Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter. Date published : 2003-05-14 http://www.securityfocus.com/bid/7557 http://marc.info/?l=bugtraq&m=105276130814262&w=2
Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the file parameter. Date published : 2003-05-14 http://www.securityfocus.com/bid/7559 http://marc.info/?l=bugtraq&m=105276130814262&w=2
Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters. Date published :...
SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. Date published :...
The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing...
Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI script. Date published : 2003-05-14 http://marc.info/?l=bugtraq&m=105283833617480&w=2
Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. Date published : 2003-05-09 http://marc.info/?l=bugtraq&m=105241224228693&w=2
Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. Date published : 2003-05-09 http://marc.info/?l=bugtraq&m=105240947225275&w=2 http://lists.fsck.com/pipermail/rt-announce/2003-May/000071.html
admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value. Date published : 2003-05-09 http://marc.info/?l=bugtraq&m=105240907024660&w=2 http://www.frog-man.org/tutos/miniPortail.txt
Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. Date published : 2003-05-09 http://www.securityfocus.com/archive/1/316958 http://marc.info/?l=bugtraq&m=105240469318622&w=2
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. Date published : 2003-05-09 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000665 http://kopete.kde.org/index.php?page=newsstory&news=Kopete_releases_version_0.6.2
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts. Date published : 2003-05-09 http://securitytracker.com/id?1006707 http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0058.html
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. Date published : 2003-05-08 http://www.securityfocus.com/bid/7503 http://marc.info/?l=bugtraq&m=105223947528794&w=2
SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message. Date published...