SQL injection vulnerability in index.php in the McQuiz (com_mcquiz) 0.9 Final component for Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. Date published : 2008-02-15...
SQL injection vulnerability in index.php in the Quiz (com_quiz) 0.81 and earlier component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the tid parameter in a user_tst_shw action. Date...
Multiple directory traversal vulnerabilities in artmedic webdesign weblog 1.0, when magic_quotes_gpc is disabled, allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ta parameter to artmedic_index.php, reached through...
Directory traversal vulnerability in lib/download.php in iTheora 1.0 rc1 allows remote attackers to read arbitrary files via directory traversal sequences in the url parameter. Date published : 2008-02-15 http://www.securityfocus.com/bid/27788 http://menguy.aymeric.free.fr/theora/news.php
SQL injection vulnerability in threads.php in Nuboard 0.5 allows remote attackers to execute arbitrary SQL commands via the ssid parameter. Date published : 2008-02-15 https://www.exploit-db.com/exploits/5115
SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action. Date published...
Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter. Date published : 2008-02-14 http://www.securityfocus.com/bid/27777...
Multiple cross-site scripting (XSS) vulnerabilities in search.asp in Tendenci CMS allow remote attackers to inject arbitrary web script or HTML via the (1) category, (2) searchtext, (3) jobcategoryid, (4) contactcompany, and unspecified other parameters....
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive. Date published :...
ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to cause a denial of service (CPU consumption) via short packets on TCP port 5001 with the 3, 5, 7, 13, 14, or 15 packet...
Directory traversal vulnerability in ipdsserver.exe in Intermate WinIPDS 3.3 G52-33-021 allows remote attackers to read arbitrary files via a .. (dot dot) in the URI. Date published : 2008-02-14 http://www.securityfocus.com/bid/27757 http://www.securityfocus.com/archive/1/488015/100/0/threaded
SQL injection vulnerability in countdown.php in LI-Scripts LI-Countdown allows remote attackers to execute arbitrary SQL commands via the years parameter. Date published : 2008-02-14 http://www.securityfocus.com/bid/27753 http://www.securityfocus.com/archive/1/488017/100/0/threaded
Multiple cross-site request forgery (CSRF) vulnerabilities in MyBB 1.2.11 and earlier allow remote attackers to (1) hijack the authentication of moderators or administrators for requests that delete threads via a do_multideletethreads action to moderation.php...
SQL injection vulnerability in inc/datahandlers/pm.php in MyBB before 1.2.12 allows remote authenticated users to execute arbitrary SQL commands via the options[disablesmilies] parameter to private.php. Date published : 2008-02-14 http://www.securityfocus.com/bid/27378 http://www.securityfocus.com/archive/1/486763/100/200/threaded