Xerox WorkCentre versions 5665, 5675, and 5687 suffers from backdoor and authentication vulnerabilities.
c92ff24436f953cf17dc018b9002568c
LetoDMS versions 1.7.2 and below suffer from cross site request forgery and local file inclusion vulnerabilities.
4ea74d7fa9611a6a57792630447e477e
SEC-CONSULT Security Advisory 20051125-0 - vTiger versions 4.2 and below have been found susceptible to SQL injection, cross site scripting, code execution, directory traversal, and arbitrary file upload flaws.
96d3cb698b8ebc4810a5d40fe39f7827
SEC-CONSULT Security Advisory 20051025-0 - The Snoop PHP web client is susceptible to a remote command execution vulnerability when a specially crafted URL is supplied. Versions 1.2 and earlier are affected.
907f0220f39742e9598e02d67bfe5f84
PHP version 4.3.9 is vulnerable to meta character attacks. The bug could enable an attacker to read arbitrary files from the filesystem of a webserver that hosts PHP scripts. In addition PHP versions 4.3.6 until 4.3.9 as well as PHP versions 5.0.0 until 5.0.2 contain a bug that enables an attacker to manipulate the file name of uploaded files to perform directory traversal.
74b268a99f4a6aaefbb8d9e621614730
Multiple Vulnerabilities have been found in the open source customer relationship management software SugarSales. These vulnerabilities include full path disclosure, file inclusion, remote command execution, and SQL injection attacks. Versions up to 2.0.1c are susceptible.
6a238c167b455bb722100e71b4d42187
The KDE program Konquerer allows for browsing SMB shares comfortably through the GUI. By placing a shortcut to an SMB share on KDE's desktop, an attacker can disclose his victim's password in plaintext.
8508f86470ecc4ddc611025de042ceb9
The firmware of Motorola's wireless WR850G router has a flaw that enables an attacker to log into the router's web interface without knowing username or password and the ability to gain knowledge of the router's username and password after logging in.
712aa3955a9b39ddb0a41c94a1f45939
PHP offers the function escapeshellarg() to escape arguments to shell commands in a way that makes it impossible for an attacker to execute additional commands. However due to a bug in the function, this does not work with the windows version of PHP. Versions 4.3.6 and below are susceptible.
4c2259467e77e624482ad84e2fe1c526
SEC-CONSULT Security Advisory - Linbit Linbox is vulnerable to authentication circumvention on its administration portal, password disclosure for all existing users, and using the obtained passwords, any account can be logged into via SSH.
7492df126274009cc647dd21fc84d3ed