[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 249579 Download | Alert*

SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to execute arbitrary SQL commands via the categoryids[] parameter in an update_pages action.

SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the by parameter in the msearch action.

PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_dir parameter.

SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the ItemID parameter.

Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file.

Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the Page parameter to (1) _main/index.php, (2) _members/index.php, (3) _forum/index.php, (4) _docs/index.php, and (5) _announcements/index.php.

Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password, and other unspecified requests.

The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 through 7.02, and Server Core (SERVERCORE) 7.10 through 7.30 allows remote authenticated users to bypass a security check and conduct SMB relay attacks via unspecified vectors.

Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote attackers to execute arbitrary code via a long line in a .WAV file.

H264WebCam 3.7 allows remote attackers to cause a denial of service (crash) via a long URI in a GET request, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.


Pages:      Start    11392    11393    11394    11395    11396    11397    11398    11399    11400    11401    11402    11403    11404    11405    ..   24957

© SecPod Technologies