5314 matches found
Important: Red Hat Security Advisory: kdelibs security update
Updated kdelibs packages that fix a flaw in kimgio input validation are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. KDE is a graphical desktop environment for the X Window System. Konqueror is...
CVE-2005-1366
Pico Server (pServ) up to version 3.2 is affected by an information-disclosure flaw that lets remote attackers obtain the source code of CGI scripts. The vulnerability arises from a flawed CGI-bin path check: requesting URLs like somedir/../cgi-bin can cause the server to return the CGI source in...
CVE-2005-1366
Pico Server pServ 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL...
CVE-2005-1366
Pico Server pServ 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL...
PServ 3.2 - Source Code Disclosure
PServ 3.2 - Source Code Disclosure source: https://www.securityfocus.com/bid/13638/info pServ is affected by a remote source code disclosure vulnerability. When handling a specially-crafted URI request, the application discloses the source code of scripts in the 'cgi-bin' directory. Information...
PServ 3.2 - Source Code Disclosure
source: https://www.securityfocus.com/bid/13638/info pServ is affected by a remote source code disclosure vulnerability. When handling a specially-crafted URI request, the application discloses the source code of scripts in the 'cgi-bin' directory. Information gathered through this attack could b...
[SA15344] 1Two News Script Insertion and Authentication Bypass
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: 1Two News Script Insertion and Authentication Bypass...
[SA15297] Quick.Cart "sWord" Cross-Site Scripting Vulnerability
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Quick.Cart "sWord" Cross-Site Scripting Vulnerability...
[SA15251] CodeThatShoppingCart Multiple Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: CodeThatShoppingCart Multiple Vulnerabilities SECUNIA...
ZeroBoard - Worm Source Code
ZeroBoard - Worm Source Code / The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include include include include include include include include include ifdef sun include endif / SunOS / define DEBUGING undef...
ZeroBoard Worm Source Code
No description provided by source. / The worm exploits a vulnerability in ZeroBoard, allowing an attacker to inject arbitrary PHP code. /str0ke / / ZeroBoard -1day INE w0rm / include stdio.h include unistd.h include stdlib.h include sys/socket.h include netdb.h include netinet/in.h include signal...
[SA15232] FishCart Cross-Site Scripting and SQL Injection Vulnerabilities
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: FishCart Cross-Site Scripting and SQL Injection...
[SA15208] eSKUeL "ConfLangCookie" and "lang_config" Local File Inclusion
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: eSKUeL "ConfLangCookie" and "langconfig" Local File...
[SA15181] ViArt Shop Enterprise Cross-Site Scripting and Script Insertion
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: ViArt Shop Enterprise Cross-Site Scripting and Script...
siteEnable.txt
Hackers Center Security Group http://www.hackerscenter.com/ Zinho's Security Advisory Title: SiteEnable CMS Multiple Severe XSS and Sql injections Risk: High Date: 1/04/2005 Vendor: http://www.siteenable.com/default.asp Quote from the Vendor: "SiteEnable starts at only $189.00" I could test...
IBM WebSphere application server information leak
It's possible to obtain JSP page source code by requesting non-existing virtual host...
IBM WebSphere Application Server Malformed Host Header JSP Source Disclosure
It is possible to make the remote web server disclose the source code of its JSP pages by requesting the pages with a nonexistent hostname in the HTTP 'Host' header request when WebSphere Application is sharing the document root of the web server. An attacker may use this flaw to get the source...
IBM Websphere 5.05.16.0 - Application Server Web Server Root JSP Source Code Disclosure
IBM Websphere 5.05.16.0 - Application Server Web Server Root JSP Source Code Disclosure source: https://www.securityfocus.com/bid/13160/info A remote JSP source disclosure vulnerability reportedly affects the IBM WebSphere Application Server. This issue is due to a failure of the application to...
kdegraphics security update
CentOS Errata and Security Advisory CESA-2005:021-01 Updated kdegraphics packages that resolve multiple security issues in kfax are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team The kdegraphics package contains graphics...
AN HTTPD 1.42 - Arbitrary Log Content Injection
AN HTTPD 1.42 - Arbitrary Log Content Injection source: https://www.securityfocus.com/bid/13069/info AN HTTPD is affected by a vulnerability that may allow remote attacker to inject arbitrary content in to the log file. This issue arises due to a failure of input validation. Corruption of logs ma...