LBL traceroute 1.4 a5 Heap Corruption Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets...

Info-ZIP UnZip 5.x File Name Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15968/info Info-ZIP 'unzip' is susceptible to a filename buffer-overflow vulnerability. The application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. This...

Bookmark4U 2.0 inc/function.php env[include_prefix] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18281/info Bookmark4U is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

RunCMS 1.6.1 votepolls.php bbPath[path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the...

HiFriend 'cgi-bin/hifriend.pl' Open Email Relay Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30320/info HiFriend is prone to an open-email-relay vulnerability. An attacker could exploit this issue by constructing a script that would send unsolicited bulk email to an unrestricted amount of email addresses with a...

ASPIntranet 2.1 Mutiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21105/info ASPIntranet is prone to multiple SQL-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an...

Nuked-Klan 1.7 Download Module dl_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15181/info Nuked Klan is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These vulnerabilities...

TikiWiki Project 1.8 tiki-list_faqs.php offset Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting,...

Nuked-Klan 1.7 Links Module link_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15181/info Nuked Klan is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. These vulnerabilities...

Alex DownloadEngine 1.4.1 Comments.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18293/info DownloadEngine is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

Tolva 0.1 Usermods.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16000/info Tolva is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process...

MWChat 6.8 Chat.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15198/info MWChat is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could resul...

PHPNuke 6.0 Modules.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5799/info A SQL injection vulnerability has been discovered in PHPNuke. Due to insufficient sanitization of variables used in SQL queries, it is possible to modify the logic of SQL queries. This issue could result in a...

Streamripper <= 1.61.25 HTTP Header Parsing Buffer Overflow Exploit

No description provided by source. / . \ \ \ \ | | / | | | | \ / / /\ \ / \ | | \ / | |/ | |/ / \ / \ | / \ // | Y / ^ /\ | //\ \ /| / / || /\ | \ | \ / / / / 29\08\06 / || / / mm. dM8 YMMMb. dMM8 YMMMMb dMMM' YMMMb dMMMP There are doors I have yet to open YMMM MMM' windows I have yet...

Phorum 5.2 admin/banlist.php curr Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/34551/info Phorum is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...

IBM Tivoli Continuous Data Protection for Files 3.1.4.0 Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34513/info IBM Tivoli Continuous Data Protection for Files is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...

AZ Photo Album Script Pro Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18306/info AZ Photo Album Script Pro is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

phpldapadmin 0.9.8 copy_form.php dn Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...

RunCMS 1.6.1 config.php bbPath[root_theme] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30331/info RunCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and the...

TGS Content Management 0.3.2r2 index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30157/info TGS Content Management is prone to an HTML-injection vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...