Simplog preview.php tid Variable SQL Injection
Simplog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the preview.php script not properly sanitizing user-supplied input to the 'tid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
Simplog imagelist.php imagedir Variable XSS
Simplog contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'imagedir' variable upon submission to the imagelist.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
Simplog comments.php pid Variable SQL Injection
Simplog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the comments.php script not properly sanitizing user-supplied input to the 'pid' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
Simplog archive.php Multiple Variable SQL Injection
Simplog contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the archive.php script not properly sanitizing user-supplied input to the 'cid', 'pid' and 'eid' variables. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
PAJAX pajax_call_dispatcher.php className Variable Traversal Arbitrary File Access
PAJAX contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the pajax_call_dispatcher.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'className' variable.. Read more.
Fenice HTTP RTSP_msg_len Negative Value DoS
Fenice contains a flaw that may allow a remote denial of service. The issue is triggered when a Content-Length HTTP header with a big value such as 2147483647 is sent, and will result in loss of availability for the service.. Read more.
FlexBB function/showprofile.php id Variable SQL Injection
FlexBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the function/showprofile.php script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
Mac OS X .bmp Processing ReadBMP() Function Overflow
A remote overflow exists in the Mac OS X default handler for files with a '.bmp' extension. The 'ReadBMP' function fails to properly validate input, resulting in a heap overflow. With a specially crafted file, an attacker can cause the applicaton to crash and potentially execute arbitrary code on the victim's system, resulting in a loss of integrity.. Read more.
Mac OS X .gif Processing CFAllocatorAllocate() Function Overflow
A remote overflow exists in the Mac OS X default handler for files with a '.gif' extension. The 'CFAllocatorAllocate' function fails to properly validate input, resulting in a heap overflow. With a specially crafted file, an attacker can cause the applicaton to crash and potentially execute arbitrary code on the victim's system, resulting in a loss of integrity.. Read more.
Mac OS X .tiff Processing Multiple Function DoS
A remote overflow exists in the Mac OS X default handler for files with a '.tiff' extension. The '_cg_TIFFSetField' and 'PredictorVSetField' functions fail to properly validate input, resulting in a heap overflow. With a specially crafted file, an attacker can cause the applicaton to crash and potentially execute arbitrary code on the victim's system, resulting in a loss of integrity.. Read more.
Vuln: XPDF StreamPredictor Remote Heap Buffer Overflow Vulnerability
XPDF StreamPredictor Remote Heap Buffer Overflow Vulnerability. Read more.
Vuln: Apple Safari Web Browser Rowspan Denial Of Service Vulnerability
Apple Safari Web Browser Rowspan Denial Of Service Vulnerability. Read more.
Vuln: vBulletin Calendar Script SQL Injection Vulnerability
vBulletin Calendar Script SQL Injection Vulnerability
. Read more.
Vuln: XPDF JPX Stream Reader Remote Heap Buffer Overflow Vulnerability
XPDF JPX Stream Reader Remote Heap Buffer Overflow Vulnerability. Read more.
Re: vbulletin<--3.0.x SQL Injection
Re: vbulletin<--3.0.x SQL Injection. Read more.
Re: Apple Mac OS X Safari 2.0.3 Vulnerability
Re: Apple Mac OS X Safari 2.0.3 Vulnerability
. Read more.
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow
Quick 'n Easy FTP Server pro/lite Logging unicode stack overflow. Read more.
Apple Mac OS X Safari 2.0.3 Vulnerability
Apple Mac OS X Safari 2.0.3 Vulnerability. Read more.
