7576 matches found
punBB < 1.2.7 Multiple SQL Injection Vulnerabilities
Binary data 3220.prm...
Land Down Under < 802 events.php SQL Injection
Binary data 3209.prm...
Debian DSA-798-1 : phpgroupware - several vulnerabilities
Several vulnerabilities have been discovered in phpgroupware, a web-based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2498 Stefan Esser discovered another vulnerability in the XML-RPC libraries that allows...
DSA-798-1 phpgroupware - several
Bulletin has no description...
w-Agora index.php site Parameter Traversal Arbitrary File Access
The remote host is running w-agora, a web-based forum application written in PHP. The remote version of this software is prone to directory traversal attacks. A remote attacker could request a specially crafted URL to read arbitrary files on the remote system with the privileges of the web server...
[SECURITY] [DSA 778-1] New mantis packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 778-1 [email protected] http://www.debian.org/security/ Martin Schulze August 19th, 2005 http://www.debian.org/security/faq -...
Zorum 3.5 remote code execution poc exploit
Zorum 3.5 remote code execution poc exploit software: description: Zorum is a freely available, open source Web-based forum application implemented in PHP. It is available for UNIX, Linux, and any other platform that supports PHP script execution. author site: http://zorum.phpoutsourcing.com/ 1...
CVE-2004-2371
Technical details for CVE-2004-2371 are not publicly provided in the connected documents. The initial description lacks vendor/product/version specifics or a remediation. Monitor for updates.
Gravity Board X <= 1.1 Multiple Vulnerabilities (SQLi, XSS, PD, Cmd Exe)
The remote host is running Gravity Board X, an open source, web-based electronic forum written in PHP. The version of Gravity Board X installed on the remote host suffers from several flaws, including : - Unauthorized Access Vulnerability The 'editcss.php' script does not require authentication...
phpList Detection
The remote host is running phpList, a free, web-based mailing list manager that uses PHP and MySQL. C Tenable Network Security, Inc. per phpList maintainer, 'phpList' is official capitalization 12/23/08 include"compat.inc"; if description scriptid19313; scriptversion"1.16";...
DSA-746-1 phpgroupware - remote command execution
Bulletin has no description...
FreeBSD : ImageMagick -- PSD handler heap overflow vulnerability (597e2bee-68ea-11d9-a9e7-0001020eed82)
An iDEFENSE Security Advisory reports : Remote exploitation of a buffer overflow vulnerability in The ImageMagick's Project's ImageMagick PSD image-decoding module could allow an attacker to execute arbitrary code. Exploitation may allow attackers to run arbitrary code on a victim's computer if t...
phpGroupWare, eGroupWare: PHP script injection vulnerability
Background phpGroupWare and eGroupWare are web based collaboration software suites. Description The XML-RPC implementations of phpGroupWare and eGroupWare fail to sanitize input sent to the XML-RPC server using the "POST" method. Impact A remote attacker could exploit the XML-RPC vulnerability to...
CVE-2005-2175
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies...
CVE-2005-2175
The web interface for Lotus Notes mail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies...
CVE-2005-2176
Novell NetMail is vulnerable to an issue where HTML in an attachment is processed automatically without prompting the user to save or open it, enabling potential web-based attacks and cookie theft. The provided sources (NVD/CVE record) confirm the description but do not specify affected versions,...
CVE-2005-2176
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies...
CVE-2005-2176
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies...
punBB < 1.2.6 profile.php $temp Parameter SQL Injection (deprecated)
Binary data 3058.prm...
YaPiG Password Protected Directory Bypass
The remote host is running YaPiG, a web-based image gallery written in PHP. The remote version of this software contains a flaw that can let a malicious user view images in password protected directories. Successful exploitation of this issue may allow an attacker to access unauthorized images on...