Computer Security News

SILC Server and Toolkit silcd.c Symlink Arbitrary File Overwrite

Cybozu Garoon schedule Facility Multiple Variable SQL Injection

Woltlab Burning Board misc.php percent Variable XSS (Myth/Fake)

Apache mod_ssl SSLVerifyClient Per-location Context Restriction Bypass

VBZooM sendmail.php UserID Variable SQL Injection

WowBB Forum attachment.php id Variable SQL Injection

Microsoft Windows INETCOMM.DLL mhtml: URI Overflow

HP ProLiant DL585 Server Integrated Lights-Out Firmware Unspecified Remote Acces

Microsoft IE FTP URL Arbitrary Command Injection

Microsoft IE HTML Rendering Memory Corruption

Hosting Controller editplanopt3.asp Crafted Request DoS

Apple Safari KHTMLParser::popOneBlock Code Execution

QNX RTOS /bin/mkdir Command Line Local Overflow

Fetchmail Multidrop Mode Headerless Message Remote DoS

phpPgAds / phpAdsNew lib-view-direct.inc.php clientid Variable SQL Injection

Wind River WindWeb Integrated Web Server Malformed GET Request DoS

PHPFreeNews SearchResults.php Multiple Variable XSS

Cisco CSS ArrowPoint Cookie Service Identifier Field Internal IP Disclosure

D-Link Routers UPnP M-SEARCH Request Overflow

Links Manager add_url.php Multiple Variable XSS

CaLogic Path Disclosure cl_minical.php Direct Request Path Disclosure

w-Agora update.php3 Unspecified Variable XSS

mplayer Video File Audio Header strf Overflow

MDaemon POP3 Server USER / APOP Command Remote Overflow

Microsoft IE Crafted URL Cross Domain Cookie Disclosure

qmailadmin QMAILADMIN_TEMPLATEDIR Environment Variable Local Overflow

Ay System WCS main.php path[ShowProcessHandle] Variable Remote File Inclusion

Wikepage index.php lng Variable Local File Inclusion

MySQL Eventum custom_fields_graph.php SQL Injection

Mambatstaff for Mambo mambatstaff.php mosConfig_absolute_path Variable Remote Fi

DUclassmate default.asp iState Variable SQL Injection

Forum Russian Board (FRB) reply_in.php Multiple Variable SQL Injection

socialMPN article.php sid Variable SQL Injection

Linux dump flock() /etc/dumpdates Local DoS

UHP for Mambo uhp_config.php mosConfig_absolute_path Variable Remote File Inclus

Contelligent External Browser Unspecified XSS

Microsoft Windows Server Driver (srv.sys) Crafted SMB Packet NULL Dereference Do

BEA Tuxedo Domain Gateway Remote Domain ACL Bypass

Knusperleicht Shoutbox index.php sb_include_path Variable Remote File Inclusion

Multiple Unix Vendor fingerd Symlink Arbitrary Privileged File Access

ViRobot Linux Server addschup Cookie Field Remote Overflow

Mosets Tree Savant2_Filter_colorizeCode.php mosConfig_absolute_path Variable Rem

Barracuda Spam Firewall dig_device.cgi Arbitrary Remote Code Execution

Microsoft Windows XP SP1 Raw IP Empty Datagram DoS

Multiple Unix Vendor passwd Malformed ulimit /etc/passwd Manipulation

nProtect Multiple Product Npos ActiveX Input Validation Failure

Ahnlab V3 Antivirus Archive Decompression Traversal Arbitrary File Write

PHPKit imcenter.php im_receiver Variable SQL Injection

Avi Alkalay contribute.cgi/contribute.pl template Variable Arbitrary File Retrie

Novell NetWare CIFS Unspecified Remote DoS

CubeCart admin/filemanager/preview.php Multiple Variable XSS

Hesk Helpdesk admin.php Crafted PHPSESSID Authentication Bypass

OpenTTD network_client.c Format String

PBLang confirm.php code Variable Traversal Arbitrary File Access

Hiki Configuration File Embedded Ruby Code Execution

Gallery Unspecified Small Security Issue

Polipo Cached Password-Protected Object Disclosure

Mac OS X Safari Remote Web Archive Processing XSS

IPB Riverdark RSS Syndicator rss.php Multiple Variable XSS

Fuji Xerox Printing Systems (FXPS) Print Engine Crafted Request HTTP Authenticat

PHP-Fusion submit.php Multiple Variable XSS

0verkill recv_packet() Function UDP Handling Overflow DoS

tcpdump bgp_update_print() Function Malformed BGP Protocol Data DoS

BandSite CMS disphtmltbl.php root_path Variable Remote File Inclusion

phpSurveyor question.php Path Disclosure

Adobe Acrobat PDF Distillation Overflow

MDaemon IMAP CREATE Command Remote Overflow

bitweaver index.php HTTP CRLF injection vulnerability

Apache htdigest user Variable Overfow

Ji-takz Chat tag.class.php mycfg Variable Remote File Inclusion (Myth/Fake)

Clam AntiVirus FSG File Processing Overflow

Nucleus Multiple Script Remote File Inclusion (Myth/Fake)

