Vulnerability Index: Year 2006

Microsoft Publisher Font Parsing Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution via Crafted TNEF MIME Attachment in Microsoft Outlook and Exchange Unspecified Remote Code Execution Vulnerability in RDS.Dataspace ActiveX Control PowerPoint 2000 and Internet Explorer Interaction Vulnerability Buffer Overflow Vulnerability in Windows Media Player Plug-in Heap-based Buffer Overflow in Microsoft Windows Media Player Bitmap Processing Routine GIFIMP32.FLT Buffer Overflow Vulnerability Privilege Escalation via ShellAbout API Call in Korean IME Buffer Overflow Vulnerability in Microsoft Office: Exploiting Routing Slip Length Field Heap-based Buffer Overflow in T2EMBED.DLL Allows Remote Code Execution Windows Shell Remote Code Execution Vulnerability Buffer Overflow in Microsoft Windows Web Client Service Buffer Overflow Vulnerability in Microsoft Outlook Express 5.5 and 6 via Crafted WAB File Arbitrary Code Execution and Account Creation via Cross-Site Scripting (XSS) in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services Heap-based Buffer Overflow in encodeURI and decodeURI Functions in KDE JavaScript Interpreter Engine WMF Image Parsing Memory Corruption Vulnerability IGMP v3 DoS Vulnerability in Microsoft Windows XP and Server 2003 Memory Corruption Vulnerability in Microsoft PowerPoint Permissive Windows Services DACLs Vulnerability Arbitrary Code Execution Vulnerabilities in Adobe Flash Player 8.0.22.0 and Earlier Remote Code Execution Vulnerability in Microsoft Windows Media Player 9 and 10 via Large Chunk Size PNG Image Arbitrary Code Execution Vulnerability in Microsoft Internet Information Services (IIS) 5.0, 5.1, and 6.0 via Crafted ASP Pages Remote Code Execution Vulnerability in Microsoft Exchange via Crafted vCal or iCal Calendar Properties Arbitrary Code Execution Vulnerability in Microsoft Excel 2000, 2002, and 2003 Arbitrary Code Execution Vulnerability in Microsoft Excel 2000, 2002, and 2003 Arbitrary Code Execution via Malformed Graphic in Microsoft Excel Microsoft Excel Stack-based Buffer Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerability in Microsoft Windows Indexing Service Memory Corruption Vulnerability in Microsoft Office Products via Crafted PNG Image MSDTC Invalid Memory Access Vulnerability Denial of Service Vulnerability in Linux Kernel's netlink_rcv_skb Function Denial of Service Vulnerability in Linux Kernel's PPTP NAT Helper Denial of Service Vulnerability in Linux Kernel's PPTP NAT Helper Buffer overflow vulnerability in netfilter allows local users to cause a buffer overflow in copy_from_user function Race condition vulnerability in netfilter allows local users to read kernel memory Denial of Service Vulnerability in GNOME Evolution 2.4.2.1 and Earlier Denial of Service Vulnerability in Apache2::Request (Libapreq2) Buffer Overflow in realpath function in nfs-server rpc.mountd Arbitrary Command Execution Vulnerability in Albatross Web Application Toolkit Insecure Program Invocation in Crawl Before 4.0.0 Allows Local Privilege Escalation Denial of Service Vulnerability in squid_redirect Script Denial of Service Vulnerability in Freeciv 2.0 Denial of Service Vulnerability in Francesco Stablum tcpick 0.2.1 Improper Verification of Non-Detached Signatures in GnuPG before 1.4.2.2 Local Privilege Escalation via Symlink Attack in Debian 3.0's snmptrapfmt Buffer Overflow in Kaffeine Player's playlistimport.cpp Allows Arbitrary Code Execution Denial of Service Vulnerability in Mailman 2.1.5 and Earlier Denial of Service Vulnerability in Imager (libimager-perl) before 0.50 Uninitialized Pointer Access Vulnerability in ipfw Firewall in FreeBSD 6.0-RELEASE Arbitrary File Overwrite Vulnerability in ee on FreeBSD Double Free Vulnerability in PAM-MySQL Authentication and Authentication Token Alteration Code Bypassing Kill Bit Settings for ActiveX Controls in Microsoft Internet Explorer 5.01, 5.5, and 6 Signal Handler Race Condition Vulnerability in Sendmail 8.13.x Heap-based Buffer Overflow in LiveData ICCP Server Allows Remote Code Execution Vulnerability: Unauthorized Access to X Session via xlockmore and libpam-opensc Potential Xlock Bypass Vulnerability in xlockmore 5.13 phpBB 2.0.19 XSS Vulnerability with Active Attributes and Permitted HTML Tags CubeCart PHP Remote File Include Vulnerability in orderSuccess.inc.php Arbitrary SQL Command Execution in VEGO Web Forum 1.26 and Earlier SQL Injection Vulnerability in PHPjournaler 1.0 via readold Parameter in index.php SQL Injection Vulnerability in VEGO Links Builder 2.00 and Earlier: Remote Code Execution via username Parameter in login.php SQL Injection Vulnerability in Primo Cart 1.0 and Earlier: Remote Code Execution Arbitrary Web Script Injection in Chipmunk Guestbook 1.4 and Earlier Cross-Site Scripting (XSS) Vulnerability in Drupal Setgid Vulnerability in Pinentry on Gentoo Linux Buffer Overflow in termsh on SCO OpenServer 5.0.7 via Long -o Command Line Argument Unsanitized URL Input Allows Cross-Site Scripting (XSS) in DiscusWare Discus Freeware 3.10.5 and Professional 3.10.4 SQL Injection Vulnerability in profile.php in PHPenpals Allows Remote Attackers to Execute Arbitrary SQL Commands via personalID Parameter PHPBook 1.3.2 and Earlier: Remote Code Execution via Email Field Injection Remote File Inclusion Vulnerability in oaBoard 1.0 forum.php Allows Arbitrary Code Execution Buffer Overflow Vulnerability in File::ExtAttr's getfattr Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in B-net Software 1.0 SQL Injection Vulnerability in ScozNet ScozBook BETA 1.1: Remote Code Execution via Username Field Arbitrary Script Injection via Event Title in vBulletin Calendar and Reminder Denial of Service Vulnerability in Intel Graphics Accelerator Driver 6.14.10.4308 Format String Vulnerability in ImageMagick and GraphicsMagick SetImageInfo Function Format String Vulnerability in SMS Server Tools (smstools) 1.14.8 and Earlier Cross-Site Scripting Vulnerability in raSMP 2.0.0 and Earlier via User-Agent Header SQL Injection Vulnerability in Nkads 1.0 Alfa 3: Remote Code Execution Arbitrary Code Injection Vulnerability in Next Generation Image Gallery 0.0.1 Lite Edition SQL Injection Vulnerability in Lizard Cart CMS 1.04: Remote Code Execution via id Parameter SQL Injection Vulnerability in inTouch 0.5.1 Alpha: Remote Code Execution via user Parameter Buffer Overflow in ESRI ArcPad 7.0.0.156: Remote Code Execution via Long String Attribute in COORDSYS Tag IDV Directory Viewer 2005.1 and Earlier - Directory Traversal Vulnerability Arbitrary Web Script Injection via Inline HTML in Open-Xchange Webmail Arbitrary Web Script Injection Vulnerability in @Card ME PHP index.php PHP Remote File Include Vulnerability in oaBoard 1.0 forum.php Memory Disclosure Vulnerability in dm-crypt Allows for Cryptographic Key Exposure Vulnerability: Unprivileged SDLA Firmware Upgrade in Linux Kernel Stack-based Buffer Overflow in create_named_pipe function in PHP 4.3.10 and 4.4.x for Windows Arbitrary File Re-Opening Vulnerability in OpenBSD's dupfdopen Function Remote Code Execution in Valdersoft Shopping Cart 3.0 via PHP Remote File Include Vulnerability Buffer Overflow in NicoFTP 3.0.1.19 and Earlier: Arbitrary Code Execution via Name of Site Field Cross-Site Scripting (XSS) Vulnerabilities in sBLOG 0.7.1 Beta 20051202 and Earlier Arbitrary Web Script Injection in TinyPHPForum (TPF) 3.6 and Earlier Insufficient Access Control in TinyPHPForum 3.6 and Earlier Allows User Enumeration and Information Disclosure Directory Traversal Vulnerability in TinyPHPForum 3.6 and Earlier Allows Unauthorized Account Creation and Information Disclosure Denial of Service Vulnerability in PostgreSQL 8.0.x and 8.1.x on Windows Arbitrary Code Execution Vulnerability in Wine's GDI Driver for WMF Files SQL Injection Vulnerability in Timecan CMS (viewID Parameter) SQL Injection Vulnerability in mcl_login.asp in Timecan CMS Arbitrary Web Script Injection Vulnerability in Modular Merchant Shopping Cart's category.php Arbitrary Web Script Injection via Email Parameter in Foro Domus 2.10 Cross-Site Scripting Vulnerability in Boxcar Media Shopping Cart's index.php Arbitrary Script Injection Vulnerability in Enhanced Simple PHP Gallery 1.7 Path Disclosure Vulnerability in Enhanced Simple PHP Gallery 1.7 Predictable Sequential IDs in Joomla! vCard Functions Allow for Email Address Harvesting Multiple SQL Injection Vulnerabilities in OnePlug CMS Cross-Site Scripting Vulnerability in iNETstore Ebusiness Software 2.0 Buffer Overflow in IBM Lotus Notes and Domino Server Allows for Denial of Service via CD to MIME Conversion Denial of Service Vulnerability in IBM Lotus Notes and Domino Server Unspecified Vulnerabilities in IBM Lotus Notes and Domino Server with Unknown Impact and Attack Vectors Multiple Denial of Service Vulnerabilities in IBM Lotus Notes and Domino Server Multiple Memory Leaks in IBM Lotus Notes and Domino Server before 6.5.5 Aquifer CMS Public/Index.asp Keyword Parameter Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in ADN Forum 1.0b Arbitrary Web Script Injection via Topic Name Field in ADN Forum 1.0b Arbitrary File Inclusion Vulnerability in AppServ 2.4.5 Privilege Escalation Vulnerability in rxvt-unicode Directory Traversal Vulnerability in Rockliffe MailSite IMAP Service Buffer Overflow Vulnerability in Rockliffe MailSite IMAP Service Username Enumeration Vulnerability in Rockliffe MailSite 7.0.3.1 and Earlier Unlimited Authentication Attempts Vulnerability in Rockliffe MailSite Information Disclosure Vulnerability in BoastMachine 3.1 Arbitrary Local File Inclusion Vulnerability in SysCP WebFTP 1.2.6 Multiple Directory Traversal Vulnerabilities in AIX 5.3 ML03 Arbitrary Web Script Injection in TheWebForum (twf) 1.2.1 via register.php SQL Injection Vulnerability in Login.php of TheWebForum (TWF) 1.2.1 Cross-Site Scripting (XSS) Vulnerabilities in Chimera Web Portal System 0.2 Guestbook Module SQL Injection Vulnerability in Chimera Web Portal System 0.2: Remote Code Execution via id Parameter in linkcategory.php Denial of Service Vulnerability in aMSN Remote Code Execution Vulnerability in PD9 Software MegaBBS 2.1 NavBoard V16 and V17beta2 post.php Cross-site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Qualcomm Eudora Internet Mail Server (EIMS) Andromeda 1.9.3.4 XSS Vulnerability in andromeda.php Memory Corruption Vulnerability in Microsoft Windows Graphics Rendering Engine (GRE) Arbitrary Code Execution via Proxy Server in PHP PEAR 0.2.2 Kernel Memory Read Vulnerability in kernfs_xread Function Arbitrary SQL Command Execution in ADOdb for PHP Arbitrary PHP Function Execution Vulnerability in ADOdb for PHP Denial of Service Vulnerability in NetSarang Xlpd 2.1 Arbitrary Web Script Injection Vulnerability in SimpBook 1.0 Arbitrary Code Execution via Format String Vulnerabilities in Apache auth_ldap Privilege Escalation via Unsanitized PYTHONINSPECT Environment Variable in sudo 1.6.8 and Other Versions Cross-Site Scripting (XSS) Vulnerability in phpChamber 1.2 and Earlier Authentication Bypass Vulnerability in 427BB 2.2 and 2.2.1 SQL Injection Vulnerability in showthread.php in 427BB 2.2 and 2.2.1 Arbitrary JavaScript Injection via URL BBCode Tag in 427BB 2.2 and 2.2.1 Arbitrary Javascript Injection via bbcode url tags in Foxrum 4.0.4f Remote Password Change Vulnerability in Reamday Enterprises Magic News Plus 1.0.3 SQL Injection Vulnerability in CyberDoc SiteSuite CMS index.php SQL Injection Vulnerability in Foro Domus 2.10's escribir.php Allows Remote Code Execution SQL Injection Vulnerability in Venom Board 1.22: Remote Code Execution via add_post.php3 Unspecified Vulnerability in uucp in Sun Solaris 8 and 9 Heap-based Buffer Overflow in Clam Antivirus (ClamAV) Allows Remote Code Execution via Crafted UPX Files SQL Injection Vulnerability in PHPNuke EV 7.7 -R1 Search Module Arbitrary File Inclusion and Remote Code Execution in phgstats before 0.5.1 Arbitrary Javascript Injection in Plain Black WebGUI DataForm Entries Hidden File Vulnerability in Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 SQL Injection Vulnerability in MyPhPim 01.05: Remote Code Execution via cal_id and password fields Arbitrary Web Script Injection Vulnerability in MyPhPim 01.05 Arbitrary PHP Code Execution in MyPhPim 01.05 via Unrestricted File Upload PHP Remote File Include Vulnerability in OrjinWeb E-commerce index.php Arbitrary Script Injection in Hummingbird Collaboration File Manager Utility File Misrepresentation Vulnerability in Hummingbird Collaboration 5.21 and Earlier Information Disclosure in Hummingbird Collaboration 5.21 and earlier Web Wiz Forums 6.34 search_form.asp XSS Vulnerability Buffer overflow vulnerability in certain functions in xmame before 11 January 2006 Buffer Overflow Vulnerabilities in Cray UNICOS 9.0.2.2: Privilege Escalation via /usr/bin/script and /etc/nu Format String Vulnerability in UNICOS 9.0.2.2 FTP Client Cisco IP Phone 7940 Denial of Service Vulnerability CaLogic Calendars 1.2.2 Title Field Cross-Site Scripting (XSS) Vulnerability Undocumented Administrative Account with Default Password in Cisco CS-MARS Authentication Bypass in ACal Calendar Project 2.2.5 Direct static code injection vulnerability in edit.php in ACal Calendar Project 2.2.5 Multiple SQL Injection Vulnerabilities in AspTopSites Cross-Site Scripting Vulnerabilities in Php-Nuke Pool and News Modules Arbitrary Code Execution via User-Controlled Visual Studio Project File Arbitrary Web Page Injection in SquirrelMail 1.4.0 to 1.4.5 Buffer Overflow in eStara Softphone 3.0.1.14-3.0.1.46: Remote Code Execution via Long SDP Attribute Field Unspecified Privilege Escalation Vulnerability in Sun Solaris 9 and 10 for x86 Platform Denial of Service Vulnerability in Sun Solaris 10 via Unspecified Vectors Involving the find Command on /proc Filesystem SQL Injection Vulnerability in ASPSurvey 1.10 Login_Validate.asp Arbitrary Web Script Injection in Positive Software H-Sphere Hosting Control Panel Arbitrary Web Script Injection in FogBugz pgLogon Page Cross-Site Scripting (XSS) Vulnerability in SquirrelMail 1.4.0 to 1.4.5 Buffer overflow vulnerability in Serial line sniffer (slsnif) 0.4.4 allows local privilege escalation via long HOME environment variable Inconsistent Sizes in XClientMessageEvent Struct: Potential Denial of Service and Exploitation XOOPS Module XSS Vulnerability: Arbitrary Script Injection via Comment SQL Injection Vulnerability in Mini-Nuke CMS System 1.8.2 and Earlier: Remote Code Execution via news.asp Format String Vulnerability in mysqli Extension in PHP 5.1.0 and 5.1.1 Remote Code Execution Vulnerability in PayPal Web Services (PHP Toolkit) 0.50 World-readable and world-writable permissions in PayPal Web Services (PHP Toolkit) 0.50 and earlier Insecure Password Change Functionality in Mini-Nuke CMS System 1.8.