8 matches found
Improper Validation Of Syntactic Correctness Of Input
org.eclipse.jetty:jetty-server is vulnerable to Improper Validation of Syntactic Correctness of Input via the HttpURI class. The vulnerability is due to insufficient validation on the authority segment of a URI. An attacker can manipulate the URI parsing to redirect requests or initiate server-si...
VirtuaSystems VirtuaNews 1.0.x Multiple Module Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9812/info It has been reported that the VirtuaNews non-default modules 'Files' and 'Vulns' are prone to multiple cross-site scripting vulnerabilities. These problems surround the application's failure to properly validate...
UBBCentral UBB.Threads 3.43.5 - Dosearch.php SQL Injection
UBBCentral UBB.Threads 3.43.5 - Dosearch.php SQL Injection source: https://www.securityfocus.com/bid/11502/info It is reported that UBBCentral UBB.threads is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input...
Aborior Encore Web Forum - Arbitrary Command Execution
Aborior Encore Web Forum - Arbitrary Command Execution source: https://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's...
Aborior Encore Web Forum - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/10040/info Encore Web Forum is reported prone to an issue that may allow a remote user to execute arbitrary commands on a system implementing the forum software. This issue is due to the application's failure to properly validate user-supplied URI input. ...
Mambo Open Source 4.5 - index.php SQL Injection
Mambo Open Source 4.5 - index.php SQL Injection source: https://www.securityfocus.com/bid/9891/info It has been reported that the Mambo 'index.php' script is prone to an SQL injection vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. As...
Mambo Open Source 4.5 - 'index.php?mos_change_template' Cross-Site Scripting
source: https://www.securityfocus.com/bid/9890/info It has been reported that the Mambo 'index.php' script is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly validate user supplied URI input. This issue could permit a remote attacker to...
herberlin bremsserver 1.2.4/3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/9493/info Herberlin BremsServer is prone to a directory-traversal vulnerability. An attacker may exploit this issue to gain access to files residing outside the web server root directory of the affected system. This issue exists due to a failure to valida...