Clam AntiVirus CHM File Processing Filename Overflow

CMScout BBCode Tag XSS

Professional Home Page Tools Login Script Multiple Variable XSS

VBZooM show.php SubjectID Variable SQL Injection

eIQnetworks Enterprise Security Analyzer syslogserver.exe Multiple Command Remot

PHPlist admin/domainstats.php Direct Request Path Disclosure

Thomson NETg Web Skill Vantage Manager Login SQL Injection

Dokeos Multiple Unspecified XSS

SSH Tectia Server Private Key Permission Weakness

H-Sphere psoft.hsphere.CP Multiple Variable XSS

Hitachi Multiple Hibun Product View Function Privilege Escalation

Gracenote CDDBControl ActiveX Control Option String Overflow

Dominion SX /bin/busybox Permission Weakness Privilege Escalation

BLOG:CMS index.php id Variable SQL Injection

EasyPHPCalendar header.inc.php serverPath Variable Remote File Inclusion

Hostflow Help Desk Add Ticket Description Field XSS

Diebold Opti-scan Vote Program Manipulation

BXCP index.php where Variable SQL Injection

Unify eWave ServletExec UploadServlet Unprivileged File Upload

Buddy Zone view_sub_forum.php XSS

XML-RPC for PHP (PHPXMLRPC) parseRequest() Function Arbitrary PHP Code Execution

Mico set_answer_invoke() Function DoS

Microsoft Windows Kerberos PKINIT Domain Controller Spoofing

Sun N1 Grid Engine Unspecified Local Overflows

Lantonix Secure Console Server listen_fifo_server Symlink Arbitrary Privileged F

Mac OS X Bluetooth Setup Assistant Passkey Generation Weakness

Clever Copy ticker.php Direct Request Path Disclosure

OpenForum openforum.asp Multiple Variable XSS

FreznoShop product_details.php id Variable SQL Injection

docpile:we lib/document.class.php INIT_PATH Variable Remote File Inclusion

qmailadmin autorespond Multiple Variable Remote Overflow

Chaussette Event_for_month.php _BASE Variable Remote File Inclusion

PortailPHP mod_forum/read_message.php id Variable SQL Injection

hitweb genpage-cgi.php REP_INC Variable Remote File Inclusion

SuSE Linux Kernel Unspecified Stack Fault Exception Local DoS

Mac OS X Server AFP Server Reconnect Key Disclosure

qmail commands.c Signed Index Issue

NetWare Enterprise-Web-Server /com Directory Indexing

PHPOpenChat userpage.php profile Field XSS

gzip Race Condition Arbitrary File Permission Modification

VBZooM login.php UserID Variable XSS

Fetchmail fetchmailconf Race Condition Password Disclosure

Hosting Controller error.asp error Variable XSS

XMB IMG Element SRC Attribute XSS

WoltLab Burning Board board.php boardid Variable SQL Injection

PHPFreeNews AccessControl.php Multiple Field SQL Injection

KnowledgeTree Open Source view.php fDocumentId Variable XSS

HP Radia Notify Daemon RADEXECD Process nvd_exec Function Remote Overflows

Cisco 7920 Wireless IP Phone Persistent Default SNMP Strings

Webfresh Guest Book guest.cgi Name XSS

Novell eDirectory MS-DOS Device Name Request DoS

Content*Builder user_managment/usrPortrait.inc.php lang_path Variable Remote Fil

Microsoft ISA Server NetBIOS Predefined Filter Privilege Escalation

Microsoft IE UTF-8 Encoded HTML Overflow

Microsoft ISA Server Basic Credentials Exposure

mcGallery show.php host Variable Path Disclosure

iPostMX 2005 userlogin.cfm RETURNURL Variable XSS

Bitrix Site Manager dbquery_error.php Path Disclosure

phpBannerExchange resetpw.php email Variable SQL Injection

ATutor subscribe_forum.php us Variable XSS

CMS Faethon data/footer.php mainpath Variable XSS

PHP Poll Creator poll_vote.php relativer_pfad Variable Remote File Inclusion

FreeBSD SMBFS Traversal chroot Bypass

NanoBlogger Unspecified Plugins Arbitrary Command Execution

BtitTracker torrents.php Multiple Variable SQL Injection

Multiple Browser Javascript Dialog Origin Spoofing

Particle Gallery viewalbum.php albumid Variable Traversal Arbitrary File Access

MySQL Non-existent '–user' Error Incorrect Privilege Database Invocat

Whois.Cart language Variable Traversal Arbitrary File Access

Confixx Pro tools_ftp_pwaendern.php account Variable XSS

BisonWare FTP Server Traversal Arbitrary File/Directory Access

IRIX HOSTALIASES Core Dump DoS

Legal Case Management (LCM) System Log File Disclosure

Windows SMB MrxSmbCscIoctlOpenForCopyChunk Function Overflow

Linux Kernel on AMD64 Crafted syscall() Argument Local DoS

Clubpage index.php category Variable SQL Injection

IA eMailServer IMAP4 LIST Command Remote DoS

Ultimate eShop index.cgi subid Variable XSS

Claroline E-Learning exercises_details.php uInfo Variable SQL Injection

thinkWMS printarticle.php id Variable SQL Injection

NPDS Modules.php Lettre Variable XSS

