phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information. Date published : 2007-10-29 http://www.securityfocus.com/bid/5942 http://www.securityfocus.com/archive/1/294701
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter. Date published : 2007-10-29 http://www.securityfocus.com/bid/5932 http://www.securityfocus.com/archive/1/294624
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject...
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. Date published : 2007-10-29 http://www.securityfocus.com/bid/5923 http://online.securityfocus.com/archive/1/294560
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access. Date published : 2007-10-29 http://www.securityfocus.com/bid/7395 http://otn.oracle.com/deploy/security/pdf/2002alert39rev1.pdf
Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target’s email address. Date published : 2007-10-29 http://www.securityfocus.com/bid/5418 http://xwss.org/thread.jsp?forum=107&thread=864
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages. Date published : 2007-10-29 http://www.securityfocus.com/bid/4740 http://archives.neohapsis.com/archives/bugtraq/2002-05/0107.html
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information...
Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. Date published : 2007-10-29 http://www.securityfocus.com/bid/4755 http://online.securityfocus.com/archive/1/272935
Cross-site scripting (XSS) vulnerability in read.php in Phorum 3.3.2a allows remote attackers to inject arbitrary web script or HTML via (1) the t parameter or (2) the body of an email response. Date published...
Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) image=right, (4) img=right, (5)...
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot...
Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. Date published : 2007-10-29 http://www.securityfocus.com/bid/5917 http://online.securityfocus.com/archive/1/294411
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. Date published : 2007-10-29 http://www.securityfocus.com/bid/5917 http://online.securityfocus.com/archive/1/294411