SQL injection vulnerability in include/includes/user/login.php in ilchClan before 1.05g allows remote attackers to execute arbitrary SQL commands via the login_name parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...
The "Open ‘safe’ files after downloading" option in Safari on Apple Mac OS X allows remote user-assisted attackers to execute arbitrary commands by tricking a user into downloading a __MACOSX folder that contains metadata...
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted...
Directory traversal vulnerability in the staticfilter component in CherryPy before 2.1.1 allows remote attackers to read arbitrary files via ".." sequences in unspecified vectors. Date published : 2006-02-21 http://www.securityfocus.com/bid/16760 http://groups.google.com/group/cherrypy-announce/browse_thread/thread/92b2972f774fe6df/2f63afc9433dc306#2f63afc9433dc306
Multiple cross-site scripting (XSS) vulnerabilities in Leif M. Wright’s Blog 3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) Referer and (2) User-Agent HTTP headers, which are stored in...
Leif M. Wright’s Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname. Date published : 2006-02-21 http://www.evuln.com/vulns/82/summary.html http://secunia.com/advisories/18923
Leif M. Wright’s Blog 3.5 does not make a password comparison when authenticating an administrator via a cookie, which allows remote attackers to bypass login authentication, probably by setting the blogAdmin cookie. Date published...
Leif M. Wright’s Blog 3.5 stores the config file and other txt files under the web root with insufficient access control, which allows remote attackers to read the administrator’s password. Date published : 2006-02-21...
Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote attackers to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail...
Multiple cross-site scripting (XSS) vulnerabilities in Mantis 1.00rc4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) hide_status, (2) handler_id, (3) user_monitor, (4) reporter_id, (5) view_type, (6) show_severity,...
manage_user_page.php in Mantis 1.00rc4 and earlier does not properly handle a sort parameter containing a ‘ (quote) character, which allows remote attackers to trigger a SQL error that may be repeatedly reported to a...
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. Date...
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, (2) CMSM_DBPASS, and (3) RPT_DBPASS fields in /etc/neusecure.conf, and in (4) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to gain privileges. NOTE: IBM has...
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, which allows local users to read sensitive information such as passwords. NOTE: IBM has privately confirmed to CVE...