1102 matches found
UBBCentral UBB.Threads 6.0 - Printthread.php SQL Injection
UBBCentral UBB.Threads 6.0 - Printthread.php SQL Injection // source: https://www.securityfocus.com/bid/13253/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'printthread.php' script. UBB.threads 6.0 is...
UBBCentral UBB.Threads 6.0 - 'Printthread.php' SQL Injection
// source: https://www.securityfocus.com/bid/13253/info It is reported that UBB.threads is prone to an SQL injection vulnerability. The SQL injection vulnerability is reported to affect the 'printthread.php' script. UBB.threads 6.0 is reported prone to this issue. It is likely that other versions...
PHP-Fusion 4.0 - Viewthread.php Information Disclosure
PHP-Fusion 4.0 - Viewthread.php Information Disclosure source: https://www.securityfocus.com/bid/12482/info PHP-Fusion is reportedly affected by an information disclosure vulnerability. This issue is due to the application failing to properly sanitize user-supplied input. It is reported that an...
UBBCentral UBB.Threads 6.2.3/6.5 - 'login.php?Cat' Cross-Site Scripting
source: https://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including it in dynamically generated web...
CVE-2004-0837
MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service crash or hang via multiple threads that simultaneously alter MERGE table UNIONs...
ubbthreads.txt
Product: ======== UBB.threads Vendor: ======= UBBCentral http://www.ubbcentral.com/ Versions: ========= I tested it successfull on 3.4.x At Version 3.5 you need to be logged in to perform a search. I didnt tested this version. Problem: ======== Sql-Injection in dosearch.php dosearch.php?Name=' OR...
SQL Injection in UBB.threads 3.4.x
Product: ======== UBB.threads Vendor: ======= UBBCentral http://www.ubbcentral.com/ Versions: ========= I tested it successfull on 3.4.x At Version 3.5 you need to be logged in to perform a search. I didnt tested this version. Problem: ======== Sql-Injection in dosearch.php dosearch.php?Name=' OR...
UBB.threads 6.2.*-6.3.* one char bruteforce exploit
Exploit for unknown platform in category web applications =================================================== UBB.threads 6.2.-6.3. one char bruteforce exploit =================================================== !/usr/bin/perl use LWP::UserAgent; UBB.Threads 6.2. - 6.3. exploit with one char brut...
linux threaded processes DoS
SIGRT1 signal can be delivired to application causing invalid handling of child threads termination...
Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service
/ source: https://www.securityfocus.com/bid/10096/info A vulnerability has been reported in the Linux Kernel that may permit a malicious local user to affect a system-wide denial of service condition. This issue may be triggered via the Kernel signal queue struct sigqueue and may be exploited to...
mysql -- ALTER MERGE denial of service vulnerability
Dean Ellis reported a denial of service vulnerability in the MySQL server: Multiple threads ALTERing the same or different MERGE tables to change the UNION eventually crash the server or hang the individual threads. Note that a script demonstrating the problem is included in the MySQL bug report...
Fixed in Apache Tomcat 4.1.3
Important: Denial of service CVE-2002-0935 A malformed HTTP request can cause the request processing thread to become unresponsive. A sequence of such requests will cause all request processing threads, and hence Tomcat as a whole, to become unresponsive. Affects: 4.0.0-4.0.2?, 4.0.3, 4.0.4-4.0.6...
Проблемы в работе с файловыми дескрипторами в OpenBSD (VFS races)
Наличие вызова блокирующей функции между проверкой файлового дескриптора и операцией над ним, позволяет провести операцию над закрытым дескриптором, если дескриптор был закрыт в другом потоке приложения...
CVE-2000-0381
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter...
CVE-2000-0381
CVE-2000-0381 affects the Gossamer Threads DBMan DBMan CGI script (db.cgi). The vulnerability arises when a non-existent database is referenced via the db parameter, allowing remote attackers to view environment variables and setup information (server information leakage). The OpenVAS NASL entrie...
CVE-2000-0381
The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter...
PT-2000-1324 · Gossamer Threads · Gossamer Threads Dbman
Name of the Vulnerable Software and Affected Versions: Gossamer Threads DBMan version db.cgi Description: The issue allows remote attackers to view environmental variables and setup information. This is achieved by referencing a non-existing database in the db parameter. Recommendations: For...
CVE-1999-0723
The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial-of-service when all worker threads are waiting for user input. Connected records confirm CSRSS as the vulnerable component and describe the impact as availability-related DoS, CVSS v2 base score 7.1. No concrete d...
CVE-1999-0723
The Windows NT Client Server Runtime Subsystem CSRSS can be subjected to a denial of service when all worker threads are waiting for user input...
nt.messagebox.DoS.txt
Date: Sun, 11 Apr 1999 22:50:25 +0200 Reply-To: chefren Sender: Windows NT BugTraq Mailing List From: chefren Subject: Death by MessageBox In-Reply-To: .. -------- Original Message -------- "NT hangs when several threads are calling MessageBox" Date: Fri, 9 Apr 1999 13:23:45 -0400 From: "Sumner,...