SQL injection vulnerability in out.php in E-topbiz Link ADS 1 allows remote attackers to execute arbitrary SQL commands via the linkid parameter. Date published : 2008-06-26 http://www.securityfocus.com/bid/29923 https://www.exploit-db.com/exploits/5930
SQL injection vulnerability in detail.asp in DUware DUcalendar 1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the iEve parameter. Date published : 2008-06-26 http://www.securityfocus.com/bid/29919 https://www.exploit-db.com/exploits/5927
SQL injection vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 allows remote attackers to execute arbitrary SQL commands via the bannerid parameter. Date published : 2008-06-26 http://www.securityfocus.com/bid/29921 https://www.exploit-db.com/exploits/5929
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics,...
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via...
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network...
SQL injection vulnerability in csc_article_details.php in Caupo.net CaupoShop Classic 1.3 allows remote attackers to execute arbitrary SQL commands via the saArticle[ID] parameter. Date published : 2008-06-25 http://www.securityfocus.com/bid/29834 https://www.exploit-db.com/exploits/5865
SQL injection vulnerability in index.php in Kalptaru Infotech PHP Site Lock 2.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a show_article action. Date published : 2008-06-25 http://www.securityfocus.com/bid/29777 https://www.exploit-db.com/exploits/5842
eLineStudio Site Composer (ESC) 2.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) trigger.asp or (2) common2.asp in cms/include/, which reveals the database path. Date published :...
Multiple absolute path traversal vulnerabilities in eLineStudio Site Composer (ESC) 2.6 allow remote attackers to create or delete arbitrary directories via a full pathname in the inpCurrFolder parameter to (1) folderdel_.asp or (2) foldernew.asp...
Multiple SQL injection vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to ansFAQ.asp and the (2) template_id parameter to preview.asp....
Multiple cross-site scripting (XSS) vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topic and (2) button parameters to ansFAQ.asp and...
SQL injection vulnerability in category.php in AJSquare AJ Auction Pro web 2.0 allows remote attackers to execute arbitrary SQL commands via the cate_id parameter. Date published : 2008-06-25 http://www.securityfocus.com/bid/29839 https://www.exploit-db.com/exploits/5867
Unspecified vulnerability in the IMAP service in NetWin SurgeMail before 3.9g2 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors related to an "imap command." Date published : 2008-06-25...