vBulletin ImpEx Module ImpExData.php systempath Variable Remote File Inclusion
The vBulletin ImpEX module contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to ImpExData.php not properly sanitizing user input supplied to the 'systempath' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more.
aWebBB dpost.php p Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the dpost.php script not properly sanitizing user-supplied input to the 'p' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB changep.php Username Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the changep.php script not properly sanitizing user-supplied input to the 'Username' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB accounts.php Username Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the accounts.php script not properly sanitizing user-supplied input to the 'Username' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB search.php q Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the 'q' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB reply_log.php Username Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the reply_log.php script not properly sanitizing user-supplied input to the 'Username' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB reply.php Username Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the reply.php script not properly sanitizing user-supplied input to the 'Username' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB register.php Multiple Variable XSS
aWebBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'fullname', 'emailadd' or 'country' variables upon submission to the register.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
aWebBB post.php Username Variable SQL Injection
aWebBB contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the post.php script not properly sanitizing user-supplied input to the 'Username' variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.. Read more.
aWebBB post.php Multiple Variable XSS
aWebBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'tname' or 'fpost' variables upon submission to the post.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.. Read more.
Vuln: Linux Kernel Sysctl Unregistration Local Denial of Service Vulnerability
Linux Kernel Sysctl Unregistration Local Denial of Service Vulnerability. Read more.
Vuln: Xine-Lib Malformed MPEG Stream Buffer Overflow Vulnerability
Xine-Lib Malformed MPEG Stream Buffer Overflow Vulnerability. Read more.
Vuln: Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability
Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability
. Read more.
Vuln: VWar Functions_install.PHP Remote File Include Vulnerability
VWar Functions_install.PHP Remote File Include Vulnerability. Read more.
NOD32 local privilege escalation vulnerability
NOD32 local privilege escalation vulnerability. Read more.
Buffer-overflow in Ultr@VNC 1.0.1 viewer and server
Buffer-overflow in Ultr@VNC 1.0.1 viewer and server
. Read more.
[ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module
[ GLSA 200604-03 ] FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module. Read more.
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz
ArabPortal 2.0.1 Stable [ 9 CrossSiteScripting & 1 SQL Injection ] MultBugz. Read more.
