9472 matches found
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
CVE-2006-4785
SQL injection vulnerability in blog/edit.php in Moodle 1.6.1 and earlier allows remote attackers to execute arbitrary SQL commands via the format parameter as stored in the $blogEntry variable, which is not properly handled by the insertrecord function, which calls adodbcolumnsql in the adodb lay...
PT-2006-5563 · Telekorn · Telekorn Signkorn Guestbook
Name of the Vulnerable Software and Affected Versions: Telekorn SignKorn Guestbook SL versions 1.3 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled and the SESSIONpermission parameter is set to "yes". This can be achieved vi...
X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (2)
/ $Id: raptorxkb.c,v 1.1 2006/09/13 16:18:36 raptor Exp $ raptorxkb.c - XKEYBOARD Strcmp, Solaris/SPARC 8/9/10 Copyright c 2006 Marco Ivaldi Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8...
CVE-2006-4673
Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the extract function on the superglobals, which allows remote attackers to conduct SQL injection attacks via the SERVERREMOTEADDR parameter to news.php...
Socketwiz Bookmarks <= 2.0 (root_dir) Remote File Include Exploit
Exploit for unknown platform in category web applications ================================================================= Socketwiz Bookmarks...
X11R6 < 6.4 XKEYBOARD (Solaris/SPARC) - Local Buffer Overflow (1)
/ X11R6 XKEYBOARD extension Strcmp for Sun Solaris 8 9 10 SPARC Copyright 2006 RISE Security , Ramon de Carvalho Valle This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either...
slsite10.txt
--------------------------------------------------------------------------- SLSite = 1.0 spawroot Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes Critical...
PHP-Fusion extract() Global Variable Overwriting
The version of PHP-Fusion on the remote host supports registering variables from user-supplied input in the event that PHP's 'registerglobals' setting is disabled, which is the default in current versions of PHP. Unfortunately, the way that this has been implemented in the version on the remote...
phpBB Shadow Premod <= 2.7.1 Remote File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================== phpBB Shadow Premod = 2.7.1 Remote File Include Vulnerability ==============================================================...
dsock <= 1.3 (buf) Remote Buffer Overflow PoC
Exploit for multiple platform in category dos / poc ============================================= dsock A buffer overflow in variable 'buf' exists due to insufficient validation of variable 'name' in function torresolve line 218 of software at http://www.monkey.org/dugsong/dsocks/ url PoC: DaveK ...
dsock 1.3 - 'buf' Remote Buffer Overflow (PoC)
A buffer overflow in variable 'buf' exists due to insufficient validation of variable 'name' in function torresolve line 218 of software at http://www.monkey.org/dugsong/dsocks/ url PoC: DaveK At a quick glance, this looks like it could indeed be overflowed quite trivially by passing an overlong...
CVE-2006-4530
Direct static code injection vulnerability in include/change.php in membrepass 1.5 allows remote attackers to execute arbitrary PHP code via the aifon parameter, which is injected into include/variable.php...
peoplebook10.txt
--------------------------------------------------------------------------- Peoplebook Mambo Component = v1.0 Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Date : August, 14th 2006 Location : Indonesia, Jakarta...
mybloggie213include.txt
----------------------------------------------------------------------------------------- myBloggie 2.1.3 mybloggierootpath Remote File Inclusion ----------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/04/29 Location : Iran - Tehran...
mafiaMoblog.txt
------------------------------------------------------------------------------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll.ir...
startpage10.txt
-------------------------------------------------------------------------------------------- Startpage 1.0 cfgLanguage Remote File Inclusion -------------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/08/10 HomePage : http://www.sh3ll.ir...
myEvent14.txt
--------------------------------------------------------------------------------------- myEvent 1.4 Multiple Remote File Include Vulnerabilities --------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/08/11 HomePage : http://www.sh3ll.ir...
calendarix07.txt
--------------------------------------------------------------------------------------- Calendarix 0.7 calpath Remote File Inclusion --------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/08/11 HomePage : http://www.sh3ll.ir Contact :...
miniBloggie10.txt
--------------------------------------------------------------------------------------- miniBloggie 1.0 fname Remote File Inclusion --------------------------------------------------------------------------------------- Author : Sh3ll Date : 2006/05/01 HomePage : http://www.sh3ll.ir Contact :...