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Wordcircle 2.17 Multiple SQL Injection Vulnerabilities in Wordcircle 2.17 Eval Injection Vulnerability in Light Weight Calendar (LWC) 1.0 (20040909) and Earlier HTTP Response Splitting Vulnerabilities in PHP 5.1.1: Remote Header Injection via Set-Cookie Header PHP Cross-Site Scripting (XSS) Vulnerabilities in Versions 4.4.1 and 5.1.1 SQL Injection Vulnerability in TankLogger 2.4: Remote Code Execution Interspire TrackPoint NX Login Page XSS Vulnerability Arbitrary Web Script Injection Vulnerability in Helm Hosting Control Panel Directory Traversal Vulnerability in Toshiba Bluetooth Stack 4.00.23(T) and Earlier Plaintext Storage of Authentication Credentials in Kolab Server 2.0.1 and Earlier Remote Code Execution via Eval Injection in ezDatabase 2.0 and Earlier Arbitrary Web Script Injection in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 via admin.php Sensitive Information Disclosure in QualityEBiz Quality PPC (QPPC) 1.0 build 1644 via admin.php Cross-Site Scripting (XSS) Vulnerabilities in Ultimate Auction 3.67 Multiple Unspecified Vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 Vulnerability in MyBulletinBoard (MyBB) 1.0.2 Update: SQL Injection and Threadmode Exploits Multiple Cross-Site Scripting (XSS) Vulnerabilities in DCP-Portal 5.3 through 6.1.1 SQL Injection Vulnerability in Admin Panel of Dragon Design Services Network (DDSN) CM3 Content Manager (CM3CMS) Arbitrary Code Injection through tempid Parameter in AlstraSoft Template Seller Pro Arbitrary File Creation/Overwrite Vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 Buffer Overflow Vulnerability in LibAST 0.6.1 and Earlier Arbitrary Command Execution Vulnerability in OpenSSH 4.2p1 Arbitrary Code Execution via Integer Overflow in FreeBSD IEEE 802.11 Network Subsystem Unspecified Vulnerabilities in lpsched in Sun Solaris 8, 9, and 10 Improper Handling of RBAC Admin Role Authentication in grsecurity Unquoted Windows Search Path Vulnerability in Wehntrust Remote Code Execution Vulnerability in Symantec Scan Engine 5.0.0.24 and Earlier Versions DSA Key Reuse Vulnerability in Symantec Scan Engine 5.0.0.24 and Earlier Versions Sensitive Log and Virus Definition Files Exposure in Symantec Scan Engine 5.0.0.24 and Earlier Versions Arbitrary Script Injection Vulnerability in microBlog 2.0 RC-10 SQL Injection Vulnerability in microBlog 2.0 RC-10: Remote Code Execution via index.php SQL Injection Vulnerability in WhiteAlbum 2.5: Remote Code Execution via pictures.php Thunderbird Attachment Filename Truncation Vulnerability Cross-Site Scripting (XSS) Vulnerability in GTP iCommerce index.php SQL Injection Vulnerability in GaMerZ WP-Stats 2.0: Remote Code Execution via author Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Simple Blog 2.1 Multiple SQL Injection Vulnerabilities in Simple Blog 2.1 Cross-Site Scripting Vulnerability in WBNews 1.1.0 and Earlier Arbitrary Web Script Injection Vulnerability in PHP Fusebox 4.0.6 Cross-Site Scripting (XSS) Vulnerability in SMBCMS 2.1 Directory Traversal Vulnerability in phpXplorer 0.9.33 Allows Remote File Inclusion Multiple Cross-Site Scripting (XSS) Vulnerabilities in CubeCart 3.0.7-pl1 Arbitrary Web Script Injection Vulnerability in Widexl Download Tracker 1.06 Arbitrary Web Script Injection in Netbula Anyboard 9.9 and Earlier Information Disclosure Vulnerability in Virata-EmWeb Web Server 6_1_0 SQL Injection Vulnerability in BitDamaged geoBlog MOD_1.0's viewcat.php Allows Remote Code Execution and Credential Theft Arbitrary Code Execution via Format String Vulnerability in CMU SNMP Utilities Arbitrary Web Script Injection in Faq-O-Matic 2.711 SQL Injection Vulnerability in Benders Calendar 1.0 Buffer Overflow in Bluetooth OBEX Object Push Service in AmbiCom Blue Neighbors 2.50 Build 2500 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Apache Geronimo 1.0 Unquoted Windows Search Path Vulnerability in Check Point VPN-1 SecureClient Unspecified Vulnerability in Oracle Database Server Advanced Queuing Component Unspecified SQL Injection Vulnerability in Oracle Database Server's Change Data Capture Component Unspecified Vulnerability in Oracle Database Connection Manager Component (Oracle Vuln# DB03) Unspecified Vulnerabilities in Oracle Database Server 10.1.0.5 with Multiple Attack Vectors and Impact Unspecified Vulnerabilities in Oracle Database Server Components Unspecified Vulnerabilities in Oracle Database Server with Potential Data Exposure Unspecified vulnerability in Oracle Database server versions 8.1.7.4 to 10.1.0.4 (Oracle Vuln# DB08) Unspecified vulnerabilities in Oracle Database server versions 8.1.7.4 to 10.2.0.1 Unspecified Vulnerabilities in Oracle Database Server Components Unspecified Vulnerability in Oracle Database Query Optimizer Component (Oracle Vuln# DB19) Unspecified Vulnerability in Oracle Database Query Optimizer Component (Oracle Vuln# DB20) Unspecified Vulnerability in Oracle Database Server (Oracle Vuln# DB21) Unspecified SQL Injection Vulnerability in Oracle Database Server Streams Capture Component Unspecified Vulnerability in Oracle Database Server TDE Wallet Component Unspecified SQL Injection Vulnerability in Oracle Database Server Upgrade & Downgrade Component Unspecified Buffer Overflow Vulnerability in Oracle Database XML Database Component Unspecified Vulnerability in Oracle Application Server Portal Component (Oracle Vuln# AS01) Unspecified Vulnerability in Oracle Reports Developer Component of Oracle Application Server (Oracle Vuln# REP03) Directory Traversal Vulnerability in Oracle Reports Developer Component of Oracle Application Server 9.0.4.2 Unspecified Vulnerabilities in Oracle Collaboration Suite Release 2, Version 9.0.4.2 Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 4.3 with Unspecified Impact and Attack Vectors in Oracle iLearning Component Unspecified Vulnerability in Oracle PeopleSoft Enterprise Portal 8.4 Bundle 15, 8.8 Bundle 10, and 8.9 Bundle 2 Unspecified Vulnerability in Oracle JD Edwards HTML Server 8.95.F1 SP23_L1 Unspecified vulnerability in Oracle Database Server, Application Server, and Collaboration Suite with unspecified impact and attack vectors (Oracle Vuln# DBC01) Unspecified vulnerability in Oracle Database Server, Application Server, and Collaboration Suite with unspecified impact and attack vectors Unspecified Vulnerabilities in Oracle Forms Component of Oracle Application Server and E-Business Suite Unspecified vulnerability in Java Net component of Oracle Database Server and Application Server Unspecified vulnerability in Oracle HTTP Server component (Oracle Vuln# OHS01) Unspecified vulnerability in Oracle HTTP Server component of Oracle Database Server and Application Server (Oracle Vuln# OHS02) Unspecified Vulnerabilities in Oracle Reports Developer Component Unspecified Directory Traversal Vulnerabilities in Oracle Application Server and E-Business Suite Unspecified vulnerability in Oracle Workflow Cartridge component (Oracle Vuln# WF01) Unspecified vulnerabilities in Oracle Workflow Cartridge component Dereferencing Vulnerability in Mozilla and Firefox JavaScript Interpreter Memory Corruption and Arbitrary Code Execution Vulnerability in Firefox 1.5 Arbitrary Code Execution via Style Manipulation in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution via QueryInterface Method in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary JavaScript Execution via XULDocument.persist Vulnerability Multiple Integer Overflows in Mozilla Firefox, Thunderbird, and SeaMonkey XML Parser Out-of-Bounds Read Vulnerability in Mozilla Firefox and SeaMonkey Cross-Domain Information Exchange Vulnerability in E4X Implementation Buffer Overflow in Tar 1.14 through 1.15.90 via PAX Extended Headers Heap-based Buffer Overflow in xpdf and Related Products ZyXel P2000W VoIP 802.11b Wireless Phone Firmware WV.00.02 Information Disclosure Vulnerability Unspecified Vulnerabilities in Joomla! 1.0.5 and Earlier Components Buffer Overflow Vulnerability in Dual DHCP DNS Server 1.0 Remote Unauthorized Access via Debug Service on Clipcomm CPW-100E and CP-100E VoIP Wireless Phones Denial of Service Vulnerability in CA BrightStor Mobile Backup and ARCserve Backup Unspecified Network Messages Denial of Service Vulnerability in CA BrightStor Mobile Backup, BrightStor ARCserve Backup, Unicenter Remote Control, CA Desktop Protection Suite, CA Server Protection Suite, and CA Business Protection Suite PHP Remote File Inclusion Vulnerability in htmltonuke.php in htmltonuke 2.0 Alpha Denial of Service Vulnerability in Linksys BEFVP41 VPN Router 2.0 Cross-site scripting (XSS) vulnerability in aoblogger 2.3 via javascript URI injection in BBcode url tag SQL Injection Vulnerability in aoblogger 2.3 Login.php Allows Remote Attackers to Execute Arbitrary SQL Commands Authentication Bypass Vulnerability in aoblogger 2.3 Multiple SQL Injection Vulnerabilities in PDFdirectory 1.0 Plaintext Storage of Sensitive Data in PDFdirectory before 1.0 Directory Traversal and Cross-Site Scripting (XSS) Vulnerability in EZDatabase before 2.1.2 Arbitrary Code Execution Vulnerability in AOL You've Got Pictures (YGP) Picture Finder Tool ActiveX Control Cross-Site Scripting (XSS) Vulnerability in RedKernel Referrer Tracker 1.1.0-3 SQL Injection Vulnerability in BlogPHP 1.0 Allows Remote Code Execution and Authentication Bypass Arbitrary File Creation Vulnerability in Farmers WIFE 4.4 SP1 FTP Server SQL Injection Vulnerability in Bit 5 Blog 8.01: Bypass Authentication and Execute Arbitrary SQL Commands Denial of Service Vulnerability in fetchmail 6.3.0 and earlier versions Denial of Service Vulnerability in MediaWiki 1.4.x and 1.5.x Buffer Overflow Vulnerability in RealNetworks Products SQL Injection Vulnerability in WebspotBlogging 3.0: Remote Code Execution and Authentication Bypass Arbitrary Command Execution Vulnerability in Etomite Content Management System 0.6 Information Disclosure Vulnerability in TYPO3 3.7.1 via Direct Request Format String Vulnerability in Tftpd32 2.81: Remote Denial of Service via Filename Format Specifiers Remote SQL Injection Vulnerability in HITSENSER Data Mart Server Arbitrary Web Script Injection in Gallery 1.5.2 and Earlier Buffer Overflow Vulnerability in Change Passwd 3.1 (chpasswd) SquirrelMail Plugin Arbitrary File Upload Vulnerability in Pantomime Ecartis 1.0.0 Snapshot 20050909 Ar-Blog 5.2 Cross-Site Scripting (XSS) Vulnerability in index.php Cross-Site Scripting (XSS) Vulnerability in My Amazon Store Manager 1.0's search.php Unspecified Denial of Service Vulnerabilities in Kerio WinRoute Firewall Denial of Service Vulnerability in Kerio WinRoute Firewall Buffer Overflow Vulnerability in F-Secure Anti-Virus Products File Hiding Vulnerability in F-Secure Anti-Virus Products Remote Code Execution Vulnerability in BitComet Client 0.60 via Long Publisher URI in Torrent File Denial of Service Vulnerability in Cisco IOS SGBP Support Arbitrary Web Script Injection Vulnerability in Rockliffe MailSite Denial of Service Vulnerability in RockLiffe MailSite HTTP Mail Management Agent Unspecified vulnerability in Hitachi JP1/NetInsight II Port Discovery feature allows service disruption via invalid format data Directory Traversal Vulnerability in Intervations FileCOPA FTP Server 1.01 SQL Injection Vulnerabilities in SaralBlog 1.0 via search.php SaralBlog 1.0 XSS Vulnerability in Comment Function Directory Traversal Vulnerability in ELOG before 2.6.1 Format string vulnerability in write_logfile function in ELOG 2.6.1 and earlier allows remote attackers to cause denial of service (server crash) SQL Injection Vulnerability in Eggblog 2.0: Remote Code Execution via id Parameter Cross-Site Scripting (XSS) Vulnerability in Eggblog 2.0 Critical Unspecified Denial-of-Service Vulnerability in MyDNS before 1.1.0 Insufficient Access Control in Fluffington FLog 1.01 and 1.1.2 Allows Remote Information Disclosure File Descriptor Leakage and Seed Information Exposure Vulnerability in lshd for lsh 2.0.1 Denial of Service Vulnerability in Cisco Aironet Wireless Access Points (Bug ID CSCsc16644) Denial of Service Vulnerability in Helmsman Research HomeFtp 1.1 Denial of Service Vulnerability in Ari Pikivirta Home Ftp Server 1.0.7 Denial of Service Vulnerability in Cerberus FTP Server 2.32 and Earlier Versions Multiple SQL Injection Vulnerabilities in PowerPortal Buffer Overflow Vulnerability in CounterPath eyeBeam SIP Softphone Undocumented UDP Port 9090 Vulnerability in MPM SIP HP-180W Wireless IP Phone WE.00.17 Arbitrary Script Injection in Bit 5 Blog 8.01 addcomment.php Denial of Service Vulnerability in TippingPoint Intrusion Prevention System (IPS) Insecure Password Storage in MSN Messenger 7.5 MyBulletinBoard (MyBB) Cross-Site Scripting (XSS) Vulnerability via JavaScript URI Injection XMB (Extreme Message Board) Cross-Site Scripting (XSS) Vulnerability Phpclanwebsite (PCW) Cross-Site Scripting (XSS) Vulnerability in BBCode img Tag Privilege Escalation Vulnerability in Cisco CallManager Denial of Service Vulnerabilities in Cisco CallManager MySQL 5.0.18 Information Disclosure Vulnerability via information_schema.views Insufficient Access Control in Noah Medling RCBlog 1.03 Allows Remote Viewing of Account Names and Password Hashes Directory Traversal Vulnerability in Noah Medling RCBlog 1.03 Allows Remote File Read SQL Injection Vulnerabilities in Insane Visions BlogPHP Cross-Site Scripting (XSS) Vulnerability in Douran FollowWeb's register.aspx Undocumented Ports Vulnerability in ACT P202S IP Phone 1.01.21 Firmware 1.1.21 Hardcoded NTP Server Vulnerability in ACT P202S IP Phone 1.01.21 Lack of Warning for Ad Hoc Mode Associations in 802.11 Wireless Client CRLF Injection Vulnerability in SquirrelMail: Remote IMAP Command Injection Netrix X-Site Manager Cross-Site Scripting (XSS) Vulnerability in product_details.php Incomplete Buffer Initialization in FreeBSD Kernel Kernel Memory Disclosure Vulnerability in FreeBSD 5.4-STABLE and 6.0 IP Fragment Cache Logic Error Vulnerability Undocumented System Call Denial of Service Vulnerability in Apple Mac OS X 10.4.5 Denial of Service Vulnerability in IPSec VPN Networks on Mac OS X 10.4 through 10.4.5 Remote File Server Denial of Service and Arbitrary Code Execution Vulnerability in Mac OS X 10.4.5 and Earlier FileVault Vulnerability: Unauthorized Access to Protected Files Stack-based Buffer Overflow in Safari Allows Remote Code Execution Remote Code Execution via HTTP Redirection in Safari Syndication (Safari RSS) Cross-Site Scripting (XSS) Vulnerability in Mac OS X 10.4 through 10.4.5 BOM Framework Directory Traversal Vulnerability in Mac OS X Buffer Overflow Vulnerability in Apple Mac OS X 10.4.7 via Crafted Canon RAW Image Denial of Service and Account Existence Disclosure in OpenSSH on Apple Mac OS X 10.4.7 Download Validation Bypass in Mail on Mac OS X 10.4 Buffer Overflow in Mail in Apple Mac OS X 10.4 up to 10.4.5 via Long Real Name in E-mail Attachment Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allowing application spoofing Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allowing application spoofing Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allowing application spoofing Remote Code Execution via Crafted Archives in Apple Mac OS X 10.4 up to 10.4.5 Firmware Password Bypass Vulnerability in Mac OS X on Intel-based Computers Zoph SQL Injection Vulnerability Multiple SQL Injection Vulnerabilities in e-moBLOG 1.3 Insufficient Access Control in Note-A-Day Weblog 2.2 Allows Unauthorized Access to Encrypted Passwords NULL Pointer Dereference Vulnerability in libtiff 3.8.0 Information Disclosure Vulnerability in MyBB 1.0.2 search.php Cross-site scripting (XSS) vulnerability in AZ Bulletin Board (AZbb) 1.1.00 and earlier via post.php Privilege Escalation and Arbitrary Code Execution in Sun Grid Engine (SGE) rsh Utility Arbitrary Script Injection in Pixelpost Photoblog 1.4.3 Comment Popup SQL Injection Vulnerability in ADOdb (PostgreSQL) Allows Arbitrary SQL Command Execution Session Hijacking Vulnerability in Claroline 1.7.2 SQL Injection Vulnerability in CyberShop Login Action Multiple SQL Injection Vulnerabilities in NewsPHP index.php Hidden Service Identification Vulnerability in Tor Arbitrary Web Script Injection Vulnerability in SleeperChat 0.3f and Earlier Authentication Bypass and Entry Creation Vulnerability in SleeperChat 0.3f and Earlier SQL Injection Vulnerability in miniBloggie 1.0 and Earlier: Bypass Authentication and Execute Arbitrary SQL Commands Eval Injection Vulnerability in 123 Flash Chat Server 5.0 and 5.1 Anonymous Binds Vulnerability in BEA WebLogic Server and WebLogic Express Denial of Service Vulnerability in BEA WebLogic Server and WebLogic Express Privilege Escalation Vulnerability in BEA WebLogic Server