Nucleus PLUGINADMIN.php GLOBALS[DIR_LIBS] Variable Remote File Inclusion

MyBulletinBoard (MyBB) newreply.php tid Variable SQL Injection

Novell Open Enterprise Server Remote Manager (novell-nrm) POST Request Content-L

GNU Mailutils Mail header_get_field_name() Function Remote Overflow

Perlpodder Crafted URL Arbitrary Command Execution

PostNuke RSS Module magpie_slashbox.php rss_url Variable XSS

Cisco VPN Client Dialer Local Privilege Escalation

Exhibit Engine list.php Multiple Variable SQL Injection

Prodder enc_url Crafted URL Arbitrary Command Execution

PostNuke modules.php catid Variable SQL Injection

WordPress User Profile Cache Injection Arbitrary PHP Code Injection

IRIX rpc.mountd Anonymous Access Deny Issue

UBB.threads togglecats.php Cat Variable HTTP Response Splitting

phpPgAdmin index.php formLanguage Variable Local File Inclusion

Cisco Wireless Access Point Local User List Only Configuration Weakness Authenti

paFAQ backup.php Database Disclosure Privilege Escalation

UltimateGoogle index.php REQ Variable XSS

PHP shtool Symlink Arbitrary File Overwrite

Kaillera Server Message Nickname Overflow

Microsoft Word .doc Font Parsing Overflow

MyBulletinBoard (MyBB) Unspecified User Group Manipulation

Blog Torrent newusers User Credential Disclosure

Adobe Reader LoadFile() Method Local File Enumeration

Affix btsrv Crafted Filename Arbitrary Shell Command Injection

THoRCMS for phpBB functions_cms.php phpbb_root_path Variable Remote File Inclusi

Microsoft Windows Color Management Module ICC Profile Format Tag Remote Overflow

Actinic Catalog ca000001.pl hop Variable XSS

phpAdsNew Unspecified Login Authentication Bypass

Microsoft IE FolderItem Object NULL Dereference

Hosting Controller dsp_newreseller.asp Session Generation Privilege Escalation

Cisco IOS OSPF Neighbor Announcement Overflow

Papoo forumthread.php msgid Variable SQL Injection

Oracle E-Business Suite HTTP Authenticated Multiple Input Manipulation Issue

Lazarus Guestbook picture.php img Variable XSS

KDE Kate/KWrite Backup File Insecure Permission Information Disclosure

Pearlinger Multiple Product password.php Multiple Variable Remote File Inclusion

yappa-ng index_overview.inc.php config Variable Remote File Inclusion

StatIt visible_count_inc.php statitpath Variable Remote File Inclusion

Bug Report bug_report.php Multiple Field XSS

WhatsUp Professional NmConsole/ToolResults.asp sHostname Variable XSS

MS Analysis for PHP-Nuke mstrack.php Installation Path Disclosure

ezUserManager ezusermanager_core.inc.php ezUserManager_Path Variable Remote File

Help Center Live chat_download.php fid Variable SQL Injection

Woltlab Burning Board JGS-Portal jgs_portal_beitraggraf.php year Variable SQL In

Yahoo! Messenger YAUTO.DLL ActiveX Component Remote Overflow

Debian CVS cvs-repouids File Mapping Issue DoS

ClamAV Freshclam HTTP Header Remote Overflow

TOPo index.php Multiple Variable XSS

Microsoft Word Unspecified Code Execution

AIX bellmail Race Condition Privilege Escalation

Xitami Server Remote Overflow

Florian Amrhein NewsPortal poll.php Remote File Inclusion

JiRos Statistics System (JSS) admin_login.asp password Field SQL Injection

DGBook index.php Multiple Variable XSS

Yahoo! Messenger URL Handler Remote DoS

Novell Client Login Field Clipboard Content Disclosure

BEA WebLogic Unspecified Remote DoS

Docebo Multiple Script Global Variable Remote File Inclusion

XMB Forum phpinfo.php Information Disclosure

Basic Analysis and Security Engine (BASE) BASE_path Variable Remote File Inclusi

BookReview Malformed File Name Path Disclosure

Realty Pro One search/searchlookup.php propertyid Variable XSS

PostNuke Xanthia Module Multiple Variable SQL Injection

Invision Power Board login.php SQL Injection

Novell eDirectory / iMonitor NDS Server URI Overflow

Xerox WorkCentre MicroServer Web Server SNMP System Config Modfiication

PHP Newsfeed searchnews.php tablename Variable SQL Injection

TRG News display.php Remote File Inclusion

Oracle webcacheadmin Multiple Variable XSS

IRIX /dev/ipfilter Traffic Disruption DoS

paFileDB category.php start Variable XSS

PHP Session Name Unspecified Character Weakness

Ethereal RSVP Dissector Malformed Packet DoS

IRIX dmplay DISPLAY String Local Overflow

NetTerm NetFtpd USER Command Remote Overflow

Advanced Poll /admin/index.php Traversal Arbitrary Local File Inclusion

ImageMagick ReadPNMImage() PNM Image Decoding Overflow

CuteNews show.inc.php Direct Request Path Disclosure

FlatNuke help.php Multiple Variable XSS

BlueShoes Framework websearchengine/Bs_Wse_Profile.class.php APP[path][plugins]

Clavister Firewall ASN.1 Parser IKE Certificate Overflow

Cisco PIX/ASA/FWSM WebSense URL Filter Bypass

X-Cart Gold giftcert.php Multiple Variable SQL Injection

NetPanzer Surface.hpp setFrame() Remote DoS

HP Radia Notify Daemon Malformed File Extension Remote Overflow

WebspotBlogging inc/adminheader.inc.php path Variable Remote File Inclusion

Mac OS X AFP Server Legacy Client Support Overflow

Claroline postnuke.inc.php includePath Variable Remote File Inclusion

CA License Server/Client Multiple Command Remote Overflow

Creative Community Portal PollResults.php Multiple Variable SQL Injection

Telecat BBS Message Post Line Center BASIC Access

PHP Arena paCheckbook index.php Multiple Variable SQL Injection

IRIX inpview Environment Variable Local Privilege Escalation

Cisco IOS Secure Shell Server TACACS+ Username Domain Name DoS

Mac OS X SUID/SGID Scripts Allowed

Web+Shop store.wml storeid Variable Path Disclosure

Full Revolution aspWebAlbum album.asp SQL Injection

Empire Server Format String DoS

IRIX init Page Validation Issue Local DoS

phpBB phpbb-Auction auction_myauctions.php mode Variable Path Disclosure

phpCOIN Search Engine SQL Injection

WebAPP index.cgi Multiple Variable XSS

Postgrey Logging Function Format String DoS

Hosting Controller saveuploadfiles.asp Arbitrary File Upload

Toshiba ACPI BIOS MBR Boot Order Issue (Myth/Fake)

