5314 matches found
freeForum 1.x "cat" "thread" SQL inj.
freeForum 1.x "cat" "thread" SQL inj. Vuln. dicovered by : r0t Date: 23 nov. 2005 Orginal advsiory:http://pridels.blogspot.com/2005/11/freeforum-1x-cat-and-thread-sql-inj.html Vendor:http://soft.zoneo.net/freeForum/ affected version: 1.1 and prior Vuln. description: Input passed to the "cat" and...
DeskLance Vuln.
DeskLance Vuln. Vuln. dicovered by : r0t Date: 24 nov. 2005 Orginal advsiory:http://pridels.blogspot.com/2005/11/desklance-vuln.html Vendor:http://www.desklance.com/ affected version: 2.3 and prior Vuln. description: Input passed to the "main" parameter in "index.php" isn't properly verified,...
Hung it to a trick-vulnerability warning-the black bar safety net
| --- | Hung it when using theiframe src=http://www.sohu.com/mm.htm width=0 height=0/iframesuch source code, but the browser is hung when the status bar will display hung it to the link in mm. htm or is hanging the page, add the phrasebody onload=window. status="is hanging stations of the URL"may...
Softbiz Web Host Directory Script Multiple vuln.
Softbiz Web Host Directory Script Multiple vuln. Vuln. dicovered by : r0t Date: 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/web-host-directory-script-multiple.html Vendor:www.softbizscripts.com Product link:http://www.softbizscripts.com/web-hosting-directory-script.php...
digiSHOP 3.x SQL injection vuln.
Vuln. dicovered by : r0t Date 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/digishop-3x-sql-injection-vuln.html Vendor:http://digishop.sumeffect.com/ affected version:tested on digiSHOP 3.1.17 , vuln. also can be all 3.x and prior versions. Vuln. Description: 1. Input passed t...
Commodity Rentals 2.x "user_id" Sql inj.
Vuln. dicovered by : r0t Date: 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/commodity-rentals-2x-userid-sql-inj.html Vendor:http://www.commodityrentals.com/ affected version: 2.x and prior Product Description: CommodityRentals is the most comprehensive Online Rental Business...
Affcommerce Multiple Sql inj.
Affcommerce Multiple Sql inj. Vuln. dicovered by : r0t Date 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/affcommerce-multiple-sql-inj.html Vendor:http://www.affcommerce.com/ affected version:1.1.4 Product Description: Affcommerce is a unique, one of its kind affiliate based...
SupportPRO Supportdesk XSS vuln.
SupportPRO Supportdesk XSS vuln. Vuln. dicovered by : r0t Date 23 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/supportpro-supportdesk-xss-vuln.html Vendor:http://supportpro.net/ Input passed to the post and view tickets parameters isn't properly sanitised before being returned t...
ezyhelpdesk Multiple Sql inj
ezyhelpdesk Multiple Sql inj. Vuln. dicovered by : r0t Date 23 nov. 2005 Original advisory:http://pridels.blogspot.com/2005/11/ezyhelpdesk-multiple-sql-inj.html Vendor:http://www.ezyhelpdesk.com affected version: 1.0 and prior Software description: ezyhelpdesk is an instrumental piece of software...
1-2-3 music store "AlbumID" Sql injection.
1-2-3 music store "AlbumID" Sql injection. Vuln. dicovered by : r0t Date 23 nov. 2005 Orginal advisory:http://pridels.blogspot.com/2005/11/1-2-3-music-store-albumid-sql.html Vendor:http://easybe.com/ affected version: 1.0 and prior Product Description: Description: 1-2-3 Music Store - the music...
CVE-2005-3747
Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash "%5C" characters. NOTE: this might be the same issue as CVE-2006-2758...
CVE-2005-3747
Jetty (web server/container) affected by CVE-2005-3747: Unspecified vulnerability in Jetty before 5.1.6 could allow remote attackers to obtain the source code of JSP pages, potentially by requesting .jsp files with URL-encoded backslash characters ("%5C"). The issue is noted as possibly the same ...
Jetty < 5.16.0 JSP Source Code Disclosure
Binary data 3301.prm...
AlstraSoft EPay Pro "pmodule" SQL Injection Vulnerability
AlstraSoft EPay Pro "pmodule" SQL Injection Vulnerability Vuln. dicovered by : r0t Vendor:http://www.alstrasoft.com/ Product link: http://www.alstrasoft.com/epay.htm affected version:v2.0 Product Overview: How would you like to own your very own payment processing website and business built with...
[SA17652] e-Quick Cart SQL Injection Vulnerabilities
TITLE: e-Quick Cart SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA17652 VERIFY ADVISORY: http://secunia.com/advisories/17652/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: e-Quick Cart http://secunia.com/product/6165/ DESCRIPTION: BiPiHaCk has...
[SA17659] Jetty JSP Source Code Disclosure Vulnerability
TITLE: Jetty JSP Source Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA17659 VERIFY ADVISORY: http://secunia.com/advisories/17659/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Jetty 5.x http://secunia.com/product/6169/ DESCRIPTION: A...
[Full-disclosure] Secunia Research: Winmail Server Multiple Vulnerabilities
====================================================================== Secunia Research 18/11/2005 - Winmail Server Multiple Vulnerabilities - ====================================================================== Table of Contents Affected...
CVE-2002-2186
Macromedia JRun 3.0, 3.1, and 4.0 allow remote attackers to view the source code of .JSP files via Unicode encoded character values in a URL...
CVE-2002-2186
Technical details about CVE-2002-2186 are not publicly provided in the connected documents. Monitor for updates.
Microsoft IIS UNC Mapped Virtual Host Vulnerability
Your IIS webserver allows the retrieval of ASP/HTR source code. SPDX-FileCopyrightText: 2001 [email protected] Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...