630 matches found
DEBIAN-CVE-2010-4652
Heap-based buffer overflow in the sqlpreparewhere function contrib/modsql.c in ProFTPD before 1.3.3d, when modsql is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly...
MySQL拒绝服务和客户端证书校验漏洞
MySQL是一款流行的数据库服务程序。 MySQL存在多个安全漏洞,恶意攻击者可以进行拒绝服务和伪造攻击。 -链接OpenSSL库的MySQL客户端包含的"vioverifycallback"函数存在错误,MySQL服务器如果使用深度为零的证书,攻击者可以进行中间人攻击。 -对在WHERE子句中包含子查询的"SELECT"缺少错误处理和指派一个SELECT结果给用户变量,这个结果可导致服务程序崩溃。 -当处理Geometry值作为第一个参数时"GeomFromWKB"函数不正确保留参数的空值标记,可导致服务程序崩溃。 MySQL 5.x MySQL...
MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service
MySQL 6.0.9 - SELECT Statement WHERE Clause Sub-query Denial of Service source: https://www.securityfocus.com/bid/37297/info MySQL is prone to multiple remote denial-of-service vulnerabilities because it fails to handle certain SQL expressions. An attacker can exploit these issues to crash the...
CVE-2008-6992
GreenSQL Firewall greensql-fw, possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL...
QuickTicket 1.5 - qti_usr.php SQL Injection
QuickTicket 1.5 - qtiusr.php SQL Injection Script name: QuickTicket Site: http://www.qt-cute.org Vulnerability: remote sql injection at qtiusr.php Download: v 1.4: http://www.qt-cute.org/download/qti14.zip v 1.5.0.3: http://www.qt-cute.org/download/qti15.zip Vulnerable code: 1.4 ; 1.5 is pretty t...
Sql injection
Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via 1 the searchword parameter in certain files; the where parameter in 2 plugins/search/content.php or 3 plugins/search/weblinks.php; the text parameter in 4...
[Full-disclosure] Secunia Research: Where Is It unacev2.dll Buffer Overflow Vulnerability
====================================================================== Secunia Research 09/05/2006 - Where Is It unacev2.dll Buffer Overflow Vulnerability - ====================================================================== Table of Contents Affected...
multihtml.c.exploit.txt
Multihtml.c Security Advisory Pot Kettle Industries Topic: Multihtml.c exploit remote vulnerability Category: Remote for Remote Vendor: bansh33 , r00tabega security labs Announced: 2005-06-10 Credits: Pot Kettle Industries Affects: All Platforms Corrected: N/A URL: http://potkettle.net/advisories...
CVE-2005-1178
SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature...
SQL Injection in Oracle Forms
SQL Injection in Oracle Forms V1.00 © 2005 by Red-Database-Security GmbH 1/5 Summary: All Oracle Forms applications are vulnerable against SQL Injection by default. Oracle Applications =11.5.9 is not affected due to the default setting value “FORMSxxRESTRICTENTERQUERY = TRUE”. About Oracle Forms:...