MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences. Date published : 2005-05-10 http://www.securityfocus.com/bid/10417 http://marc.info/?l=bugtraq&m=108563992129877&w=2
Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to execute arbitrary code via a long filename. Date published : 2005-05-10 http://www.securityfocus.com/bid/10421 http://marc.info/?l=bugtraq&m=108569235217149&w=2
Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. Date published : 2005-05-10 http://www.securityfocus.com/bid/10420 http://marc.info/?l=bugtraq&m=108559623703422&w=2
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences. Date published : 2005-05-10 http://www.securityfocus.com/bid/10404 http://marc.info/?l=bugtraq&m=108541203427391&w=2
Cross-site scripting (XSS) vulnerability in user.php in e107 allows remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) MSN, or (3) AIM fields. Date published : 2005-05-10 http://www.securityfocus.com/bid/10405 http://marc.info/?l=bugtraq&m=108541119526279&w=2
Multiple cross-site scripting (XSS) vulnerabilities in index.jsp for Liferay before 2.2.0 release 10/1/2004 allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the message subject. Date published : 2005-05-10 http://www.securityfocus.com/bid/10402...
The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value. Date...
Cross-site scripting (XSS) vulnerability in stats.php in e107 allows remote attackers to inject arbitrary web script or HTML via the referer parameter to log.php. Date published : 2005-05-10 http://www.securityfocus.com/bid/10395 http://marc.info/?l=bugtraq&m=108515632622796&w=2
Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service (crash) via a long Basic Authorization header that triggers an out-of-bounds read. Date published : 2005-05-10 http://www.securityfocus.com/bid/10311 http://www.xiph.org/archives/icecast/7144.html
Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages. Date published : 2005-05-10 http://www.securityfocus.com/bid/10267 http://www.apsis.ch/pound/pound_list/archive/2003/2003-12/1070234315000#1070234315000
SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter. Date published : 2005-05-10 http://www.zen-cart.com/modules/ipb/index.php?showtopic=3731 http://www.zen-cart.com/modules/mydownloads/viewcat.php?cid=31&orderby=dateD
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. Date published : 2005-05-10 http://www.zen-cart.com/modules/ipb/index.php?showtopic=4873 http://www.zen-cart.com/modules/mydownloads/viewcat.php?cid=31&orderby=dateD
SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters. Date published...
ActivePerl 5.8.x and others, and Larry Wall’s Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument...