F5 Networks FirePass 4100 SSL VPN Download_Plugin.PHP3 Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26661/info F5 Networks FirePass 4100 SSL VPN devices are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Mailtraq 2.2 Browse.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7813/info Mailtraq is vulnerable to cross-site scripting attacks. The vulnerability exists due to insufficient sanitization of HTTP requests to the vulnerable Mailtraq server. An attacker can exploit this vulnerability by...

Comersus Cart 5.0 - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10824/info Comersus Cart is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL...

WinMount 3.3.401 ZIP File Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39557/info WinMount is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code...

Magic Photo Storage Website user/add_news.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

S.u.S.E. 5.2 lpc Vulnerabilty

No description provided by source. source: http://www.securityfocus.com/bid/328/info The PLP Line Printer Control program, shipped with S.u.S.E. 5.2 is vulnerable to a local remote buffer overflow. You can determine whether you're vulnerable or not by typing 'lpc'. If you're presented with an lpc...

NetauctionHelp 3.0 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/15737/info NetAuctionHelp is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

PortailPHP 1.3 ID Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13708/info PortailPHP is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

Dansie Shopping Cart Server Error Message Installation Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8860/info Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' parameter of 'cart.pl' that may lead to an attacker gaining sensitive information about the installation path of the system...

Klf-Realty 2.0 detail.asp property_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21199/info Klf-Realty is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...

t. hauck jana webserver 1.0/1.45/1.46 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/699/info The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the intended webroot. http...

NetFlow Analyzer 5 /jspui/appConfig.jsp task Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in th...

VisualShapers EZContents 1.4/2.0 Module.PHP Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9396/info A problem in handling of specific types of input passed to the module.php script in VisualShapers ezContents has been discovered. Because of this, an attacker may be able to gain unauthorized access to vulnerabl...

qmailadmin 1.0.x Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on...

GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in th...

Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection Exploit (2)

No description provided by source. !/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g - Version 2 - New evil cursor injection tip! - No create procedure privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged user Tested on...

PHP Web Explorer 0.99b main.php refer Parameter Traversal Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/31595/info PHP Web Explorer is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal string...

RMSOFT MiniShop 1.0 'search.php' Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30616/info RMSOFT MiniShop is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...

RedBLoG 0.5 common.php root_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20115/info The redblog application is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

MacOS X 10.x DirectoryService Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7323/info MacOSX DirectoryService has been reported prone to a denial of service vulnerability. It has been reported that a remote attacker may trigger an exception in DirectoryService by repeatedly connecting to specific...