CVE List for June 2005 (242 vulnerabilities)

SQL injection vulnerability in resellerresources.asp in Hosting Controller 6.1 Hotfix 2.0 allows remote attackers to execute arbitrary SQL commands vi...

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) ...

Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creati...

User32.DLL in Microsoft Windows 98SE, and possibly other operating systems, allows local and remote attackers to cause a denial of service (crash) via...

Microsoft Terminal Server using Remote Desktop Protocol (RDP) 5.2 stores an RSA private key in mstlsapi.dll and uses it to sign a certificate, which a...

Sony Ericsson P900 Beamer allows remote attackers to cause a denial of service (panic) via an obexftp session with a long filename in an OBEX File Tra...

SQL injection vulnerability in template-functions-category.php in WordPress 1.5.1 allows remote attackers to execute arbitrary SQL commands via the $c...

Cross-site scripting (XSS) vulnerability in usercp.php for MyBulletinBoard (MyBB) allows remote attackers to inject arbitrary web script or HTML via t...

Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long...

Directory traversal vulnerability in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allows remote attackers to read arbitrary files via a TFTP GET ...

Stack-based buffer overflow in PicoWebServer 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitra...

Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute ar...

Invision Power Board (IPB) 1.0 through 2.0.4 allows non-root admins to add themselves or other users to the root admin group via the "Move users in th...

Invision Power Board (IPB) 1.0 through 1.3 allows remote attackers to edit arbitrary forum posts via a direct request to index.php with modified param...

Multiple SQL injection vulnerabilities in NewLife Blogger before 3.3.1 allow remote attackers to execute arbitrary SQL commands via unknown attack vec...

Cross-site scripting (XSS) vulnerability in NikoSoft WebMail before 0.11.0 allows remote attackers to inject arbitrary web script or HTML via unknown ...

zboard.php in Zeroboard version 4.1pl2 to 4.1pl5 allows remote attackers to execute arbitrary PHP code via improper quoting when using the preg_replac...

PHP remote file inclusion vulnerability in pdl_header.inc.php in PowerDownload 3.0.2 and 3.0.3 allows remote attackers to execute arbitrary PHP code v...

Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) print...

Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1...

SQL injection vulnerability in login.asp in NEXTWEB (i)Site allows remote attackers to execute arbitrary SQL commands and bypass authentication via th...

NEXTWEB (i)Site stores databases under the web document root with insufficient access control, which allows remote attackers to obtain sensitive infor...

NEXTWEB (i)Site allows remote attackers to cause a denial of service (error 500) via a crafted HTTP request, possibly involving wildcard requests for ...

Fortinet firewall running FortiOS 2.x contains a hardcoded username with the password set to the serial number, which allows local users with console ...

The sql_escape_string function in auth/sql.c for the mailutils SQL authentication module does not properly quote the "\" (backslash) character, which ...

Multiple cross-site scripting vulnerabilities in castnewPost.asp in Liberum Help Desk 0.97.3 allow remote attackers to inject arbitrary web script or ...

Multiple SQL injection vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 allow remote attackers to execute arbitrary SQL commands via the id para...

Directory traversal vulnerability in class.layout_phpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary file...

Multiple SQL injection vulnerabilities in list.php in Exhibit Engine (EE) 1.22 allow remote attackers to execute arbitrary SQL commands via the (1) se...

Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE comma...

SQL injection vulnerability in login.asp in livingmailing 1.3 allows remote attackers to execute arbitrary SQL commands via the password. NOTE: there ...

FUSE 2.x before 2.3.0 does not properly clear previously used memory from unfilled pages when the filesystem returns a short byte count to a read requ...

Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attac...

SQL injection vulnerability in login.asp for WWWeb Concepts Events System 1.0 allows remote attackers to execute arbitrary SQL commands via the passwo...

Cross-site scripting (XSS) vulnerability in view_ticket.php in Lpanel 1.59 and earlier allows remote attackers to inject arbitrary web script or HTML ...

everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget...

upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to up...

view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to obtain sensitive information via a phid parameter that is not an integer, which re...

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.5 allows remote attackers to inject arbitrary web script via HTML attributes in page ...

PHP remote file inclusion vulnerability in start_lobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIG[MWCHAT_L...

Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.

Unknown vulnerability in Mortiforo before 0.9.1 allows users to access private forums via unknown attack vectors.

Unknown vulnerability in ObjectWeb Consortium C-JDBC before 1.3.1 allows local users to bypass intended access restrictions and obtain the cache resul...

Cross-site scripting (XSS) vulnerability in Pragma Systems Telnetserver 6.0 allows remote attackers to inject arbitrary web script or HTML, and hide a...

ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel...

LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifi...

NFS on Apple Mac OS X 10.4.x up to 10.4.1 does not properly obey the -network or -mask flags for a filesystem and exports it to everyone, which allows...

launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecu...

Apple Mac OS X 10.4.x up to 10.4.1 sets insecure world- and group-writable permissions for the (1) system cache folder and (2) Dashboard system widget...

MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credenti...

Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web scri...

Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.

Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.

SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which all...

Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password fiel...

The getemails function in C.J. Steele Tattle allows remote attackers to execute arbitrary commands via shell metacharacters in certain log entries, as...

Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the er...

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

PHP remote file inclusion vulnerability in cal_admintop.php in Calendarix Advanced 1.5 allows remote attackers to execute arbitrary PHP code via the c...

Multiple SQL injection vulnerabilities in Calendarix Advanced 1.5 allow remote attackers to execute arbitrary SQL commands via the catview parameter t...

Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.

I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.

PHP remote file inclusion vulnerability in childwindow.inc.php in Popper 1.41-r2 and earlier allows remote attackers to execute arbitrary PHP code via...

Unknown vulnerability in the privilege system in Drupal 4.4.0 through 4.6.0, when public registration is enabled, allows remote attackers to gain priv...

Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command wi...

Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a ....

Direct code injection vulnerability in CuteNews 1.3.6 and earlier allows remote attackers with administrative privileges to execute arbitrary PHP code...

GIPTables Firewall 1.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on the temp.ip.addresses temporary file.

LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.

PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAP...

global.php in YaPiG 0.92b allows remote attackers to include arbitrary local files via the BASE_DIR parameter.

Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to crea...

Cross-site scripting (XSS) vulnerability in view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to inject arbitrary web script or HTML vi...

Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges.

The GIF parser in ateimg32.dll in AOL Instant Messenger (AIM) 5.9.3797 and earlier allows remote attackers to cause a denial of service (crash) via a ...

FlatNuke 2.5.3 allows remote attackers to cause a denial of service or obtain sensitive information via (1) a direct request to foot_news.php, which t...

FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in...

Direct code injection vulnerability in FlatNuke 2.5.3 allows remote attackers to execute arbitrary PHP code by placing the code into the Referer heade...

Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back param...

Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via ...

Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors.

The passthrough functionality in phpThumb.php in phpThumb() before 1.5.4 allows remote attackers to read files that are not images.

Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warrior...

Sawmill before 7.1.6 allows remote attackers to bypass authentication and (1) gain administrative privileges or (2) add a license.

Multiple cross-site scripting (XSS) vulnerabilities in Sawmill before 7.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) the ...

Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and p...

SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password pa...

The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying cert...

Perception LiteWeb allows remote attackers to bypass access controls for files via an extra leading / (slash) or leading \ (backslash) in the URL.

The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log file...

The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to caus...

xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.

Cross-site scripting (XSS) vulnerability in the convert_highlite_words function in Invision Blog before 1.1.2 Final allows remote attackers to inject ...

Multiple SQL injection vulnerabilities in Invision Blog before 1.1.2 Final allow remote attackers to execute arbitrary SQL commands via the (1) eid pa...

Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user v...

Multiple SQL injection vulnerabilities in Invision Gallery before 1.3.1 allow remote attackers to execute arbitrary SQL commands via (1) the comment p...

hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.

PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPat...

The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attacker...

Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Pro...

The eTrace_validaddr function in eTrace plugin for e107 portal allows remote attackers to execute arbitrary commands via shell metacharacters after a ...

Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request.

Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AU...

Cross-site scripting (XSS) vulnerability in index.php in singapore 0.9.11 allows remote attackers to inject arbitrary web script or HTML via the galle...

File Upload Manager allows remote attackers to upload arbitrary files by modifying the test variable to contain a value of '~~~~~~' (six tildes), whic...

mtnpeak.net File Upload Manager does not properly check user authentication for certain actions, which allows remote attackers to provide a modified b...

jammail.pl in jamchen JamMail 1.8 allows remote attackers to execute arbitrary commands via shell metacharacters in the mail parameter.

Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Prem...

SecurityAgent in Apple Mac OS X 10.4.1 allows attackers with physical access to bypass the locked screensaver and launch background applications by op...

Dashboard in Apple Mac OS X 10.4.1 allows remote attackers to install widgets via Safari without prompting the user, a different vulnerability than CV...

sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows lo...

Dashboard in Apple Mac OS X Tiger 10.4 allows attackers to execute arbitrary commands by overriding the behavior of system widgets via a user widget w...

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code v...

Unknown vulnerability in the web server for the ESS/ Network Controller for Xerox Document Centre 240 through 555 running System Software 27.18.017 an...

Multiple SQL injection vulnerabilities in InteractivePHP FusionBB .11 Beta and earlier allow remote attackers to execute arbitrary SQL commands via (1...

Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment ...

Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbi...

The Telnet client for Microsoft Windows XP, Windows Server 2003, and Windows Services for UNIX allows remote attackers to read sensitive environment v...

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote atta...

Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code ...

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code ...

Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PN...

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file...

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to ...

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web...

Microsoft ISA Server 2000 allows remote attackers to poison the ISA cache or bypass content restriction policies via a malformed HTTP request packet c...

Microsoft ISA Server 2000 allows remote attackers to connect to services utilizing the NetBIOS protocol via a NetBIOS connection with an ISA Server th...

A regression error in Firefox 1.0.3 and Mozilla 1.7.7 allows remote attackers to inject arbitrary Javascript from one page into the frameset of anothe...

Finjan SurfinGate 7.0SP2 and SP3 allows remote attackers to download blocked files via hex-encoded characters in a filename, as demonstrated using "%2...

Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a l...

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containi...

Bitrix Site Manager 4.0.x allows remote attackers to obtain sensitive information via direct request to (1) subscr_form.php or (2) dbquery_error.php, ...

PHP remote file inclusion vulnerability in start.php in Bitrix Site Manager 4.0.x allows remote attackers to execute arbitrary PHP code via the _SERVE...

show.php in McGallery 1.1 allows remote attackers to connect to arbitrary databases, or gain sensitive information by triggering an error, via a modif...

Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang paramet...

Multiple cross-site scripting (XSS) vulnerabilities in pafiledb.php in paFileDB 3.1 allow remote attackers to inject arbitrary web script or HTML via ...

Multiple SQL injection vulnerabilities in paFileDB 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the formname parameter...

Directory traversal vulnerability in pafiledb.php in paFileDB 3.1 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in...

SQL injection vulnerability in content.php in Mambo 4.5.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user_rating ...

Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID...

The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users t...

Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file na...

The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on othe...

Cross-site scripting (XSS) vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:...

AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not u...

Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code.

Unknown vulnerability in the CoreGraphics Window Server for Mac OS X 10.4.x up to 10.4.1 allows local users to inject arbitrary commands into root ses...

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.4 allow remote attackers to inject arbitrary web script or HTML ...

The eping_validaddr function in functions.php for the ePing plugin for e107 portal allows remote attackers to execute arbitrary commands via shell met...

Multiple HTTP Response Splitting vulnerabilities in osCommerce 2.2 Milestone 2 and earlier allow remote attackers to spoof web content and poison web ...

