SiteXS CMS version 0.1.1 suffers from a shell upload vulnerability.
105a07a8aa2e97bcbafdf4ca31e2a008d1681297169b663bece5fbdf8ea98ea5
Core Security Technologies Advisory - NASA's Common Data Format library suffers from a buffer overflow vulnerability. CDF versions 3.2 and earlier are vulnerable.
6403648bcce3ca7a5c2552a8a172062ded855abbee671444f823f2bf228073af
Debian Security Advisory 1569-1 - It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitizing, leading to cross site scripting and SQL injection being possible.
a15748a6e26762a361015640d77f7b3ebb8ef1199a358015d04400e2751b1fda
Debian Security Advisory 1568-1 - "unsticky" discovered that b2evolution, a blog engine, performs insufficient input sanitising, allowing for cross site scripting.
f16973aabdcb84332fbeffe07a79319aa97a3799e59c821b1452ccca4d4236ad
Debian Security Advisory 1567-1 - Stefan Cornelius discovered a vulnerability in the Radiance High Dynamic Range (HDR) image parser in Blender, a 3D modelling application. The weakness could enable a stack-based buffer overflow and the execution of arbitrary code if a maliciously-crafted HDR file is opened, or if a directory containing such a file is browsed via Blender's image-open dialog.
88d67ffe8418948cf8985be3683757bd03808ceb116ff2c99f3c99dea588bcb6
Kmita Tellfriend versions 2.0 and below suffer from a remote file inclusion vulnerability.
b593191ace1e38f5d9348aff7bb27138b6e99074999eb8655b75e8690b91cefe
Kmita Mail versions 3.0 and below suffer from a remote file inclusion vulnerability.
2ef654a576212eaaac30b87e4abccef2cbb8b40104726a0d88f386683f82832d
Anserv Auction XL suffers from a blind SQL injection vulnerability in viewfaqs.php.
7745b6a0a49f0c5a9688dd98abe5507e3d949b5bcb6203e2618d626384ad108e
BackLinkSpider suffers from a blind SQL injection vulnerability.
4a466641389753b7d69370f20e8213a59320586920b668eca88a4ed6caaa405c
Online Rental Property Script versions 4.5 and below suffer from a blind SQL injection vulnerability.
83acf048236d5039ca1616c08009ce10d8a3a1eef63f6395a3566ba798f2385f
The PostNuke pnEncyclopedia module versions 0.2.0 and below suffer from a blind SQL injection vulnerability.
2a7466ee851d3046fd7e06190bb2bd2604790fcdece2328e5efbc50400cff8a9
HLDS WebMod version 0.48 remote heap overflow exploit.
1360cf671c9f0aefe7fa2726b7e536fbb3682f9afbc66d9dc07ad89f19dfbf59
Demonstration exploits for WebMod versions 0.48 and below which suffer from directory traversal, buffer overflow, and disclosure vulnerabilities.
32eeb63919dc83ba3a5036d375fc2e31dc1f3a281f96368e1960fc89450cbe78
WebMod versions 0.48 and below suffer from directory traversal, buffer overflow, and disclosure vulnerabilities.
cc646d98d39f93a526f50bac2601be29de62e51f6365d5eda280c76e0e5d3333
Ubuntu Security Notice 606-1 - Thomas Pollet discovered that CUPS did not properly validate the size of PNG images. A local attacker, and a remote attacker if printer sharing is enabled, could send a crafted file and cause a denial of service or possibly execute arbitrary code as the non-root user in Ubuntu 6.06 LTS and 7.04. In Ubuntu 7.10, attackers would be isolated by the AppArmor CUPS profile.
943cff4492da095711066d8ceb681f020d2a0775d234f26c9974d7c9228b0a0b
cpLinks version 1.03 suffers from login bypass, SQL injection, and cross site scripting vulnerabilities.
990a12e0d29c5fdede1da8ddc59d3421f0cac4612124a717f86b12c45e8c404b
BlogMe PHP suffers from a remote SQL injection vulnerability in comments.php.
074421453f8fc5bdae0337a36bb4fdd3c31b62c34fc5820da248236257158867
Lifetype version 1.2.8 suffers from cross site scripting vulnerabilities.
09dd5022cb147233306fa5de2f38ebb14f013e8bd1b21a2f239abe93dccc6398
Maian Uploader version 4.0 suffers from cross site scripting vulnerabilities.
d05c36fee7c55d5d25765ae3d445466a3a140644115bdab651469e26f9c9c22f
Maian Music version 1.1 suffers from cross site scripting and SQL injection vulnerabilities.
898a47141c1066f884c07d6d1767b7d36002b7a386de213a10bce451b6d03c62
Maian Links version 3.1 suffers from cross site scripting vulnerabilities.
cdf0d3f70cbdb6b439dff3efce2d531478ebd435cfbc9b7201998751f64892d1
Maian Guestbook version 3.2 suffers from cross site scripting vulnerabilities.
a4f7227742bab1754a46c21923b76ab21161303d28053284db5b2288dd520841
Maian Greeting version 1.2 suffers from cross site scripting and SQL injection vulnerabilities.
328b048c87ec8f0d5e87ffbbe2ba24d46f71b5790af51d2c5081f552354d8b0d
Maian Gallery version 2.0 suffers from cross site scripting vulnerabilities.
8dd43c9331bacf12ed92c6124e9175ce662cd14704c8a55bc70957e7475c1682
Maian Weblog version 4.0 suffers from cross site scripting vulnerabilities.
34fe979871a1c38843e46b8ec359525f5f95e5c8da6c718ca40c6e5d77aeb374