and WebLogic Express Unspecified Remote Access and Denial of Service Vulnerabilities in BEA WebLogic Server and WebLogic Express Cleartext Storage of RDBMS Authentication Provider Password in BEA WebLogic Portal 8.1 through SP3 Remote Authenticated Guest User Log Disclosure Vulnerability Remote Source Disclosure Vulnerability in BEA WebLogic Portal 8.1 through SP4 Cleartext Password Storage Vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP4 Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 9.0 and 8.1 through SP5 allowing unauthorized access to system passwords Unspecified Remote Resource Access Vulnerability in BEA WebLogic Portal 8.1 SP3 through SP5 Vulnerability: Unauthorized Activation of Security Providers in BEA WebLogic Server and WebLogic Express 9.0 Denial of Service Vulnerability in BEA WebLogic Server and WebLogic Express Unspecified SSL Identity Disclosure Vulnerability in BEA WebLogic Server 8.1 SP5 Incorrect Custom Security Policies Vulnerability in BEA WebLogic Server and WebLogic Express 9.0 Denial of Service Vulnerability in SACK Handling in FreeBSD 5.3 and 5.4 Directory Traversal Vulnerability in phpXplorer's action.php PLSQL Exclusion List Bypass Vulnerability Unspecified Privilege Escalation Vulnerability in HP-UX Arbitrary Script Injection via XSS in phpBB 2.0.19 admin_smilies.php CSRF vulnerability in phpBB 2.0.19 allows unauthorized actions via user profile links or IMG tags Insecure Storage of Sensitive Data in Text Rider 2.4 Authentication Bypass and Unauthorized File Upload in Text Rider 2.4 Sami FTP Server 2.0.1 Stack-Based Buffer Overflow Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyBB 1.02 UserCP CheesyBlog 1.0 Archive.php XSS Vulnerability SQL Injection Vulnerability in Phpclanwebsite (PCW) 1.23.1: Remote Code Execution and XSS Path Disclosure Vulnerability in Phpclanwebsite 1.23.1 Remote Code Execution Vulnerability in WeBWorK 2.1.3 and 2.2-pre1 Multiple Buffer Overflows in E-Post and SPA-PRO Mail Servers Directory Traversal Vulnerabilities in E-Post Mail and SPA-PRO Mail IMAP Services IMAP Service Denial of Service Vulnerability in E-Post Mail 4.05 and SPA-PRO Mail 4.05 Denial of Service Vulnerability in phpBB 2.0.19 and Earlier Memory Leak Vulnerability in Fedora Directory Server 1.0 LDAP Component LDAP Component Denial of Service Vulnerability Denial of Service Vulnerability in Fedora Directory Server 1.0 Denial of Service Vulnerability in Linux Kernel ICMP Response Handling Unattended Signature Verification Vulnerability in GnuPG Incorrect Return Value in strnlen_user Function on IBM S/390 Linux Kernel Race condition vulnerability in add_key, request_key, and keyctl functions in Linux kernel 2.6.x Denial of Service Vulnerability in irssi DCC ACCEPT Command Handler Buffer Overflow Vulnerability in flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 Buffer Overflow Vulnerabilities in BomberClone before 0.11.6.2: Remote Code Execution via Long Error Messages ExpressionEngine 1.4.1 Core.input.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in comentarios.php in AndoNET Blog 2004.09.02 IdeoContent Manager XSS Vulnerability SQL Injection Vulnerabilities in IdeoContent Manager: Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in risultati_ricerca.php in active121 Site Manager Goldstag Content Management System search.asp XSS Vulnerability Denial of Service Vulnerability in Pioneers (formerly gnocatan) before 0.9.49 Denial of Service and Remote Code Execution Vulnerability in CommuniGate Pro Core Server Arbitrary Script Injection via SRC Attribute in UebiMiau 2.7.9 MyBulletinBoard (MyBB) 1.02 search.php Cross-Site Scripting (XSS) Vulnerability XSS Vulnerability in BBcode Function of my little forum XSS Vulnerability in my little guestbook's guestbook.php Allows Arbitrary Javascript Injection Arbitrary Javascript Injection via BBcode Link Tags in my little weblog Multiple Integer Overflows in Shareaza 2.2.1.0: Remote Code Execution Vulnerability Denial of Service Vulnerability in PHP-Ping 1.3 Buffer Overflow in Nullsoft Winamp 5.12 via Long File Name in Playlist (PLS) File Remote Code Execution Vulnerability in git-checkout-index Remote Code Execution in CRE Loaded 6.15 via files.php Remote File Inclusion and Cross-Site Scripting (XSS) Vulnerability in PmWiki 2.1 beta 20 Arbitrary Code Injection through Cross-Site Scripting (XSS) in sPaiz-Nuke Articles Module Heap-based Buffer Overflow in libpng 1.2.7's Alpha Strip Capability Denial of Service Vulnerability in Linux Kernel 2.6.15.1 and Earlier on SPARC Architectures Denial of Service Vulnerability in Cisco VPN 3000 Series Concentrators Vis.pl Directory Traversal Vulnerability in FACE CONTROL Product TCL Shell Command Authorization Bypass Vulnerability Tcl Shell Process Reuse Vulnerability in Cisco IOS Releases Unspecified Vulnerabilities in Tumbleweed MailGate Email Firewall (EMF) 6.x VDM Emulation Vulnerability: Unauthorized Memory Access in Windows 2000, XP SP2, and Server 2003 Buffer Overflow Vulnerability in mIRC Font Command SQL Injection Vulnerability in Login.asp in ASPThai.Net ASPThai Forums 8.0 and Earlier SQL Injection Vulnerability in SZUserMgnt 1.4 Allows Remote Code Execution via Username Parameter Multiple SQL Injection Vulnerabilities in Calendarix MG2 0.5.1 Name Field Comment XSS Vulnerability MyBB 1.02 Directory Traversal Vulnerability MyBB 1.02 Add Thread to Favorites XSS Vulnerability Arbitrary Web Script Injection via -moz-binding CSS Property in Mozilla, Firefox, and Netscape Multiple SQL Injection Vulnerabilities in PHP GEN before 1.4 PHP GEN 1.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities Cross-Site Scripting (XSS) Vulnerability in Rlink 1.0.0 Module for phpBB Insufficient Access Control in MyCO Guestbook 1.0 Allows Remote Privileged Actions MyCO Guestbook 1.0 XSS Vulnerability in User Registration Arbitrary File Inclusion Vulnerability in FarsiNews 2.1 Beta 2 Denial of Service Vulnerability in MailEnable Professional Edition IMAP Service Denial of Service Vulnerability in MailEnable Enterprise Edition before 1.2 via Formatted Quoted-Printable Emails Denial of Service Vulnerability in Zbattle.net Zbattle Client 1.09 SR-1 Beta Arbitrary Web Script Injection Vulnerability in Nuked-klaN 1.7 index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Easy CMS Insufficient Access Control in Easy CMS Allows Remote Image Listing and Reading Cross-Site Scripting (XSS) Vulnerabilities in Cerberus Helpdesk Clients.php SQL Injection Vulnerability in Daffodil CRM 1.5 Userlogin.jsp Session Hijacking Vulnerability in Blackboard Academic Suite 6.0 and Earlier Insecure Temporary File Creation Vulnerability in PADL MigrationTools 46 Arbitrary File Read Vulnerability in Tivoli Web Server Plug-in 5.1.0.10 HTTP Access Restriction Bypass Vulnerability in Cisco PIX/ASA, PIX, and FWSM Unspecified Denial of Service Vulnerability in Solaris 10 64-bit Kernel Processing Multiple SQL Injection Vulnerabilities in SPIP 1.8.2-e and Earlier and 1.9 Alpha 2 (5539) and Earlier Cross-site scripting (XSS) vulnerability in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier in index.php3 Sensitive Information Disclosure in SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and earlier SQL Injection Vulnerability in Dragoran Portal Module 1.3 for Invision Power Board (IPB) Cross-Site Scripting (XSS) Vulnerability in BrowserCRM's results.php SQL Injection Vulnerability in Symantec Sygate Management Server (SMS) Version 4.1 Build 1417 and Earlier SQL Injection Vulnerability in MyBB global.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in ashNews 0.83 Privilege Escalation Vulnerability in Multiple Adobe Products Privilege Escalation Vulnerability in AOL Client Software Kashpureff-style DNS Cache Corruption Vulnerability in BIND 4 and BIND 8 Denial of Service Vulnerability in libcairo Library Denial of Service Vulnerability in Computer Associates (CA) Message Queuing Denial of Service Vulnerability in Computer Associates (CA) Message Queuing Privilege Escalation Vulnerability in Sun Java System Access Manager 7.0 SoftMaker Shop resultat.asp Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in cPanel's webmailaging.cgi Multiple Cross-Site Scripting (XSS) Vulnerabilities in CyberShop Ultimate E-commerce Default.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in Community Server NeoMail 1.27 Cross-Site Scripting (XSS) Vulnerability in neomail.pl Buffer Overflow in Kinesphere Corporation eXchange POP3 Server Denial of Service Vulnerability in CipherTrust IronMail 5.0.1 Heap Memory Corruption Vulnerability in fcron 3.0.0's convert-fcrontab Program SQL Injection Vulnerabilities in Tachyon Vanilla Guestbook 1.0 Beta Arbitrary Web Script Injection in Tachyon Vanilla Guestbook 1.0 beta SQL Injection Vulnerabilities in NukedWeb GuestBookHost 2005.04.25 Remote Denial of Service Vulnerability in Cerulean Trillian 3.1.0.120 Denial of Service and Arbitrary Code Execution Vulnerability in Internet Explorer 7.0 Beta 2 Arbitrary SQL Command Execution in Groupee UBB.threads 6.3 and Earlier Remote Code Execution Vulnerability in index.php of Application on www.egeinternet.com Remote authenticated SQL injection vulnerability in Oracle Database 8i, 9i, and 10g allows bypass of audit logging and execution of arbitrary SQL statements as SYS user via modified AUTH_ALTER_SESSION attribute in TNS protocol. SQL Injection Vulnerability in Oracle Text Component of Oracle Database 10g SQL Injection Vulnerability in SYS.DBMS_METADATA_UTIL Package in Oracle Database 10g and Earlier Versions Unspecified Oracle Client Utility Buffer Overflow Vulnerability SQL Injection Vulnerability in Oracle Database 10g and Earlier Versions Unspecified vulnerability in Oracle Database server Net Listener component (Oracle Vuln# DB11) Privilege Escalation via Crafted SET ROLE in PostgreSQL 8.1.0 - 8.1.2 Information Disclosure Vulnerability in Linux Kernel 2.6 before 2.6.15.5 via Crafted XFS ftruncate Call Denial of Service Vulnerability in Linux Kernel with O_DIRECT Usage Unsanitized Input in sys_mbind Function in Linux Kernel: Potential Vulnerability Denial of Service Vulnerability in perfmon.c on IA64 Architectures Format String Vulnerability in McAfee WebShield SMTP Server Insecure Storage of Administrator Passwords and Master Key in Cisco Secure Access Control Server (ACS) 3.x PluggedOut Blog 1.9.9c - Remote Code Injection via XSS Vulnerability in problem.php SQL Injection Vulnerability in PluggedOut Blog 1.9.9c: Remote Code Execution via exec.php Stack-based Buffer Overflow in Microsoft HTML Help Workshop Remote File Inclusion Vulnerability in Loudblog 0.4 and Earlier: Arbitrary PHP Code Execution Denial of Service Vulnerability in CommuniGate Pro Core Server 5.0.7 Directory Traversal Vulnerability in Files Xaraya Module before 0.5.1 Arbitrary Web Script Injection Vulnerability in Outblaze's throw.main Cross-Site Scripting (XSS) Vulnerability in Papoo 2.1.4 and Earlier Multiple SQL Injection Vulnerabilities in phpstatus 1.0 Arbitrary Web Script Injection in phpstatus 1.0 Administrative Interface Authentication Bypass Vulnerability in phpstatus 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in cPanel 10 and Earlier Arbitrary Web Script Injection in cPanel 10 Mime/Handle.html Arbitrary File Creation and Overwrite Vulnerability in Fcron 2.9.5 and 3.0.0 Untrusted Search Path Vulnerability in OProfile's opcontrol Local Privilege Escalation via Lexmark X1185 Printer Appearance Dialog Bypassing Connection Filters in Blue Coat Proxy Security Gateway OS (SGOS) 4.1.2.1 Arbitrary Code Execution via Integer Overflow in MPlayer Denial of Service Vulnerability in IBM Lotus Domino Server 7.0 via Crafted LDAP Packet SQL Injection Vulnerability in Hosting Controller 6.1 Hotfix 2.8 Arbitrary File Overwrite and Ownership Change Vulnerability in Heimdal rshd Clever Copy 3.0 SQL Injection Vulnerability in mailarticle.php Weak Password Encryption in PeopleSoft People Tools 8.4x Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 and Earlier Multiple SQL Injection Vulnerabilities in Oracle 10g Release 1 before CPU Jan 2006 Unspecified Remote Code Execution Vulnerability in Gallery before 1.5.2-pl2 SQL Injection Vulnerability in MyTopix 1.2.3: Remote Code Execution via search.php Information Disclosure Vulnerability in MyTopix 1.2.3 Path Disclosure Vulnerability in MyTopix 1.2.3 Weak Salt Distribution in crypt_gensalt Functions Unspecified Remote Code Execution Vulnerability in Lexmark Printer Sharing LexBce Server Service Arbitrary Web Script Injection in PHP-Fusion (before 6.00.304) Stack-based Buffer Overflow Vulnerabilities in elogd.c Buffer Overflow Vulnerability in elogd.c in elog before 2.5.7 r1558-4 Username Enumeration Vulnerability in elog Denial of Service Vulnerability in elog before 2.5.7 r1558-4 SQL Injection Vulnerabilities in Hinton Design phphg Guestbook 1.2 Multiple Cross-Site Scripting Vulnerabilities in Hinton Design phphg Guestbook 1.2 Authentication Bypass Vulnerability in Hinton Design phphg Guestbook 1.2 Cross-Site Scripting (XSS) Vulnerabilities in Unknown Domain Shoutbox 2005.07.21 SQL Injection Vulnerability in Unknown Domain Shoutbox 2005.07.21 Authentication Bypass Vulnerability in Hinton Design phphd 1.0 Multiple SQL Injection Vulnerabilities in Hinton Design phphd 1.0 Arbitrary Web Script Injection Vulnerability in Hinton Design phphd 1.0 add.php Multiple SQL Injection Vulnerabilities in 2200net Calendar System 1.2 Directory Traversal Vulnerability in @Mail 4.3 and Earlier for Windows Local Privilege Escalation in Powersave Daemon (before 0.10.15.2) Unspecified Privilege Escalation Vulnerability in Java Web Start Java Sandbox Bypass Vulnerability in Sun Java JDK and JRE Unspecified Reflection API Vulnerabilities in Sun Java JDK and JRE Java Sandbox Bypass Vulnerability in Sun Java JDK and JRE 5.0 Update 4 and earlier Unspecified Reflection API Vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and Earlier Fontsleuth Format String Vulnerability in QNX Neutrino RTOS 6.3.0 Stack-based buffer overflows in QNX Neutrino RTOS 6.3.0: Arbitrary Code Execution via Environment Variables Race condition vulnerability in phfont in QNX Neutrino RTOS 6.2.1 allows local users to execute arbitrary code Buffer Overflow Vulnerabilities in QNX Neutrino RTOS 6.2.0: Arbitrary Code Execution Denial of Service Vulnerability in QNX Neutrino RTOS 6.3.0 via gdb Command World-Writable Permissions in QNX Neutrino RTOS 6.3.0's /etc/rc.d/rc.local Vulnerability SQL Injection Vulnerability in Whomp Real Estate Manager XP 2005's check.asp Directory Traversal Vulnerability in SPIP 1.8.2g and Earlier SQL Injection Vulnerability in SPIP 1.8.2g and Earlier: Arbitrary SQL Command Execution via spip_acces_doc.php3 Clever Copy 2.0, 2.0a, and 3.0 XSS Vulnerability in Site Stats Arbitrary Command Execution in Dale Ray MyQuiz 1.01 Buffer overflow vulnerability in AOL Instant Messenger (AIM) 5.9.3861 allows for remote code execution and denial of service Header Spoofing Vulnerability in RITLabs The Bat! before 3.0.0.15 CRLF Injection Vulnerability in mailback.pl Allows Spam Proxy Exploitation Insufficiently Random Activation Key Generation in phpBB 2.0.19 Predictable Seed Vulnerability in Invision Power Board (IPB) 2.1.4 Integer Overflow Vulnerability in Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise Edition (ent_upd4) Integer Overflow Vulnerability in Tiny C Compiler (TCC) 0.9.23 Arbitrary PHP Code Execution Vulnerability in eyeOS 0.8.9 and Earlier Buffer Overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 via IMAP APPEND Command Arbitrary SQL Command Execution in MyBB 1.0.3 Moderation.php MyBB 1.0.2 search.php Cross-Site Scripting (XSS) Vulnerability Vulnerability: Disabling Orbicule Undercover Protection via Chmod Command Privacy Leak in Orbicule Undercover: Unintended Transmission