Woltlab Burning Board 2.x Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18423/info Woltlab Burning Board is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow ...

vBulletin 4.0.2 Search Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38895/info vBulletin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

Testlink TestManagement and Execution System 1.8.5 - Multiple Directory Traversal Vulnerabilites

No description provided by source. 1.Title :Multiple directory Traversal Vulnerabilites in Testlink TestManagement and Execution System. Discovered by: Prashant Khandelwal [email protected]:[email protected] Submitted :Jan-15-2010 Bugtraq id :...

Simple Machines Forum 1.0/1.1 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20629/info Simple Machines Forum is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...

ASPPlayground.NET 3.2 SR1 Remote Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14070/info ASPPlayground.NET is prone to a remote arbitrary file-upload vulnerability. Exploiting this issue may allow remote attackers to upload arbitrary files including malicious scripts and possibly execute the script...

wu-ftpd 2.4.2/2.5 .0/2.6 .0 - Remote Format String Stack Overwrite (1)

No description provided by source. source: http://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a very serious remote attack in the...

HP-UX 10.20/11.0 man /tmp symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1302/info The programmers of the 'man' command on various HPUX releases have made several fatal mistakes that allow an attacker to trivially set a trap that could result in any arbitrary file being overwritten on the syst...

LibTiff 3.x Multiple Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17730/info LibTIFF is affected by multiple denial-of-service vulnerabilities. An attacker can exploit these vulnerabilities to cause a denial of service in applications using the affected library...

Psunami Bulletin Board 0.x Psunami.CGI Remote Command Execution Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote...

MyServer 0.9.8 Post.MSCGI Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24583/info MyServer is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

Madrese-Portal 'haber.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33045/info Madrese-Portal is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or...

Cooolsoft PowerFTP Server 2.x Remote Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5899/info PowerFTP server is a shareware ftp server available for the Microsoft Windows platform. It is distributed and maintained by Cooolsoft. It has been reported that PowerFTP server does not properly handle long user...

PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15250/info PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may...

Ji-takz Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18474/info Ji-takz is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file...

EditTag 1.2 edittag.cgi file Variable Arbitrary File Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/21890/info EditTag is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file...

ACG News 1.0 index.php Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/25466/info ACG News is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. Exploiting these issues could allow an attacker to...

mcGuestbook 1.3 ecrire.php lang Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote file...

Blojsom 2.31 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20026/info Blojsom is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to have arbitrary script code execute in the browser of...

EditTag 1.2 mkpw.pl plain Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21891/info EditTag is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...

KDE Konqueror 4.1 Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33085/info KDE Konqueror is prone to multiple cross-site scripting vulnerabilities and multiple denial-of-service vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may...