13538 matches found
VEGO Web Forum index.php theme_id Parameter SQL Injection - Ver2 (CVE-2006-0065)
An SQL injection vulnerability has been reported in VEGO Web Forum. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Site-Assistant menu.php pathsversion Parameter PHP Code Execution - Ver2 (CVE-2007-0867)
A remote code execution vulnerability has been reported in Site-assistant. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CA BrightStor Arcserve Media Server Stack Buffer Overflow - Ver2 (CVE-2007-2139)
A buffer overflow vulnerability has been reported in CA BrightStor ARCserve Media Server. The vulnerability is due to insufficient boundary checking when processing crafted strings supplied in SUN RPC requests. Successful exploitation of this vulnerability could allow a remote attacker to execute...
OPENi-CMS Plugin index.php oi_dir Parameter PHP Code Execution - Ver2 (CVE-2007-0881)
A code execution vulnerability has been reported inSeitenschutz plugin for OPENi-CMS 1.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Vmist Downstat art Parameter PHP Code Execution - Ver2 (CVE-2006-4827)
A code execution vulnerability has been reported in Vmist Downstat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Venom Board post.php3 topic_id Parameter SQL Injection - Ver2 (CVE-2006-0160)
An SQL injection vulnerability has been reported in Venom Board. A remote attacker could exploit this vulnerability by sending specaially crafted parent root and topicid parameters to post.php. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL...
ScozBook auth.php adminname Parameter SQL Injection - Ver2 (CVE-2006-0079)
An SQL injection vulnerability has been reported in ScozNet ScozBook BETA. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
FreeBSD Remote NFS RPC Request Denial of Service - Ver2 (CVE-2006-0900)
A denial of service vulnerability was detected in FreeBSD. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
AINS function.inc.php path Parameter PHP Code Execution - Ver2 (CVE-2007-0570)
A code execution vulnerability has been reported in Johannes Gijsbers Ad Fundum Integratable News Script AINS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PhpSecurePages secure.php cfgProgDir Parameter PHP Code Execution - Ver2 (CVE-2001-1468)
A code execution vulnerability has been reported in phpSecurePages. A remote attacker could trigger this vulnerability by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code. Successful exploitation of this vulnerability could allow a remote attacke...
PHP POST File Upload Buffer Overflow - Ver2 (CVE-2002-0081)
A buffer overflow vulnerability has been reported in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Saphplesson id Parameter SQL Injection - Ver2 (CVE-2006-2835)
An SQL injection vulnerability has been reported in Saphplesson. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Adobe Acrobat and Reader Use After Free Code Execution (APSB14-01; CVE-2014-0496)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...
Novell NeaatIdentity RPC Pointer Dereference Code Execution - Ver2 (CVE-2009-1350)
A code execution vulnerability has been reported in Novell Client NetIdentity Agent. The vulnerability is due to insufficient sanity check when processing crafted RPC messages. A remote attacker could exploit this vulnerability by sending a specially crafted RPC message to the affected service...
Chimera Web Portal System linkcategory.php id Parameter SQL Injection - Ver2 (CVE-2006-0137)
An SQL injection vulnerability has been reported in Phanatic Softwares Chimera Web Portal System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Oracle Java Private MethodHandle Sandbox Bypass (CVE-2013-5893)
A sandbox bypass vulnerability exists in Oracle Java. The vulnerability is due to a failure to restrict access toprivate methods via reflection. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to visit a webpage containing a maliciously crafted Java applet...
MyPhPim calendar.php3 cal_id Parameter SQL Injection - Ver2 (CVE-2006-0167)
An SQL injection vulnerability has been reported in MyPhPim. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Cybozu Garoon tid Parameter SQL Injection - Ver2 (CVE-2006-4444)
An SQL injection vulnerability has been reported in Cybozu Garoon. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
GNU Wget Arbitrary File Download
GNU Wget is a computer program that allows users to retrieve content from web servers. The program can be used by attackers to download arbitrary files via a specially crafted HTTP request...
IBM Personal Communications WorkStation File Processing Buffer Overflow (CVE-2012-0201)
A stack-based buffer overflow vulnerability exists in IBM Personal Communications. The vulnerability is caused by improper bounds checking in pcspref.dll. By enticing a target user to open a specially-crafted WorkStation .ws file, a remote attacker could exploit this vulnerability to execute...
MediaWiki Input Validation Remote Code Execution (CVE-2014-1610)
A remote code execution vulnerability has been reported in MediaWiki. The vulnerability is due to improper validation of user data. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the target...
Boite de News index.php url_index Parameter PHP Code Execution - Ver2 (CVE-2006-4123)
A code execution vulnerability has been reported in Boite de News. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TinyPHPForum action.php txt Parameter Cross-Site Scripting - Ver2 (CVE-2006-0102)
A cross-site scripting vulnerability has been reported in TinyPHPForum. Successful exploitation of this vulnerability would allow a remote attacker to inject arbitrary script into the affected system...
MF Piadas admin.php page Parameter PHP Code Execution - Ver2 (CVE-2006-3323)
A cross-site scripting vulnerability has been reported in MF Piadas. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Light Weight Calendar index.php date Parameter PHP Code Execution - Ver2 (CVE-2006-0206)
A code execution vulnerability has been reported in Light Weight Calendar. The vulnerability is due to the application does not validating the 'date' variable upon submission to the 'index.php' script. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrar...
Microsoft Sharepoint Path Info Cross-Site Scripting - Ver2 (CVE-2007-2581)
A cross-site scripting vulnerability has been reported in Microsoft SharePoint. The vulnerability is due to lack of input validation when processing URL requests. Successful exploitation of this vulnerability would allow a remote attacker to inject arbitrary web script or HTML into the affected...