of Sensitive Information Default Configuration Setting Allows Bypass of Anti-Virus Checks in Trend Micro ServerProtect Arbitrary Script Injection in WiredRed e/pop Web Conferencing 4.1.0.755 Arbitrary File Inclusion Vulnerabilities in CPG-Nuke Dragonfly CMS 9.0.6.1 Out-of-Bounds Access Vulnerability in libtasn1 Empty RPATH/RUNPATH Vulnerability in SUSE Linux 9.1-10.0 and SLES 9 Denial of Service Vulnerability in Sun Java System Directory Server 5.2 Arbitrary File Inclusion Vulnerabilities in PHP iCalendar Unspecified Cross-Site Scripting (XSS) Vulnerability in DataparkSearch before 4.37 Arbitrary Web Script Injection via cpaint_response_type Parameter in CPAINT Library SQL Injection Vulnerability in index.php in vwdev Incorrect Permissions Assignment in WHMCompleteSolution (WHMCS) Allows Privileged Actions or Information Disclosure SQL Injection Vulnerabilities in Hinton Design phpht Topsites 1.3 Authentication Bypass Vulnerability in Hinton Design phpht Topsites 1.3 Arbitrary Web Script Injection in Hinton Design phpht Topsites 1.3 Arbitrary File Access Vulnerability in HP Systems Insight Manager 4.2 through 5.0 SP3 for Windows Arbitrary Code Injection and Cross-Site Scripting (XSS) Vulnerability in Softcomplex PHP Event Calendar 1.5 Arbitrary Script Execution via Incomplete Blacklist in FCKeditor Connector.php Arbitrary Code Execution Vulnerabilities in RunCMS 1.2 and Earlier Multiple Directory Traversal Vulnerabilities in FarsiNews 2.5 and Earlier Arbitrary Web Script Injection Vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host Lotus Domino iNotes Client 6.5.4 XSS Vulnerability via Email Attachment Rendering Cross-Site Scripting (XSS) Vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 Cross-site scripting (XSS) vulnerability in config_defaults_inc.php in Mantis before 1.0 Unspecified Vulnerability in Mantis (1.0.0) with Unknown Impact and Attack Vectors Unspecified Denial of Service Vulnerability in IBM AIX 5.3 VRMF 5.3.0.30 through 5.3.0.33 Symlink Attack Vulnerability in lscfg on IBM AIX 5.2 and 5.3 SQL Injection Vulnerability in PwsPHP 1.2.3: Remote Code Execution via id Parameter SQL Injection Vulnerabilities in GA's Forum Light's archive.asp Remote Denial of Service Vulnerability in hcidump 1.29 via Malformed L2CAP Packet Buffer Overflow Vulnerability in Sony Ericsson Cell Phones via Bluetooth L2CAP Packet Unspecified Vulnerability in HP PSC 1210 All-in-One Drivers: Unknown Impact and Attack Vectors SQL Injection Vulnerabilities in Magic Calendar Lite 1.02: Remote Code Execution Buffer Overflow Vulnerability in arp Command of IBM AIX 5.3 L, 5.3, 5.2.2, 5.2 L, and 5.2 Arbitrary Script Injection in Siteframe 5.0.1 search.php (XSS Vulnerability) Arbitrary Web Script Injection Vulnerability in PHP-Nuke Header.php Denial of Service Vulnerability in Heimdal 0.6.x and 0.7.x Denial of Service Vulnerability in PostgreSQL Arbitrary SQL Command Execution in PHP-Nuke Your_Account Module Unspecified Account Creation Vulnerability in WebGUI before 6.8.6-gamma Power Daemon (powerd) 2.0.2 and Earlier Format String Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in e107 BBCodes System Arbitrary Web Script Injection in VHCS 2.4.7.1 with v.1 Patch and Earlier Lack of Old Password Verification in VHCS 2.4.7.1 and Earlier Allows Unauthorized Access Authentication Bypass Vulnerability in VHCS 2.4.7.1 and Earlier Unauthenticated Remote Access Vulnerability in VHCS 2.4.7.1 and Earlier Arbitrary File Inclusion Vulnerability in DocMGR 0.54.2 Remote Code Execution via PHP File Include in Nicecoder.com Indexu 5.0.0 and 5.0.1 Arbitrary Code Injection through XSS in TTS Time Tracking Software 3.0 Registration Form SQL Injection Vulnerabilities in TTS Time Tracking Software 3.0 Arbitrary Data Overwrite Vulnerability in TTS Time Tracking Software 3.0 SQL Injection Vulnerabilities in Carey Briggs PHP/MYSQL Timesheet 1 and 2 SQL Injection Vulnerabilities in Roberto Butti CALimba 0.99.2 beta and Earlier Arbitrary File Read Vulnerability in Ansilove Loaders Arbitrary Code Execution Vulnerability in Ansilove before 1.03 SQL Injection Vulnerability in Zen Cart 1.2.7 and Earlier Versions Unprotected admin/includes Directory Vulnerability in Zen Cart Unspecified Remote Code Execution Vulnerabilities in Zen Cart before 1.2.7 QWikiWiki 1.5 Cross-Site Scripting (XSS) Vulnerability in search.php Folder Permission Disclosure in imageVue 16.1 via dir.php Directory Listing Vulnerability in readfolder.php of imageVue 16.1 Arbitrary File Upload Vulnerability in imageVue 16.1 Unspecified Cross-Site Scripting (XSS) Vulnerability in imageVue 16.1 Sensitive Information Disclosure in iE Integrator 4.4.220114 Format string vulnerability in logging function of various SFTP servers allows remote command execution Arbitrary Web Script Injection in Gästebuch (Gastebuch) eintrag.php Arbitrary File Read Vulnerability in PyBlosxom Multiple Buffer Overflows in NullSoft Winamp 5.13 and Earlier: Remote Code Execution Vulnerabilities Buffer Overflow in Metamail 2.7-50: Remote Code Execution via Long Boundary Attribute Double Free Vulnerability in Isode M-Vault Server 11.3: Remote Code Execution via Crafted LDAP Request Session ID Validation Bypass in NeoMail 1.28 Allows Arbitrary File Manipulation CRLF Injection Vulnerability in Squishdot 1.5.0 and Earlier Directory Traversal Vulnerability in LinPHA 1.0 Allows Remote File Inclusion Arbitrary File Inclusion Vulnerability in Flyspray 0.9.7 Installation File Arbitrary Script Injection in sNews 1.3 Comment Field SQL Injection Vulnerability in sNews 1.3 index.php Allows Remote Code Execution Denial of Service Vulnerability in IBM Tivoli Directory Server 6.0 IKEv1 Implementation Denial of Service Vulnerability in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000 SQL Injection Vulnerability in PHP Classifieds 6.18 through 6.20: Remote Code Execution via member_login.php Stack-based Buffer Overflow in Nullsoft Winamp 5.12 and 5.13 via Crafted .m3u File SQL Injection Vulnerability in pmlite.php in RunCMS 1.2 and 1.3a Remote Code Execution in Reamday Enterprises Magic Downloads 1.1.3 via Uninitialized Variables Remote File Inclusion Vulnerability in Reamday Enterprises Magic News Lite 1.2.3 Remote Code Execution in Reamday Enterprises Magic News Lite 1.2.3 via Uninitialized Variables Plume CMS 1.0.2 - PHP Remote File Inclusion Vulnerability in prepend.php Arbitrary Web Script Injection Vulnerability in CPG-Nuke Dragonfly CMS 9.0.6.1 SQL Injection Vulnerability in MusOX DF MSAnalysis (DFMSA) SQL Injection Vulnerability in search.php in webSPELL 4.01.00 and Earlier SQL Injection Vulnerability in Teca Diary PE 1.0's functions.php Allows Remote Code Execution Unspecified Denial of Service Vulnerabilities in Dovecot before 1.0beta3 Remote Phishing Attack via Absolute URL in SAP Business Connector Core Fix 7 and Earlier Directory Traversal Vulnerability in SAP Business Connector (BC) 4.6 and 4.7 Cross-Site Scripting (XSS) Vulnerability in WordPress 2.0.0 Denial of Service Vulnerability in Half-Life CSTRIKE Dedicated Server 1.6 and Earlier Arbitrary Javascript Injection via BBcode in M. Blom HTML::BBCode Stack-based Buffer Overflow in pam_micasa PAM Authentication Module in CASA eStara SIP Softphone Denial of Service Vulnerability Format String Vulnerabilities in eStara SIP Softphone: Remote Denial of Service via SIP INVITE Requests eStara SIP Softphone Denial of Service Vulnerability Denial of Service Vulnerability in Linux Kernel on Intel Processors Denial of Service Vulnerability in Linux Kernel 2.6.x on Itanium Systems Format String Vulnerability in Apache log4net 1.2.9's LocalSyslogAppender Vulnerability: Improper Handling of Uncanonical Return Addresses on Intel EM64T CPUs in Linux Kernel Arbitrary Code Execution and File Overwrite Vulnerability in X.Org Server Incomplete Patching of CVE-2005-3627 in kpdf Allows Context-Dependent Exploitation Integer Underflow Vulnerability in Freetype Allows Remote Denial of Service Arbitrary Code Execution via Negative Array Index in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Memory Corruption Vulnerability in nsHTMLContentSink.cpp SQL Injection Vulnerability in SSB Army System 2.1.0 for IPB Unspecified Vulnerabilities in FUSE Client and NOOFS Daemon Honeyd Vulnerability: Remote Identification of Simulated IP Addresses Memory Leak Vulnerability in Internet Explorer 6 for Windows XP SP2 Information Disclosure Vulnerability in dotProject 2.0.1 and Earlier Multiple PHP Remote File Include Vulnerabilities in dotProject 2.0.1 and Earlier Sensitive Configuration Information Disclosure in dotProject 2.0.1 and Earlier Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier Cross-Site Scripting (XSS) Vulnerabilities in HiveMail 1.3 and Earlier Multiple SQL Injection Vulnerabilities in HiveMail 1.3 and Earlier Case-insensitive Filesystem Bypass Vulnerability in LightTPD 1.4.8 and Earlier Buffer Overflow Vulnerability in BlackBerry Attachment Service Unauthorized Access to WinAbility Folder Guard 4.11 Capabilities via Password File Manipulation Arbitrary Script Injection via dowebmailforward.cgi in cPanel Incomplete TACACS+ Configuration Vulnerability in Cisco Anomaly Detection and Mitigation Products ICQ GUI Display Truncation Vulnerability User-Assisted Remote File Execution Vulnerability in ICQ 2003a, 2003b, Lite 4.0, and Lite 4.1 Information Disclosure Vulnerability in CGIWrap Denial of Service Vulnerability in Kadu 0.4.3 via Image Send Requests Unspecified Privilege Escalation Vulnerability in in.rexecd in Solaris 10 MyBB 1.0.4 calendar.php XSS Vulnerability Format String Vulnerability in PunkBuster 1.180 and Earlier: Remote Code Execution and Denial of Service Hitachi Business Logic Container SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in Hitachi Business Logic Container SQL Injection Vulnerability in deleteSession() in DB_eSession Library 1.0.2 and Earlier Multiple SQL Injection Vulnerabilities in BirthSys 3.1 via $month Parameter in show.php Arbitrary Web Script Injection Vulnerability in Teca Scripts Guestex 1.0 Arbitrary Command Execution Vulnerability in Teca Scripts Guestex 1.0 SQL Injection Vulnerabilities in XMB Forums 1.9.3 and Earlier Arbitrary Web Script Injection via u2u.php in XMB Forums 1.9.3 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in PerlBlog 1.09b and Earlier Directory Traversal Vulnerability in PerlBlog 1.09b and Earlier Arbitrary File Creation and Code Execution Vulnerability in PerlBlog 1.09b and Earlier Arbitrary Web Script Injection in Siteframe Beaumont (page.php) Denial of Service Vulnerability in D-Link DWL-G700AP Firmware 2.00 and 2.01 Absolute Path Traversal Vulnerability in include.php in PHPKIT 1.6.1 Release 2 and Earlier Incomplete Blacklist Vulnerability in PHPKIT 1.6.1 Release 2 and Earlier: Remote File Inclusion via Path Parameter Arbitrary String Injection in Plaino Wimpy MP3 Player Kyocera 3830 Printer Backdoor Vulnerability Default admin Account with Blank Password in Kyocera Printers Allows Remote Administrative Access Denial of Service Vulnerability in Rockliffe MailSite 7.0 and Earlier DreamCost HostAdmin PHP Remote File Inclusion Vulnerability Arbitrary Script Injection in V-webmail 1.6.2 via preferences.personal.php Arbitrary Website Referencing Vulnerability in V-webmail 1.6.2 Information Disclosure Vulnerability in V-webmail 1.6.2 Absolute Path Traversal Vulnerability in Quirex 2.0.2 and Earlier: Arbitrary File Read and Possible Code Execution in convert.cgi Cross-site scripting (XSS) vulnerability in Clever Copy 3.0 allows remote attackers to inject arbitrary web script or HTML via the Subject field in private messages. Denial of Service Vulnerability in Nokia N70 Cell Phone via Bluetooth L2CAP Packet Directory Traversal Vulnerabilities in Macallan Mail Solution 4.8.05.004 URL Spoofing Vulnerability in Microsoft Internet Explorer Cross-Site Scripting (XSS) Vulnerability in PostNuke 0.761 and Earlier SQL Injection Vulnerability in NS-Languages Module for PostNuke 0.761 and Earlier Arbitrary Web Script Injection in PostNuke NS-Languages Module Vulnerability: Inadequate Signature Verification in YaST Online Update (YOU) Script Handling Buffer Overflow Vulnerability in TIN 1.8.0 and Earlier Fixed Challenge/Response Pairs in php-Nuke CAPTCHA Allow Remote Bypass Multiple Cross-Site Scripting (XSS) Vulnerabilities in ADOdb 4.71 Arbitrary Code Execution via Font Names in NJStar Word Processor Denial of Service and Information Disclosure Vulnerability in MUTE 0.4 Multiple SQL Injection Vulnerabilities in Skate Board 0.9 Arbitrary PHP Code Execution Vulnerability in Skate Board 0.9's config.php Skate Board 0.9 reguser.php Cross-Site Scripting (XSS) Vulnerability Privilege Escalation Vulnerability in VisNetic AntiVirus Plug-in for Mail Server WinACE 2.60 ARJ Archive Header Block Heap-Based Buffer Overflow Vulnerability Arbitrary Source Code Disclosure in Lighttpd 1.4.10 on Windows Remote Code Disclosure in NetworkActiv Web Server 3.5.15 Orion Application Server Source Code Disclosure Vulnerability Absolute Path Directory Traversal Vulnerability in MERAK Mail Server and VisNetic MailServer Absolute Path Directory Traversal Vulnerability in MERAK Mail Server and VisNetic MailServer Dwarf HTTP Server 1.3.2 Source Code Disclosure Vulnerability Arbitrary Web Script Injection Vulnerability in Dwarf HTTP Server 1.3.2 BXCP 0.299 index.php SQL Injection Vulnerability Denial of Service Vulnerability in EmuLinker Kaillera Server SQL Injection Vulnerabilities in Geeklog 1.4.0 and 1.3.11 Arbitrary Code Execution Vulnerabilities in Geeklog 1.4.0 and 1.3.11 Unspecified Vulnerabilities in Xerox WorkCentre Pro and WorkCentre Software 13.027.24.015 and 14.027.24.015 Denial of Service Vulnerability in Xerox WorkCentre Pro and Xerox WorkCentre Cross-site scripting vulnerability in Xerox WorkCentre Pro and Xerox WorkCentre running software 13.027.24.015 and 14.027.24.015 Unspecified Remote Vulnerability in Xerox WorkCentre Pro and WorkCentre Software Arbitrary Web Script Injection Vulnerability in E-Blah Platinum 9.7 Denial of Service and Arbitrary Code Execution Vulnerability in Internet Explorer Scripting Engine Remote File Inclusion Vulnerability in Tasarim Rehberi's index.php Allows Arbitrary Code Execution SQL Injection Vulnerabilities in admin.asp in WPC.easy Multiple Cross-Site Scripting (XSS) Vulnerabilities in Barracuda Directory 1.1 Default Password Vulnerability in Uniden UIP1868P VoIP Telephone and Router SQL Injection Vulnerability in dropbase.php in MitriDAT Web Calendar Pro User-Assisted Denial of Service Vulnerability in Mozilla Thunderbird 1.5 World-readable permissions in IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 allow local users to read sensitive information Cleartext Password Storage Vulnerability in IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 Fragmented Packets with IP Options Evasion Vulnerability in Sourcefire Snort 2.4.3 SQL Injection Vulnerability in Mantis 1.00rc4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mantis 1.00rc4 and Earlier Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 via modified javascript: string in IMG SRC attribute Insufficient Access Control in Leif M. Wright's Blog 3.5 Allows Remote Password Disclosure Authentication Bypass Vulnerability in Leif M. Wright's Blog 3.5 Remote Code Execution in Leif M. Wright's Blog 3.5 via Malicious Sendmail Path Configuration Cross-Site Scripting (XSS) Vulnerabilities in Leif M. Wright's Blog 3.5 CherryPy StaticFilter Component Directory Traversal Vulnerability Arbitrary Command Execution via Safari's Open 'safe' files after downloading Option on Apple Mac OS X SQL Injection Vulnerability in ilchClan 1.05g: Remote Code Execution via login_name Parameter SQL Injection Vulnerability in ilchClan Forum Module (Versions 1.05g and Earlier) Allows Remote Code