Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable. Date published : 2003-03-18 http://www.securityfocus.com/bid/5455 http://online.securityfocus.com/archive/1/287228
details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields. Date published : 2003-03-18 http://www.securityfocus.com/bid/5482 http://archives.neohapsis.com/archives/bugtraq/2002-08/0141.html
Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box. Date published : 2003-03-18 http://www.securityfocus.com/bid/5474 http://archives.neohapsis.com/archives/bugtraq/2002-08/0130.html
L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary...
Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail,...
Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail,...
SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter. Date published : 2003-03-18 http://www.securityfocus.com/bid/5468 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0074.html
Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value. Date published : 2003-03-18 http://www.securityfocus.com/bid/5576 http://marc.info/?l=bugtraq&m=103046375002380&w=2
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe. Date published : 2003-03-18 http://archives.neohapsis.com/archives/bugtraq/2002-08/0266.html http://archives.neohapsis.com/archives/bugtraq/2002-08/0263.html
MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message. Date...
Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error...
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter. Date published : 2003-03-18 http://www.securityfocus.com/bid/5469 http://marc.info/?l=bugtraq&m=102935720109934&w=2
Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "" (backslash) character. Date...
IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow. Date published...