Cross-site scripting (XSS) vulnerability in index.php in Beehive Forum allows remote attackers to inject arbitrary web script or HTML via the webtag parameter. Date published : 2005-08-03 http://www.securityfocus.com/bid/14363 http://marc.info/?l=bugtraq&m=112230744103930&w=2
Multiple SQL injection vulnerabilities in index.php and other pages in Beehive Forum allow remote attackers to execute arbitrary SQL commands via the webtag parameter. Date published : 2005-08-03 http://www.securityfocus.com/bid/14361 http://marc.info/?l=bugtraq&m=112230744103930&w=2
flsearch.pl in FtpLocate 2.02 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP GET request. Date published : 2005-08-03 http://www.securityfocus.com/bid/14367 http://marc.info/?l=bugtraq&m=112230697123357&w=2
B-FOCuS Router 312+ allows remote attackers to bypass authentication and gain unauthorized access via a direct request to firmwarecfg. Date published : 2005-08-03 http://www.securityfocus.com/bid/14364 http://marc.info/?l=bugtraq&m=112230649106740&w=2
Contrexx before 1.0.5 allows remote attackers to obtain sensitive information via a direct request to /config/version.xml. Date published : 2005-08-03 http://www.securityfocus.com/bid/14352 http://marc.info/?l=bugtraq&m=112206702015439&w=2
Multiple cross-site scripting (XSS) vulnerabilities in Contrexx before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) term parameter to the search module or (2) title in the blog...
Multiple SQL injection vulnerabilities in Contrexx before 1.0.5 allow remote attackers to execute arbitrary SQL commands via the (1) value parameter to the poll module or (2) pId parameter to the gallery module. Date...
Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file...
PHP remote file inclusion vulnerability in apa_phpinclude.inc.php in Atomic Photo Album (APA) allows remote attackers to execute arbitrary PHP code via the apa_module_basedir parameter. Date published : 2005-08-03 http://www.securityfocus.com/bid/14368 http://marc.info/?l=bugtraq&m=112230428725189&w=2
PHP remote file inclusion vulnerability in block.php in PHP FirstPost allows remote attackers to execute arbitrary PHP code via the Include parameter. Date published : 2005-08-03 http://www.securityfocus.com/bid/14371 http://marc.info/?l=bugtraq&m=112230599222543&w=2
Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task...
RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests. Date...
gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges. Date published : 2005-08-03 http://www.debian.org/security/2005/dsa-770 http://www.securitytracker.com/alerts/2005/Jul/1014599.html
Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated...