Cross-site scripting (XSS) vulnerability in calendar_new.asp in IA-Calendar allows remote attackers to inject arbitrary web script or HTML via the TypeName1 parameter. NOTE: the provenance of this information is unknown; the details are obtained...
Multiple cross-site scripting (XSS) vulnerabilities in kommentar.php in 2005-Comments-Script allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) email, and (3) url parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17895...
Buffer overflow in avahi-core in Avahi before 0.6.10 allows local users to execute arbitrary code via unknown vectors. Date published : 2006-05-09 http://www.securityfocus.com/bid/17884 http://0pointer.de/cgi-bin/viewcvs.cgi/%2Acheckout%2A/trunk/docs/NEWS?root=avahi
Avahi before 0.6.10 allows local users to cause a denial of service (mDNS/DNS-SD service disconnect) via unspecified mDNS name conflicts. Date published : 2006-05-09 http://www.securityfocus.com/bid/17884 http://0pointer.de/cgi-bin/viewcvs.cgi/%2Acheckout%2A/trunk/docs/NEWS?root=avahi
Multiple cross-site scripting (XSS) vulnerabilities in Vision Source 0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the fields in a user’s profile. Date published : 2006-05-09 http://www.securityfocus.com/bid/17867 http://www.securityfocus.com/archive/1/433129/100/0/threaded
Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code via a URL in the (1) rootSys and...
PHP remote file inclusion vulnerability in authldap.php in Dokeos 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the includePath parameter. Date published : 2006-05-09 http://www.securityfocus.com/bid/17873 http://www.securityfocus.com/bid/17915
Multiple PHP remote file inclusion vulnerabilities in Claroline 1.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) clarolineRepositorySys parameter in ldap.inc.php and the (2) claro_CasLibPath parameter in casProcess.inc.php....
Multiple PHP remote file inclusion vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) auth.php and (2) auth_phpbb when...
Cross-site scripting (XSS) vulnerability in X7 Chat 2.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the URL of an avatar, possibly related to the...
X-Scripts X-Poll (xpoll) 2.30 allows remote attackers to execute arbitrary PHP code by using admin/images/add.php to upload a PHP file, then access it. Date published : 2006-05-09 http://www.securityfocus.com/bid/17901 http://www.securityfocus.com/archive/1/433220/100/0/threaded
Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and earlier allows remote attackers to list arbitrary directories and read arbitrary files via a .. (dot dot) in the template parameter. Date published...
Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php....
SaphpLesson 3.0 does not initialize array variables, which allows remote attackers to obtain the full path via an non-array (1) hrow parameter to (a) show.php or (b) index.php; the (2) Lsnrow parameter to (c)...