[SA18672] sPaiz-Nuke "query" Cross-Site Scripting Vulnerability

TITLE: sPaiz-Nuke "query" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA18672 VERIFY ADVISORY: http://secunia.com/advisories/18672/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: sPaiz-Nuke http://secunia.com/product/7180/ DESCRIPTION: NightWarrior h...

[SA18392] TheWebForum Script Insertion and SQL Injection Vulnerabilities

TITLE: TheWebForum Script Insertion and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA18392 VERIFY ADVISORY: http://secunia.com/advisories/18392/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: TheWebForum 1.x...

[SA18354] 427BB Multiple Vulnerabilities

TITLE: 427BB Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18354 VERIFY ADVISORY: http://secunia.com/advisories/18354/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: 427BB 2.x http://secunia.com/product/4730/...

[SA18325] OnePlug CMS SQL Injection Vulnerabilities

TITLE: OnePlug CMS SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA18325 VERIFY ADVISORY: http://secunia.com/advisories/18325/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: OnePlug CMS http://secunia.com/product/6753/ DESCRIPTION: Preddy has reported...

[SA18324] Timecan CMS "viewID" SQL Injection Vulnerability

TITLE: Timecan CMS "viewID" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18324 VERIFY ADVISORY: http://secunia.com/advisories/18324/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: Timecan CMS 3.x http://secunia.com/product/6756/ DESCRIPTION: Preddy h...

[SA18309] Next Generation Image Gallery "page" Cross-Site Scripting Vulnerability

TITLE: Next Generation Image Gallery "page" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA18309 VERIFY ADVISORY: http://secunia.com/advisories/18309/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Next Generation Image Gallery 0.x...

[SA18302] NKads Login SQL Injection Vulnerability

TITLE: NKads Login SQL Injection Vulnerability SECUNIA ADVISORY ID: SA18302 VERIFY ADVISORY: http://secunia.com/advisories/18302/ CRITICAL: Highly critical IMPACT: Security Bypass, Manipulation of data, System access WHERE: From remote SOFTWARE: NKads 1.x http://secunia.com/product/6738/...

LizardCart.txt

New eVuln Advisory: Lizard Cart CMS SQL Injection Vulnerability --------------------Summary---------------- Software: Lizard Cart CMS Sowtware's Web Site: http://sourceforge.net/projects/lizardcart Versions: 1.04 Critical Level: Dangerous Type: SQL Injection Class: Remote Status: Unpatched Exploi...

Primo Cart SQL inj.

Primo Cart SQL inj. Vuln. discovered by : r0t Date: 2 jan. 2006 orginal advisory:http://pridels.blogspot.com/2006/01/primo-cart-sql-inj.html vendor:www.primoplace.com/primo-cart.htm affected version:1.0 and prior Product Description: Primo Cart is a fully customizable turnkey shopping cart soluti...

[SA18281] MyBB Multiple Vulnerabilities

TITLE: MyBB Multiple Vulnerabilities SECUNIA ADVISORY ID: SA18281 VERIFY ADVISORY: http://secunia.com/advisories/18281/ CRITICAL: Moderately critical IMPACT: Unknown, Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: MyBB formerly MyBulletinBoard 1.x...

CVE-2005-4805

Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages JSP via unknown vectors...

OoApp Guestbook XSS vuln.

OoApp Guestbook XSS vuln. Vuln. discovered by : r0t Date: 30 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ooapp-guestbook-xss-vuln.html vendor:http://www.ooapp.com/ affected version:2.1 and prior Product Description: This is a free php based guestbook for your web site. Easy to...

Kayako SupportSuite multiple vuln.

Kayako SupportSuite multiple vuln. Vuln. discovered by : r0t Date: 30 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/kayako-supportsuite-multiple-vuln.html vendor:http://www.kayako.com/supportsuite.php affected version: v3.00.26 and prior Product Description: Kayako SupportSuite...

CVE-2005-4550

The PORTAL schema in Oracle Application Server OracleAS Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a dfnextpage parameter with a trailing null byte %00...

CVE-2005-4550

CVE-2005-4550 affects the PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet. The vulnerability allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter that can contain a trailing null byte (%00). This is caused ...

oracle Application server discussion forum portlet - Multiple Vulnerabilities

oracle Application server discussion forum portlet - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/16048/info Oracle Application Server Discussion Forum Portlet is affected by multiple remote vulnerabilities. The following specific vulnerabilities were identified: The...

oracle Application server discussion forum portlet - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/16048/info Oracle Application Server Discussion Forum Portlet is affected by multiple remote vulnerabilities. The following specific vulnerabilities were identified: The application is prone to a cross-site scripting vulnerability. Discussion Forum Portle...

CVE-2005-4473

Unspecified vulnerability in Macromedia JRun 4 web server JWS allows remote attackers to view web application source code via "a malformed URL."...

Macromedia JRun Application Server platform multiple vulnerabilities

Source code leak, Web server DoS...

CVE-2005-4473

Unspecified vulnerability in Macromedia JRun 4 web server JWS allows remote attackers to view web application source code via "a malformed URL."...