index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. Date published : 2005-03-07 http://www.securityfocus.com/bid/8396...
Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter. Date published : 2005-03-07 http://www.securityfocus.com/bid/8388 http://marc.info/?l=bugtraq&m=106063199925536&w=2
Cross-site scripting (XSS) vulnerability in common.inc in Drupal before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via certain inputs. Date published : 2005-03-07 http://drupal.org/drupal-4.5.2 http://drupal.org/files/drupal-4.5-xss-fix.patch
Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname. Date published : 2005-03-07 http://www.securityfocus.com/bid/12743 http://www.securiteam.com/securitynews/5PP0V00G1S.html
PHP remote file inclusion vulnerability in download_center_lite.inc.php for Download Center Lite 1.6 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a remote web server...
PHP remote file inclusion vulnerability in tell_a_friend.inc.php for Tell A Friend Script 2.7 before 20050305 allows remote attackers to execute arbitrary PHP code by modifying the script_root parameter to reference a URL on a...
PHP remote file inclusion vulnerability in formmail.inc.php for Form Mail Script 2.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the script_root to reference a URL on a remote web...
index.php for Zorum 3.5 allows remote attackers to perform certain actions as other users by modifying the id parameter. Date published : 2005-03-07 http://securitytracker.com/id?1013365
index.php in Zorum 3.5 allows remote attackers to trigger an SQL error, and possibly inject arbitrary SQL commands, via the search capability. Date published : 2005-03-07 http://securitytracker.com/id?1013365
Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.5 allows remote attackers to inject arbitrary web script or HTML via the (1) list or (2) frommethod parameters. Date published : 2005-03-07 http://securitytracker.com/id?1013365 http://secunia.com/advisories/9497
Cross-site scripting (XSS) vulnerability in the News module for paBox 1.6 allows remote attackers to inject arbitrary web script or HTML via the text hidden parameter in an HTTP POST request. Date published :...
Cross-site scripting (XSS) vulnerability in usercp_register.php for phpBB 2.0.13 allows remote attackers to inject arbitrary web script or HTML by setting the (1) allowhtml, (2) allowbbcode, or (3) allowsmilies parameters to inject HTML into...
Carsten’s 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via text strings that are not null terminated, which triggers a null dereference. Date published : 2005-03-07 http://www.securityfocus.com/bid/12727...
Format string vulnerability in Carsten’s 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command. Date published : 2005-03-07 http://www.securityfocus.com/bid/12727 http://aluigi.altervista.org/adv/ca3dex-adv.txt