CVE-2007-0599

Variable overwrite vulnerability in common/config.php in Aztek Forum 4.00 allows remote attackers to overwrite arbitrary program variables and conduct other unauthorized activities, such as copying arbitrary files using index/commonactions.php, via vectors associated with extract operations on th...

security flaw

The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...

CVE-2007-0406

Multiple buffer overflows in the 1 main function in a client.c, and the 2 serversetup and 3 serverclientconnect functions in b server.c in gxine 0.5.9 and earlier allow local users to cause a denial of service daemon crash or gain privileges via a long HOME environment variable. NOTE: some of the...

Buffer overflow

Multiple buffer overflows in the 1 main function in a client.c, and the 2 serversetup and 3 serverclientconnect functions in b server.c in gxine 0.5.9 and earlier allow local users to cause a denial of service daemon crash or gain privileges via a long HOME environment variable. NOTE: some of the...

CVE-2007-0406

Multiple buffer overflows in the 1 main function in a client.c, and the 2 serversetup and 3 serverclientconnect functions in b server.c in gxine 0.5.9 and earlier allow local users to cause a denial of service daemon crash or gain privileges via a long HOME environment variable. NOTE: some of the...

CVE-2007-0406

Removed by vendor...

VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit

Exploit for unknown platform in category web applications ====================================================================== VisoHotlink 1.01 functions.visohotlink.php Remote File Include Exploit ====================================================================== !/usr/bin/perl VisoHotlink...

MOAB-21-01-2007: System Preferences writeconfig Local Privilege Escalation Vulnerability

Summary Apple provides the following description in the The Preference Application documentation: System Preferences is the standard location for presenting system-level preferences on OSX. The preference panes shipped with Mac OS X include panes affecting hardware such as the Sound, Mouse, and...

Upload Service 1.0 (top.php maindir) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================== Upload Service 1.0 top.php maindir Remote File Inclusion Vulnerability ========================================================================...

CVE-2007-0368

Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSEROOT environment variable...

Stack overflow

Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSEROOT environment variable...

Fedora Core 5 : gnupg-1.4.6-1 (2006-1405)

This update upgrades GnuPG to version 1.4.6, incorporating fixes for a potential buffer overflow CVE-2006-6169 and referencing of a stack variable after it passes out of scope CVE-2006-6235. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

CVE-2007-0106

Cross-site scripting XSS vulnerability in the CSRF protection scheme in WordPress before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not properly handled when...

CVE-2007-0106

Cross-site scripting XSS vulnerability in the CSRF protection scheme in WordPress before 2.0.6 allows remote attackers to inject arbitrary web script or HTML via a CSRF attack with an invalid token and quote characters or HTML tags in URL variable names, which are not properly handled when...

CVE-2006-6892

Cross-site scripting XSS vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable...

CVE-2006-6892

Cross-site scripting XSS vulnerability in the GetLocation function in online.php in Jonathon J. Freeman OvBB 0.13a allows remote attackers to inject arbitrary web script or HTML via the aRequest variable...

Ciberia Content Federator 1.0 (path) Remote File Include Exploit

No description provided by source. !/usr/bin/perl Portal Name : ciberia 1.0maquetacionsocio.php Remote File Inclusion Exploit BUG: Path/socios/maquetacionsocio.php?path=Dr.Trojan.TxT Vulnerable Code: 1-include "$path/datos/datossocios.php"; 2-include "$path/elementos/actos.php"; 3-include...

Fishyshoop Security Vulnerability

Synopsis ======== The Fishyshoop shopping cart software contains a vulnerability which allows arbitrary users to create accounts with administrator privileges Background ========== Fishyshoop is a suite of PHP scripts allowing anybody to create an attractive online store. Affected Versions...

TextSend <= 1.5 (config/sender.php) Remote File Include Vulnerability

No description provided by source. +------------------------------------------------------------------------------------------- + TextSend = 1.5 config/sender.php Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Vendo...

CVE-2006-6661

This CVE affects PHP-Update (blog.php)