The MKPortal Horoscop module suffers from a cross site scripting vulnerability.
5cd99b2b28c90012d2621fce1bc0d12c673e3eed4cf702644ac3592edd5f809fMonth Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
08ee43cbc95c598ee383529242b6261189ff5b0ff455b68a97bde61b467737a1Software from HostFriendz.com suffers from a remote SQL injection vulnerability.
3b2094ccb61611208696bd23284f3bccbec8f621821c9bb28508a7739e661935Month Of PHP Security - PHP’s iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
645c4430db4a9b9297b0921897e599d7efa4b474715e9e39c3c5c3413aff47a3Lizzard Active Media suffers from multiple remote SQL injection vulnerabilities.
60547b8115aaac6da072ca02e708470c806e2c9c0d8e4e1341e12f2cbc507893Month Of PHP Security - PHP’s iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
d18872107c1dda39b76981664dc3403c8e50ea470b81d3b0498d2a2b02444189Month Of PHP Security - An SQL Injection vulnerability was discovered in the user settings dialog of e107 that allows any user to become an admin easily. Versions 0.7.20 and below are affected.
7764fa816c681b9e1f35443ed5a5834ca32d0cf19952369802e37f00f1158457The Scientific Atlanta DPC2100 Cable Modem suffers from cross site request forgery and insufficient authentication vulnerabilities.
526edd304fca1c5a00df908a6e6c705539bd6f5e7a759e2196082becea2fc227Month Of PHP Security - A local file inclusion vulnerability was discovered in CMSQlite that might allow remote PHP code execution. Versions 1.2 and below are affected.
c42ae5c025360afcc5198f641ee48d83cab08933bf20481af75643e96227a51dMonth Of PHP Security - An SQL Injection vulnerability was discovered in CMSQlite that allows to retrieve all data from the database. Versions 1.2 and below are affected.
d891d11b3e1bf5820eb5f73a06da57a12a760c688e8c28e1aca1ae8888a888a2Month Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_wrapper_open_url() function. PHP versions 5.3 through 5.3.2 are affected.
88778104d5539c71d1331b422cb8c82ae5e1b58fcc633a019260fff969c2644aMonth Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_parse_url() function. PHP versions 5.3 through 5.3.2 are affected.
9e0eb74b07d6b55063f896a9f5ca562cc45dd241ff70b6b37c470608c91cdd9eBlox CMS suffers from a remote SQL injection vulnerability.
1b80a6e52b3e7f266a66bc052674383c4ba453329bcc050e14be74db88ac63a0Alsco CMS suffers from a remote SQL injection vulnerability.
1435af17613108e15ef5dc5d7ef1a29a2dc4627a8550b89a97d03932f6267056Interuse Website Builder and Design suffers from a remote SQL injection vulnerability.
1af43735e7a7a26e9b684c99d88446157f69b2e9c4a12d7322a308e24a21aa89Month Of PHP Security - The new phar extension in PHP 5.3 contains a format string vulnerability in the internal phar_wrapper_unlink() function. PHP versions 5.3 through 5.3.2 are affected.
4ce334e3edd4d8288ec7000354d42d816187ad32fe0257ee77eae10b958c8e2bMonth Of PHP Security - The new phar extension in PHP 5.3 contains a format string vulnerability in the internal phar_wrapper_open_dir() function. PHP versions 5.3 through 5.3.2 are affected.
40ed10c69fea27f50c0b22defe9f5214b675b8adcb883408542445dcc2f36c68Apache Axis2 version 1.4.1 suffers from a local file inclusion vulnerability.
2756e6a4e4489d2121d9c1c9d50481e7a1fe2dec94ce93563e0aa5d871c342baProWeb Design suffers from a remote SQL injection vulnerability.
8fcc33f84b4c043d9bc61330ac716f6306378262bbd91e5396b874c4ce542d2aFjallfoss.fcc.gov suffers from a cross site scripting vulnerability.
ef3adb7700e8f4148387056801c9893244d5e797b064d87944c5117a8002a192PHP Graphy versions 0.9.7 and below suffer from a remote command execution vulnerability.
0c526d75b4b344b3218dd50792f88d9c61aabc7e6081e8b4c7cf04b15e0eecfdWebasyst Shop-Script remote blind SQL injection exploit.
6b20fc98f92de3a50d948c478a077d6667130ffdffa08aa6ed71906688f75177TeleData CMS version 0.9 suffers from a local file inclusion vulnerability.
aa7e9a52d553029aeb05bb7ce807b8676fc8f10c753dee1fa9e4a0aa75921d27Remote SQL injection exploit for the Joomla QPersonel component.
dceddd255668c59bbc51136a29397f5d9cf1c2a5dd31e5d989de22486db01418Schaf CMS version 1.0 suffers from a remote SQL injection vulnerability.
0f6947b4f876fabfc19b04650e78ff235908a2c2ce7f028dadf5f9c697d15ba8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed