Cross-site scripting (XSS) vulnerability in mvnForum 1.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the Search parameter. Date published : 2005-04-19 http://www.securityfocus.com/bid/13213 http://www.osvdb.org/15760
Unknown vulnerability in Incoming Remote Command (iSeries Access for Windows Remote Command service) in IBM OS/400 R510, R520, and R530 allows attackers to cause a denial of service (IRC shutdown) via certain inputs. Date...
** DISPUTED ** NOTE: this issue has been disputed by the vendor. PHP remote code injection vulnerability in loader.php for Ariadne CMS 2.4 allows remote attackers to execute arbitrary PHP code by modifying the...
HTTP Response Splitting vulnerability in the Surveys module in PHP-Nuke 7.6 allows remote attackers to spoof web content and poison web caches via hex-encoded CRLF ("%0d%0a") sequences in the forwarder parameter. Date published :...
Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to...
SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature. Date published : 2005-04-19 http://www.red-database-security.com/wp/sql_injection_forms_us.pdf http://www.securiteam.com/securitynews/5HP0I0UFFI.html
Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact. Date published : 2005-04-19 http://www.webmin.com/changes.html http://www.webmin.com/uchanges.html
Race condition in JFS2 on AIX 5.2 and 5.3, when deleting a file while I/O is still occurring for that file, may write data to a different file, which could leak sensitive information. Date...
geneweb 4.10 and earlier does not properly check file permissions and content during conversion, which allows attackers to modify arbitrary files. Date published : 2005-04-19 http://www.debian.org/security/2005/dsa-712 https://exchange.xforce.ibmcloud.com/vulnerabilities/20176
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request. Date published : 2005-04-18 http://marc.info/?l=bugtraq&m=111384806002021&w=2
Cross-site scripting (XSS) vulnerability in init.inc.php in Coppermine Photo Gallery 1.3.x allows remote attackers to inject arbitrary web script or HTML via the X-Forwarded-For parameter. Date published : 2005-04-18 http://www.securityfocus.com/bid/13218 http://marc.info/?l=bugtraq&m=111383800707880&w=2
Cross-site scripting (XSS) vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to inject arbitrary web script or HTML via the id parameter. Date published : 2005-04-18 http://www.securityfocus.com/bid/13210 http://marc.info/?l=bugtraq&m=111367077709726&w=2
SQL injection vulnerability in mod.php in the datenbank module for phpBB allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2005-04-18 http://marc.info/?l=bugtraq&m=111367077709726&w=2
Mafia Blog .4 BETA does not properly protect the admin directory, which allows remote attackers to execute arbitrary PHP code by using writeinfo.php to inject the code into info.php. Date published : 2005-04-18 http://www.securityfocus.com/bid/13194...