Cross-site scripting (XSS) vulnerability in index.php in jjgan852 phpLister 0.4.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter. Date published : 2006-04-20 http://www.securityfocus.com/bid/17591 http://www.securityfocus.com/archive/1/431308/100/0/threaded
Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.3 allow remote attackers to execute arbitrary code via format string specifiers in a long filename on an EXTINFO line in a playlist file. Date...
Cross-site scripting (XSS) vulnerability in index.php in AnimeGenesis Gallery allows remote attackers to inject arbitrary web script or HTML via the cat parameter. Date published : 2006-04-20 http://www.securityfocus.com/archive/1/431135/100/0/threaded http://www.vupen.com/english/advisories/2006/1395
Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote attackers to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and...
fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce...
Mozilla Camino 1.0 and earlier allow remote attackers to cause a denial of service (null dereference and application crash or hang) via HTML with certain improperly nested elements. NOTE: this might be the same...
Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT...
Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters. Date published : 2006-04-20...
Multiple cross-site scripting (XSS) vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 allow remote attackers to inject arbitrary web script or HTML via (1) the uname parameter in a view action in profile.php...
Webplus (aka talentsoft) Web+Shop 5.3.6, when Redirect URL for "Script Not Found" Error is not configured, allows remote attackers to obtain sensitive information via a quote (‘) or possibly other invalid value in the...
Unspecified vulnerability in phpBB allows remote authenticated users with Administration Panel access to execute arbitrary PHP code via crafted Font Colour 3 ($theme[fontcolor3] variable) and/or signature values, possibly involving the highlight functionality. NOTE: the...
Direct static code injection vulnerability in includes/template.php in phpBB allows remote authenticated users with write access to execute arbitrary PHP code by modifying a template in a way that (1) bypasses a loose ".*"...
Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is transformed when the...
Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter. Date published : 2006-04-20 http://www.securityfocus.com/bid/17522 http://www.securityfocus.com/archive/1/431030/100/0/threaded