Cross-site scripting (XSS) vulnerability in wiki.php in MoniWiki 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the arguments to wiki.php. Date published : 2005-02-20 http://www.securityfocus.com/bid/11516 http://marc.info/?l=bugtraq&m=109873622006103&w=2
Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results. Date...
Cross-site scripting (XSS) vulnerability in the login form in Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to execute arbitrary web script or HTML via the url parameter. Date published : 2005-02-20 http://www.securityfocus.com/bid/11514 http://marc.info/?l=bugtraq&m=109876304705234&w=2
Multiple SQL injection vulnerabilities in Dwc_articles 1.6 and earlier allow remote attackers to execute arbitrary SQL statements. Date published : 2005-02-20 http://www.securityfocus.com/bid/11509 http://marc.info/?l=bugtraq&m=109855895702903&w=2
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to execute arbitrary code. Date published : 2005-02-20 http://marc.info/?l=bugtraq&m=109855982425122&w=2 http://www.pizzashack.org/rssh/
Buffer overflow in Ability Server 2.25, 2.32, 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long APPE command. Date published : 2005-02-20 http://www.securityfocus.com/bid/11508 http://lists.virus.org/dw-0day-0412/msg00004.html
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command. Date published : 2005-02-20 http://www.securityfocus.com/bid/11508 http://marc.info/?l=bugtraq&m=109850947508816&w=2
pGina 1.7.6 and possibly older versions, when the Restart or Shutdown options are enabled on the login screen, allows remote attackers to cause a denial of service by connecting via Remote Desktop and clicking...
Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches...
The WAV file property handler in Windows XP SP1 allows remote attackers to cause a denial of service (infinite loop in Explorer) via a WAV file with an invalid file header whose fmt chunk...
SQL injection vulnerability in dosearch.php in UBB.threads 3.4.x allows remote attackers to execute arbitrary SQL statements via the Name parameter. Date published : 2005-02-20 http://www.securityfocus.com/bid/11502 http://marc.info/?l=bugtraq&m=109839925207038&w=2
** DISPUTED ** NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary...
CRLF injection vulnerability in Serendipity before 0.7rc1 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the url parameter in (1) index.php and (2) exit.php,...
Buffer overflow in Privateer’s Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname. Date published : 2005-02-20 http://www.securityfocus.com/bid/11479 http://marc.info/?l=bugtraq&m=109829017407842&w=2