WebCalendar 0.9.34 and earlier with ‘browsing in includes directory’ enabled allows remote attackers to read arbitrary include files with .inc extensions from the web root. Date published : 2005-07-14 http://www.securityfocus.com/bid/4961 http://sourceforge.net/project/shownotes.php?group_id=3870&release_id=93295
isadmin.php in PhpWebGallery 1.0 allows remote attackers to gain administrative access via by setting the photo_login cookie to pseudo. Date published : 2005-07-14 http://www.securityfocus.com/bid/4622 http://www.ifrance.com/kitetoua/tuto/PWG.txt
AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames. Date published : 2005-07-14 http://www.securityfocus.com/bid/4620 http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-04/0412.html
Cross-site scripting (XSS) vulnerability in ftp.htt in Internet Explorer 5.5 and 6.0, when running on Windows 2000 with "Enable folder view for FTP sites" and "Enable Web content in folders" selected, allows remote attackers...
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an...
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images. Date published : 2005-07-14 http://www.securityfocus.com/bid/4921 http://atrey.karlin.mff.cuni.cz/~clock/twibright/links/download/ChangeLog
BIOS D845BG, D845HV, D845PT and D845WN on Intel motherboards does not properly restrict access to configuration information when BIOS passwords are enabled, which could allow local users to change the default boot device via...
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt, which allows remote attackers to identify IP’s visiting the site by dividing each octet by the MD5 hash of ’20’. Date...
TeeKai Forum 1.2 uses weak encryption of web usage statistics in data/member_log.txt, which is stored under the web document root with insufficient access control, which allows remote attackers to identify IP’s visiting the site...
Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. Date published : 2005-07-14 http://www.ifrance.com/kitetoua/tuto/Teekai.txt http://marc.info/?l=vuln-dev&m=102313697923798&w=2
Cross-site scripting (XSS) vulnerability in userlog.php in TeeKai Tracking Online 1.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. Date published : 2005-07-14 http://www.securityfocus.com/bid/4924 http://www.ifrance.com/kitetoua/tuto/Teekai.txt
TeeKai Forum 1.2 allows remote attackers to authenticate as the administrator and and gain privileged web forum access by setting the valid_level cookie to admin. Date published : 2005-07-14 http://www.securityfocus.com/bid/4925 http://www.ifrance.com/kitetoua/tuto/Teekai.txt
The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the...
Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2)...