Directory traversal vulnerability in Pico Server (pServ) 3.3 allows remote attackers to read arbitrary files and execute arbitrary commands via a /./ ...

singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templat...

Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk 0.97.3 allows remote attackers to inject arbitrary web script or HTML via the (1) errorc...

Cerberus Helpdesk 0.97.3 allows remote attackers to obtain sensitive information via certain requests to (1) reports.php, (2) knowledgebase.php, or (3...

PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LO...

Multiple SQL injection vulnerabilities in ProductCart Ecommerce before 2.7 allow remote attackers to execute arbitrary SQL commands via the (1) idcate...

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary comma...

Directory traversal vulnerability in InteractivePHP FusionBB .11 Beta and earlier allows remote attackers to include arbitrary local files via ".." se...

Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privil...

Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products...

Multiple cross-site scripting (XSS) vulnerabilities in Annuaire 1Two 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via...

Ultimate PHP Board (UPB) 1.9.6 GOLD allows remote attackers to obtain sensitive information via an invalid (zero) id parameter to (1) viewtopic.php, (...

Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier stores the users.dat file under the web document root with insufficient access control, which allows r...

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 has a hard-coded account and password for debugging, which allows remote attackers to g...

Enterasys Vertical Horizon VH-2402S before firmware 2.05.05.09 does not properly restrict certain debugging commands to the ADMIN account, which could...

Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords a...

Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php,...

Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files.

SQL injection vulnerability in login.asp for Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to execute arbitrary SQL commands via the passwo...

modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the administrator password and email address via a modified nickn...

Cross-site scripting (XSS) vulnerability in ajax-spell before 1.8 allows remote attackers to inject arbitrary web script or HTML via onmouseover or ot...

Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.4.3 and 1.5 RC 1 allow remote attackers to inject arbitrary web script or HTML via the...

Multiple cross-site scripting vulnerabilities in Ultimate PHP Board (UPB) 1.9.6 GOLD and earlier allow remote attackers to inject arbitrary web script...

JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%." (percent dot), which rev...

Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (...

Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary...

The send_pinentry_environment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry fro...

Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers to cause a denial of service via (1) certain "unusual HTML messages" or (2) "cer...

amaroK Web Frontend 1.3 stores the globals.inc file under the web root without a .php extension and insufficient access control, which allows remote a...

Directory traversal vulnerability in XAMPP before 1.4.14 allows remote attackers to inject arbitrary HTML and PHP code via lang.php.

Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote a...

Directory traversal vulnerability in Edgewall Trac 0.8.3 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in th...

Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and earlier allows remote attackers to execute arbitrary commands.

The XMLRPC server in utils.rb for the ruby library (libruby) 1.8 sets an invalid default value that prevents "security protection" using handlers, whi...

Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain pri...

Multiple SQL injection vulnerabilities in Ublog Reload 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) ci, (2) d, or (3) m ...

Cross-site scripting (XSS) vulnerability in trackback.asp in Ublog Reload 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the...

Multiple cross-site scripting (XSS) vulnerabilities in paFAQ 1.0 Beta 4 allow remote attackers to inject arbitrary web script or HTML, as demonstrated...

Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication...

paFAQ 1.0 Beta 4 allows remote attackers to obtain sensitive information via a direct request to admin/backup.php, which contains a backup of the data...

The "upload a language pack" feature in paFAQ 1.0 Beta 4 allows remote authenticated administrators to execute arbitrary PHP commands by uploading a m...

Cross-site scripting (XSS) vulnerability in cPanel 9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the user paramet...

Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the gro...

Directory traversal vulnerability in folderview.asp for Blue-Collar Productions i-Gallery 3.3 allows remote attackers to read arbitrary files and dire...

Cross-site scripting (XSS) vulnerability in folderview.asp for BlueCollar iGallery 3.3 allows remote attackers to inject arbitrary web script or HTML ...

Fortibus CMS 4.0.0 allows remote attackers to modify information of other users, including Admin, via the "My info" page.

Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a ...

