MailEnable Professional Edition before 1.53 and Enterprise Edition before 1.02 allows remote attackers to cause a denial of service (crash) via malformed (1) SMTP or (2) IMAP commands. Date published : 2005-07-10 http://www.securityfocus.com/bid/11418 http://www.mailenable.com/enterprisehistory.asp
Cross-site scripting (XSS) vulnerability in trade.php for CJOverkill 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the (1) tms[0] or (2) url parameters. Date published : 2005-07-10 http://www.securityfocus.com/bid/11359 http://bbs.icefire.org/viewtopic.php?t=573
SQL injection vulnerability in tttadmin/settings.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to execute arbitrary SQL commands via the ttt_admin parameter. Date published : 2005-07-10 http://www.securityfocus.com/bid/11358 http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0296.html
Cross-site scripting (XSS) vulnerability in ttt-webmaster.php in Turbo Traffic Trader PHP 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) msg[0] or (2) siteurl parameters. Date published : 2005-07-10...
Directory traversal vulnerability in Unzoo 4.4-2 has unknown impact and attack vectors. Date published : 2005-07-10 http://www.securityfocus.com/bid/11417 http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2004-10/0466.html
SQL injection vulnerability in DMXReady Site Chassis Manager allows remote attackers to execute arbitrary SQL commands via unknown vectors. Date published : 2005-07-10 http://www.securityfocus.com/bid/11434 http://www.maxpatrol.com/mp_advisory.asp
Cross-site scripting (XSS) vulnerability in DMXReady Site Chassis Manager allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Date published : 2005-07-10 http://www.securityfocus.com/bid/11434 http://www.maxpatrol.com/advdetails.asp?id=10
Unknown vulnerability in ImagePage for MediaWiki 1.3.5, related to "filename validation," has unknown impact and attack vectors. Date published : 2005-07-10 http://www.securityfocus.com/bid/11416 http://sourceforge.net/project/shownotes.php?release_id=275099
SQL injection vulnerability in MediaWiki 1.3.5 allows remote attackers to execute arbitrary SQL commands via SpecialMaintenance. Date published : 2005-07-10 http://www.securityfocus.com/bid/11416 http://sourceforge.net/project/shownotes.php?release_id=275099
Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki 1.3.5 allow remote attackers to execute arbitrary scripts and/or SQL queries via (1) the UnicodeConverter extension, (2) raw page views, (3) SpecialIpblocklist, (4) SpecialEmailuser, (5) SpecialMaintenance, and...
Directory traversal vulnerability in Digicraft Yak! server 2.0 through 2.1.2 allows remote attackers to read or write arbitrary files via "../" or ".." sequences in commands such as (1) dir or (2) put. Date...
Unknown vulnerability in WeHelpBUS 0.1 allows remote attackers to execute arbitrary shell commands via the query string. Date published : 2005-07-10 http://www.securityfocus.com/bid/11431 http://sourceforge.net/project/shownotes.php?release_id=275295
Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user sessions by pre-setting the user session ID information used by the session server. Date published : 2005-07-10 http://www.macromedia.com/devnet/security/security_zone/mpsb04-08.html http://www.securityfocus.com/bid/11414
Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. NOTE:...