FreeBSD FPU x87 Register Information Disclosure

netMailshar Webmail Service Traversal Arbitrary File Access

PMTool inc/project.inc.php order Variable SQL Injection

xv Multiple Nondescript Decoder Input Validation Issues

Simplog preview.php tid Variable SQL Injection

Novell Nsure Audit webadmin.exe ASN.1 Message Parsing DoS

IRIX nsd NIS Master UDP Port Scan DoS

DUportal type.asp iCat Variable SQL Injection

S9Y Serendipity BBCode Plugin HTML Injection Vulnerability

Linux Kernel mprotect() Function Memory Permission Bypass

Smartor Photo Album for phpBB album_comment.php bsid Variable XSS

SpeedProject Multiple Product ACE Archive Handling Overflow

Uphotogallery uphotogallery.mdb Remote Information Disclosure

IRIX LicenseManager NETLS_LICENSE_FILE Privilege Escalation

MX Kart Category Module id_ctg Parameter SQL Injection

Cisco Unity With Microsoft Exchange Multiple Default Accounts

aWebNews visview.php Multiple Variable XSS

Cfengine RSA Remote Overflow

vBulletin ImpEx Module ImpExData.php systempath Variable Remote File Inclusion

Spymac WebOS network.php tos Variable XSS

Softbiz Image Gallery image_desc.php Multiple Variable SQL Injection

ProductCart techErr.asp error Variable XSS

Phgstats phgstats.inc.php phgdir Variable Remote File Inclusion

SKForum user.View.action userID Variable XSS

WebWasher CSM Conf Script navTo2 Variable XSS

tetris-bsd on Gentoo Linux checkscores() Function Local Overflow

PRADO ViewState Data Nondescript Issue

Golden FTP Server Pro Multiple Command Overflow DoS

FishCart upstnt.php cartid Variable SQL Injection

Microsoft Exchange Collaboration Data Objects Crafted Email Code Execution

Bakbone Netvault nvstatsmngr.exe Local Privilege Escalation

Network Administration Visualized (NAV) Report Interface SQL Injection

Quick.Cart index.php iCategory Variable SQL Injection

IBM WebSphere Application Server URL Unspecified Script Execution

Ce/Ceterm Multiple Local Overflows

PaX VMA Mirroring Privilege Escalation Vulnerability

WMNews wmcomments.php ArtID Variable XSS

Multiple Video Card Memory Clear Issue

unalz Archive Processing Traversal Arbitrary File Write

OpenPGP Cipher Feedback Mode Chosen-Ciphertext Partial Plaintext Retrieval Vulne

PHP SimpleNEWS Cookie Authentication Bypass

Novell Evolution Unspecified Denial of Service Vulnerability

Gemini createissue.aspx rtcDescription$RadEditor1 Variable XSS

Linux Kernel Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities

Drupal menu.module Menu Item Creation Page Restriction Bypass

ApplyYourself i-Class ApplicantDecesion.asp Result Disclosure

Ciamos Highlight.PHP File Disclosure Vulnerability

Novell NetWare NWFTPD MDTM Command Path Name Overflow DoS

OpenSLP Multiple Unspecified Buffer Overflow Vulnerabilities

LibVC (vCard) count_vcards() Function Local Overflow

DirectContact Server Traversal Arbitrary File Access

libFoundation Defaults write Command NSGlobalDomain.plist File Password Disclosu

X.Org / X11 -logfile Parameter Arbitrary File Overwrite

SOGo Arbitrary User Information Disclosure

X.Org / X11 -modulepath Parameter Privileged Code Execution

TuxBank manage_account.php id Variable SQL Injection

Sendmail Signal Handler Race Condition Remote Overflow

Toast Forums toast.asp Multiple Variable XSS

phpBB username Handling SQL Injection

dotNetBB iforget.aspx Email Field XSS

Valdersoft Shopping Cart search_result.php Multiple Parameter SQL Injection

ISS Multiple Product Application Protection Module Local Privilege Escalation

IceWarp Web Mail calendar.html Path Disclosure

PhotoPost PHP Pro showphoto.php photo Parameter SQL Injection

Antigen for Domino Malformed RAR File DoS

Total Commander UNACEV2.DLL ACE Filename Overflow

IRIX netprint PATH Subversion Privilege Escalation

Microsoft Windows HKLM Registry Key Locking DoS

Gallery GallerySession.class 'sessionId' Variable File Deletion

phpBB Attachment Mod mod_mime Arbitrary File Upload

Kwik-Pay Payroll KwikPay.mdb Information Disclosure

Solaris FTP Client Arbitrary Command Execution

PHP Upload Center Multiple Extension Arbitrary File Upload

Hashcash Malformed Reply Address Format String

Lurker Unspecified XSS

NewsScript Access Validation Vulnerability

Owl Intranet Engine lib/OWL_API.php xrms_file_root Variable Remote File Inclusio

PostNuke admin.php module Variable XSS

wpBlog index.php postid Variable SQL Injection

Sybase ASE attrib_valid Function Overflow

Cisco ONS 15000 Series ACK Packet Saturation DoS

Kerio Personal Firewall Network Rules Process Masquerade Local Bypass

Claroline rqmkhtml.php file Variable XSS

FTP Now sites.xml Local Password Disclosure

Pubcookie MS ISAPI Filter Unspecified XSS

DC++ Nondescript Arbitrary File Data Append

WebCalendar /includes/settings.php Direct Request Path Disclosure

Microsoft Windows Font Processing Local Privilege Escalation

Manila msgReader mode Variable XSS

PAJAX pajax_call_dispatcher.php Arbitrary PHP Code Execution

Apple Mac OS X Kernel Multiple Local Privilege Escalation And Denial Of Service

Microsoft IIS Crafted URL Remote DoS

Mercury CMS index.cfm page Variable SQL Injection

AlstraSoft EPay Enterprise products.htm Unspecified XSS

Pegasus Mail RFC2822 Message Display Overflow

SiteSage Search Module norelay_highlight_words Variable XSS

SimpBook Guestbook Message Body XSS

ProjectApp search_employees.asp keywords Variable XSS

FatWire UpdateEngine Multiple Variable XSS

LiveJournal cleanhtml.pl XML xsl namespace XSS

Text-e Search Module XSS

BSD ftpd Site EXEC Race Condition

Rockliffe MailSite HTTP Management Agent WCONSOLE.DLL Crafted Parameter DoS

Jax Calendar jax_calendar.php cal_id Variable SQL Injection

phpBB datenbank Module mod.php id Variable XSS

vBulletin Avatar URL Field XSS

Cisco IOS MMP Stack Group Bidding Protocol Crafted UDP Packet Remote DoS

Widget Imprint create.php product_id Variable SQL Injection

active121 Site Manager risultati_ricerca.php cerca Variable XSS

vTiger CRM Account Name XSS

Complete PHP Counter list.php SQL Injection

Softbiz Web Host Directory review.php sbres_id Variable SQL Injection

CheesyBlog archive.php Multiple Field XSS