Execution Direct Static Code Injection Vulnerability in Admbook 1.2.2 and Earlier: Remote PHP Code Execution via X-Forwarded-For Header Buffer Overflow Vulnerability in TrueNorth Internet Anywhere (IA) eMailserver 5.3.4: Remote Code Execution and Denial of Service Intensive Point iUser Ecommerce PHP Remote File Inclusion Vulnerability Stack-based Buffer Overflow in Zoo File Parsing Allows Arbitrary Code Execution SQL Injection Vulnerability in login.php in Scriptme SmE GB Host 1.21: Bypass Authentication and Remote Code Execution Cross-site scripting (XSS) vulnerability in e107 Chatbox Plugin 1.0 Unquoted Windows Search Path Privilege Escalation Vulnerability in StarForce Safe'n'Sec Products Remote Code Execution in Michael Salzer Guestbox 0.6 and Earlier Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Michael Salzer Guestbox 0.6 and Earlier Source IP Address Disclosure in Michael Salzer Guestbox 0.6 and Earlier Versions Arbitrary File Read Vulnerability in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 Sensitive Information Disclosure in InfoVista PortalSE 2.0 Build 20087 on Solaris 8 Unverified Cookie Header Vulnerability in Global Hauri ViRobot 2.0 Denial of Service Vulnerability in PunBB 1.2.10 and Earlier Brute Force Password Guessing Vulnerability in PunBB 1.2.10 and Earlier Buffer Overflow Vulnerability in South River WebDrive Unspecified Injection Vulnerabilities in PEAR::Auth Container Back Ends Directory Traversal Vulnerability in PEAR LiveUser's Remember Me Feature SQL Injection Vulnerability in Mini-Nuke CMS System 1.8.2 and Earlier (including version 2.3) Arbitrary File Inclusion Vulnerability in Mambo 4.5.3 and Earlier Versions Arbitrary File Inclusion Vulnerability in Coppermine Photo Gallery 1.4.3 and Earlier Absolute Path Traversal Vulnerability in Coppermine Photo Gallery 1.4.3 and Earlier Unspecified Vulnerabilities in Intensive Point iUser Ecommerce before 2.2 Cross-Site Scripting Vulnerability in RunCMS 1.3a5 ratefile.php Denial of Service Vulnerability in POPFile before 0.22.4 Arbitrary Code Injection through Easy Forum 2.5 Image Variable Information Disclosure Vulnerability in Noah's Classifieds 1.3 SQL Injection Vulnerability in Noah's Classifieds 1.3 Search Tool Cross-Site Scripting (XSS) Vulnerabilities in Noah's Classifieds 1.3 PHP Remote File Include Vulnerabilities in Noah's Classifieds 1.3 Arbitrary File Inclusion Vulnerability in Noah's Classifieds 1.3 Denial of Service Vulnerability in OpenSSH on FreeBSD 5.3 and 5.4 User-assisted JavaScript Execution Vulnerability in Mozilla Thunderbird Arbitrary Script Injection in CuteNews 1.4.1 show_news.php Arbitrary Script Injection in City/Region Field of DEV Web Management System 1.5 Eval Injection Vulnerability in PHPLib's sessions.inc Denial of Service Vulnerability in Invision Power Board (IPB) 2.0.1 Arbitrary Script Injection in Calcium 3.10.1 via EventText Parameter Arbitrary File Overwrite Vulnerability in SpeedProject Squeez 5.1 Multiple Directory Traversal Vulnerabilities in NOCC Webmail 1.0 Predictable Filename Vulnerability in NOCC Webmail 1.0 Sensitive Information Disclosure in NOCC Webmail 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in NOCC Webmail 1.0 Information Disclosure: Obtaining Installation Path in NOCC Webmail 1.0 Arbitrary Web Script Injection via X-Forwarded-For Header in Simple Machine Forum (SMF) 1.0.6 SQL Injection Vulnerability in VCS Virtual Program Management Intranet (VPMi) Enterprise 3.3 Weak Initialization Vector (IV) Usage in Crypt::CBC Perl Module 4Images 1.7.1 Directory Traversal Vulnerability Denial of Service Vulnerability in NFSd in FreeBSD 6.0 Kernel Unspecified Vulnerability in Solaris hsfs Filesystem Allows Denial of Service and Arbitrary Code Execution Bypassing Logging Mechanisms in MySQL 5.0.18 and Earlier Sequence Number Update Vulnerability in fast_ipsec SQL Injection Vulnerability in D3Jeeb Pro 3: Remote Code Execution via catid Parameter SQL Injection Vulnerability in PHP-Nuke before 7.8 Patched 3.2 SQL Injection Vulnerability in PHP-Nuke 7.8 Patched 3.2 Sensitive Information Disclosure in Invision Power Board (IPB) 2.1.4 and earlier Directory Listing Vulnerability in Invision Power Board (IPB) 2.1.4 and earlier Denial of Service Vulnerability in Ipswitch WhatsUp Professional 2006 Denial of Service Vulnerability in Oreka before 0.5 via RTP Sequence Arbitrary SQL Command Execution Vulnerability in Bugzilla 2.17 through 2.18.4 and 2.20 SQL Injection Vulnerability in Bugzilla 2.16.10, 2.17 through 2.18.4, and 2.20 SQL Injection Vulnerability in Bugzilla 2.16.10 Attachment.cgi URL Redirection Vulnerability in Bugzilla 2.19.3 through 2.20 M-Chat Web Browser Vulnerability: Unauthorized Cookie Disclosure and Credential Theft Buffer Overflow in The Bat! 3.60.07: Remote Code Execution via Subject Field SQL Injection Vulnerability in Oi! Email Marketing System 3.0 Login Page Cleartext Storage of FTP Password in Oi! Email Marketing System 3.0 Directory Traversal Vulnerabilities in FCKeditor 2.0 FC CubeCart 3.0-3.6 Absolute Path Traversal File Upload Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in MyPHPNuke (MPN) 1.88 and Earlier Cross-Site Scripting (XSS) Vulnerability in Brown Bear iCal 3.10 Format String Vulnerability in Alt-N MDaemon IMAP4rev1 Server Arbitrary File Creation and Overwrite Vulnerabilities in Allume StuffIt and ZipMagic 9.0 Cross-Site Scripting (XSS) Vulnerabilities in JGS-XA JGS-Gallery Addon 4.0.0 and Earlier for Woltlab Burning Board (wBB) 2.x ArGoSoft Mail Server Pro 1.8 POP3 Server Information Disclosure Vulnerability ArGoSoft Mail Server Pro 1.8.8.1 IMAP Server Directory Traversal Vulnerability ArGoSoft Mail Server Pro 1.8 Webmail Directory Traversal Vulnerability PEAR::Archive_Tar Directory Traversal Vulnerability Directory Traversal Vulnerability in PEAR::Archive_Zip (zip.lib.php 0.1.1) PHPX 3.5.9 Cross-Site Scripting (XSS) Vulnerability in URL XCode Tag Arbitrary Script Injection in webinsta Limbo 1.0.4.2 Contact Form Denial of Service Vulnerability in Microsoft Word 2003 Arbitrary File Upload Vulnerability in Free Host Shop Website Generator 3.3 Sensitive Information Disclosure in U.N.U. Mailgust 1.9 via index.php Method Parameter Arbitrary Web Script Injection Vulnerability in eZ publish 3.7.3 and Earlier SQL Injection Vulnerability in DCI-Taskeen 1.03 Arbitrary PHP Code Execution via Direct Static Code Injection in ShoutLIVE 1.1.0 Arbitrary Web Script Injection in ShoutLIVE 1.1.0 post.php SQL Injection Vulnerability in profil.php in PwsPHP 1.2.3 and Earlier Versions SQL Injection Vulnerability in Sondages Module in PwsPHP 1.2.3 Authentication Bypass in Archangel Weblog 0.90.02 via ba_admin Cookie Arbitrary PHP Code Execution via Remote File Include in Archangel Weblog 0.90.02 Thomson SpeedTouch Modems Firmware 5.3.2.6.0 XSS Vulnerability Unremovable User Account Creation Vulnerability in Thomson SpeedTouch Modem Firmware 5.3.2.6.0 Insecure Permissions in AOL 9.0 Security Edition: Privilege Escalation Vulnerability RaidenHTTPD 1.1.47 Source Code Disclosure Vulnerability Arbitrary File Overwrite Vulnerability in unalz 0.53 Privilege Escalation Vulnerability in NOD32 2.5 GUI during Scheduled Scans Denial of Service Vulnerability in nuauth in NuFW before 1.0.21 Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 Arbitrary Web Script Injection in ZoneO-Soft freeForum 1.2.1 SQL Injection Vulnerability in MyBulletinBoard (MyBB) 1.03 and 1.04 Denial of Service Vulnerability in Compex NetPassage WPE54G Router's uConfig Agent SQL Injection Vulnerability in Cilem Hiber 1.1's yazdir.asp Allows Remote Code Execution SQL Injection Vulnerability in vuBB 0.2: Remote Code Execution via Cookie Parameter Buffer Overflow Vulnerabilities in STLport 5.0.2 Bypassing Firewall Program Execution Rules in NCP Network Communication Secure Client Privilege Escalation Vulnerability in NCP Network Communication Secure Client Denial of Service Vulnerability in NCP Network Communication Secure Client 8.11 Build 146 Denial of Service Vulnerability in NCP Network Communication Secure Client 8.11 Build 146 Arbitrary Code Execution via Modified connect.bat Script in NCP Network Communication Secure Client Arbitrary File Inclusion Vulnerability in Top sites de PixelArtKingdom ActiveCampaign Products PHP Remote File Inclusion Vulnerability Lionel Reyero DirectContact 0.3b Directory Traversal Vulnerability SQL Injection Vulnerability in news.php in Tony Baird Fantastic News 2.1.1 SQL Injection Vulnerability in Appalachian State University phpWebSite 0.10.2 and Earlier: Remote Code Execution via topic Parameter Cross-Site Scripting (XSS) Vulnerability in Battleaxe bttlxeForum 2.0's failure.asp Directory Traversal Vulnerability in SPiD 1.3.1: Arbitrary File Read via lang Parameter Open Relay Vulnerability in Craig Morrison Mail Transport System Professional (MTS Pro) ArGoSoft Mail Server Pro 1.8.8.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in View Headers Functionality Unspecified Local Weblog Publisher Vulnerability in Nidelven IT Issue Dealer Arbitrary Web Script Injection in Jay Eckles CGI Calendar 2.7 Directory Traversal Vulnerability in e-merge WinAce 2.6 and Earlier Bypassing Virus Protection in McAfee Virex 7.7 for Macintosh QwikiWiki 1.4 index.php Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection in EJ3 TOPo 2.2.178 via gTopNombre Parameter Cross-Site Scripting (XSS) Vulnerabilities in WordPress 2.0.1 and Earlier: Post Comment Functionality Information Disclosure Vulnerability in WordPress 2.0.1 and Earlier Denial of Service Vulnerability in ISC BIND Denial of Service Vulnerability in Windows DNS Server Service Stack-based Buffer Overflow in Veritas NetBackup Enterprise Server and DataCenter/BusinessServer Stack-based Buffer Overflow in NetBackup Catalog Daemon (bpdbm) Allows Arbitrary Code Execution Remote Code Execution Vulnerability in NetBackup Sharepoint Services Server Daemon Stack-based Buffer Overflow in Novell GroupWise Messenger Allows Remote Code Execution Unrestricted Directory Access in 3Com TippingPoint SMS Server Heap Corruption Vulnerability in Sophos Anti-Virus Products Denial of Service Vulnerability in EMC Dantz Retrospect 7 Backup Client PHPinfo XSS Vulnerability Null Key Vulnerability in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) SSL Server Implementation Weak Cipher Selection Vulnerability in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) Weak Encryption Vulnerability in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) SSL Server Implementation SQL Injection Vulnerabilities in Pentacle In-Out Board 3.0 and Earlier: Remote Code Execution and Authentication Bypass Cross-Site Scripting (XSS) Vulnerability in Subscribe to Comments Plugin up to 2.0.7 on WordPress SQL Injection Vulnerability in LanSuite LanParty Intranet System 2.0.6 and 2.1.0 Beta Default Account Vulnerability in NETGEAR WGT624 Wireless DSL Router Cleartext Storage of Sensitive Information in NETGEAR WGT624 Wireless Firewall Router Backup Configuration Cross-Site Scripting (XSS) Vulnerability in Parodia 6.2 and Earlier via agencyprofile.asp SQL Injection Vulnerability in agencyprofile.asp in Parodia 6.2 and Earlier SQL Injection Vulnerabilities in sendcard.php in sendcard before 3.3.0 SQL Injection Vulnerabilities in N8cms 1.1 and 1.2: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in N8cms 1.1 and 1.2 Default Password Vulnerability in M4 Project Enigma-Suite (Windows) Buffer Overflow Vulnerability in CrossFire 1.9.0 and Earlier Versions Insecure Permissions in LetterMerger 1.2 Access Database Files Vulnerability WordPress User-Agent SQL Injection Vulnerability PHP Remote File Include Vulnerability in SMartBlog 1.2 Argument Injection Vulnerability in mb_send_mail Function Allows Arbitrary File Reading and Creation Argument Injection Vulnerability in PHP Mail Function with Sendmail Buffer Overflow in IsComponentInstalled Method in Internet Explorer 6.0 Unrestricted IMAP Access Vulnerability in c-client Library for PHP SQL Injection Vulnerability in poems.php in DCI-Designs Dawaween 1.03 Cross-site scripting (XSS) vulnerability in fce.php in UKiBoard 3.0.1 via BBCode url tag in show_post function SQL Injection Vulnerability in Johnny_Vegas Vegas Forum 1.0: Remote Code Execution via postid Parameter Arbitrary Web Script Injection in PeHePe Uyelik Sistemi 3 PHP Remote File Include Vulnerability in PeHePe Uyelik Sistemi 3 HP System Management Homepage (SMH) Directory Traversal Vulnerability SQL Injection Vulnerability in MgrLogin.asp in Addsoft StoreBot 2005 Professional Cross-Site Scripting (XSS) Vulnerability in Addsoft StoreBot 2002 Standard's manage.asp Privilege Escalation via Modified Account ProfileID in JFacets before 0.2 Information Disclosure Vulnerability in Joomla! 1.0.7 Denial of Service Vulnerability in Joomla! 1.0.7 Feedcreator Class Cross-Site Scripting (XSS) Denial of Service Vulnerability in Joomla! 1.0.7 Path Disclosure Vulnerability in mod_templatechooser in Joomla! 1.0.7 Arbitrary Local File Inclusion in iGENUS Webmail 2.02 and Earlier Eval Injection Vulnerability in rpc_decoder.php for phpRPC 0.7 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dragonfly CMS before 9.0.6.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Woltlab Burning Board (wBB) Unspecified Remote Access Vulnerability in Oracle Diagnostics Module Unspecified Vulnerabilities in Oracle Diagnostics Module 2.2 and Earlier with Unknown Impact and Attack Vectors Oracle Diagnostics Module 2.2 and Earlier: Remote SQL Injection Vulnerability Buffer Overflow in SecureCRT and SecureFX: Remote Code Execution Vulnerability Arbitrary Byte Injection Vulnerability in SAP Web Application Server (WebAS) Kernel Arbitrary Web Script Injection via Email Field in vBulletin 3.0.12 and 3.5.3 Cross-Site Scripting (XSS) Vulnerabilities in Gregarius 0.5.2 SQL Injection Vulnerabilities in Gregarius 0.5.2: Remote Code Execution Stack-based Buffer Overflow in Microsoft Visual Studio 6.0 and Visual InterDev 6.0 via Long DataProject Field Buffer Overflow Vulnerabilities in LISTSERV Web Archive Interface Improper Blocking of External Images in Mozilla Thunderbird 1.5 Denial of Service Vulnerability in Monopd 0.9.3 via XML Output Unspecified Vulnerability in Joomla! Remember Me Login Functionality Joomla! 1.0.7 and earlier Multiple Access Restriction Bypass Vulnerabilities SQL Injection Vulnerabilities in Joomla! 1.0.7 and Earlier Admin Functionality Insecure Permissions in Kwik-Pay Payroll 4.2.20 Allows Unauthorized Access to Sensitive Data SQL Injection Vulnerability in Akarru Social BookMarking Engine SELinux ptrace Permission Vulnerability Out-of-Bounds Read Vulnerability in Linux Kernel's fill_write_buffer Function Floating Point State Leakage Vulnerability in Linux and FreeBSD Kernels on AMD64 Processors Privilege Escalation via Symlink Attack in gdm Lack of Salt in Password Generation in BusyBox 1.1.1 Cleartext Password Exposure in Samba's winbindd Daemon Heap-based Buffer Overflow in zgv and xzgv: Arbitrary Code Execution via JPEG Image Remote Code Execution via Heap-based Buffer Overflow in cURL and libcURL Arbitrary File Reading Vulnerability in Lurker.cgi for Lurker 2.0 and Earlier Remote File Creation and Overwriting Vulnerability in Lurker 2.