denial-of-service vulnerabilities. Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. These issues affect Wireshark 0.99.6...

SixCMS 6.0 Detail.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18395/info SixCMS is prone to a directory-traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitra...

Maian Weblog 2.0 print.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17247/info Maian Weblog is prone to multiple SQL-injection vulnerabilities. The application fails to properly sanitize user-supplied input before using it in SQL queries. This will allow an attacker to inject arbitrary SQ...

TFTPUtil GUI 1.4.5 - DoS (Meta)

No description provided by source. Title: TFTPUtil GUI v1.4.5 Invalid Request DoS CVE-ID: OSVDB-ID: Author: Vuk Ivanovic Published: 2010-12-04 Verified: yes This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit...

NooMS 1.1 - smileys.php page_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/31131/info NooMS is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browse...

WebCT 4.1.5 - Email and Discussion Board Messages HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28107/info WebCT is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript co...

Cat Soft Serv-U 2.5/a/b,Windows 2000/95/98/NT 4.0 Shortcut Vulnerability

No description provided by source. Cat Soft Serv-U 2.5/a/b,Windows 2000 Advanced Server/2000 Datacenter Server/2000 Professional/2000 Server/2000 Terminal Services/95/98/NT 4.0/NT Enterprise Server 4.0/NT Server 4.0/NT Terminal Server 4.0/NT Workstation 4.0 Shortcut Vulnerability source:...

PHPTB Topic Board 2.0 file_o.php absolutepath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

phpGroupWare 0.9.x index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11952/info Reportedly PHPGroupWare contains multiple input validation vulnerabilities; it is prone to multiple SQL injection and cross-site scripting issues. These issues are all due to a failure of the application to...

CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8699/info cfengine is prone to a stack-based buffer overrun vulnerability. This issue may be exploited by remote attackers who can send malicious transaction packets to cfservd. This issue is due to insufficient bounds...

PHP 4.x socket_recv() Signed Integer Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7197/info A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socketrecv and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanit...

GuppY 2.4 - Remote File Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8769/info GuppY is prone to an issue that could allow a remote attacker to read or write to files on the vulnerable server. This issue presents itself in the tinymsg.php component of the software. The attacker could only...

PHP Live Helper 1.17 Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20603/info PHP Live Helper is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of...

Andy Mack 35mm Slide Gallery 6.0 index.php imgdir Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/18414/info 35mmslidegallery is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute ...

Keld PHP-MySQL News Script 0.7.1 'login.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30529/info Keld PHP-MySQL News Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...