phpMyAdmin register_globals Emulation $import_blacklist Variable Overwrite

Phpclanwebsite index.php par Variable SQL Injection

SaralBlog search.php SQL Injection

BEA WebLogic WSRP Crafted Request Restriction Bypass

IRIX XFS File System Malformed File DoS

HelpDeskPoint index.php page Variable SQL Injection

phpBB url bbcode in MSIE Arbitrary Script Insertion

phpBB HTML Tags in MSIE Arbitrary Script Insertion

Oracle9i XDB HTTP Long Username/Password Overflow

pinentry on Gentoo Linux Installation Permission Weakness

ADN Forum verpag.php pagid Variable SQL Injection

phpBB gen_rand_string() Predictable RNG Weakness

PHP-Fusion shoutbox_panel.php shout_name XSS

My Little Forum search.php search Field SQL Injection

Adventia Chat Server Pro main_frame.asp XSS

Verity KeyView Viewer SDK tarrdr.dll TAR Extraction Overflow

MyBulletinBoard (MyBB) moderation.php posts Variable SQL Injection

Microsoft IE Drag and Drop Arbitrary File Installation

Clever Copy Private Message Subject Field XSS

Mantis view_all_set.php Multiple Variable XSS

tmsPUBLISHER pagename.cfm Malformed id Variable Path Disclosure

Skate Board reguser.php Multiple Field XSS

Kyocera FS-3830N Port 9100 Unauthenticated Command Execution

Trillian RTF Character Remote DoS

NJStar Word Processor Font Name Processing Overflow

ilchClan login.php login_name Variable SQL Injection

WinACE ARJ Header Block Overflow

NOCC Mail Attachment Predictable Temp File Name Arbitrary Command Execution

Easy Forum join.php Image URL Field XSS

VPMi Enterprise Service_Requests.asp UpdateID0 Variable SQL Injection

Mambo mambo.php Multiple Variable SQL Injection

phpBB Rlink Module rlink.php url Variable XSS

UBB.threads showflat.php Number Variable SQL Injection

Outblaze throw.main file Variable XSS

SPIP Administrative Area Multiple Unspecified SQL Injection

Loudblog backend_settings.php GLOBALS[path] Variable Remote File Inclusion

PluggedOut Blog exec.php entryid Variable SQL Injection

Tradesoft CMS Unspecified SQL Injection

PY Software Active Webcam Webserver Multiple Vulnerabilities

m-phorum index.php go Variable Remote File Inclusion

MySQL AB MySQL Multiple Remote Vulnerabilities

PeerCast procConnectArgs() Function URL Handling Remote Overflow

PHP-Nuke Your_Account Module ublock Variable XSS

Xerox WorkCentre Multiple Page Fax Information Disclosure Vulnerability

PEAR HTML_QuickForm_Controller URL Session ID Disclosure

EXIF Library EXIF Tag Parsing Unspecified Memory Corruption Vulnerability

manas tungare Site Membership login.asp Username Variable SQL Injection

phpBB topic type SQL Injection

Linux Kernel sysctl Interface Unregistration Local DoS

PHPKIT include.php Session ID SQL Injection

NetBSD P_SUGID Flag ptrace() Check Bypass

Heimdal Kerberos kf / kfd Multiple Buffer Overflows

FreeBSD pkg_add Temp Directory Permission Weakness

AlstraSoft Template Seller Pro payment_paypal.php config[basepath] Variable Remo

phpMyAdmin /libraries/display_create_database.lib.php Direct Request Path Disclo

Unclassified NewsBoard Description Field XSS

Multiple Vendor Fragmented TCP/IP Packet DoS (Rose)

PHlyMail Multiple Unspecified Script Injection

Google Search Appliance proxystylesheet XSLT Java Code Execution

Microsoft IIS Upgrade ism.dll Local Privilege Escalation

Softbiz Web Host Directory Search Engine SQL Injection

Driverse ptrace Trusted Process Attachment

OTRS index.pl Multiple Variable XSS

SupportPRO SupportDesk Ticket Multiple Field XSS

Survey Wizard survey.php sid Variable SQL Injection

Helpdesk Issue Manager find.php Multiple Variable SQL Injection

CommodityRentals usersession user_id SQL Injection

phpBB GPC Variable Set register_globals Bypass

Direct News Search Module SQL Injection

Flyspray index.php Multiple Variable XSS

VenomBoard post.php3 Multiple Variable SQL Injection

Apple QuickTime Embedded Pascal Style String Overflow

PhpGedView help_text_vars.php Remote File Inclusion

Subdreamer Multiple Script Cookie Content SQL Injection

Interspire TrackPoint NX index.php username Variable XSS

Ethereal SCSI Dissector Null Pointer Dereference DoS

PHP Toolkit for PayPal ipn_success.txt Log Local Information Disclosure

Apache worker.c MPM Memory Exhaustion DoS

CubeCart index.php Multiple Variable XSS

F-Secure Anti-Virus Internet Gatekeeper/Linux Gateway license_suid.cgi Local Pri

PHP-Nuke Search Module query Variable SQL Injection

Accelerated Mortgage Manager password Field SQL Injection

PerlCal cal_make.pl p0 Variable XSS

HydroBB calendar.php s Variable XSS

Hitachi NetInsight II Port Discovery Service Malformed Format Data DoS

BSD in.talkd+antiflash DNS Hostfield Arbitrary Command Execution

Scout Portal Toolkit SPT–Advanced.php Multiple Field XSS

Ideal BB.NET forums.aspx catID Variable XSS

Multiple BSD Kernel iBCS2 Memory Disclosure

DUware DUportal Pro password.asp result Variable XSS

VCD-db Search Module batch Variable XSS

ECTOOLS Onlineshop cart.cgi Multiple Variable XSS

Limbo CMS index2.php option Variable Traversal Arbitrary File Access

Avirt Gateway/Gateway Suite/SOHO HTTP Proxy Overflow

Magnolia Search Feature search.html query Variable XSS

Imoel CMS setting.php SQL Authentication Credential Cleartext Disclosure (Myth/F

BSD Broadcast Address Filter Bypass

Nuked-Klan Forum Module Multiple Variable SQL Injection

FreeBSD Kernel Arbitrary Memory Disclosure

Mac OS X Application Memory Debugging MallocLogFile Variable Insecure File Creat

Debian mason postinst Firewall Startup Failure

Microsoft Windows UMPNPMGR wsprintfW Local overflow

Microsoft Windows XP Wireless Zero Configuration Credential/Key Disclosure

Utopia News Pro news.php newsid Variable SQL Injection

Solaris Process File System (procfs) File Name Disclosure

HP-UX on Itanium Unspecified Local DoS

Solaris File System Privilege Management Unspecified Local DoS

Xerver Single Dot File Request Source Disclosure

Xerver Crafted Request Forced Directory Listing

Linksys WRT54G ezconfig.asp Encryption Weakness Authentication Issue

RSA Authentication Agent for Web IISWebAgentIF.dll Redirect Overflow

ZipGenius ZIP Archive Filename Overflow

Linux Kernel IPv6 udp_v6_get_port() Function Local DoS

Cerberus Helpdesk clients.php Multiple Variable XSS

PHP-Fusion messages.php msg_send Variable SQL Injection

Sun Java System Directory Server LDAP Bind Password Expiration Bypass

Microsoft Windows 2000 runas.exe Named Pipe Spoofing Information Disclosure (Myt

ATutor body_header.inc.php section Variable Local File Inclusion

Techno Dreams Multiple Product login.asp userid Variable SQL Injection

PowerDVD Local Overflow

AbiWord RTF Document Importer Overflow

OpenBSD Accept/Deny Rule Parsing Weakness

Trillian Malformed PNG Image Processing DoS

Microsoft Windows SeDebugPrivilege NtSystemDebugControl Function Privilege Escal

Lotus Domino Unspecified XSS

Avi Alkalay contribute.cgi/contribute.pl contribdir Variable Arbitrary File Over

Joomla! mosDBTable Class Multiple SQL Injection

AbiWord RTF Importer ie_imp_RTF.cpp Multiple Overflows

IBM DB2 Content Manager LZH Processing INSO DoS

phpBB Avatar Gallery Unspecified Injection