Cross-site scripting (XSS) vulnerability in login.asp for Ublog Reload 1.0 through 1.0.4 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. Date published : 2005-03-29 http://www.securityfocus.com/bid/12931 http://marc.info/?l=bugtraq&m=111214393101387&w=2
Cross-site scripting (XSS) vulnerability in Adventia E-Data 2.0 allows remote attackers to inject arbitrary web script or HTML via a query keyword. Date published : 2005-03-29 http://www.securityfocus.com/bid/12927 http://marc.info/?l=full-disclosure&m=111211945505635&w=2
The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU...
Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang...
Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy. Date published : 2005-03-29 http://www.securityfocus.com/bid/12913...
Multiple SQL injection vulnerabilities in Bugtracker.NET 2.0.1 allow remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2005-03-29 http://www.securityfocus.com/bid/12925 http://sourceforge.net/project/shownotes.php?release_id=315830
Adventia Chat 3.1 and Server Pro 3.0 allows remote attackers to inject arbitrary web script or HTML into the chat space, which leaves other users vulnerable to cross-site scripting (XSS) attacks. Date published :...
PHP remote file inclusion vulnerability in index_header.php for EncapsBB 0.3.2_fixed, and possibly other versions, allows remote attackers to execute arbitrary PHP code via the root parameter. Date published : 2005-03-29 http://www.osvdb.org/15078 http://securitytracker.com/id?1013569
AIO in the Linux kernel 2.6.11 on the PPC64 or IA64 architectures with CONFIG_HUGETLB_PAGE enabled allows local users to cause a denial of service (system panic) via a process that executes the io_queue_init function...
Webmasters-Debutants WD Guestbook 2.8 allows remote attackers to bypass authentication and perform certain administrator actions via a direct HTTP POST request to (1) ajout_admin2.php or (2) suppr.php. Date published : 2005-03-29 http://securitytracker.com/id?1013570
Multiple cross-site scripting (XSS) vulnerabilities in CPG Dragonfly 9.0.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) the profile parameter to index.php or (2) the cat parameter. Date published :...
Unknown vulnerability in the regex_replace modifier (modifier.regex_replace.php) in Smarty before 2.6.8 allows attackers to execute arbitrary PHP code. Date published : 2005-03-29 http://www.securityfocus.com/bid/12941 http://news.php.net/php.smarty.dev/2673
Unknown vulnerabilities in deplate before 0.7.2 have unknown impact, possibly involving elements.rb. Date published : 2005-03-29 http://sourceforge.net/project/shownotes.php?release_id=315034 http://securitytracker.com/id?1013555
Multiple SQL injection vulnerabilities in exoops may allow remote attackers to execute arbitrary SQL commands via (1) the viewcat parameter to index.php or (2) the artid parameter in the viewarticle action for index.php. Date...