DataLife Engine 8.3 engine/ajax/pm.php config[lang] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/37851/info Datalife Engine is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...

PHPOutsourcing Zorum 3.5 Prod.PHP Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14601/info Zorum is prone to an arbitrary command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue may facilitate unauthorized remote access i...

contentserver 5.6.2929 errors/transaction.asp msg Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/24895/info activeWeb contentserver is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitra...

JAWS 0.x Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14158/info JAWS is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Telekorn Signkorn Guestbook 1.x includes/functions.admin.php dir_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19977/info Telekorn Signkorn Guestbook is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. This may allow the attacker to compromise the application and t...

XlentProjects SphereCMS 1.1 'archive.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38309/info SphereCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

News2Net 3.0 Index.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15274/info News2Net is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

Glassfish Enterprise Server 2.1 Admin Console /configuration/configuration.jsf URI XSS

No description provided by source. source: http://www.securityfocus.com/bid/34824/info GlassFish Enterprise Server is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attacker-supplied HTML and script code would run in the conte...

KDE Konqueror 4.1 Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/33085/info KDE Konqueror is prone to multiple cross-site scripting vulnerabilities and multiple denial-of-service vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may...

XMB Forum 1.8 editprofile.php user Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/9726/info XMB Forum has been reported prone to multiple cross-site scripting, HTML injection and SQL injection vulnerabilities. The issues present themselves due to insufficient sanitization of remote user supplied data. ...

Fantastic GuestBook 2.0.1 GuestBook.PHP HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18942/info Fantastic GuestBook is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...

Creative Software UK Community Portal 1.1 Discussions.php forum_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A...

VWar 1.5 member.php vwar_root Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

Linux Kernel 2.4.x.2.5.x/2.6.x Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17203/info The Linux kernel is affected by local memory-disclosure vulnerabilities. These issues are due to the kernel's failure to properly clear previously used kernel memory before returning it to local users. These...

Apple Safari for iPhone/iPod touch Malformed 'Throw' Exception Remote Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38992/info Apple Safari on iPhone and iPod touch is prone to a remote code-execution vulnerability. Successful exploits can allow an attacker to run arbitrary code in the context of the user running the application. Faile...

Woltlab Burning Board 2.x Multiple SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18423/info Woltlab Burning Board is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow ...

phpGroupWare 0.9.x index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11952/info Reportedly PHPGroupWare contains multiple input validation vulnerabilities; it is prone to multiple SQL injection and cross-site scripting issues. These issues are all due to a failure of the application to...

Maian Uploader 4.0 - admin/index.php keywords Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in t...

PAFileDB 3.1 Error Message Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11817/info paFileDB is prone to an installation path disclosure. If invalid requests are made to certain scripts, the installation path is included in the returned error message...

PHP 4.x socket_recv() Signed Integer Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7197/info A vulnerability has been reported in PHP versions 4.3.1 and earlier. The problem occurs in the socketrecv and may allow an attacker to corrupt memory. Specifically, the affected function fails to carry out sanit...