Linux Kernel 2.6.x 'pipe.c' Local Privilege Escalation Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/36901/info Linux kernel is prone to a local privilege-escalation vulnerability that is caused by a NULL-pointer dereference. Local attackers can exploit this issue to execute arbitrary code with kernel-level privileges...

V-webmail 1.6.4 includes/cachedConfig.php CONFIG[pear_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and t...

Tagit! Tagit2b 2.1.B Build 2 tag_process.php Multiple Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/22518/info TagIt! TagBoard is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...

Sun Management Center 3.0/3.5 Error Message Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8873/info A problem in the handling of error messages has been identified in Sun Management Center. Because of this, an attacker may be able to gain sensitive information about vulnerable hosts...

Mapos-Scripts.de Gastebuch 1.5 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25252/info Mapos-Scripts.de Gastebuch is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remo...

FoxWeb 2.5 PATH_INFO Remote Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8547/info FoxWeb is prone to a remotely exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of user-supplied PATHINFO data to the Foxweb CGI and ISAPI extension. Successful exploitation...

Microsoft Internet Explorer 6.0 Frame Src Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21447/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. This issue is triggered when an attacker entices a victim user to visit ...

txtForum 1.0.3/1.0.4 - Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17054/info txtForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have...

PHP 4.x PHPInfo Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15248/info PHP is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script cod...

Multi-Forums Directory.PHP Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/26213/info Multi-Forums is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in SQL queries. Exploiting these issues could allow an attacker to...

SleeperChat 0.3f Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16363/info SleeperChat is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

ISC BIND <= 8.2.2,IRIX <= 6.5.17,Solaris 7.0 (NXT Overflow & Denial of Service) Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/788/info There are several vulnerabilities in recent BIND packages pre 8.2.2. The first is a buffer overflow condition which is a result of BIND improperly validating NXT records. The consequence of this being exploited i...

Tmax Soft JEUS 3.1.4 p1 URL.JSP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7969/info Reportedly, Tmax Soft JEUS is vulnerable to a cross site-scripting attack. The vulnerability is present in the url.jsp script of the Tmax Soft JEUS server. An attacker may exploit this vulnerability by enticing ...

PHPNews 1.2.x Auth.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14333/info PHPNews is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. This vulnerability could permit...

Web News 1.1 news.php config[root_ordner] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/25257/info WebNews is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and th...

OpManager 6/7 admin/DeviceAssociation.do Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the brows...

Meeting Room Booking System (MRBS) 1.2.6 help.php area Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30531/info MRBS Meeting Room Booking Software is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...

Softbiz Resource Repository Script 0 details_res.php sbres_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15585/info Softbiz Resource Repository Script is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...

Mozilla Browser 1.5 URI MouseOver Obfuscation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/9203/info It has been discovered that the Mozilla browser is prone to a URI obfuscation weakness that may hide the true contents of a link. The problem occurs when a user@location URI is formatted in such a way that a NUL...

Adobe ColdFusion Server <= 8.0.1 wizards/common/_authenticatewizarduser.cfm Query String XSS

No description provided by source. source: http://www.securityfocus.com/bid/36046/info Adobe ColdFusion is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script...