Cross-site scripting (XSS) vulnerability in action.php in Nucleus CMS 3.31 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO, which is not quoted when processing PHP_SELF. Date published : 2008-01-30...
Cross-site scripting (XSS) vulnerability in vpnum/userslist.php in Endian Firewall 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the psearch parameter. NOTE: the provenance of this information is unknown; the details...
fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from...
Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some...
Multiple SQL injection vulnerabilities in login.asp in ASPired2Protect allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: some of these details are obtained from third party...
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to...
Common Weakness Enumeration, Software Assurance strategic initiative sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.OkPrivacy policy