ovidentia 5.6.x/5.8 statart.php babInstallPath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

SiteEnable 3.3 Login.ASP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16009/info SiteEnable is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...

IBM WebSphere Application Server 6.1/7.0 Administrative Console Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34001/info IBM WebSphere Application Server WAS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...

GlassFish Application Server resourceNode/jdbcConnectionPoolNew1.jsf Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/29751/info Sun Glassfish is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in th...

GNU Mailutils imap4d 0.6 - Remote Format String Exploit (exec-shield)

No description provided by source. / Fedora Core 6 exec-shield based GNU imap4d mailutils-0.6 search remote format string exploit by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL: http://x82.inetcop.org/h0me/papers/FCexploit/FCexploit.txt Reference:...

glFusion 1.1 Anonymous Comment 'username' Field HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33683/info glFusion is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site,...

V-webmail 1.6.4 includes/pear/System.php CONFIG[pear_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and t...

Cool Cafe Chat 1.2.1 LOGIN.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13976/info Cool Cafe Chat is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp' script before using it in an SQL query...

MySQL <= 6.0.4 - Empty Binary String Literal Remote Denial Of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31081/info MySQL is prone to a remote denial-of-service vulnerability because it fails to handle empty binary string literals. An attacker can exploit this issue to crash the application, denying access to legitimate user...

AZ Photo Album Script Pro Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18306/info AZ Photo Album Script Pro is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the...

Nenriki CMS 0.5 'ID' Cookie SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34067/info Nenriki CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise t...

Alex DownloadEngine 1.4.1 Comments.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18293/info DownloadEngine is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could...

Zoo 2.10 - Parse.c Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17126/info Zoo is prone to a local buffer-overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before using it in a finite-sized buffer. An attacker...

SoftMaker Shop 0 Multiple Cross-Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/16471/info SoftMaker Shop is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...

VBulletin 1.0.1 lite/2.x/3.0 /admincp/modlog.php orderby Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14874/info vBulletin is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues t...

Serenity Audio Player 3.2.3 '.m3u' File Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39768/info Serenity Audio Player is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers may leverage this issue to execute arbitrary code in the...

WordPress 1.2 admin-header.php redirect_url Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is...

PHD Help Desk 1.43 caso_insert.php URL Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37029/info PHD Help Desk is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the...

Microsoft IE4 Clipboard Paste Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/215/info The Windows clipboard contains data that has been cut or copied from various windows applications. This data can be accessed and posted to malicious web forms at web sites without the knowledge of the visiting...

ARISg 5.0 'wflogin.jsp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38441/info ARISg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...