BakBone NetVault Messages Buffer Overflow - ver 2 (CVE-2005-1009)
A remote code execution vulnerability exists in BakBone NetVault. The vulnerability is caused due to insufficient boundary checking in the communication handling code of both the client and server components. A simple attack will result in an unexpected termination of the target service, creating...
Cisco Secure ACS LogonProxy.cgi Cross-Site Scripting - Ver2 (CVE-2006-3101)
A cross-site scripting vulnerability has been reported in Cisco Secure Access Control Server Solution Engine. Successful exploitation of this vulnerability would allow a remote attacker to inject arbitrary web script or HTML into the affected system...
Microsoft SharePoint Calendar Cross-Site Scripting - Ver2 (CVE-2011-0653)
A cross-site scripting vulnerability has been reported in SharePoint 2010. The vulnerability is due to insufficient validation of user input to the calendar object by an affected SharePoint server. A remote attacker could exploit this vulnerability by enticing unsuspecting users to open a special...
Modernbill config.php DIR Parameter PHP Code Execution - Ver2 (CVE-2006-4034)
A code execution vulnerability has been reported in ModernGigabyte ModernBill. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Activist Mobilization Platform base.php base_path Parameter PHP Code Execution - Ver2 (CVE-2007-1571)
A code execution vulnerability has been reported in Radical Designs Activist Mobilization Platform AMP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple Safari Webkit Use-After-Free Code Execution- Ver2 (CVE-2010-1807)
A code execution vulnerability has been reported in Apple Safari's WebKit. The vulnerability is due to a design error when processing floating point data types. A remote attacker could trigger this vulnerability by enticing a vulnerable target to access a specially crafted HTML document. Successf...
WoWRoster subdir Parameter PHP Code Execution - Ver2 (CVE-2006-3997)
A code execution vulnerability has been reported in WoWRoster. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
G-neric Generic MembreManager.php include-path Parameter PHP Code Execution - Ver2 (CVE-2007-0584)
A code execution vulnerability has been reported in G-neric Php Generic Library And Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Foro Domus escribir.php email Parameter Cross-Site Scripting - Ver2 (CVE-2006-0110)
A cross-site scripting vulnerability has been reported in Foro Domus. Successful exploitation of this vulnerability would allow a remote attacker to inject arbitrary script into the affected system...
RealPlayer CDDA URI Code Execution - Ver2 (CVE-2010-3747)
A code execution vulnerability has been reported in RealNetworks RealPlayer ActiveX control.RealPlayer. The vulnerability is due to access to uninitialized memory during processing of CDDA URIs. A remote attacker could exploit this vulnerability by enticing a target user to open a crafted web fil...
MSXML Response Handling Memory Corruption - Ver2 (CVE-2010-2561)
A memory corruption vulnerability has been reported in Microsoft XML Core Services MSXML. The vulnerability is due to a bug in the way MSXML handles HTTP responses. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Table Layout Column Memory Corruption - Ver2 (CVE-2010-0244)
A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker could exploit this vulnerability by accessing an object that...
Fourtwosevenbb Cookie-based Authentication Bypass - Ver2 (CVE-2006-0153)
An authentication bypass vulnerability has been reported in 427BB Fourtwosevenbb. A remote attacker could trigger this vulnerability by using a valid username and usertype and setting the authenticated cookie. Successful exploitation of this vulnerability would allow remote attackers to gain...
GNUTurk mods.php t_id Parameter SQL Injection - Ver2 (CVE-2006-4867)
An SQL injection vulnerability has been reported in GNUTurk. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Turnkey Web Tools PHP Simple Shop abs-path Parameter PHP Code Execution - Ver2 (CVE-2006-4052)
A file inclusion vulnerability has been reported in Turnkey Web Tools PHP Simple Shop. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Netscape Server WP Tag Directory Travaersal - Ver2 (CVE-2000-0236)
A directory traversal vulnerability has been reported in Netscape Enterprise Server. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Fourtwosevenbb showthread.php ForumID Parameter SQL Injection - Ver2 (CVE-2006-0154)
An SQL injection vulnerability has been reported in 427BB Fourtwosevenbb. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Microsoft Internet Explorer Rule Use After Free - Ver2 (CVE-2010-3328)
A use-after-free vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. A remote attacker could trigger this vulnerability by setting an unspecified property of a...
Mozilla Firefox Javascript XBL.method.eval Code Execution - Ver2 (CVE-2006-1735)
A code execution vulnerability has been reported in Mozilla Firefox. A remote attacker could trigger this vulnerability by using an eval in an XBL method binding XBL.method.eval to create Javascript functions that are compiled with extra privileges. Successful exploitation of this vulnerability...
ACGVclick function.inc.php path Parameter PHP Code Execution - Ver2 (CVE-2007-0577)
A code execution vulnerability has been reported in ACGVclick. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Viscom Software Movie Player Pro ActiveX Control Buffer Overflow - Ver2 (CVE-2010-0356)
A buffer overflow vulnerability has been reported in Viscom Software Movie Player Pro SDK. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHP DateInterval Heap Buffer Overread Denial of Service (CVE-2013-6712)
A denial of service vulnerability has been reported in PHP. The vulnerability is due to a buffer overread when creating a dateInterval object. A remote attacker can exploit this flaw by sending a malicious request. Successful exploitation could result in a denial of service condition...
vSkimmer Point-of-Sale Terminals Server Information Disclosure
vSkimmer is a Trojan-like malware designed to infect Windows-based servers attached with payment card readers. Post infection, the malware gathers sensitive information such as Credit Card numbers and sends it back to the C server...
Microsoft Windows WinVerifyTrust PE Validation Security Bypass (MS13-098; CVE-2013-3900)
A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable PE files. A remote attacker could trigger this flaw by sending a...