admin.php in Maran PHP Shop allows remote attackers to bypass authentication and gain administrative access by setting the user cookie to "demo." Date published : 2009-02-26 http://www.securityfocus.com/bid/32048 https://www.exploit-db.com/exploits/6954
Multiple cross-site scripting (XSS) vulnerabilities in Camera Life 2.6.2b8 allow remote attackers to inject arbitrary web script or HTML via the q parameter to (1) search.php and (2) rss.php; the query string after the...
admin/Index.php in Acc Statistics 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie cookie to "admin." Date published : 2009-02-26 http://www.securityfocus.com/bid/32078 https://www.exploit-db.com/exploits/6965
admin/Index.php in Acc Real Estate 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the username_cookie to "admin." Date published : 2009-02-26 http://www.securityfocus.com/bid/32078 https://www.exploit-db.com/exploits/6964
Acc Autos 4.0 allows remote attackers to bypass authentication and gain administrative access by setting the (1) username_cookie to "admin," (2) right_cookie to "1," and (3) id_cookie to "1." Date published : 2009-02-26 http://www.securityfocus.com/bid/32083...
Acc PHP eMail 1.1 allows remote attackers to bypass authentication and gain administrative access by setting the NEWSLETTERLOGIN cookie to "admin". Date published : 2009-02-26 http://www.securityfocus.com/bid/32074 https://www.exploit-db.com/exploits/6966
Directory traversal vulnerability in includefile.php in nicLOR Sito, when register_globals is enabled or magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the page_file parameter....
SQL injection vulnerability in cityview.php in Tours Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the cityid parameter. Date published : 2009-02-26 http://www.securityfocus.com/bid/32110 https://www.exploit-db.com/exploits/6988
Multiple stack-based buffer overflows in the mt_codec::getHdrHead function in kernel/kls_hdr/fmt_codec_hdr.cpp in ksquirrel-libs 0.8.0 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE image (aka .hdr file). Date published : 2009-02-26 http://www.securityfocus.com/bid/33902...
The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST...
The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent...
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a...
Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote...
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a...