Benjamin Lefevre Dobermann Forum 0.x index.php subpath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker...

Meganoide's News 1.1.1 Include.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22589/info Meganoide's news is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of...

MailEnable 1.1x Content-Length Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10838/info MailEnable is reported prone to a remote denial of service vulnerability. This vulnerability is reported to exist in the MailEnable HTTP header parsing code. When reading a large content-length header field fro...

Bitweaver 1.1.1 view.php blog_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15962/info bitweaver is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Successful exploitation of these vulnerabilities...

GNOME Evolution 2.2.3/2.3.x Inline XML File Attachment Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16408/info GNOME Evolution email client is prone to a denial-of-service vulnerability when processing messages containing inline XML file attachments with excessively long strings. perl -e 'printf Ax40000'...

Mambo Open Source 4.5 Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9891/info It has been reported that the Mambo 'index.php' script is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. As a result of...

Cisco Subscriber Edge Services Manager Cross Site Scripting And HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/34454/info Cisco Subscriber Edge Services Manager is prone to a cross-site scripting vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML o...

Yap Blog 1.1 - 'index.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlyi...

Sun Solaris <= 10 snoop(1M) Utility Remote Exploit

No description provided by source. / hoagiesnoop.c SUN SOLARIS SNOOP REMOTE EXPLOIT + Sun Solaris 8/9/10 + OpenSolaris snv96 Bug discovered by Gael Delalleau http://www.securityfocus.com/bid/30556 attack:/exploits ./hoagiesnoop -t 192.168.0.1 hoagiesnoop.c - solaris snoop remote -andi / void.at...

W-Agora 4.0 - reorder_forums.php bn_dir_default Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the...

BlueZ 1.x/2.x - HIDD Bluetooh HID Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22076/info BlueZ hidd is prone to a device-command-injection vulnerability. A remote attacker can exploit this issue to gain control of mouse and keyboard HIDs human interface device. This will allow the attacker to...

JemWeb DownloadControl 1.0 DC.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18041/info DownloadControl is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

Trend Micro Interscan Viruswall localweb Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9966/info It has been reported that InterScan VirusWall may to a directory traversal vulnerability that may allow an attacker to request files from the '/ishttp/localweb' directory and any sub directories of 'localweb' wi...

PhpWebGallery 1.3.4/1.5.1 comments.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15837/info PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attack...

Telekorn Signkorn Guestbook 1.x help/de/adminhelp1.php dir_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and t...

phpldapadmin 0.9.8 rename_form.php dn Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17643/info PHPLDAPAdmin is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to execute...

Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/42269/info Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the comple...

siteman 2.x (exec/lfi/xss) Multiple Vulnerabilities

No description provided by source. Siteman 2.X 0Day Multiple Remote Vulnerabilities CODE EXECUTION/LFI/XSS AUTHOR : IRCRASH Dr.Crash Or Khashayar Fereidani Discovered by : IRCRASH Dr.Crash Or Khashayar Fereidani IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de -...

GlobalNoteScript 4.20 Read.CGI Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14148/info GlobalNoteScript is prone to a remote arbitrary command execution vulnerability. Reportedly, this issue arises when the user-specified 'file' URI parameter of the 'read.cgi' script is supplied to the Perl open...

EShoppingPro 1.0 Search_Run.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20089/info EShoppingPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. An attacker may be able to exploit this issue to...