2326 matches found
phpInstantGallery 1.1 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37502/info phpInstantGallery is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser ...
MySource 2.14 mimeDecode.php PEAR_PATH Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...
MySQL <= 6.0.4 - Empty Binary String Literal Remote Denial Of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31081/info MySQL is prone to a remote denial-of-service vulnerability because it fails to handle empty binary string literals. An attacker can exploit this issue to crash the application, denying access to legitimate user...
SoftMaker Shop 0 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16471/info SoftMaker Shop is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...
Microsoft PowerPoint 2003 PPT File Closure Memory Corruption
No description provided by source. source: http://www.securityfocus.com/bid/18993/info Microsoft PowerPoint is prone to multiple remote vulnerabilities. Three proof-of-concept exploit files designed to trigger vulnerabilities in PowerPoint have been released. It is currently unknown if these thre...
phpFreeChat 1.1 'demo21_with_hardocded_urls.php' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30292/info phpFreeChat is prone to an unspecified cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
Zoo 2.10 - Parse.c Local Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17126/info Zoo is prone to a local buffer-overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before using it in a finite-sized buffer. An attacker...
SX Design sipd 0.1.2 - Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9198/info It has been reported that sipd may be prone to a vulnerability that may allow a remote attacker to cause a denial of service condition in the software. The problem is reported to exist in the gethostbynamer...
MaxWebPortal 1.3 dl_toprated.asp SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/13466/info MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...
i-Gallery 3.4 igallery.ASP Remote Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26348/info i-Gallery is prone to a remote information-disclosure vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to view arbitrary local...
Bitweaver 1.1.1 beta list_galleries.php sort_mode Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...
Nessus 2.0.x LibNASL Arbitrary Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7664/info Nessus has reported that various flaws have been discovered in the 'libnasl' library used by the Nessus application. As a result, a malicious NASL script may be able to break outside of the established sandbox...
Computer Associates SiteMinder Web Agent Smpwservices.FCC Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26375/info Computer Associates SiteMinder Web Agent is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue allows attackers to execute arbitrar...
Hot Links SQL-PHP 'news.php' SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/31118/info Hot Links SQL-PHP is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
VBulletin <= 3.7.1 - admincp/faq.php Injection adminlog.php XSS
No description provided by source. source: http://www.securityfocus.com/bid/30134/info vBulletin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...
SmartMedia Module 0.85 Beta for XOOPS 'categoryid' Parameter Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37156/info The SmartMedia module for XOOPS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script cod...
mxBB Module mx_glance 2.3.3 - Remote File Include Vulnerability
No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + mxBB Module mxglance 2.3.3 Remote File Include Vulnerability + + + + Discovered by bd0rk || SOH-Crew + + + + www.soh-crew.it.tt + + + + The german Coding and IT-Security Ressource + + +...
SiteEnable SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12985/info SiteEnable is reported prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other...
FunkBoard 0.66 editpost.php Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14507/info FunkBoard is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...
BBC Education Betsie 1.5 Parserl.PL Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5135/info Betsie BBC Education Text to Speech Internet Enhancer is prone to a cross-site scripting vulnerability. This issue exists in the parserl.pl script. Attackers may exploit this condition via a malicious link to a...