5340 matches found
CVE-2012-0036
curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...
Support Incident Tracker (SiT!) 3.63 p1 - report_marketing.php?exc[] SQL Injection
Support Incident Tracker SiT! 3.63 p1 - reportmarketing.php?exc SQL Injection source: https://www.securityfocus.com/bid/48896/info Support Incident Tracker is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in ...
Microsoft Office Excel PivotTable Cache Data Record Handling Overflow
Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...
RedHat Update for seamonkey RHSA-2008:0104-01
Check for the Version of seamonkey OpenVAS Vulnerability Test RedHat Update for seamonkey RHSA-2008:0104-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
WebGUI < 7.4.35 Data Form List View Unspecified Vulnerability
Binary data 4489.prm...
phpBB < 3.0.1 Multiple Information Disclosure Vulnerabilities
Binary data 4475.prm...
waraxe-2008-SA064.txt
waraxe-2008-SA064 - Sql Injection in MyBB 1.2.11 =============================================================================== Author: Janek Vind "waraxe" Date: 21. January 2008 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-64.html Target software description: MyBB is a discussion...
PHP 5.1.x < 5.1.2 mysqli Error Message Format String
Binary data 3368.prm...
jPORTAL 2.3.1 - 'Banner.php' SQL Injection
source: https://www.securityfocus.com/bid/13103/info JPortal is reportedly affected by an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise o...
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
No description provided by source. !/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL"; $SIG"INT" = "IGNORE...
PostgreSQL VACUUM command allows unprivileged user to remove database transaction log data
Overview The PostgreSQL VACUUM command contains a vulnerability that allows an unprivileged user to remove database transaction log data. This may result in unrecoverable data loss. Description PostgreSQL is a database management system. The PostgreSQL VACUUM command is used to clean out records...
Buffer overflow in IBM U2 UniVerse ODBC
No description provided...
CVE-2012-3619
...
CVE-2020-2061
...
CVE-2020-26314
...
CVE-2022-34856
...
CVE-2024-5886
...
CVE-2025-34470
CVE-2025-34470 is rejected/not used for a vulnerability disclosure, per the Initial Description.
CVE-2022-46734
...
CVE-2020-5220: Ability to define unintended serialisation groups via HTTP header which might lead to data exposure
Impact ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's...