AllMyGuests PHP Code Injection vulnerability

AllMyGuests PHP Code Injection vulnerability Product : AllMyGuests Vendor : www.php-resource.net Date : February 14, 2004 Problem : PHP Code Injection Vendor Contacted ? : No Source in /include/info.inc.php -------------------------------------------------------------- $AMGinfoget =...

(RHSA-2002:214) php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...

OpenSSH 2.5.x - 2.9 Multiple Vulnerabilities

According to its banner, the remote host appears to be running OpenSSH version between 2.5.x and 2.9. Such versions reportedly contain multiple vulnerabilities : - sftp-server does not respect the 'command=' argument of keys in the authorizedkeys2 file. CVE-2001-0816 - sshd does not properly hand...

CVE-1999-0399

The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands...

PT-1999-1085 · Mirc · Mirc

Name of the Vulnerable Software and Affected Versions: Mirc version 5.5 Description: The issue concerns a problem with the DCC server command in the Mirc client, where it fails to properly filter characters from file names. This allows remote attackers to potentially place a malicious file in a...

id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

// source: https://www.securityfocus.com/bid/90/info The Quake server has a feature where it allows administrators to remotely send commands to the Quake console with a password. However, it is possible to remotely bypass authentication. In order for this to be exploited, the attacker would have ...