Untrusted search path vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the LinuxGpib.so module, which might allow local users to gain privileges by installing malicious libraries...
Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux includes RPATH values under the /tmp/svn directory for the (1) mod_authz_svn.so and (2) mod_dav_svn.so modules, which might allow local users to gain...
Direct static code injection vulnerability in config.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other [V]Book scripts....
Multiple cross-site scripting (XSS) vulnerabilities in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) autor, (2) www, (3) temat,...
SQL injection vulnerability in index.php in vscripts (aka Kuba Kunkiewicz) [V]Book (aka VBook) 2.0 allows remote attackers to execute arbitrary SQL commands via the x parameter. Date published : 2006-03-31 http://www.securityfocus.com/bid/17320 http://www.securityfocus.com/archive/1/430624/100/0/threaded
Multiple SQL injection vulnerabilities in SkinTech phpNewsManager 1.48 allow remote attackers to execute arbitrary SQL commands via unspecified parameters, possibly (1) id and (2) topicid, in (a) browse.php, (b) category.php, (c) gallery.php, (d) poll.php,...
SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...
Cross-site scripting (XSS) vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter. Date published : 2006-03-31 http://www.securityfocus.com/bid/17297 http://osvdb.org/ref/24/24243-script_index.txt
Multiple SQL injection vulnerabilities in X-Changer 0.2 allow remote attackers to execute arbitrary SQL commands via the (1) from and (2) into parameters in a calculate action, and the (3) id parameter in an...
Multiple cross-site scripting (XSS) vulnerabilities in view_caricatier.php in AL-Caricatier 2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) CatName, (2) CaricatierID, or (3) CatID parameter. Date published : 2006-03-31...
VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic. Date published : 2006-03-31 http://www.securityfocus.com/bid/17396 http://www.securityfocus.com/archive/1/430345/100/0/threaded
Cross-site scripting (XSS) vulnerability in VSNS Lemon 3.2.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter while adding a comment. Date published : 2006-03-31 http://www.securityfocus.com/bid/17395 http://www.securityfocus.com/archive/1/430345/100/0/threaded
SQL injection vulnerability in functions/final_functions.php in VSNS Lemon 3.2.0, with magic_quotes_gpc disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2006-03-31 http://www.securityfocus.com/bid/17281 http://www.securityfocus.com/archive/1/430345/100/0/threaded
Integer overflow in ImageIO in Apple Mac OS X 10.4 up to 10.4.5 allows remote attackers to cause a denial of service (crash) via a crafted JPEG image with malformed JPEG metadata, as demonstrated...