5 matches found
CVE-2012-1219
Multiple cross-site scripting XSS vulnerabilities in freelancerKit 2.35 allow remote attackers to inject arbitrary web script or HTML via the 1 ticket parameter to tickets.php, 2 title parameter to notes.php, or 3 task parameter to todo.php. NOTE: some of these details are obtained from third par...
Sql injection
SQL injection vulnerability in account.asp in Active Trade 2 allows remote attackers to execute arbitrary SQL commands via the 1 username parameter aka Email field or the 2 password parameter. NOTE: some of these details are obtained from third party information...
CVE-2008-3186
Multiple cross-site scripting XSS vulnerabilities in Chipmunk Blog Blogger allow remote attackers to inject arbitrary web script or HTML via the membername parameter to 1 members.php, 2 comments.php, 3 photos.php, 4 archive.php, or 5 cat.php. NOTE: the provenance of this information is unknown; t...
Stack overflow
Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string in the subject field in a mailto URI. NOTE: some of these details are obtained from third party...
CVE-2007-1569
Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attackers to cause a denial of service or execute arbitrary code via a yEnc yEncode encoded article with a long filename, as demonstrated using a .nzb file. NOTE: some of these details are obtained from third party information...