Total Commander UNACEV2.DLL ACE Filename Overflow
A local overflow exists in Total Commander. The product fails to perform boundary checking on filenames in ACE archives resulting in a stack-based buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more.
MPlayer libmpdemux/asfheader.c asf_descrambling() Function ASF Processing Overflow
A remote overflow exists in MPlayer. MPlayer fails to properly handle a specially crafted ASF file in 'libmpdemux/asfheader.c' resulting in a integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity and/or availability.. Read more.
MPlayer libmpdemux/aviheader.c AVI indx Chunk Processing Overflow
A remote overflow exists in MPlayer. MPlayer fails to properly sanitize the "thewLongsPerEntry" and "nEntriesInUse" values in the "indx" chunk in an AVI file in "libmpdemux/aviheader.c" resulting in a heap-based buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity and/or availability.. Read more.
VNews news.php Multiple Variable XSS
VNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'autorkomentarza' or 'tresckomentarza' variables upon submission to the news.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
VNews news.php Multiple Variable SQL Injection
VNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the news.php script not properly sanitizing user-supplied input to the 'news' and 'nom' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
VNews admin/config.php Arbitrary PHP Code Execution
[V]Book contains a flaw that may allow a remote attacker to execute arbitrary code. The issue occurs because program administrators are allowed to edit the admin/config.php file. By placing custom PHP code and then calling it, the code will be executed with the privileges of the web server.. Read more.
VNews admin/admin.php loginvar Variable SQL Injection
VNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the admin/admin.php script not properly sanitizing user-supplied input to the 'loginvar' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
phpNewsManager poll.php SQL Injection
phpNewsManager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the poll.php script not properly sanitizing user-supplied input to unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
phpNewsManager gallery.php SQL Injection
phpNewsManager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the gallery.php script not properly sanitizing user-supplied input to unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
phpNewsManager category.php SQL Injection
phpNewsManager contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the category.php script not properly sanitizing user-supplied input to unspecified variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
Vuln: O2PHP Oxygen Post.PHP SQL Injection Vulnerability
O2PHP Oxygen Post.PHP SQL Injection Vulnerability. Read more.
Vuln: MediaSlash Gallery Index.PHP Remote File Include Vulnerability
MediaSlash Gallery Index.PHP Remote File Include Vulnerability. Read more.
Vuln: VNews Multiple Cross-Site Scripting Vulnerabilities
VNews Multiple Cross-Site Scripting Vulnerabilities
. Read more.
Vuln: X-Changer Multiple SQL Injection Vulnerabilities
X-Changer Multiple SQL Injection Vulnerabilities. Read more.
MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability
MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability. Read more.
[security bulletin] HPSBUX02102 SSRT051078 rev.2 - HP-UX usermod(1M) Local Unauthorized Access.
[security bulletin] HPSBUX02102 SSRT051078 rev.2 - HP-UX usermod(1M) Local Unauthorized Access.
. Read more.
[security bulletin] HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of Service (DoS)
[security bulletin] HPSBUX02103 SSRT5953 rev.2 - HP-UX passwd(1) Local Denial of Service (DoS). Read more.
Smurfable Linux Kernel
Smurfable Linux Kernel. Read more.
