Multiple SQL injection vulnerabilities in Phoetux.net PhxContacts 0.93.1 beta and earlier allow remote attackers to execute arbitrary SQL commands via the (1) motclef and (2) nbr_line_view parameters in (a) carnet.php, and the (3) id_contact...
Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter. Date published : 2006-03-30 http://www.securityfocus.com/bid/17307 http://www.securityfocus.com/archive/1/429259/100/0/threaded
Multiple SQL injection vulnerabilities in Null news allow remote attackers to execute arbitrary SQL commands via (1) the user_email parameter in (a) lostpass.php, and the (2) user_email and (3) user_username parameters in (b) sub.php...
SQL injection vulnerability in newsletter.php in Sourceworkshop newsletter 1.0 allows remote attackers to execute arbitrary SQL commands via the newsletteremail parameter. Date published : 2006-03-30 http://www.securityfocus.com/bid/17304 http://www.securityfocus.com/archive/1/430375/100/0/threaded
Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. Date published : 2006-03-30 http://www.securityfocus.com/bid/17305...
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain....
PHP remote file include vulnerability in functions_admin.php in Virtual War (VWar) 1.5.0 R10 allows remote attackers to include and execute arbitrary PHP code via unspecified attack vectors. NOTE: this issue has been referred to...
Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name....
Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to execute arbitrary...
/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service. Date published : 2006-03-29 http://www.securityfocus.com/bid/17280 http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00619550
Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calendar_id, (2) style_sheet, and (3)...
Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/login.php. Date published : 2006-03-29...
Unspecified vulnerability in rsh in Sun Microsystems Sun Grid Engine 5.3 before 20060327 and N1 Grid Engine 6.0 before 20060327 allows local users to gain root privileges. Date published : 2006-03-29 http://securitytracker.com/id?1015835 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102268-1
base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the standalone parameter to "yes". Date published : 2006-03-29...