2326 matches found
MediaWiki 1.x AJAX Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21956/info MediaWiki is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
TelCondex SimpleWebserver 2.12.30210 build 3285 HTTP Referer Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8925/info A vulnerability has been reported in SimpleWebServer that may allow a remote attacker to cause a denial of service condition or execute arbitrary code on vulnerable host. The issue is reported to exist due to a...
SoftMaker Shop 0 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16471/info SoftMaker Shop is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...
BBC Education Betsie 1.5 Parserl.PL Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5135/info Betsie BBC Education Text to Speech Internet Enhancer is prone to a cross-site scripting vulnerability. This issue exists in the parserl.pl script. Attackers may exploit this condition via a malicious link to a...
PhotoPost PHP Pro 3.x/4.x showgallery.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/9994/info Multiple SQL injection, cross-site scripting and HTML injection vulnerabilities have been identified in the application, which may allow an attacker to execute arbitrary HTML or script code in a user's browser...
SmartMedia Module 0.85 Beta for XOOPS 'categoryid' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37156/info The SmartMedia module for XOOPS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script cod...
Digital UNIX <= 4.0 D,FreeBSD <= 2.2.4,HP HP-UX 10.20/11.0,IBM AIX <= 3.2.5,Linux kernel 2.0/2.1,NetBSD 1.2,Solaris <= 2.5.1 Smurf Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/147/info The Smurf denial of service exploits the existance, and forwarding of, packets sent to IP broadcast addreses. By creating an ICMP echo request packet, with the source address set to an IP within the network to be...
Azureus HTML WebUI 0.7.6 - Cross-Site Request Forgery Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28848/info Azureus HTML WebUI is prone to a cross-site request-forgery vulnerability. Successful exploits aid in transferring malicious content to unsuspecting users' computers, aiding in further attacks. Other actions ma...
BigACE 1.8.2 download.cmd.php GLOBALS Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19723/info Bigace is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote PHP code and execute i...
GeSHi 1.0.x XML Parsing Remote Denial Of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/32377/info GeSHi is prone to a remote denial-of-service vulnerability. Remote attackers can exploit this issue to cause the vulnerable application to enter an infinite loop, consuming excessive resources. This issue affec...
Nuked-Klan 1.7 Download Module dl_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15181/info Nuked Klan is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These vulnerabilities...
Solaris 7.0 CDE dtmail/mailtool Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/832/info here are three buffer overflow vulnerabilities in the CDE mail utilities, all of which are installed sgid mail by default. The first is exploited through overrunning a buffer in the Content-Type: field, which wou...
phpldapadmin 0.9.8 compare_form.php dn Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...
Gazi Download Portal Down_Indir.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23714/info Gazi Download Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Lotus Domino Server 5.0.x Directory Traversal Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2173/info It is possible for a remote user to gain access to any known file residing on the Lotus Domino Server 5.0.6 and previous. A specially crafted HTTP request comprised of '.nsf' and '../' along with the known...
Webfroot Shoutbox 2.32 Expanded.PHP Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7772/info Shoutbox is prone to an issue that may result in the execution of attacker-supplied code. The vulnerability exists due to insufficient sanitization of input into the expanded.php script...
photokorn 1.53/1.54 index.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17683/info Photokorn is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker ...
SoftBiz Dating Script 1.0 index.php cid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/18605/info Softbiz Dating Script is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow a...
Xoops 2.0.18 modules/system/admin.php fct Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/30330/info XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include...
DMXReady Secure Login Manager 1.0 content.asp sent Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/21788/info DMXReady Secure Login Manager is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could...