5308 matches found
Merak Mail Server 8.2.4 r Arbitrary File Deletion Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14988/info Merak Mail Server is affected by an arbitrary file deletion vulnerability. This issue arises due to an input validation error allowing an attacker to delete files in the context of the Web server running the...
dotDefender 4.02 Authentication Bypass Vulnerability
No description provided by source. dotDefender is prone to a XSS because it doesn't satinate the input vars correctly. Injecting obfusctated JavaScript code based on references vars assignment, the dotDefender WAF is vulnerable. Class: Input Validation Error Remote: Yes Credit: David K. SH4V...
PuTTy.exe <= 0.53 - Buffer Overflow
No description provided by source. $Id: puttymsgdebug.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...
Confixx 2 DB Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9830/info It has been reported that an input validation error with the potential for use in a SQL injection attack is present in the dbmysqlloeschen2.php script. When a user is requesting the dbmysqlloeschen2.php script,...
Tritanium Scripts Tritanium Bulletin Board 1.2.3 Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8944/info It has been reported that Tritanium Bulletin Board may be prone to an access validation error that may allow a remote attacker to to gain unauthorized access to threads. A remote attacker may be able to access...
PuTTy.exe <= 0.53 - (validation) Remote Buffer Overflow Exploit (meta)
No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...
SSH2 3.0 Short Password Login Vulnerability
source: http://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the password field of the system password...
phpBB 1.x Page Header Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3167/info An input validation error exists in phpBB, a freely available WWW forums package. The problem is due to improper validation of some variables in phpBB. It is possible for users registered with the phpBB system t...
SuSE 6.3/6.4/7.0 sdb Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as a path when...
Macromedia ColdFusion MX 6.1 Template Handling Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11316/info Reportedly Macromedia ColdFusion MX is affected by privilege escalation vulnerability when handling templates. This issue is due to an access validation error that allows a user to perform actions with...
Ocean12 ASP Calendar Manager 1.0 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15329/info Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability. This is due to to an access validation error in the application. The application does properly verify access privileges and allow...
SAP Business Connector 4.6/4.7 deleteSingle fullName Variable Arbitrary File Deletion
No description provided by source. source: http://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the disclosure of sensitive or privileged...
SAP Business Connector 4.6/4.7 chopSAPLog.dsp fullName Variable Arbitrary File Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/16668/info SAP Business Connector is prone to a file-access/deletion vulnerability. This issue arises due to an access-validation error. A successful attack will result in the disclosure of sensitive or privileged...
Mobius DocumentDirect for the Internet 1.2 - Buffer Overflow Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/1657/info A number of unchecked static buffers exist in Mobius' DocumentDirect for the Internet program. Depending on the data entered, arbitrary code execution or a denial of service attack could be launched under the...
UTempter 0.5.x Multiple Local Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/10178/info It has been reported that utempter is affected by multiple local vulnerabilities. The first issue is due to an input validation error that causes the application to exit improperly; facilitating symbolic link...
Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...
Logics Software LOG-FT Arbitrary File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12998/info LOG-FT is reported prone to an arbitrary file disclosure vulnerability. This issue results from an access validation error and can allow a remote attacker to disclose sensitive data. It is reported that an...
HolaCMS 1.2/1.4.x Voting Module Remote File Corruption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12789/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This is due an input validation error that allows users to submit voting data to an attacker-specified file. It ha...
Xpient Cash Drawer Operation Vulnerability
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Xpient Cash Drawer Operation Vulnerability 1. Advisory Information Title: Xpient Cash Drawer Operation Vulnerability Advisory ID: CORE-2013-0517 Advisory URL:...
Rit Research Labs TinyWeb 1.9.2 Unauthorized Script Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10445/info TinyWeb Server is affected by an unauthorized script disclosure vulnerability. This issue is due to an input validation error that allows malicious users to bypass standard web server rules. This issue will all...