SQL injection vulnerability in index.php in PHPjournaler 1.0 allows remote attackers to execute arbitrary SQL commands via the readold parameter. Date published : 2006-01-03 http://www.securityfocus.com/bid/16111 http://www.securityfocus.com/archive/1/420666/100/0/threaded
SQL injection vulnerability in (1) functions.php, (2) functions_update.php, and (3) functions_display.php in VEGO Web Forum 1.26 and earlier allows remote attackers to execute arbitrary SQL commands via the theme_id parameter in index.php. Date published...
PHP remote file include vulnerability in includes/orderSuccess.inc.php in CubeCart allows remote attackers to execute arbitrary PHP code via a URL in the glob[rootDir] parameter. Date published : 2006-01-03 https://www.exploit-db.com/exploits/1398 http://www.vupen.com/english/advisories/2006/0016
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable. Date published : 2006-01-01 http://www.securityfocus.com/bid/16095 http://www.mandriva.com/security/advisories?name=MDKSA-2005:239
Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view...
SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment. Date published : 2006-01-01 http://www.securityfocus.com/bid/16097 http://www.securityfocus.com/archive/1/420573/100/0/threaded
The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. Date published : 2006-01-01 http://www.securityfocus.com/bid/16093 http://www.securityfocus.com/archive/1/452718/100/100/threaded
Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins,...
Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter. Date published : 2006-01-01 http://www.securityfocus.com/bid/16083 http://www.securityfocus.com/archive/1/420543/100/0/threaded
Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. Date published : 2006-01-01 http://www.securityfocus.com/bid/16091 http://pridels0.blogspot.com/2005/12/ooapp-guestbook-xss-vuln.html
Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 1.7 allows remote attackers to inject arbitrary web script or HTML via the email parameter, as used by the email field, when signing a guestbook....
Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_rsRead parameter. Date published : 2006-01-01 http://www.securityfocus.com/bid/16090 http://pridels0.blogspot.com/2005/12/adesguestbook-xss-vuln.html
Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory. Date published : 2006-01-01...
Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive. Date published : 2006-01-01 http://www.securityfocus.com/bid/16084 http://www.securityfocus.com/archive/1/420538/100/0/threaded