aWebNews visview.php Multiple Variable XSS
aWebNews contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'yname', 'emailadd', 'subject', or 'comment' variables upon submission to the visview.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
aWebNews login.php user123 Variable SQL Injection
aWebNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the login.php script not properly sanitizing user-supplied input to the 'user123' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebNews visview.php _GET['cid'] Variable SQL Injection
aWebNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the visview.php script not properly sanitizing user-supplied input to the _GET['cid'] variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebNews fpass.php user123 Variable SQL Injection
aWebNews contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the fpass.php script not properly sanitizing user-supplied input to the 'user123' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
Bugzero edit.jsp Multiple Variable XSS
Bugzero contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'entryId' and 'projectId' variables upon submission to the edit.jsp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
Bugzero query.jsp msg Variable XSS
Bugzero contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'msg' variable upon submission to the query.jsp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
Bugzero main.jsp msg Variable XSS
Bugzero contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'msg' variable upon submission to the main.jsp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
Bugzero login.jsp msg Variable XSS
Bugzero contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'msg' variable upon submission to the login.jsp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
Bugzero error.jsp error Variable XSS
Bugzero contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'error' variable upon submission to the error.jsp script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
NetBSD if_bridge(4) Function Arbitrary Kernel Memory Disclosure
NetBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when 'ioctl' calls are made on Ethernet bridge interfaces. The operating system's kernel will not fully zero out temporary stack memory to hold the results of the 'ioctl' call which could disclose kernel stack memory to the calling process, resulting in a loss of confidentiality.. Read more.
Vuln: MySQL Query Logging Bypass Vulnerability
MySQL Query Logging Bypass Vulnerability. Read more.
Vuln: PHP Html_Entity_Decode() Information Disclosure Vulnerability
PHP Html_Entity_Decode() Information Disclosure Vulnerability. Read more.
Vuln: LucidCMS Index.PHP Multiple Cross-Site Scripting Vulnerabilities
LucidCMS Index.PHP Multiple Cross-Site Scripting Vulnerabilities
. Read more.
Vuln: Multiple Vendor WGet/Curl NTLM Username Buffer Overflow Vulnerability
Multiple Vendor WGet/Curl NTLM Username Buffer Overflow Vulnerability. Read more.
SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability
SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability. Read more.
[ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability
[ MDKSA-2006:064 ] - Updated MySQL packages fix logging bypass vulnerability
. Read more.
Re: On product vulnerability history and vulnerability complexity
Re: On product vulnerability history and vulnerability complexity. Read more.
[ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities
[ MDKSA-2006:062 ] - Updated dia packages fix buffer overflow vulnerabilities. Read more.
