ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests...
config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute arbitrary code by uploading files with other executable...
SQL injection vulnerability in password_reminder.php in ATutor before 1.5.1 pl1 allows remote attackers to execute arbitrary SQL commands via the email field. Date published : 2005-09-16 http://www.securityfocus.com/bid/14831 http://marc.info/?l=bugtraq&m=112671176100432&w=2
Cross-site scripting (XSS) vulnerability in merchant.mvc in MIVA Merchant 5 allows remote attackers to inject arbitrary web script or HTML via the Customer_Login parameter. Date published : 2005-09-16 http://www.securityfocus.com/bid/14828 http://marc.info/?l=bugtraq&m=112684680903655&w=2
Directory traversal vulnerability in s.pl in Subscribe Me Pro 2.044.09P and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the l parameter. Date published : 2005-09-16 http://www.securityfocus.com/bid/14817 http://marc.info/?l=bugtraq&m=112662785418368&w=2
Directory traversal vulnerability in security.inc.php in AzDGDatingLite 2.1.3, and possibly earlier versions, allows remote attackers to execute arbitrary PHP commands via ".." sequences and "%00" (trailing null byte) characters in the l parameter, which...
Cross-site scripting (XSS) vulnerability in Sawmill 7.0.0 through 7.1.13 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP GET request. Date published : 2005-09-16 http://marc.info/?l=bugtraq&m=112654659400488&w=2 http://www.sawmill.net/version_history.html
pam_per_user before 0.4 does not verify if the user name changes between authentication attempts and uses the same subrequest handle, which allows remote attackers or local users to login as other users by using...
KillProcess 2.20 and earlier allows local users to bypass kill list restrictions by launching multiple processes at the same time, which are not all killed by KillProcess. Date published : 2005-09-16 http://marc.info/?l=bugtraq&m=112629480300071&w=2
Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource. Date published : 2005-09-16 http://www.securityfocus.com/bid/14795 http://marc.info/?l=bugtraq&m=112629480300071&w=2
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate...
arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by (1) arc (arc.c) or (2) marc (marc.c). Date published : 2005-09-16 http://marc.info/?l=bugtraq&m=112689596714383&w=2...
The perform_file_save function in GNOME Workstation Command Center (gwcc) 0.9.6 and earlier allows local users to create and overwrite arbitrary files via a symlink attack on the gwcc_out.txt temporary file. Date published : 2005-09-16...
The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUsers. Date published : 2005-09-16 http://www.securityfocus.com/bid/14834 http://marc.info/?l=bugtraq&m=112680475417550&w=2