auraCMS 2.2 'lihatberita' Module - 'id' Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27959/info auraCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

phpShop Web Shopping Cart 0.6.1 -b Multiple Function XSS

No description provided by source. source: http://www.securityfocus.com/bid/9437/info Multiple vulnerabilities have been reported to exist in the software that may allow an attacker to carry out attacks against the database, disclose sensitive information, and execute HTML or script code in a...

Scout Portal Toolkit 1.3.1 - SPT-QuickSearch.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15818/info Scout Portal Toolkit is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. A successful exploit could allow an attacker to compromise the...

Juergen Schoenwaelder scotty 2.1.x ntping Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2911/info ntping is a component of scotty, a Tcl interpreter used to retrieve status and configuration information for TCP/IP networks. The utility, which runs with root privileges, contains a locally exploitable buffer...

XFree86 4.2 XLOCALEDIR Local Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/7002/info Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment...

BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)

No description provided by source. Exploit Title: BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit ASLR + DEP bypass Date: 03/11/2012 Exploit Author: Lorenzo Cantoni Vendor Homepage: http://www.bigantsoft.com/ Version: BigAnt Console 2.52 SP5 Tested on: Windows 7 SP0 x86 Italian -...

Ezboard 'invitefriends.php3' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8519/info The 'invitefriends.php3' script of Ezboard has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on user-supplied URI parameters. This issue...

ASPBB 0.4 profile.asp PROFILE_ID Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15859/info ASPBB is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...

Xoops 2.0.18 modules/system/admin.php fct Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30330/info XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include...

EDirectoryPro Search_result.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17912/info EDirectoryPro is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

CoolPHP 1.0 - Multiple Remote Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/11437/info Reportedly CoolPHP is affected by multiple remote input validation vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input prior to using it to make critic...

Jupiter CMS 1.1.5 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19721/info Jupiter CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious P...

PHP iCalendar 1.1/2.x month.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21792/info PHP icalendar is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script cod...

DMXReady Secure Login Manager 1.0 content.asp sent Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/21788/info DMXReady Secure Login Manager is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could...

PHP-Nuke 7.x Block-Old_Articles.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22037/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

ezUpload 2.2 customize.php path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...

Microsoft Windows 2000 Remote CPU-overload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1415/info Sending a stream of binary zeros to any one of a number of Windows 2000 ports can cause 100% CPU utilization. The ports that were found vulnerable include TCP ports 7, 9, 21, 23, 7778 and UDP ports 53, 67, 68,...

Apple Safari Feed URI Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24460/info Apple Safari is prone to a denial-of-service vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to cause denial-of-service conditions on a user's compute...

Poptop < 1.1.3-b3 and 1.1.3-20030409 - Negative Read Overflow

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

ezContents 'minicalendar.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30373/info ezContents CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of th...