CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...

CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...

CVE-2006-4425

Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the CCFGPKGPATHINCL parameter in coinincludes scripts including 1 api.php, 2 common.php, 3 core.php, 4 custom.php, 5 db.php, 6 redirect.php or 7 sessionset.php. NOTE: the...

CVE-2006-4433

PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...

CVE-2006-3859

IBM Informix Dynamic Server IDS allows remote authenticated users to create and overwrite arbitrary files via the 1 LOTOFILE and 2 trltracefileset functions, and the 3 "SET DEBUG FILE" commands...

CVE-2006-3860

IBM Informix Dynamic Server IDS before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the 1 "SET DEBUG FILE" SQL command, and the 2 startonpload and 3 dbexp functions...

CVE-2006-3859

IBM Informix Dynamic Server IDS allows remote authenticated users to create and overwrite arbitrary files via the 1 LOTOFILE and 2 trltracefileset functions, and the 3 "SET DEBUG FILE" commands...

DEBIAN-CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

CVE-2006-3215

Clearswift MAILsweeper for SMTP before 4.3.20 and MAILsweeper for Exchange before 4.3.20 allows remote attackers to bypass the "text analysis", possibly bypassing SPAM and other filters, by sending an e-mail specifying a non-existent or unrecognized character set...

Back-End CMS <= 0.7.2.1 (jpcache.php) Remote Include Vulnerability

No description provided by source. Federico Fazzi, [email protected] Back-end = 0.7.2.1 jpcache.php Remote command execution 08/06/2006 1:04 Bug: jpcache.php: line 40 --- $includedir = $PSL'classdir' . "/jpcache"; --- Proof of concept: Back-end have a default path pre-set on jpcache.php, and...

TIBCO Rendezvous daemon components contain a buffer overflow in the HTTP administrative interface

Overview A vulnerability in the TIBCO Rendezvous daemon components may allow a remote attacker to execute arbitrary code on an affected system. Description TIBCO Rendezvous is a distributed messaging software platform. A buffer overflow vulnerability has been discovered in the HTTP administrative...

MySQL -- SQL-injection security vulnerability

MySQL reports: An SQL-injection security hole has been found in multibyte encoding processing. An SQL-injection security hole can include a situation whereby when inserting user supplied data into a database, the user might inject his own SQL statements that the server will execute. With regards ...

DEBIAN-CVE-2006-2607

docommand.c in Vixie cron vixie-cron 4.1 does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits, as originally demonstrated by a program that exceeds the process limits as defined in...

CVE-2006-2516

mainfile.php in XOOPS 2.0.13.2 and earlier, when registerglobals is enabled, allows remote attackers to overwrite variables such as $xoopsOption'nocommon' and conduct directory traversal attacks or include PHP files via 1 xoopsConfiglanguage to misc.php or 2 xoopsConfigthemeset to index.php, as...

portmap 5 beta (Set/Dump) Local Denial of Service Exploit

Exploit for linux platform in category dos / poc ========================================================= portmap 5 beta Set/Dump Local Denial of Service Exploit ========================================================= ///////////////////////////////////// // portmap Set+Dump Local DoS - PoC...

DEBIAN-CVE-2006-1726

Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the jsValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method...

Aztek Forum 4.0 - myadmin.php User Privilege Escalation

Aztek Forum 4.0 - myadmin.php User Privilege Escalation !/usr/bin/perl use IO::Socket; Aztek Forum 4.00 Change User Rights Remote Exploit only if the magicquote are : OFF aztekgar.pl 127.0.0.1 /aztek/ Admin Attacker +------------------------------------------------------------+ - Aztek 4.0 Give...

DEBIAN-CVE-2006-1258

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...

CVE-2006-1258

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.1 allows remote attackers to inject arbitrary web script or HTML via the settheme parameter...