Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the filnavn parameter. Date published : 2005-07-14 http://www.securityfocus.com/bid/3807 http://archives.neohapsis.com/archives/vuln-dev/2002-q1/0048.html
advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to cause a denial of service via multiple HTTP requests containing a single carriage return/line feed (CRLF) sequence. Date published : 2005-07-14 http://www.securityfocus.com/bid/5080...
webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the followup parameter. Date published : 2005-07-14 http://www.securityfocus.com/bid/5048 http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00232.html
Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to cause a denial of service in IIS via (1) a long template file name or (2)...
PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file parameter to include_once.php. Date published : 2005-07-14 http://www.securityfocus.com/bid/5037 http://online.securityfocus.com/archive/1/277312
Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet. Date published : 2005-07-14 http://www.securityfocus.com/bid/5095 http://online.securityfocus.com/archive/1/278747
Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption) via multiple URL requests containing the DOS ‘CON’ device name and a registered file extension such as .jsp or...
Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a URL with long variables for non-existent resources. Date published : 2005-07-14 http://www.securityfocus.com/bid/5032 http://online.securityfocus.com/archive/1/277232
Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a ".." (backslash dot dot). Date published : 2005-07-14 http://www.securityfocus.com/bid/5031 http://online.securityfocus.com/archive/1/277225
Microsoft Internet Explorer 6.0 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates...
Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site...
Safari version 2.0 (412) does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates...
iCab 2.9.8 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks,...
Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged object. Date published :...