144 matches found
NULL FTP Server 1.1.0.7 - 'Site' Command Injection
vuln.sg Vulnerability Research Advisory NULL FTP Server SITE Parameters Command Injection Vulnerability by Tan Chew Keong Release Date: 2008-12-05 Summary A vulnerability has been found in NULL FTP Server. When exploited, this vulnerability allows an authenticated user to execute arbitrary shell...
CVE-2008-5286
Integer overflow in the cupsImageReadPNG function in CUPS 1.1.17 through 1.3.9 allows remote attackers to execute arbitrary code via a PNG image with a large height value, which bypasses a validation check and triggers a buffer overflow...
wengophone-dos.txt
Title ===== WengoPhone SIP phone Remote Denial of Service vulnerability Date ==== 10 August 2007 Affected Software ================= WengoPhone versions 2.x tested on 2.1 Overview ======== WengoPhone is a thriving VoIP Service Provider from France. It is a free and wild used SIP based softphone...
CVE-2006-3013
Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 Update 6 allows remote attackers to execute arbitrary SQL commands via an email parameter containing a null %00 character after a valid e-mail address, which passes the validation check in the eregi PHP command. NOTE: it could...