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Lurker 2.0 and Earlier SQL Injection Vulnerability in MyBulletinBoard (MyBB) 1.04 search.php Denial of Service Vulnerability in Linux Kernel 2.6.16-rc2 and Earlier with Preemption Enabled Denial of Service Vulnerability in Linksys WRT54G Routers Version 5 Denial of Service Vulnerability in Netgear 614 and 624 Routers Unspecified Privilege Escalation Vulnerability in Geeklog Arbitrary Script Injection Vulnerability in DVguestbook 1.0 Arbitrary Script Injection in DVguestbook 1.2.2 via Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in Daverave Simplog 1.0.2 and Earlier Arbitrary File Inclusion Vulnerability in Daverave Simplog 1.0.2 and Earlier Denial of Service Vulnerability in Liero Xtreme 0.62b and Earlier Format String Vulnerability in Jason Boettcher Liero Xtreme 0.62b and Earlier SQL Injection Vulnerability in Invision Power Board (IPB) 2.1.5 - Remote Code Execution via st Parameter in index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Evo-Dev evoBlog Commentary Multiple Buffer Overflows in htpasswd: Privilege Escalation Vulnerability Privilege Escalation via Shell Metacharacters in htpasswd Command Line Argument Arbitrary Web Script Injection in Game-Panel 2.6.1 and Earlier SQL Injection Vulnerability in Forgotten_Password.php in PluggedOut Nexus 0.1: Remote Code Execution via Email Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpArcadeScript 2.0 and Earlier Directory Traversal Vulnerabilities in PHP-Stats 0.1.9.1 and Earlier SQL Injection Vulnerabilities in PHP-Stats 0.1.9.1 and Earlier Authentication Bypass and Remote Code Execution in PHP-Stats 0.1.9.1 and Earlier Arbitrary PHP Code Execution via Direct Static Code Injection in PHP-Stats 0.1.9.1 and Earlier Information Disclosure in PHP-Stats 0.1.9.1 and Earlier via checktables.php PunBB 1.2.10 Header.php Cross-Site Scripting (XSS) Vulnerability Unspecified Denial of Service Vulnerability in PunBB 1.2.10 register.php Denial of Service Vulnerability in Kaspersky Antivirus 5.0.5 and 5.5.3 Unspecified Denial of Service Vulnerability in Solaris Pagedata Subsystem Unspecified Information Disclosure Vulnerability in IBM WebSphere SQL Injection Vulnerability in Datenbank MOD 2.7 and Earlier for Woltlab Burning Board FileSession Object Directory Traversal Vulnerability in Mod_python Module 3.2.7 for Apache Cross-Site Scripting (XSS) Vulnerability in NZ Ecommerce index.php Cross-Site Scripting (XSS) Vulnerabilities in Datenbank MOD 2.7 and Earlier for Woltlab Burning Board Multiple SQL Injection Vulnerabilities in NZ Ecommerce: Arbitrary SQL Command Execution Remote File Inclusion Vulnerability in logIT 1.3 and 1.4 Buffer Overflow in sgetstr Function in Sauerbraten 2006_02_28 and Earlier Denial of Service Vulnerability in Sauerbraten 2006_02_28 Denial of Service Vulnerability in Sauerbraten 2006_02_28 Null Pointer Dereference Denial of Service in Sauerbraten 2006_02_28 Multiple SQL Injection Vulnerabilities in Pixelpost 1.5 beta 1 and Earlier Information Disclosure Vulnerability in Pixelpost 1.5 beta 1 and Earlier Cross-site scripting (XSS) vulnerability in Pixelpost 1.5 beta 1 and earlier allows remote code injection via comment fields Arbitrary Web Script Injection Vulnerability in NMDeluxe news.php SQL Injection Vulnerability in news.php in NMDeluxe before 1.0.1 SQL Injection Vulnerability in Total Ecommerce 1.0 (index.asp) Aztek Forum 4.0 Cross-Site Scripting (XSS) Vulnerability Sensitive Information Disclosure in Aztek Forum 4.0 via Index.php Sensitive Information Disclosure in Aztek Forum 4.0 via Long Login Value Arbitrary SQL Command Execution in Loudblog Podcast.php Loudblog Directory Traversal Vulnerabilities Insecure Random Parameter Generation in nCipher HSM Allows for Efficient Private Key Cracking Vulnerability: Insecure Transmission of Initialization Vector in nCipher nCore API Vulnerability in nCipher Firmware Allows Remote Key Extraction and Cracking SQL Injection Vulnerability in bmail before Aardvark PR9.1 Allows Remote Code Execution Insufficient Permissions in Fantastico CPanel Leads to Pathname Leakage Multiple Cross-Site Scripting (XSS) Vulnerabilities in DCP-Portal 6.1.1 and Earlier Arbitrary Script Injection Vulnerability in CuteNews 1.4.1 Arbitrary Web Script Injection Vulnerability in D2KBlog 1.0.3 and Earlier SQL Injection Vulnerability in D2KBlog 1.0.3 and Earlier: Remote Code Execution via memName Parameter Remote Code Execution Vulnerability in RevilloC MailServer and Proxy 1.21 via Long USER Command Privilege Escalation Vulnerability in Grisoft AVG Free 7.1 and Earlier Versions IP Spoofing Vulnerability in Gallery 2 up to 2.0.2 XSS Vulnerability in Gallery 2 Allows Remote Code Injection via X-Forwarded-For Header Directory Traversal Vulnerability in Gallery 2 Session Handling Class EKINboard 1.0.3 - SQL Injection Vulnerability in config.php Arbitrary Script Injection in EKINboard 1.0.3 via BBCode img Tag Arbitrary Web Script Injection Vulnerability in bitweaver CMS 1.2.1 SQL Injection Vulnerability in show.php in vbzoom 1.11 via MainID Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in vbzoom 1.11 via UserID Parameter in comment.php and contact.php SQL Injection Vulnerability in CyBoards PHP Lite 1.25 with Disabled Magic Quotes GPC Multiple Cross-Site Scripting (XSS) Vulnerabilities in sBlog 0.7.2 Buffer Overflow Vulnerability in Xerox CopyCentre and WorkCentre Pro Unspecified Denial of Service Vulnerabilities in Xerox CopyCentre and WorkCentre Pro Unspecified Denial of Service Vulnerability in Xerox CopyCentre and WorkCentre Pro Unspecified vulnerability in ESS/Network Controller in Xerox CopyCentre and WorkCentre Pro allows data exposure after power loss SQL Injection Vulnerability in rss.php in RedBLoG 0.5 Buffer Overflow in QmailAdmin: Remote Code Execution via PATH_INFO Environment Variable Unspecified Remote File Access Vulnerability in Ravenous Web Server Arbitrary Script Injection in FTPoed Blog Engine 1.1 via comment_body Parameter Cross-Site Scripting (XSS) Vulnerability in HitHost 1.0.0 Format String Vulnerability in safe_cprintf Function in Alien Arena 2006 Gold Edition 5.00 Stack-based Buffer Overflow in Cmd_Say_f Function in Alien Arena 2006 Gold Edition 5.00 Denial of Service Vulnerability in Alien Arena 2006 Gold Edition 5.00 Stack-based buffer overflows in PeerCast before 0.1217 via long parameter names or values in HTTP GET requests PHP Remote File Inclusion Vulnerability in OWL Intranet Engine 0.82 Denial of Service Vulnerability in TEG 0.11.1 due to Buffer Overflow Arbitrary Web Script Injection Vulnerability in M-Phorum 0.2 M-Phorum 0.2 Remote File Inclusion Vulnerability in index.php D2-Shoutbox 4.2 SQL Injection Vulnerability Remote File Inclusion Vulnerability in Fantastic News 2.1.2 and 2.1.4 Cross-site scripting (XSS) vulnerability in manas tungare Site Membership Script before 8 March, 2006 SQL Injection Vulnerability in Manas Tungare Site Membership Script Arbitrary Web Script Injection in Vz Scripts ADP Forum 2.0.3 and Earlier Denial of Service Vulnerability in Kerio MailServer 6.1.3 Patch 1 Format String Vulnerability in Easy File Sharing (EFS) Web Server 3.2 Arbitrary Web Script Injection in Easy File Sharing (EFS) Web Server 3.2 Arbitrary Code Execution via Absolute Path Traversal in Easy File Sharing (EFS) Web Server 3.2 Nodez 4.6.1.1 and Earlier Directory Traversal Vulnerability Cross-Site Scripting (XSS) Vulnerability in Nodez 4.6.1.1 via op Parameter Sensitive Data Exposure: Unauthorized Access to Usernames and Password Hashes in Nodez 4.6.1.1 and Earlier Arbitrary Web Script Injection Vulnerability in DokuWiki Mediamanager Module Arbitrary Lua Code Execution Vulnerability in Monotone 0.25 and Earlier SGI ProPack 3 SP6 Kernel Information Disclosure Vulnerability Buffer Underflow Vulnerability in ncompress 4.2.4 and liblzw Stack-based Buffer Overflow in Cryptomathic Cenroll ActiveX Control 1.1.0.0 via TDC Digital Signature Denial of Service Vulnerability in Sendmail 8.13.7 Unpredictable Permissions and Mailbox Vulnerability in useradd (shadow-utils) Remote Code Execution via WeOnlyDo! SFTP (wodSFTP) ActiveX Control Buffer Overflow in eBay Enhanced Picture Services (EPUImageControl Class) Allows Remote Code Execution Denial of Service Vulnerability in Tamarack MMSd before 7.992 Arbitrary File Overwrite and Code Execution Vulnerability in Adobe Graphics Server and Adobe Document Server Privilege Escalation Vulnerability in Ubuntu 5.10 Installer MSDTC Denial of Service Vulnerability (Variant of CVE-2005-2119) Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 5.01 through 6 Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 5.01 through 6 Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 5.01 through 6 Double Byte Character Parsing Memory Corruption Vulnerability in URLMON.DLL Incorrect IOleClientSite Information Disclosure Vulnerability in Microsoft Internet Explorer 5.01 through 6 Cross-Domain Information Disclosure and Site Spoofing Vulnerability in Microsoft Internet Explorer 5.01 through 6 Address Bar Spoofing Vulnerability in Microsoft Internet Explorer 5.01 through 6 Microsoft Exchange Server 2000 SP1-SP3 Outlook Web Access (OWA) Cross-Site Scripting (XSS) Vulnerability Integer Signedness Error in ENet Library Allows Remote Denial of Service Denial of Service Vulnerability in ENet Library Multiple Cross-Site Scripting (XSS) Vulnerabilities in QwikiWiki 1.5 Insecure Permissions in SafeDisc Driver Service Allows Privilege Escalation Insecure Password Encryption in Comvigo IM Lock 2006 Cross-Site Scripting (XSS) Vulnerability in daverave Link Bank's iframe.php Direct static code injection vulnerability in add_link.txt in daverave Link Bank Directory Traversal Vulnerability in phpBannerExchange 2.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in textfileBB 1.0 and Earlier Remote File Include Vulnerability in txtForum 1.0.4-dev and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in txtForum 1.0.4-dev and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in myWebland myBloggie 2.1.3 Beta and Earlier Denial of Service Vulnerability in Dropbear SSH Server 0.47 and Earlier Insufficient Access Control in PHP Upload Center Allows Remote Password Hash Retrieval Arbitrary PHP Code Execution in Sergey Korostel PHP Upload Center Sensitive Information Disclosure in PHP Advanced Transfer Manager Cleartext Storage of Database Credentials in IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 Remote Code Execution in IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 Unspecified Remote Command Execution Vulnerability in CoreNews 2.0.1 Remote Privilege Escalation in JiRo's Banner System Experience and Professional 1.0 and earlier UnrealIRCd 3.2.3 Remote Denial of Service Vulnerability Reflected Cross-Site Scripting (XSS) Vulnerability in Woltlab Burning Board (wBB) 2.3.4 Arbitrary Web Script Injection Vulnerability in Runcms 1.x bigshow.php SQL Injection Vulnerability in DSPoll 1.1: Remote Code Execution Denial of Service Vulnerability in Novell BorderManager HTTP Proxy Directory Traversal Vulnerability in Gallery 2.0.3 and Earlier Heap-based Buffer Overflow in mach_msg_send Function in Mac OS X Kernel Untrusted Search Path Vulnerability in ZoneAlarm's TrueVector Service Multiple Cross-Site Scripting (XSS) Vulnerabilities in ZeroBoard 4.1 pl7 Arbitrary Code Injection through Image BBcode Tag in Jupiter Content Manager 1.1.5 and Earlier Directory Traversal Vulnerability in GuppY 4.5.11 dwnld.php CRLF Injection Vulnerability in Drupal Allows Spam Proxy Exploitation Arbitrary Web Script Injection Vulnerability in Drupal 4.5.x and 4.6.x Unauthenticated Access to Administrator Pages in Drupal Session Fixation Vulnerability in Drupal 4.5.x and 4.6.x SQL Injection Vulnerability in Hosting Controller 6.1 (Hotfix 2.9) search.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in vCard 2.x create.php Arbitrary File Modification Vulnerability in CAPI4HylaFAX 1.3 Multiple SQL Injection Vulnerabilities in DSDownload 1.0 with Disabled Magic Quotes GPC Multiple Cross-Site Scripting (XSS) Vulnerabilities in WMNews SQL Injection Vulnerability in DSCounter 1.2 Allows Remote Code Execution via X-Forwarded-For Field Directory Traversal Vulnerability in HitHost 1.0.0: Remote Deletion of Directories Buffer Overflow in SetUp Function in CrossFire 1.9.0 Allows Remote Code Execution SQL Injection Vulnerabilities in DSNewsletter 1.0 with Disabled Magic Quotes GPC SQL Injection Vulnerability in DSLogin 1.0 with Disabled Magic Quotes GPC Gemini 2.0 Cross-Site Scripting (XSS) Vulnerability in issue/createissue.aspx Buffer Overflow Vulnerability in Firebird 1.5.2.4731 Allows Privilege Escalation Buffer Overflow Vulnerability in Firebird 1.5.2.4731 IP ID Increment Vulnerability Directory Traversal Vulnerability in Simple PHP Blog (SPB) 0.4.7.1 and Earlier Unspecified User-Assisted Attack Vulnerability in xpdf and Related Products Multiple Event Handler Memory Corruption Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 Untrusted Search Path Vulnerability in mklvcopy in IBM AIX 5.3 Local Privilege Escalation via Symlink Attack in AIX 5.1.0 through 5.3.0 Potential Privilege Escalation Vulnerability in usermod on HP-UX Integer Overflow in Apple QuickTime Player and iTunes Allows Remote Code Execution via FlashPix Image Unspecified Remote Code Execution Vulnerability in Winmail Webmail Module Argument Injection Vulnerability in sa-exim 4.2 Allows Remote File Deletion Remote Code Execution Vulnerability in Light Weight Calendar (LWC) 1.0 Bypassing IP Checks in glFTPd before 2.01 RC5 Unspecified Remote Vulnerability in BorderWare MXtreme 5.0 and 6.0 Stack-based Buffer Overflow in Mercur Messaging IMAP Service Arbitrary Web Script Injection in Soren Boysen PHP Guestbook 2.6 Authentication Bypass Vulnerability in Microsoft Commerce Server 2002 Arbitrary Web Script Injection Vulnerability in phpMyAdmin 2.8.0.1 SQL Injection Vulnerabilities in Maian Support 1.0: Remote Code Execution Arbitrary File Read Vulnerability in Horde Application Framework 3.0.9 ASPPortal 3.00 Multiple Cross-Site Scripting (XSS) Vulnerabilities Unspecified SQL Injection Vulnerabilities in ASPPortal 3.00 Unannounced Cross-Site Scripting (XSS) Vulnerabilities in WordPress before 2.0.2 XSS Vulnerability in xhawk.net Discussion 2.0 Beta2 Allows Remote Code Injection via BBCode img Tag SQL Injection Vulnerability in xhawk.net Discussion 2.0 Beta2 Arbitrary Web Script Injection in Service_Requests.asp in VPMi Enterprise 3.3 Session Hijacking Vulnerability in Invision Power Board 2.1.4 Denial of Service and Arbitrary Code Execution Vulnerability in Funkwerk X2300 7.2.1 IKE Implementation Buffer Overflow in parse.c in zoo 2.10 Allows Arbitrary Code Execution via Long Filename Command Line Arguments Multiple Cross-Site Scripting (XSS) Vulnerabilities in Inprotect 0.21's zones.php Arbitrary SQL Command Execution in OxyNews index.php via oxynews_comment_id Parameter Cross-Site Scripting (XSS) Vulnerabilities in MyBB 1.0.3 member.php Denial of Service Vulnerability in Mozilla Firefox 1.0.7 and 1.5.0.1 Privilege Escalation in AntiVir PersonalEdition Classic 7 Denial of Service Vulnerability in GGZ Gaming Zone 0.0.12 Authentication Bypass in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 Arbitrary Web Script Injection in Signup.php of @1 File Store 2006.03.07 SQL Injection Vulnerability in @1 File Store 2006.03.07 and @1 File Store PRO 3.2 Local File Overwrite Vulnerability in CGI::Session 4.03-1 Improper Permissions in CGI::Session 4.03-1 Allows Unauthorized Access to Session Keys Cross-site scripting (XSS) vulnerability in MyBulletinBoard (MyBB) 1.04 and 1.10 in member.php CRLF Injection Vulnerability in MyBB 1.04 Allows XSS and Page Hijacking Privilege Escalation via opiepasswd in FreeBSD Default Administrator Login Account and Password Vulnerability in Symantec Ghost Solutions Suite (SGSS) 1.0 Insecure Permissions in SQLAnywhere Database Shared Memory Sections Buffer Overflow Vulnerability in SQLAnywhere Login Dialog Invision Power Board (IPB) 2.0.4 and 2.1.4 XSS Vulnerability Multiple SQL Injection Vulnerabilities in Invision Power Board (IPB) 2.0.4 and 2.1.4 Multiple SQL Injection Vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 Unauthenticated Remote Code Execution in Jim Hu and Chad Little PHP iCalendar Directory Traversal Vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and