Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads." Date published : 2005-09-22 http://www.securityfocus.com/bid/14884 http://www.opera.com/docs/changelogs/windows/850/
Directory traversal vulnerability in the web interface (ISALogin.dll) for TAC Vista 4.0, and possibly other versions before 4.3, allows remote attackers to read arbitrary files via ".." sequences in the Template parameter. Date published...
SQL injection vulnerability in infopage.asp in Mall23 eCommerce allows remote attackers to execute arbitrary SQL commands via the idPage parameter. Date published : 2005-09-22 http://www.securityfocus.com/bid/14803 http://systemsecure.org/ssforum/viewtopic.php?t=219
Unspecified vulnerability in Hosting Controller 6.1 before Hotfix 2.4 allows remote attackers to list and read contents of arbitrary drives, related to "the PHP vulnerability." Date published : 2005-09-22 http://www.securityfocus.com/bid/14840 http://hostingcontroller.com/english/logs/hotfixlogv61_2_4.html
Cross-site scripting (XSS) vulnerability in Handy Address Book Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the SEARCHTEXT parameter in a demos URL. Date published : 2005-09-22 http://www.securityfocus.com/bid/14818 http://secubox.teria.org/index.php?menu=24&action=detail&aid=82
File Transfer Anywhere 3.01 stores sensitive password information in plaintext in the PASS value in the "File Transfer Anywhere" registry key, which allows local users to gain privileges. Date published : 2005-09-22 http://securitytracker.com/id?1014919
Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to cause a denial of service (reboot) via a UDP packet sent directly to port 9110. Date published : 2005-09-22...
Compuware DriverStudio Remote Control service (DSRsvc.exe) 2.7 and 3.0 beta 2 allows remote attackers to bypass authentication via a null session. Date published : 2005-09-22 http://www.securityfocus.com/bid/14837 http://lists.seifried.org/pipermail/security/2005-September/009956.html
Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request. Date published : 2005-09-22 http://www.airscanner.com/security/05081101_vxweb.htm http://securitytracker.com/id?1014910
Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument. Date published : 2005-09-22 http://www.securityfocus.com/bid/14842...
Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name. Date published : 2005-09-22 http://www.airscanner.com/security/05081102_vxftpsrv.htm http://securitytracker.com/id?1014911
Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to write arbitrary files...
Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in...
Sybari Antigen 8.0 SR2 does not properly filter SMTP messages, which allows remote attackers to bypass custom filter rules and send file attachments of arbitrary file types via a message with a subject of...