Dansie Shopping Cart Server Error Message Installation Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8860/info Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' parameter of 'cart.pl' that may lead to an attacker gaining sensitive information about the installation path of the system...

ovidentia 5.6.x/5.8 statart.php babInstallPath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

IBM WebSphere Application Server 6.1/7.0 Administrative Console Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34001/info IBM WebSphere Application Server WAS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in th...

Shadowed Portal 5.7 Load.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17430/info Shadowed Portal is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

LiteWEB Web Server 2.7 Invalid Page Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24628/info LiteWeb webserver is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denyi...

Mandriva Linux Mandrake 7.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1265/info The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid cdburner which is a group, gid: 80, that is...

VideoDB 3.0.3 'login.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38155/info VideoDB is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...

PHPOutsourcing Zorum 3.5 Prod.PHP Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access i...

ibProArcade 2.5.9+ Arcade.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22575/info ibProArcade is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

RedHat Linux <= 5.1,Caldera OpenLinux Standard 1.2 Mountd Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/121/info NFS servers running certain implementations of mountd, primarily Linux systems. On some systems, the vulnerable NFS server is enabled by default. This vulnerability can be exploited even if the NFS server does no...

Atrise Everyfind 5.0.2 search Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8740/info It has been reported that Atrise Everyfind is prone to a cross-site scripting vulnerability due to insufficient sanitization of user-supplied input. The problem exists in the search module of the software. This...

Pre Classified Listings 1.0 'detailad.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32566/info Pre Classified Listings is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Oracle 10g KUPV$FT.ATTACH_JOB - SQL Injection Exploit (2)

No description provided by source. !/usr/bin/perl Remote Oracle KUPV$FT.ATTACHJOB exploit 10g - Version 2 - New evil cursor injection tip! - No create procedure privileg needed! - See: http://www.databasesecurity.com/ Cursor Injection Grant or revoke dba permission to unprivileged user Tested on...

glFusion 1.1 Anonymous Comment 'username' Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33683/info glFusion is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...

V-webmail 1.6.4 includes/pear/System.php CONFIG[pear_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and t...

Cool Cafe Chat 1.2.1 LOGIN.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13976/info Cool Cafe Chat is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query...

MySQL <= 6.0.4 - Empty Binary String Literal Remote Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31081/info MySQL is prone to a remote denial-of-service vulnerability because it fails to handle empty binary string literals. An attacker can exploit this issue to crash the application, denying access to legitimate user...

AZ Photo Album Script Pro Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18306/info AZ Photo Album Script Pro is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

Alex DownloadEngine 1.4.1 Comments.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18293/info DownloadEngine is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...