Earlier Arbitrary Web Script Injection Vulnerability in Contrexx CMS 1.0.8 and Earlier Arbitrary PHP Code Execution via Remote File Include in KnowledgebasePublisher 1.2 Cross-Site Scripting (XSS) Vulnerability in SPIP 1.8.2-g recherche.php3 Untrusted Search Path Vulnerability in Beagle 0.2.2.1 Memory Error Vulnerability in Veritas Backup Exec for Windows Server Remote Agent 9.1 through 10.1, Netware Servers, and Linux Servers Format String Vulnerability in Veritas Backup Exec Media Server Bypassing Access Restrictions in Microsoft .NET Framework 2.0 (ASP.NET) Arbitrary Code Execution Vulnerability in Microsoft Excel 2000-2004 Malformed SELECTION Record Vulnerability in Microsoft Excel 2000-2003 Unspecified Remote Code Execution Vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and Earlier User-Assisted Buffer Overflow Exploit in Microsoft Excel 2000-2003 via Crafted COLINFO Record Denial of Service Vulnerability in Microsoft Outlook 2000, 2002, and 2003 Malformed OBJECT Record Vulnerability in Microsoft Excel 2000-2004 Arbitrary Code Execution Vulnerability in Microsoft Excel 2000-2004 Arbitrary Code Execution Vulnerability in Microsoft Excel 2000-2004 User-assisted remote code execution vulnerability in RichEdit component in Microsoft Windows and Office Remote Code Execution Vulnerability in Microsoft JScript Heap-based Buffer Overflow in Microsoft Windows Server Service SMB Information Disclosure Vulnerability Microsoft Office Memory Corruption Vulnerability Microsoft Office Control Vulnerability Inconsistent Bit Sizes in chpst's -u Option Leads to Root Group Permissions Vulnerability Improper Block Usage in rssh 2.3.0 Allows Bypass of Access Restrictions Arbitrary Script Injection in Webcheck Tooltips Denial of Service Vulnerability in Novell Netware NWFTPD 5.06.05 Arbitrary File Overwrite Vulnerability in WinHKI 1.6 and Earlier Arbitrary Web Script Injection in Woltlab Burning Board (wBB) 2.3.4 Streber 0.055 Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Invision Power Board 2.0.4 SQL Injection Vulnerability in reg.php in SoftBB 0.1: Remote Code Execution via mail Parameter SQL Injection Vulnerability in Skull-Splitter PHP Downloadcounter for Wallpapers 1.0 SASL Negotiation Denial of Service Vulnerability in Jabber Studio jabberd SQL Injection Vulnerabilities in phpWebsite 0.83 and Earlier: Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in Noah's Classifieds 1.3 and Earlier Path Disclosure Vulnerability in Noah's Classifieds 1.3 and Earlier SQL Injection Vulnerabilities in BetaParticle Blog 6.0 and Earlier SQL Injection Vulnerabilities in Maian Weblog 2.0: Remote Code Execution Gnome Screensaver Vulnerability: Unauthorized Session Access via Keypad-Multiply Keyboard Sequence Cross-Site Scripting Vulnerability in ExtCalendar 1.0 and Earlier Versions Buffer Overflow Vulnerability in MailEnable POP3 Service Denial of Service Vulnerability in MailEnable Webmail Directory Traversal Vulnerability in CuteNews 1.4.1 and Possibly Other Versions Information Disclosure Vulnerability in CuteNews 1.4.1 and Other Versions SQL Injection Vulnerability in Maian Events 1.0: Remote Code Execution via events.php Memory Leakage in Linux Kernel 2.4's IPv4 Socket Functions Memory Disclosure Vulnerability in Linux Kernel's IP Conntrack Module VeriSign Managed PKI (MPKI) 6.0 haydn.exe XSS Vulnerability Sensitive Information Disclosure in MyBB 1.10 via Null Option Parameter Directory Traversal Vulnerability in Greg Neustaetter gCards 1.45 and Earlier SQL Injection Vulnerability in gCards 1.45 and Earlier: Remote Code Execution via loginfunction.php Arbitrary Script Injection in Greg Neustaetter gCards 1.45 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Musicbox 2.3 Beta 2 Remote File Inclusion Vulnerability in 99Articles.com (aka ArticlesOne.com) Free Articles Directory Arbitrary File Read Vulnerability in BEA WebLogic Server 6.1 SP7 and Earlier XML Denial of Service Vulnerability in BEA WebLogic Server Multiple SQL Injection Vulnerabilities in ASPPortal 3.1.1 and Earlier Insufficient Input Validation Vulnerability in FreeRADIUS EAP-MSCHAPv2 State Machine Module Privilege Escalation and Protection Bypass Vulnerability in avast! Antivirus Stack-based Buffer Overflow in count_vcards function in LibVC 3 Arbitrary Web Script Injection Vulnerability in F5 Firepass 4100 SSL VPN 5.4.2 Session Hijacking Vulnerability in BEA WebLogic Portal 8.1 up to SP5 Invalid Table Pointer Dereference Vulnerability in Microsoft Internet Explorer 6 and 7 Beta 2 Multiple SQL Injection Vulnerabilities in MusicBox 2.3 Beta 2 OSWiki before 0.3.1 - Cross-Site Scripting (XSS) Vulnerability in Username Field Multiple SQL Injection Vulnerabilities in Mini-Nuke CMS System 1.8.2 and Earlier Arbitrary PHP Code Execution in Justin White FreeWPS 2.11 via images.php Vulnerability Denial of Service Vulnerability in Microsoft w3wp.exe HeloMoto Attack: Unauthorized Bluetooth Device Addition and AT Level Access Vulnerability in Motorola Phones Buffer Overflow Vulnerability in Motorola PEBL U6 and Other P2K-based Phones via OBEX Setpath Bluetooth Connection Vulnerability in Motorola PEBL U6, V600, E398, and other P2K-based Phones Buffer Overflow in USB Gadget RNDIS Implementation in Linux Kernel Invision Power Board (IPB) 2.1.5 and Earlier XSS Vulnerability in Private Messages Buffer Overflow Vulnerability in RealPlayer 10.5 and Earlier Versions Arbitrary PHP File Upload and Execution in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and Earlier SQL Injection Vulnerabilities in 1WebCalendar 4.0 and Earlier Arbitrary Web Script Injection Vulnerability in PHP Live! 3.0 SQL Injection Vulnerability in AdMan 1.0.20051221 and Earlier: Remote Code Execution via viewStatement.php Information Disclosure Vulnerability in AdMan 1.0.20051221 and Earlier World-writable permissions on /var/log/debian-installer/cdebconf in Debian GNU/Linux 3.1r1 network install CD installation leads to denial of service vulnerability Arbitrary Web Script Injection in img.php of EasyMoblog and CoMoblog Weak Random Number Generator in PasswordSafe 3.0 Beta Allows for Database Decryption and Password Theft Insecure DACLs in Trend Micro PC-cillin Internet Security 2006: Local Privilege Escalation Vulnerability Insecure DACLs in Trend Micro InterScan Messaging Security Suite (IMSS) Allows Local Privilege Escalation Insecure DACLs in Trend Micro OfficeScan Allows Local Privilege Escalation Arbitrary File Inclusion Vulnerability in vBulletin ImpEx Module 1.74 Directory Traversal Vulnerability in Baby FTP Server (BabyFTP) 1.24 Allows Remote Users to Determine Existence of Files Outside Document Root Arbitrary Web Script Injection in IBM Tivoli Business Systems Manager (TBSM) Stack-based Buffer Overflow in parseTaggedData Function in KisMAC R54-R73p Access Control Bypass Vulnerability in TWiki 4.0 and 4.0.1 Denial of Service Vulnerability in TWiki 4.0, 4.0.1, and 20010901 through 20040904 Remote Code Execution Vulnerability in Microsoft Internet Explorer 6.0 via HTA Files Unspecified Denial of Service Vulnerability in HP-UX swagentd Vulnerability: Local Privilege Escalation and Arbitrary Code Execution in NetHack, Falcon's Eye, and Slash'EM on Gentoo Linux Source Code Disclosure Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in University of Washington Pubcookie Login Server Multiple Cross-Site Scripting (XSS) Vulnerabilities in University of Washington Pubcookie Apache Application Server Module Cross-Site Scripting (XSS) Vulnerabilities in University of Washington Pubcookie SQL Injection Vulnerability in Cholod MySQL Based Message Board (mb.cgi) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cholod MySQL Based Message Board Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpAdsNew and phpPgAds Arbitrary Web Script Injection in G-Book 1.0 Guestbook.php Cross-Site Scripting (XSS) Vulnerability in Meeting Reserve 1.0 Beta's searchresult.php Arbitrary Web Script Injection in Metisware Instructor 1.3 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Calendar Express 2.2's search.php Buffer Overflow in csDoom 0.7 and Earlier: Remote Code Execution and Denial of Service Vulnerability Format String Vulnerability in PrintString Function in csDoom 0.7 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in BlankOL 1.0 and Earlier Arbitrary Script Injection in SweetSuite.NET CMS 2.1.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in wbadmlog.aspx in uniForum 4.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Helm Web Hosting Control Panel 3.2.10 and Earlier Denial of Service Vulnerability in Vavoom 1.19.1 and Earlier Buffer Overflow Vulnerability in Vavoom 1.19.1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in XIGLA Absolute Live Support XE 2.0 and Earlier Cross-Site Scripting (XSS) Vulnerability in Absolute Image Gallery XE 2.0 and Earlier Insufficient Access Control in TFT Gallery 0.10 Allows Remote Password Hash Retrieval Multiple Cross-Site Scripting (XSS) Vulnerabilities in EZHomepagePro 1.5 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Toast Forums 1.6 and Earlier Arbitrary Web Script Injection in dotNetBB 2.42EC SP 3 and Earlier Arbitrary Web Script Injection Vulnerability in Absolute FAQ Manager .NET 4.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Caloris Planitia Online Quiz System Arbitrary Web Script Injection Vulnerability in Caloris Planitia E-School Management System 1.0 and Earlier SQL Injection Vulnerability in Calendar Module in Nuked-Klan 1.7.5 and Earlier SQL Injection Vulnerability in print.php in SaphpLesson 2.0 SQL Injection Vulnerabilities in AkoComment 2.0 Module for Mambo Arbitrary SQL Command Execution in PHP Booking Calendar 1.0c and Earlier Arbitrary SQL Command Execution in UBB.threads showflat.php Arbitrary Web Script Injection Vulnerability in phpmyfamily 1.4.1 track.php SQL Injection Vulnerabilities in Pixel Motion Blog Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebAPP 0.9.9.3.2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in phpCOIN 1.2.2 and Earlier Arbitrary Web Script Injection Vulnerability in classifiedZONE 1.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in CONTROLzx HMS 3.3.4 and Earlier Arbitrary Web Script Injection in fusionZONE couponZONE 4.2 local.cfm Remote Path Disclosure Vulnerability in fusionZONE couponZONE 4.2 Sensitive Information Disclosure in Annuaire (Directory) 1.0 via include/lang-en.php Arbitrary Web Script Injection Vulnerability in Annuaire (Directory) 1.0 Cross-site scripting (XSS) vulnerability in genmessage.php in ARIA 0.99-6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in UPOINT @1 Event Publisher Sensitive Information Exposure in UPOINT @1 Event Publisher Multiple Cross-Site Scripting (XSS) Vulnerabilities in Andy's PHP Knowledgebase (aphpkb) 0.57 Insecure Input Monitoring in NSSecureTextField in Mac OS X 10.4.6 Arbitrary File Overwrite Vulnerability in Apple Mac OS X 10.3.9 and 10.4.6 CFNetwork Integer Overflow Vulnerability Untrusted Bundle Execution Vulnerability in CoreFoundation API Integer Underflow Vulnerability in CoreFoundation in Apple Mac OS X Quartz Event Services Vulnerability in Mac OS X 10.4.6 Buffer Overflow in Apple Mac OS X FTP Server Allows Remote Code Execution Keychain Lock Bypass Vulnerability in Apple Mac OS X 10.3.9 and 10.4.6 Remote Code Execution via Long File Name Extensions in LaunchServices Arbitrary Code Execution via Internet Location Item in Apple Mac OS X Finder Arbitrary Code Execution via Crafted MacMIME Encapsulated Attachment in Apple Mail Arbitrary Code Execution via Enriched Text E-mail in Apple Mac OS X 10.3.9 and 10.4.6 Blank MySQL Root Password Vulnerability Stack-based Buffer Overflow in Preview on Apple Mac OS 10.4 up to 10.4.6 QuickTime Buffer Overflow Vulnerability in Font Parsing Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution via Crafted QuickDraw PICT Image Denial of Service Vulnerability in QuickTime Streaming Server Buffer Overflow in QuickTime Streaming Server Allows Remote Code Execution Automatic Expansion of Archives in Safari on Mac OS X 10.4.6 Allows Remote File Overwrite Arbitrary Code Execution via Integer Overflow in Apple QuickTime Player Integer Overflow Vulnerabilities in Apple QuickTime Buffer Overflow Vulnerabilities in Apple QuickTime Buffer Overflow Vulnerabilities in Apple QuickTime 7.0 and Earlier Versions Integer Overflow Vulnerabilities in Apple QuickTime 7.0 and Earlier Versions Heap-based Buffer Overflow in Apple QuickTime 7.0 and Earlier Versions Buffer Overflow Vulnerability in Apple QuickTime Allows Remote Code Execution via Crafted QuickTime MPEG4 (M4P) Video Format File Buffer Overflow Vulnerability in Apple QuickTime 7.0 and earlier versions Remote Access and Modification of WebObjects Projects in Xcode Tools Integer Overflow in AAC File Parsing Code in Apple iTunes AFP Server Information Disclosure Vulnerability Stack-based Buffer Overflow in ImageIO Allows for Denial of Service and Arbitrary Code Execution in Apple Mac OS X 10.4 up to 10.4.6 Denial of Service Vulnerability in OpenLDAP on Apple Mac OS X 10.4 up to 10.4.6 Format String Vulnerability in CF_syslog Function in Apple Mac OS X 10.4 up to 10.4.6 Unspecified vulnerability in AFP Server in Apple Mac OS X 10.3.9 allowing unauthorized file and folder name disclosure Integer Overflow Vulnerability in AFP Server for Apple Mac OS X 10.3.9 and 10.4.7 Cross-Site Scripting (XSS) Vulnerability in Raindance Web Conferencing Pro's Failed Functionality Windows Firewall in Microsoft Windows XP SP2 fails to generate application alerts for NTFS Alternate Data Streams (ADS) filename:stream syntax, enabling stealthy Trojan horse attacks. Incorrect Application Block Alerts in Windows Firewall Allow for Trojan Horse Execution Multiple PHP Remote File Inclusion Vulnerabilities in Turnkey Web Tools PHP Live Helper 1.8 Directory Traversal Vulnerability in Turnkey Web Tools PHP Live Helper 1.8 and Later Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Serge Rey gtd-php 0.5 WebAlbum 2.02 Directory Traversal and Remote Code Execution Vulnerability SQL Injection Vulnerability in PHP Ticket 0.71's search.php Allows Remote Authenticated Users to Execute Arbitrary SQL Commands and Obtain Usernames and Passwords ConfTool 1.1 index.php Cross-Site Scripting (XSS) Vulnerability Blazix Web Server Source Code Disclosure Vulnerability Privilege Escalation via Genius VideoCAM NB Driver's Insecure File Saving Arbitrary Program Execution Vulnerability in Greymatter 1.3.1 Cross-Site Scripting (XSS) Vulnerabilities in realestateZONE 4.2 index.cfm ActiveCampaign SupportTrio 2.50.2 KnowledgeBase Search Module Cross-Site Scripting (XSS) Vulnerability Path Disclosure Vulnerability in ActiveCampaign SupportTrio 2.5 SQL Injection Vulnerabilities in FusionZONE CouponZONE local.cfm PHP Binary Safety Information Leak Vulnerability Eval Injection Vulnerability in Horde Application Framework's Help Viewer Directory Traversal Vulnerability in Explorer XP's dir.php Allows Remote File Read Cross-Site Scripting (XSS) Vulnerability in dir.php in Explorer XP Directory Traversal Vulnerability in PHP 4.4.2 and 5.1.2 Allows Arbitrary File Creation SQL Injection Vulnerability in PHPCollab and NetOffice Forgotten Password Option Multiple Cross-Site Scripting (XSS) Vulnerabilities in ViHor Design's index.php ViHor Design index.php Directory Traversal Vulnerability Arbitrary Web Script Injection in MediaWiki Versions Prior to 1.5.8 and 1.4.15 SQL Injection Vulnerability in vCounter.php in vCounter 1.0 Arbitrary SQL Command Execution in Tilde CMS 3.0 via index.php SQL Injection Vulnerability in OneOrZero 1.6.3.0: Remote Code Execution via id Parameter Multiple Integer Overflows Leading to Heap-Based Buffer Overflows in MPlayer 1.0pre7try2 Remote File Inclusion Vulnerability in Virtual War (VWar) 1.5.0 R11 and Earlier Arab Portal 2.0 (ADP) Stable Multiple Cross-Site Scripting (XSS) Vulnerabilities in online.php and download.php Authentication Bypass Vulnerability in BASE Standalone Mode Privilege Escalation Vulnerability in Sun Grid Engine and N1 Grid Engine PHPKIT 1.6.03 Cross-Site Scripting (XSS) Vulnerability in include.