SQL injection vulnerability in index.php for MercuryBoard 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands via the User-Age...

Multiple SQL injection vulnerabilities in Fortibus CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via (1) the username or password...

SQL injection vulnerability in the logon screen of the web front end (NmConsole/Login.asp) for IpSwitch WhatsUp Professional 2005 SP1 allows remote at...

PHP file inclusion vulnerability in top_graph_header.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PH...

SQL injection vulnerability in config_settings.php for Cacti before 0.8.6e allows remote attackers to execute arbitrary SQL commands via the id parame...

PHP remote file inclusion vulnerability in config_settings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the co...

Multiple SQL injection vulnerabilities in DUware DUportal PRO 3.4.3 allow remote attackers to execute arbitrary SQL commands via the (1) iChannel para...

Multiple SQL injection vulnerabilities in DUware DUamazon Pro 3.0 and 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) iCat pa...

Multiple SQL injection vulnerabilities in DUware DUpaypal Pro 3.0 allow remote attackers to execute arbitrary SQL commands via the (1) iCat parameter ...

Multiple SQL injection vulnerabilities in DUware DUforum 3.1, and possibly other versions, allow remote attackers to execute arbitrary SQL commands vi...

Multiple SQL injection vulnerabilities in DUware DUclassmate 1.2 allow remote attackers to execute arbitrary SQL commands via the (1) iState parameter...

VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling metho...

VERITAS Backup Exec 9.0 through 10.0 for Windows Servers, and 9.0.4019 through 9.1.307 for Netware, allows remote attackers to cause a denial of servi...

Race condition in shtool 2.0.1 and earlier allows local users to modify or create arbitrary files via a symlink attack on temporary files after they h...

Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, a...

Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's proc...

Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbit...

Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer ...

Just another flat file (JAF) CMS before 3.0 Final allows remote attackers to obtain sensitive information via (1) an * (asterisk) in the id parameter,...

D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arb...

Unknown vulnerability in RealPlayer 10 and 10.5 (6.0.12.1040-1069) and RealOne Player v1 and v2 allows remote attackers to overwrite arbitrary files o...

RealPlayer 8, 10, 10.5 (6.0.12.1040-1069), and Enterprise and RealOne Player v1 and v2 allows remote malicious web server to create an arbitrary HTML ...

The Quantum archive decompressor in Clam AntiVirus (ClamAV) before 0.86.1 allows remote attackers to cause a denial of service (application crash) via...

Multiple cross-site scripting (XSS) vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to inject arbitrary web script or ...

Multiple SQL injection vulnerabilities in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to execute arbitrary SQL commands via the Numbe...

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.ph...

Multiple HTTP Response Splitting vulnerabilities in (1) toggleshow.php, (2) togglecats.php, and (3) showprofile.php in Infopop UBB.Threads before 6.5....

Infopop UBB.Threads before 6.5.2 Beta allows remote attackers to include arbitrary files via the language parameter in a cookie followed by a null (%0...

Multiple SQL injection vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to execute arbitrary SQL commands via the catid parameter to (1)...

Multiple cross-site scripting (XSS) vulnerabilities in ActiveBuyAndSell 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) ...

Multiple cross-site scripting vulnerabilities in ASP Nuke 0.80 allow remote attackers to inject arbitrary web script or HTML via the (1) email paramet...

HTTP response splitting vulnerability in language_select.asp in ASP Nuke 0.80 allows remote attackers to spoof web content and poison web caches via C...

SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote attackers to execute arbitrary SQL statements via the TaskID parameter.

SQL injection vulnerability in article.asp in unknown versions of aspnuke allows remote attackers to execute arbitrary SQL commands via the articleid ...

The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of ser...

traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of ...

The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to ...

Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activit...

Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.0.105 allows remote attackers to inject arbitrary web script or HTML via a news or article po...

PHP-Fusion 5.0 and 6.0 stores the database file with a predictable filename under the web document root with insufficient access control, which allows...

HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attack...

Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the er...

BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.

Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for...

pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is re...