Kmita FAQ v1.0 suffers from XSS and SQL injection.
2ed382af22747187e2bc4a01d9a4d50ab541a5e7df12508a0290e7836a5974b6
List of XSS vulnerabilities received between 06/02/06 and 06/11/06. Affected software includes: LabWiki 1.0, LarkinWEB Database Development, Web Site Design Marketing and Advertising System, ASPScriptz Guest Book 2.0 , ParticleSoft Whois v1.0.3, ParticleSoft Wiki v1.0.2, GANTTy v1.0.3, MyBB 1.1.2 New XSS, PBLGuestbook v1.31, ViArt Shop v2.5.5 Free (and possibly Light, Standard, and Enterprise), E-Dating System, vSCAL and vREAL v1.0, Easy Ad-Manager, Ez Ringtone Manager, tikiwiki 1.9.x, Skoom i.List 1.5, OkMall v1.0, QuickLinks v1.1, OKArticles v1.0, iFoto v0.20-06/06/06, phazizGuestbook v2.0, Ticket Booking Script, MobeSpace v2.0, TinyMuw v1.0, Contensis CMS, Daum Search, DaNaWa Search, DreamWiz Search.
cd45e886db0ce8f2d8f10b943fbd01fb80010605ee0312433c715b6e559b2fb5
CyBoards PHP Lite v1.25 suffer from a remote file inclusion vulnerability in common.php.
0fe09917a9c45cf4609535bbf8ae8a3585db5aa41507fa136fef6cd1d0b72632
Rumble versions less than or equal to 1.02 suffer from remote file inclusion vulnerabilities.
adc09835166b2790a33e543d3428464afa6bca1d808689f4560650fd33d2b39c
Bookmark4U versions less than or equal to 2.0.0 suffer from remote file inclusion vulnerabilities.
43d1a34453da76d6ff601b4bf382feccd0e9bb9cf73117f5180ab829e99c836b
Shoutcast servers may be susceptible to XSS in the DJ columns.
0a05b14edacdee274332cf8a1a3f528643b9343a07daad70e1a3b258691baa7f
PHP-Nuke versions less than or equal to 7.9 suffer from XSS in the Search parameter.
2c42dbc929e90f1c4de919b2eb6ff7030e3ba73407eb06c3deb08e9e14905ede
NPDS versions less than or equal to 5.10 suffer from local file inclusion, XSS, and full path disclosure.
f5c2f13f51312cd6f689ff2eca9c2db69dd0eb161a876c590e0dc7e67657d814
gallery 2.4.0 suffers from a remote file disclosure vulnerability.
c657bd9378dc6bd3199c13287d6a1dc9cde66ac1668c32892977cef0d954162a
cms-bandits 2.5 is vulnerable to remote command execution in td.php and img.php is register_globals is on.
f504f3d9d1e87ecfafdd00eedb1543f9fb6f153a8277d1e7d73b395d99a21c00
exploit for D-Link DWL-2100ap which discloses the configuration file to remote users.
9964f14447ea2955f5b7016a84c062307bcc7b43558f3ff7cb4b7aeea4f671f5
Ubuntu Security Notice 296-1: firefox vulnerabilities
7c85824bfc927a854f0679f53bdc745957a2505744cb3b59284a1b459fb83e63
Ubuntu Security Notice 295-1: xine-lib vulnerability
7c1684cb185bbadbd6b2359e88def99133e57e6943ae650d1443890c2ab81a1c
Ubuntu Security Notice 294-1: A Denial of Service vulnerability has been found in the function for encoding email addresses. Addresses containing a '=' before the '@' character caused the Courier to hang in an endless loop, rendering the service unusable.
b163d6f1e7bfc9bba0b1f9d39587dc15ae5725d70e52a24a80f1298772e4cb10
Ubuntu Security Notice 288-3: dovecot, exim4, postfix vulnerabilities
c0933d1e6fb5bfec7a05e74c0f122f2bf0f4832d39a9df462fd91f59a7572d8b
Ubuntu Security Notice 292-1: binutils vulnerability
995de38713f125ea5ef7a7e6a3e064ee1807fdc2e41f09e717c945bdf66e3234
Ubuntu Security Notice 293-1: gdm vulnerability
cad320542e07fa47de5068042e315c66d4119dcd99460af9b9f04efa07f95ca4
Ubuntu Security Notice 288-2: postgresql-8.1 vulnerabilities
d80fb77fd1e6683bb3672c990269996083cab515ae26015b31dbfbf62c1d2d79
Ubuntu Security Notice 290-1: awstats vulnerability
0b16ec7a321d92c7122f186fb9af92b41fc1084eabb08f33784a0140f5581687
Ubuntu Security Notice 289-1: Vixie Cron allows local users to execute programs as root.
2e3840733d761cf9c13b2870c13725ed512e23de38227de1b1205f06594b3943
Gentoo Linux Security Advisory GLSA 200606-06 - Hendrik Weimer has found that if updating the statistics via the web frontend is enabled, it is possible to inject arbitrary code via a pipe character in the migrate parameter. Additionally, r0t has discovered that AWStats fails to properly sanitize user-supplied input in awstats.pl. Versions less than 6.5-r1 are affected.
35264d7d738b7da61068c44d722acd57c7d2aad51654b7ca925e209325e3f430
Gentoo Linux Security Advisory GLSA 200606-05 - Pound fails to handle HTTP requests with conflicting Content-Length and Transfer-Encoding headers correctly. Versions less than 2.0.5 are affected.
5dbd63349a8ca96cd41a909f3118084600194afd8b22971833302744e35f43be
Gentoo Linux Security Advisory GLSA 200606-04 - Some integer overflows exist when adding elements to the smartlists. Non-printable characters received from the network are not properly sanitised before being logged. There are additional unspecified bugs in the directory server and in the internal circuits. Versions less than 0.1.1.20 are affected.
4e211d366e681804f9b347e7ea28d1cb0de143d267771abce2116ed4aad624c1
Gentoo Linux Security Advisory GLSA 200606-03 - KaDaL-X discovered a format string error within the handling of filenames. Hans de Goede also discovered several other format string errors in the processing of dia files. Versions less than 0.95.1 are affected.
821f09e16f2dc122d7af34a5ab23d481e5a1b865b46b6a111955a5b3419f6d59
Gentoo Linux Security Advisory GLSA 200606-02 - When the mailbox is created in useradd, the open() function does not receive the three arguments it expects while O_CREAT is present, which leads to random permissions on the created file, before fchmod() is executed. Versions less than 4.0.15-r2 are affected.
84b65865c520e4c5777aa32bba2167b8d7bb31330c75f8f4c4221a641ef54b81