Cross site scripting

Cross-site scripting XSS vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable...

CVE-2009-2380

Cross-site scripting XSS vulnerability in includes/functions.php in 4images 1.7 through 1.7.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the url variable...

Virtue Classifieds (category) SQL Injection Vulnerability

No description provided by source. CMS : Virtue Classifieds WEB : http://www.virtuenetz.com/classified/ Archivo : search.php Variable Tipo : GET Valor : category Tipo : SQL Injection Url : http:/www.site.com/search.php?category=SQLI PoC:...

Virtue Classifieds - category SQL Injection

Virtue Classifieds - category SQL Injection CMS : Virtue Classifieds WEB : http://www.virtuenetz.com/classified/ Archivo : search.php Variable Tipo : GET Valor : category Tipo : SQL Injection Url : http:/www.site.com/search.php?category=SQLI PoC:...

DedeCMSV53 arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net

DedeCMSV53 arbitrary variable overwrite vulnerability See today mrxhming students a articles http://hi.baidu.com/mrxhming/blog/item/8176f00bf540f11795ca6b3f.html find this old BUG hasn't been patched to look like, from the inside of the forum go a pp out of it, everyone is welcome to shoot the...

织梦(DedeCms) V 5.3 任意变量覆盖漏洞

看核心文件include/common.inc.php中的代码 //检查和注册外部提交的变量 foreach$REQUEST as $k=$v if strlen$k0 && eregi'^|cfg|GLOBALS',$k && !isset$COOKIE$k //程序员逻辑混乱了？ exit'Request var not allow!'; 这个地方可以通过提交COOKIE变量绕过cfg等关键字的过滤 接着是注册变量的代码 foreachArray'GET','POST','COOKIE' as $request foreach$$request as $k = $v $$k =...

SquirrelMail: Multiple cross site scripting issues

Multiple cross-site scripting XSS vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 certain encrypted strings in e-mail headers, related to contrib/decryptheaders.php; 2 PHPSELF; and 3 the que...

CVE-2009-1786

The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable...

CVE-2009-1786

The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable...

Fedora 9 : squirrelmail-1.4.19-1.fc9 (2009-5471)

Fri May 22 2009 Michal Hlavinka - 1.4.19-1 - updated to 1.4.19 - fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581 - Tue May 19 2009 Michal Hlavinka - 1.4.18-2 - fix undefined variable aSpamIds 501260 - Tue May 12 2009 Michal Hlavinka - 1.4.18-1 - update to 1.4.18 fixes CVE-2009-1581 - Thu Dec 4...

Discuz! < 5.50论坛preg_match()函数未初始化$onlineipmatches变量漏洞

Discuz!是一款华人地区非常流行的Web论坛程序。 在Discuz!论坛的include/common.inc.php文件中： $magicquotesgpc = getmagicquotesgpc; @extractdaddslashes$COOKIE; @extractdaddslashes$POST; @extractdaddslashes$GET; //覆盖变量,这里我们可以覆盖$SERVER if!$magicquotesgpc $FILES = daddslashes$FILES; ..... ifgetenv'HTTPCLIENTIP' &&...

IceWarp WebMail口令取回功能输入验证漏洞

BUGTRAQ ID: 34827 CVECAN ID: CVE-2009-1469 Merak Email Server是一个全面的办公室局域网或Internet通讯邮件解决方案。 Merak邮件服务器的WebMail模块在登陆页面提供了“忘记口令”取回功能，忘记了登录口令的用户可以在这里向邮件服务器提供他们的邮件地址，之后服务器检查系统中是否存在这个地址并将相关的用户口令发回到这个地址。 在点击Forgot Password页面的提交按键时，所发送的HTTP POST请求包含有类似于以下的负载：...

Apache Web Server Configuration File Environment Variable Local Buffer Overflow Vulnerability

According to its version number, the remote version of Apache Web Server is prone to a local buffer-overflow vulnerability that affects a configuration file environment variable. This occurs because the application fails to validate user-supplied string lengths before copying them into finite...

FreeBSD : apache -- ap_resolve_env buffer overflow (4d49f4ba-071f-11d9-b45d-000c41e2cdad)

SITIC discovered a vulnerability in Apache 2's handling of environmental variable settings in the httpd configuration files the main httpd.conf' and .htaccess' files. According to a SITIC advisory : The buffer overflow occurs when expanding $ENVVAR constructs in .htaccess or httpd.conf files. The...

FreeBSD : lbreakout2 vulnerability in environment variable handling (ad4f6ca4-6720-11d8-9fb5-000a95bc6fae)

Ulf Harnhammar discovered an exploitable vulnerability in lbreakout2's environmental variable handling. In several instances, the contents of the HOME environmental variable are copied to a stack or global buffer without range checking. A local attacker may use this vulnerability to acquire...

Mandrake Linux Security Advisory : php (MDKSA-2007:090)

A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution CVE-2007-1001. A DoS flaw was found in how PHP processed a deeply nested array. A remote attacker coul...

Mandriva Linux Security Advisory : emacs (MDVSA-2008:034)

The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ':safe', did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file...

Mandriva Update for emacs MDVSA-2008:034 (emacs)

Check for the Version of emacs OpenVAS Vulnerability Test Mandriva Update for emacs MDVSA-2008:034 emacs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

pam-krb5 < 3.13 Local Privilege Escalation Exploit

No description provided by source. / cve-2009-0360.c pam-krb5 3.13 local privilege escalation Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360 pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly...

pam-krb5 < 3.13 - Local Privilege Escalation

/ cve-2009-0360.c pam-krb5 http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360 pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by...