PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message. Date published : 2005-05-11 http://marc.info/?l=bugtraq&m=111565808024581&w=2 http://www.osvdb.org/16234
SQL injection vulnerability in profil.php in PwsPHP 1.2.2 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2005-05-11 http://www.securityfocus.com/bid/13563 http://marc.info/?l=bugtraq&m=111565808024581&w=2
Multiple cross-site scripting (XSS) vulnerabilities in PwsPHP 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) month or (2) annee parameters to the news module, (3) nbractif or (4)...
Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL. Date published : 2005-05-11...
SQL injection vulnerability in out.php in CJ Ultra (CJUltra) Plus 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via the perm parameter. Date published : 2005-05-11 http://marc.info/?l=bugtraq&m=111539589013911&w=2 http://secunia.com/advisories/15281
The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has...
GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed disc command, which tells the server the CD key is...
Multiple SQL injection vulnerabilities in MidiCart PHP Shopping Cart allow remote attackers to execute arbitrary SQL commands via the (1) searchstring parameter to search_list.php, the (2) maingroup or (3) secondgroup parameters to item_list.php, or...
Cross-site scripting (XSS) vulnerability in MidiCart PHP Shopping Cart allows remote attackers to inject arbitrary web script or HTML via the (1) searchstring parameter to search_list.php or the (2) secondgroup or (3) maingroup parameters...
MidiCart PHP Shopping Cart allows remote attackers to obtain sensitive information via a direct request to (1) search_list.php, (2) item_list.php, or (3) item_show.php, which reveal the path in a PHP error message. Date published...
Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the keyword parameter in search.php; or (2) the date_no parameter in viewdate mode, (3) the cat_id parameter...
delcomment.php in myBloggie 2.1.1 allows remote attackers to delete arbitrary comments by modifying the comment_id parameter. Date published : 2005-05-11 http://www.securityfocus.com/bid/13507 http://marc.info/?l=bugtraq&m=111531904608224&w=2
Multiple cross-site scripting (XSS) vulnerabilities in myBloggie 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) year parameter in viewmode.php, or the (2) cat_id, (3) month_no, or (4) post_id...
index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message. Date published : 2005-05-11 http://marc.info/?l=bugtraq&m=111531904608224&w=2 http://mywebland.com/forums/viewtopic.php?t=180