MaxWebPortal is vulnerable to a cross site scripting and SQL injection attack.
65e80d42d444a31c5162f9b48e912083c9be6b065c1960615740e01a0c6baed8
PHPNuke versions greater than 6.9 are susceptible to SQL injection attacks that allow a remote attacker to get an administrator's hash to achieve to administrator access.
196be36424aa5fc3b4254f4bdc25f86db3c950d389530996b6ecc6b6df1a2e7e
The XBOX EvolutionX dashboard has buffer overflows in both the ftp cd and telnet dir commands.
6b4e49c31d53ebb03dac4396f78fe4b77535ff08bb9fdf19d236495f5e1c05d8
Brinkster, the web hosting company, is susceptible to multiple attacks allowing remote attacker to retrieve other user's ASP source code, access to database files, and bypass of code controls.
20321697a1b31690cb24599aed57a01f74205775e8fa4851f50d9b0cbf5200ec
A LoadLibrary / LoadLibraryEx weakness makes SSL on Internet Explorer very vulnerable to a DLL proxy attack. If exploited, unencrypted data can be intercepted before Internet Explorer uses the SSL module to encrypt the data.
603b345a2df31ce2b2a3c2928ac1cc29651e2a412f6171ef68b66484970e4e16
The Red-M RedAlert wireless 802.11b/Bluetooth probe version 2.75 has multiple security issues. Any unauthenticated user can reboot the appliance through the webserver. The administrator's access is bound by IP address, allowing anyone coming in via NAT from a shared network the same levels of control. The device also filters out specific characters in SSIDs representing them all as a single space character.
71f2e6720e463278dc0da49ea24319c0a4bc4ce61c86960afea7ce164e6958ce
eTrust Virus Protection 6.0 InoculateIT for Linux is vulnerable to various symlink attacks and also creates multiple world writeable files and directories that can lead to system compromise.
8b163eb967dcd0f8561591434297e9b857a280d9af0cc48874c8eca5debb3f11
Nokia 6310i cellular phones (and possibly others like it) could be subject of a denial of service attack when invalid OBEX messages are sent to the phones' protocol handler. This attack results in the phone resetting, terminating any current operations. No device pairing is required therefore anyone in range of the phone could initiate an attack.
9cfbea225d202aee5698f1855d4076fa4a3b72eedbf0d7613f683cf859f02257
Eggdrop IRC robots versions 1.6.x to 1.6.15 have a programming flaw that allow remote attackers to turn on share status, allowing for complete compromise.
0b1577d795dcba10443573e756575770ca4c02d6416e16106f8850386aa500c3
PHP-Nuke versions 6.x through 7.1.0 are susceptible to SQL injection attacks.
4962278b44fd6ae11b16d0e252e35a512ae43148f98b8d43daa77867c0f0b293
A cross site scripting vulnerability exists in PHP-Nuke 7.1.0.
20ab7b5e841d9d4fb0e967215db2605948f0ef833bf39f0559bbbf06b316eec7
Palace chat software versions 3.5 and below are susceptible to a stack overflow client-side when accessing hyperlinks.
6b59705371a6f396bf8cd5763612bbfe1c4172c46ed1a2384433e4941833b2fb
DotNetNuke versions 1.0.6 to 1.0.10d are susceptible to file disclosure and cross site scripting attacks.
53e05d2df3888af46549f045b457473e3f5a8930124b0e49bf694ced25fafb8e
If configured with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to use real basic authentication to forge a client certificate.
451c67a07615fb41c04236b83880095a572fd4760c9b81fc36692baed757e5a0
S-Quadra Advisory #2004-02-06 - A backdoor exists in CactuSoft CactuShop 5.0 Lite shopping cart software that allows a remote attacker to delete any file on the target system.
264371449a786722a768f921a478dfb456e426a3e7b10e8ae5eea3fc8f03d804
A cross site scripting flaw exists in formmail.php.
d49f56633d701471196ff37392bfceff436e67bd19935a0a27674c25c4999346
CERT Advisory TA04-036A - Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. This allows the attacker to take control of the firewall, and in some cases, to also control the server it runs on.
185ba52ee2244db8227bfa7c35e8337b0f6af6a360d2b7dd4c77a80b22414736
FreeBSD Security Advisory FreeBSD-SA-04:02.shmat - A programming error in the shmat(2) system call can result in a shared memory segment's reference count being erroneously incremented. It may be possible to cause a shared memory segment to reference unallocated kernel memory, but remain valid. This could allow a local attacker to gain read or write access to a portion of kernel memory, resulting in sensitive information disclosure, bypass of access control mechanisms, or privilege escalation.
f7980b18cb45849dee668cc1f8462772ff11b36dfae7efe38bc3e239fcbc054c
Xlight FTP server version 1.52 is susceptible to a denial of service attack.
511b209bcb63756b0f54e17bbd6805e98022cf7a5b59c6d33db5ead77bd28491
iDEFENSE Security Advisory 02.04.04: Remote exploitation of a denial of service condition within GNU Radius can allow an attacker to crash the service. The problem specifically exists within the rad_print_request() routine defined in lib/logger.c.
27e5d61d8aa96ef31e1857babed89baabfb9f8676fbbbaca5f84f097f8158e8a
IBM cloudscape SQL Database (DB2J) version 5.1 on Windows with jdk 1.4.2 is vulnerable to remote command injection, denial of service attacks, and information leakage via specially crafted SQL statements.
c978f42930b6ec8b774c8919d065e66eb3f5f2a2502016807c1aba06dba01d78
NGSSoftware Insight Security Research Advisory #NISR04022004a - By crafting malformed .RP, .RT, .RAM, .RPM or .SMIL file, it is possible to cause heap and stack based overruns in RealPlayer / RealOne Player.
08c196447e2192d2c612710832b2422a990dbc5bd70ac8d47941a572f399a72a
A cross site scripting vulnerability exists in the rxgoogle.cgi utility. Patch included.
022463e79ee629b878bc318a032bd03483c447129593257ae5eb4f3b28807b11
Pine Digital Security Advisory PINE-CERT-20040201 - The shmat(2) function has a flaw that allows local users to achieve escalated privileges. Vulnerable systems: FreeBSD versions 2.2.0 and greater, NetBSD versions 1.3 and greater, and OpenBSD versions 2.6 and greater.
a574248c2ca40bfc4b92b9ac9a645d17d7ca2b2477dbce0dd28b3dd3e9b6ce84
TYPSoft FTP Server 1.10 for Windows 9X and WinNT is vulnerable to a denial of service attack when a blank username is supplied.
6742b201cd2b6ef95b013bdd107bdd1bd745427ac9b35928d0acd2abe70ad198