WordPress version 2.2 arbitrary file upload exploit that makes use of wp-app.php.
e3615ba509c5134cf8c8ab046f0939498ecebfe904efdf37d2c908beacd8ee87
EVA-Web versions 1.1 through 2.2 suffer from a remote file inclusion vulnerability in index.php3.
15b51c2ca20967dfed1be0d23d5e9378dde61d5d32bfe061a3caa442b6c2038a
phpSiteBackup version 0.1 suffers from a remote file inclusion vulnerability in pcltar.lib.php.
c15f8ed1a607da3a1ac5c714f34eec526bd4bc367a375d3cf0beaedc231ea9d6
eDocStore suffers from a remote SQL injection vulnerability in doc.php.
e3be96d036a42982f6fb79111cf74e992a897d3c5b2112c827677d91a90d247e
Pagetool version 1.07 suffers from a remote SQL injection vulnerability.
bbb74469dd2079489b3d3d016b1faca6605a3d83a5383f894f11e57a120f6391
Mambo and Joomla appear to suffer from multiple remote file inclusion vulnerabilities. Versions unavailable.
1f7e53adfcfbceb41bf299873bfc1fb6da23836fc81df035b7f99be016a520e3
In Internet Explorer, using the mhtml: protocol handler and using Outlook Express's feature, arbitrary resources (such as HTML, image, application file and so on) can opened as MHTML formatted file and Content-Type: is disregarded.
379ef6bb17aaa05e0d8acff0481a2b322c0bc4e0908f5922391b81fb379775d0
Mandriva Linux Security Advisory - xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
92555421d2dc923d15c2bfb45f542e1a5fd7a2573294255b84ddd68b9c72ac36
Ubuntu Security Notice 475-1 - Philip Van Hoof discovered that the IMAP client in Evolution did not correctly verify the SEQUENCE value. A malicious or spoofed server could exploit this to execute arbitrary code with user privileges.
ff622ba311e9c8544b1c98b631427e0bd81209035858f95156eb83039afc0983
NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
493166dd08a51d3f9649ed02ad91d119b7c4e9944155acc66331ce161a4bb5da
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
dd76f20083aca758c71ce8b7d9f0a4c0042b9720d508e48339bf0949fad5300c
DreamLog version 0.5 suffers from an arbitrary file upload vulnerability in upload.php.
59f5b3042a39dbe1f084314049b2796d10598b7bdc8adeb05628e3abef7e9d9b
SiteDepth CMS version 3.44 suffers from a classic local file inclusion vulnerability in ShowImage.php.
e935915db163e0614b51e2261d97467ae97d3dfb9dd295401fec57822ed52acf
6ALBlog suffers from a remote SQL injection vulnerability.
2750d55d835b076c3b979b3ec2c742a997dc51c949292c8e0d90e0bd356ab8e4
BugMall Shopping Cart version 2.5 suffers from SQL injection and cross site scripting vulnerabilities.
46720fdcc675f6e7a4bc33504ba326fa6c45ade1f50aedacb27ec5225130d046
b1gbb version 2.24.0 suffers from a remote file inclusion vulnerability in footer.inc.php.
e2a5e4bddbf4ba8b7fb8fb88a180dd73265cc81a590f679384809d32e04a0f66
phpTrafficA versions 1.4.2 and below suffer from a remote SQL injection vulnerability.
2666f54dcc788fc35d7123ef1bca7eeb611ff9987b9a09b4be0a09d8fe8a9eee
e107 versions 0.7.8 and below suffer from an arbitrary file upload vulnerability where it lacks validation of a files contents when uploaded, allowing for php code to be uploaded as an image, etc.
aa50d2197930982bc4bc6a785f17fb6c9451ead90d85aa3a6e6c19c2d2944af6
Simple Invoices 2007 05 25 remote SQL injection exploit that makes use of index.php.
789cdabb10ed368c6e0c0898ce6c41d7c02e5b41e543d26be07ed34759552d40
DAGGER Web Engine versions 23Jan2007 and below suffer from a remote file inclusion vulnerability.
91201b7980a985b3e40666b929305296f37dd0b22c62fb5036860ce9d5caac77
Pluxml version 0.3.1 remote code execution exploit.
314a2e05ffd4f6f727a1201243521b1913ade489d0e3a04ab29ba9b2d6be0f20
Pharmacy System versions 2 and below suffer from SQL injection vulnerabilities.
3da0c7f24a703b1dd8d929b44cdc2f46e4aa8400891cba6b01bcb105ed4d397f
Mandriva Linux Security Advisory - A vulnerability in emacs was discovered where it would crash when processing certain types of images.
56ffd3a8cab07cec48cfa5ba3327016834016fdfe902668450969fd28fd8978f
iDefense Security Advisory 06.21.07 - Remote exploitation of multiple heap overflow vulnerabilities in Ingres Database Server as distributed with Computer Associates International Inc.'s (CA) products may allow attackers to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in Ingres Database 3.0.3 as included with CA eTrust Secure Content Manager r8 on Windows. Previous versions may also be affected. In addition, any application that uses the Ingres Database may be vulnerable.
c10bd4cb55b515efc4bd6e42189843ba075f17c16299ac85c8c83f750e412b3b
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
e5a43e5efcf385223415c39c4906d17907472c19caa56ce18bd8cf25081ce70b