OneWorldStore allows remote attackers to cause a denial of service (application crash) via a direct request to owConnections/chksettings.asp. Date published : 2005-04-27 http://www.securityfocus.com/bid/13322 http://www.oneworldstore.com/support_security_issue_updates.asp#April_20_2005_Lostmon
Cross-site scripting (XSS) vulnerability in pms.php for Woltlab Burning Board 2.3.1 PL2 and earlier allows remote attackers to inject arbitrary web script or HTML via the folderid parameter. Date published : 2005-04-27 http://www.securityfocus.com/bid/13353 http://www.securityfocus.com/archive/1/396858
Buffer overflow in VooDoo cIRCle BOTNET before 1.0.33 allows remote authenticated attackers to cause a denial of service (client crash) via a crafted packet. Date published : 2005-04-27 http://sourceforge.net/project/shownotes.php?release_id=323254 http://www.osvdb.org/15830
set_lang.php in phpMyVisites 1.3 allows remote attackers to read and include arbitrary files via the mylang parameter. Date published : 2005-04-27 http://www.securityfocus.com/bid/13370 http://marc.info/?l=bugtraq&m=111454298603060&w=2
Multiple cross-site scripting (XSS) vulnerabilities in index.php for phpMyVisites allow remote attackers to inject arbitrary web script or HTML via the (1) part, (2) per, or (3) site parameters. Date published : 2005-04-27 http://www.osvdb.org/15789...
Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote attackers to execute arbitrary code via a long USER command. Date published : 2005-04-27 http://www.securityfocus.com/bid/13396 http://www.securityfocus.com/archive/1/396959
Cross-site scripting (XSS) vulnerability in Horde Nag Task List Manager before 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/nag/docs/CHANGES?r1=1.54.2.33&r2=1.54.2.35&ty=h http://lists.horde.org/archives/nag/Week-of-Mon-20050418/000756.html
Cross-site scripting (XSS) vulnerability in Horde Vacation module before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/vacation/docs/CHANGES?r1=1.1.1.1.2.21&r2=1.1.1.1.2.26&ty=h http://lists.horde.org/archives/sork/Week-of-Mon-20050418/002148.html
Cross-site scripting (XSS) vulnerability in Horde Mnemo Note Manager before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/mnemo/docs/CHANGES?r1=1.4.2.31&r2=1.4.2.33&ty=h http://lists.horde.org/archives/mnemo/Week-of-Mon-20050418/000166.html
Cross-site scripting (XSS) vulnerability in Horde IMP Webmail client before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.389.2.119&r2=1.389.2.125&ty=h http://lists.horde.org/archives/imp/Week-of-Mon-20050418/041912.html
Cross-site scripting (XSS) vulnerability in Horde Forwards E-Mail Forwarding Manager before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/forwards/docs/CHANGES?r1=1.1.1.1.2.20&r2=1.1.1.1.2.23&ty=h http://lists.horde.org/archives/sork/Week-of-Mon-20050418/002145.html
Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/chora/docs/CHANGES?r1=1.45.2.34&r2=1.45.2.37&ty=h http://lists.horde.org/archives/chora/Week-of-Mon-20050418/004050.html
Cross-site scripting (XSS) vulnerability in Horde Accounts module before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/accounts/docs/CHANGES?r1=1.1.1.1.2.15&r2=1.1.1.1.2.18&ty=h http://lists.horde.org/archives/sork/Week-of-Mon-20050418/002146.html
Cross-site scripting (XSS) vulnerability in Horde Turba module before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via the parent’s frame page title. Date published : 2005-04-27 http://cvs.horde.org/diff.php/turba/docs/CHANGES?r1=1.61.2.74&r2=1.61.2.77&ty=h http://lists.horde.org/archives/turba/Week-of-Mon-20050418/004182.html