415 matches found
phpBugTracker 0.9 - bug.php Multiple Cross-Site Scripting Vulnerabilities
phpBugTracker 0.9 - bug.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/10153/info Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These...
phpBugTracker 0.9 - user.php?bugid Cross-Site Scripting
phpBugTracker 0.9 - user.php?bugid Cross-Site Scripting source: https://www.securityfocus.com/bid/10153/info Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due...
phpBugTracker 0.9 - 'bug.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/10153/info Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due to a failure of the application to properly sanitize us...
phpBugTracker 0.9 - 'query.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/10153/info Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due to a failure of the application to properly sanitize us...
Vizer Web Server multiple bugs
No input validation...
Xoops 1.3.x2.0.x - Multiple Vulnerabilities
Xoops 1.3.x2.0.x - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/9166/info Multiple vulnerabilities were reported in Xoops. These issues include SQL injection and input validation issues that will allow remote attackers to manipulate banners and local variables. Exploitation...
Koch Roland Rolis Guestbook 1.0 - '$path' Remote File Inclusion
source: https://www.securityfocus.com/bid/9054/info It has been reported that Rolis Guestbook may be vulnerable to an input validation issue that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable system. Rolis Guestbook version 1.0 has been...
TerminatorX local root
Program: terminatorX 3.80 Impact: Users can gain local root Discovered: jaguar Writeup and exploits: Andrew Griffiths 1 Background 'terminatorX is a realtime audio synthesizer that allows you to "scratch" on digitally sampled audio data .wav, .au, .ogg, .mp3, etc. the way hiphop-DJs scratch on...
EMUMAIL5.x.txt
1EMUMAIL 5.x parameter validation vulnerability. --------------------------- Summary -------- Parameter validation bugs exist in 2 of the most popular Greek Free e-mail providers. The problem also there is on many other servers worldwide.The affected software is EMUMAIL 5.x used by Mail.gr and th...
CVE-2002-1159
Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak...
Multiple bugs in CDE ToolTalk
Incomplete input validation in different remote calls...
McAfee ASaP VirusScan service does not adequately validate input
Overview A vulnerability exists in McAfee ASaP VirusScan that permits intruders to access files outside of the web root. Description Quoting from the McAfee ASaP VirusScan FAQ, McAfee ASaP VirusScan is "a web-based, managed and updated anti-virus service for the entire desktop environment." McAfe...
Tarantella Enterprise 3 3.x - TTAWebTop.cgi Arbitrary File Viewing
Tarantella Enterprise 3 3.x - TTAWebTop.cgi Arbitrary File Viewing source: https://www.securityfocus.com/bid/2890/info Tarantella Enterprise 3 is a tool for centralized management of data and applications. It is operated via a web interface. It will run on a number of Unix and Linux distributions...
YaBB 9.1.2000 - Arbitrary File Read
YaBB 9.1.2000 - Arbitrary File Read source: https://www.securityfocus.com/bid/1668/info YaBB.pl, a web-based bulletin board script, stores board postings in numbered text files. The numbered file name is specified in the call to YaBB.pl in the variable num=. Before retrieving the file, YaBB will...
ROS-2-2129
2.2129 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 Vulnerability in the Exim message forwarding agent, related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...