2326 matches found
Cooolsoft PowerFTP Server 2.x Remote Denial of Service Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/5899/info PowerFTP server is a shareware ftp server available for the Microsoft Windows platform. It is distributed and maintained by Cooolsoft. It has been reported that PowerFTP server does not properly handle long user...
KAPhotoservice order.asp page Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30567/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the...
Meeting Room Booking System (MRBS) 1.2.6 day.php area Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
Oracle 9i/10g DBMS_METADATA.GET_DDL - SQL Injection Exploit (2)
No description provided by source. !/usr/bin/perl Remote Oracle DBMSMETADATA.GETDDL exploit 9i/10g - Version 2 - New evil cursor injection tip! - No create procedure privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged user Teste...
O-Kiraku Nikki 1.3 Nikki.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15657/info O-Kiraku Nikki is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...
Alt-N WebAdmin 2.0.x USER Parameter Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. /...
free QBoard 1.1 about.php qb_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary...
VBulletin 1.0.1 lite/2.x/3.0 /admincp/modlog.php orderby Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14874/info vBulletin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...
Serenity Audio Player 3.2.3 '.m3u' File Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39768/info Serenity Audio Player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the...
WordPress 1.2 admin-header.php redirect_url Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is...
PHD Help Desk 1.43 caso_insert.php URL Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...
ARISg 5.0 'wflogin.jsp' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/38441/info ARISg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...
ProductCart 1.5/1.6/2.0 MSG.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8108/info A cross-site scripting vulnerability has been reported for ProductCart. The vulnerability exists due to insufficient sanitization of some user-supplied values. Exploitation could permit an attacker to steal...
auraCMS 2.2 'lihatberita' Module - 'id' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27959/info auraCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
phpShop Web Shopping Cart 0.6.1 -b Multiple Function XSS
No description provided by source. source: http://www.securityfocus.com/bid/9437/info Multiple vulnerabilities have been reported to exist in the software that may allow an attacker to carry out attacks against the database, disclose sensitive information, and execute HTML or script code in a...
Scout Portal Toolkit 1.3.1 - SPT-QuickSearch.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15818/info Scout Portal Toolkit is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit could allow an attacker to compromise the...
Fantastic GuestBook 2.0.1 GuestBook.PHP HTML Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18942/info Fantastic GuestBook is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...
Creative Software UK Community Portal 1.1 Discussions.php forum_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A...
XMB Forum 1.8 editprofile.php user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...
Linux Kernel 2.4.x.2.5.x/2.6.x Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17203/info The Linux kernel is affected by local memory-disclosure vulnerabilities. These issues are due to the kernel's failure to properly clear previously used kernel memory before returning it to local users. These...