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and Earlier Denial of Service Vulnerability in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 Buffer Overflow Vulnerability in ILDASM Disassembler in Microsoft .NET 1.0 and 1.1 SDK Buffer Overflow Vulnerability in ILASM Assembler in Microsoft .NET Framework 1.0 and 1.1 Arbitrary Code Execution via Crafted ABC Music Files in abc2ps Buffer Overflow Vulnerabilities in abcmidi-yaps Translator Buffer Overflow in addnewword function in typespeed 0.4.4 and earlier Buffer over-read vulnerability in MySQL allows remote attackers to read portions of memory Memory Disclosure Vulnerability in MySQL 4.0.x, 4.1.x, and 5.0.x via COM_TABLE_DUMP Request Buffer Overflow in MySQL 5.0.x up to 5.0.20 via Crafted COM_TABLE_DUMP Packets Format String Vulnerability in libspf: Remote Code Execution Denial of Service Vulnerability in Linux Kernel Keyring Code Improper Use of BUG_ON in RCU Signal Handling Function in Linux Kernel 2.6.16 MADV_REMOVE vulnerability in Linux kernel 2.6.16 up to 2.6.16.6 Denial of Service Vulnerability in Linux Kernel 2.6 Buffer Overflow in X Render Extension in X.org X Server 6.8.0 and Up Denial of Service Vulnerability in Linux Kernel SCTP-netfilter Code Denial of Service Vulnerability in Linux Kernel 2.6.13 and Earlier Unspecified DHTML Vulnerability in Firefox, Thunderbird, and SeaMonkey Unspecified DHTML Vulnerability in Firefox, Thunderbird, and SeaMonkey Unspecified DHTML Vulnerability in Firefox, Thunderbird, and SeaMonkey Arbitrary Web Script Injection in PHP Classifieds 6.18 and 6.20 via search.php SQL Injection Vulnerability in Sourceworkshop Newsletter 1.0: Remote Code Execution via newsletteremail Parameter Multiple SQL Injection Vulnerabilities in Null News Phoetux.net PhxContacts 0.93.1 beta and Earlier Login.php XSS Vulnerability Multiple SQL Injection Vulnerabilities in Phoetux.net PhxContacts 0.93.1 Beta and Earlier Information Disclosure Vulnerability in Craig Knudsen WebCalendar 1.1.0-CVS Cleartext Key Vulnerability in Enova X-Wall ASIC Buffer overflow vulnerability in tetris-bsd.scores file in Gentoo Linux Arbitrary Code Execution and Denial of Service Vulnerability in MSO.DLL SQL Injection Vulnerability in EzASPSite 2.0 RC3 and Earlier: Remote Execution of Arbitrary SQL Commands and Password Hash Retrieval Stack-based buffer overflow in Python 2.4.2 and earlier: realpath function vulnerability SQL Injection Vulnerabilities in vscripts VNews 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in VNews 1.2 Direct Static Code Injection Vulnerability in VNews 1.2 Bypassing Validation in Apache Struts before 1.2.9 Denial of Service Vulnerability in Apache Struts ActionForm Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9 Recursive Function Crash Vulnerability in PHP 4.4.2 and 5.1.2 Buffer overflows in xfig-import.c in Dia 0.87 and later versions before 0.95-pre6 Eval Injection Vulnerability in PAJAX 0.5.1 and Earlier: Remote Code Execution Deja-Doom: Integer Overflow Vulnerability in ImageIO on Apple Mac OS X 10.4 up to 10.4.5 SQL Injection Vulnerability in VSNS Lemon 3.2.0: Remote Code Execution via id Parameter Arbitrary Web Script Injection in VSNS Lemon 3.2.0 Commenting Feature Authentication Bypass Vulnerability in VSNS Lemon 3.2.0 AL-Caricatier 2.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in view_caricatier.php Multiple SQL Injection Vulnerabilities in X-Changer 0.2 Arbitrary Web Script Injection Vulnerability in PHP Script Index's search.php SQL Injection Vulnerability in PHP Script Index Multiple SQL Injection Vulnerabilities in SkinTech phpNewsManager 1.48 Remote Code Execution via SQL Injection in VBook 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in VBook 2.0 Remote Code Execution Vulnerability in config.php of [V]Book 2.0 Untrusted Search Path Vulnerability in libapache2-svn 1.3.0-4 for Subversion in Debian GNU/Linux Untrusted Search Path Vulnerability in libgpib-perl 3.2.06-2 in Debian GNU/Linux RPATH Vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux Arbitrary Script Injection in SiteSearch Indexer 3.5 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in RedCMS 0.1 register.php Multiple SQL Injection Vulnerabilities in RedCMS 0.1 Arbitrary Web Script Injection Vulnerability in Esqlanelapse 2.0 and 2.2 SQL Injection Vulnerabilities in qliteNews 2005.07.01 Login Process SQL Injection Vulnerability in Oxygen 1.1.3: Remote Code Execution via fid Parameter in post.php Remote File Inclusion Vulnerability in MediaSlash Gallery's index.php Allows Arbitrary PHP Code Execution Cross-Site Scripting (XSS) Vulnerability in Groupmax Web Applications QLnews 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in news.php Direct Static Code Injection Vulnerability in QLnews 1.2 Allows Remote Authenticated Administrators to Execute Arbitrary PHP Code Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mantis 1.0.1 and Earlier Versions SQL Injection Vulnerabilities in Keystone Digital Library Suite (DLS) 1.5.4 and Earlier SQL Injection Vulnerability in Dynamic Bulletin Board System (DbbS) 2.0-alpha and Earlier: Remote Code Execution via limite Parameter Cross-Site Scripting (XSS) Vulnerabilities in Bugzero 4.3.1 and Other Versions Arbitrary File Read Vulnerability in Blank'N'Berg 0.2 Arbitrary Script Injection via _path Parameter in Blank'N'Berg 0.2 Cross-site scripting (XSS) vulnerability in Warcraft III Replay Parser for PHP 1.8c allows remote code injection via the id parameter. Arbitrary Script Injection Vulnerability in Warcraft III Replay Parser for PHP 1.8c Multiple SQL Injection Vulnerabilities in MonAlbum 0.8.7 SQL Injection Vulnerability in Admin_Login.asp in ISP of Egypt SiteMan Insecure Permissions in NetBSD .mailrc set record Vulnerability Memory Leakage Vulnerability in NetBSD Bridge IOCTL Null Dereference Vulnerability in elf_load_file Function Cross-site scripting (XSS) vulnerability in PrintFreshPage function in BASE and ACID Heap-based Buffer Overflow in Microsoft Windows Help (winhlp32.exe): Arbitrary Code Execution via Crafted Embedded Image Data Buffer Overflow in is_client_wad_ok function in w_wad.cpp for Zdaemon 1.08.01 and X-Doom Remote Denial of Service Vulnerability in Zdaemon and X-Doom Multiple Directory Traversal Vulnerabilities in Claroline 1.7.4 and Earlier Arbitrary File Reading Vulnerability in Claroline 1.7.4 and Earlier Remote File Inclusion Vulnerability in Claroline 1.7.4 and Earlier: Arbitrary PHP Code Execution Source Code Disclosure Vulnerability in HTTPD 1.42n and Earlier Versions Arbitrary Command Execution Vulnerability in VCEngine.php SQL Injection Vulnerability in PhpWebGallery 1.4.1 category.php Arbitrary File Viewing Vulnerability in SunPlex Manager in Sun Cluster 3.1 4/04 PHPNuke Clan 3.0.1 vWar_Account Module Remote File Inclusion Vulnerability Arbitrary Script Injection in phpBB 2.0.19 profile.php Unspecified Remote Attack Vector Vulnerability in Exponent CMS Unspecified Remote Code Execution Vulnerability in Exponent CMS Image Module Unspecified Directory Disclosure Vulnerability in Exponent CMS Unspecified PHP Injection Vulnerability in Exponent CMS Banner Module Local File Inclusion Vulnerability in PHP's copy() Function Denial of Service Vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, and XFIT/S ZENGIN TCP/IP Procedure PHP Remote File Inclusion Vulnerability in SQuery 4.5 and Earlier Arbitrary File Overwrite Vulnerability in KGB Archiver Cross-Site Scripting (XSS) Vulnerabilities in aWebNews 1.0 visview.php Multiple SQL Injection Vulnerabilities in aWebNews 1.0 Integer Overflow in ClamAV PE Header Parser Allows Remote Code Execution Multiple Format String Vulnerabilities in ClamAV Logging Code SQL Injection Vulnerabilities in Advanced Poll 2.02 Cross-Site Scripting (XSS) Vulnerabilities in Advanced Poll 2.02 Format String Vulnerability in Doomsday Engine 1.8.6: Remote Code Execution Denial of Service Vulnerability in IBM WebSphere Application Server 4.0.1-4.0.3 Remote Password Modification Vulnerability in Hosting Controller 2002 RC 1 and Earlier Versions Directory Traversal Vulnerability in Hosting Controller 2002 RC 1 PHPSelect linksubmit Cross-site scripting (XSS) vulnerability Unspecified Remote Code Execution Vulnerability in main.php Denial of Service Vulnerability in Linux Syslogd Package MyBB 1.10 inc/functions_post.php XSS Vulnerability Address Bar Spoofing Vulnerability in Internet Explorer 6 for Windows XP SP2 and Earlier Improper Access Control in Adobe Document Server for Reader Extensions 6.0 Privileged Account Bypass Vulnerability in Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 Arbitrary Code Execution Vulnerability in OpenVPN 2.0 through 2.0.5 Denial of Service Vulnerability in Clam AntiVirus (ClamAV) Denial of Service Vulnerability in Cisco CSS 11500 Series Content Services Switches LucidCMS 2.0.0 RC4 index.php Cross-Site Scripting (XSS) Vulnerability Information Disclosure Vulnerability in LucidCMS 2.0.0 RC4 PHP Remote File Inclusion Vulnerability in VWar 1.5.0 R12 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in aWebBB 1.2 Multiple SQL Injection Vulnerabilities in aWebBB 1.2 Arbitrary SQL Command Execution in wpBlog 0.4 via index.php CzarNews 1.14 news.php Email Parameter Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in CzarNews 1.14 Cross-site scripting (XSS) vulnerability in Interact 2.1.1 via search_terms and userinput parameters SQL Injection Vulnerability in Interact 2.1.1 Login Page Username Enumeration Vulnerability in Interact 2.1.1 Login Page Arbitrary PHP Code Execution via User-Agent Header in ReloadCMS 1.2.5 and Earlier IKEv1 Aggressive Mode Denial of Service Vulnerability Denial of Service Vulnerability in SMART SynchronEyes Student and Teacher 6.0 Denial of Service Vulnerability in SMART SynchronEyes Student and Teacher 6.0 ESET NOD32 Quarantine File Vulnerability: Unauthorized File Creation Address Bar Spoofing Vulnerability in Firefox 1.5.0.1 Bypassing Filtering Rules in Microsoft ISA Server 2004 via IPv6 Packets Multiple Buffer Overflows in UltraVNC and tabbed_viewer: Remote Code Execution and Denial of Service Vulnerabilities AngelineCMS 0.8.1 loadkernel.php Remote File Inclusion Vulnerability Directory Traversal Vulnerability in HP Color LaserJet Toolbox Buffer Overflow Vulnerabilities in mpg123 0.59r Command Execution Vulnerability in util-vserver 0.30.209 Arbitrary Web Script Injection in Chucky A. Ivey N.T. 1.1.0 Login Log Page Direct Static Code Injection Vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 Multiple SQL Injection Vulnerabilities in Softbiz Image Gallery Softbiz Image Gallery image_desc.php Cross-site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in SKForum 1.5 and Earlier Arbitrary PHP Command Execution Vulnerability in Limbo CMS 1.0.4.2 and 1.0.4.1 Remote Code Execution Vulnerability in libxine 1.14 and earlier Arab Portal 2.0.1 Stable Multiple Cross-Site Scripting (XSS) Vulnerabilities Arab Portal 2.0.1 Stable - SQL Injection Vulnerability in forum.php SQL Injection Vulnerability in Crafty Syntax Image Gallery (CSIG) 3.1g and Earlier Arbitrary PHP Code Execution via File Upload in Crafty Syntax Image Gallery (CSIG) SQL Injection Vulnerability in phpHeaven Team PHPMyChat 0.14.5 and Earlier: Remote Code Execution via T Parameter Denial of Service Vulnerability in Cisco ONS 15000 Series Nodes (Bug ID CSCei45910) Denial of Service Vulnerabilities in Cisco ONS 15000 Series Nodes Arbitrary Code Execution Vulnerability in Cisco Transport Controller (CTC) for Cisco ONS 15000 Series Nodes Arbitrary Web Script Injection Vulnerability in Dark_Wizard vBug Tracker 3.5.1 and Earlier PHPWebGallery 1.4.1 search.php Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPWebGallery 1.4.1 SQL Injection Vulnerability in MAXdev MDPro Topics Module Information Disclosure Vulnerability in MAXdev MDPro Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin before 2.8.0.3 Arbitrary Web Script Injection in Jupiter CMS 1.1.5 via modules/online.php Path Disclosure Vulnerability in Jupiter CMS 1.1.5 Cherokee HTTPD 0.5 and Earlier XSS Vulnerability Arbitrary Web Script Injection Vulnerability in TalentSoft Web+Shop 5.0 and Earlier SQL Injection Vulnerability in Chipmunk Guestbook's admin/login.php Allows Remote Attackers to Bypass Authentication and Execute Arbitrary SQL Commands Arbitrary Local File Inclusion Vulnerability in ecotwo Shopsystem 1.0-192 and Earlier Multiple SQL Injection Vulnerabilities in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT Unspecified File Access Vulnerability in APT-webshop-system Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT Multiple PHP Remote File Inclusion Vulnerabilities in SQuery 4.5 and Earlier Unspecified Local Access Vulnerability in HP-UX B.11.11 LDAP Netgroup Feature MWNewsletter 1.0.0b - Cross-Site Scripting (XSS) Vulnerability in subscribe.php SQL Injection Vulnerability in MWNewsletter 1.0.0b: Remote Code Execution via unsubscribe.php Multiple SQL Injection Vulnerabilities in MWNewsletter 1.0.0b Denial of Service Vulnerability in GlobalSCAPE Secure FTP Server XBrite Members 1.1 SQL Injection Vulnerability Symlink Attack Vulnerability in fbgs Script of fbi Package 2.01-1.4 Cross-site scripting (XSS) vulnerability in Gallery before 1.5.3 Arbitrary Code Execution via Cross-Site Scripting (XSS) in Matt Wright Guestbook 2.3.1 Cross-Site Scripting (XSS) Vulnerability in Matt Wright Guestbook 2.3.1 Arbitrary Web Script Injection in Aweb Banner Generator 3.0 and Earlier Predictable Cookie Authentication Vulnerability in Aweb Scripts Seller Arbitrary Web Script Injection Vulnerability in Shadowed Portal's Pages Module PHP Remote File Inclusion Vulnerability in SPIP 1.8.3 spip_login.php3 Remote Code Execution via PHP File Inclusion in Sire 2.0 nws lire.php Arbitrary Image Upload Vulnerability in Sire 2.0 NWS Privilege Escalation via Crafted View in Oracle Database 9.2.0.0 to 10.2.0.3 Multiple SQL Injection Vulnerabilities in Shopweezle 2.0 Arbitrary Local File Inclusion Vulnerability in Shopweezle 2.0 SQL Injection Vulnerability in Clansys 1.1: Remote Code Execution via showid Parameter in member.php Cross-Site Scripting (XSS) Vulnerability in interaktiv.shop 5's shop_main.cgi SQL Injection Vulnerability in Design Nation DNGuestbook 2.0: Remote Code Execution via admin.php Unrestricted Access to Plone Portrait Modification Methods Arbitrary Web Script Injection Vulnerability in GNU Mailman 2.1.7 Private Archive Script Arbitrary Web Script Injection Vulnerability in Christoph Roeder phpMyForum 4.0 CRLF Injection Vulnerability in Christoph Roeder phpMyForum 4.0 Directory Traversal Vulnerabilities in Christian Kindahl TUGZip MyBB 1.10 inc/functions_post.php XSS Vulnerability in BBCode img Tag Arbitrary Web Script Injection via Username in MyBB 1.10 Insufficient Access Control in Magus Perde Clever Copy 3.0 and Earlier Allows Remote Viewing of Database Credentials Denial of Service Vulnerability in Internet Explorer 6 via Scrollbar CSS Property Cross-site scripting (XSS) vulnerability in search.php in SaphpLesson 3.0 Denial of Service Vulnerability in CMU Cyrus SASL Library 2.1.18 ShopXS 4.0 Suchstring1 Parameter Cross-Site Scripting (XSS) Vulnerability Unspecified DHTML Vulnerability in Firefox, Thunderbird, and SeaMonkey DHTML-related Remote Code Execution Vulnerability in Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Translucent Window Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution Vulnerability in Firefox, Thunderbird, and SeaMonkey Privilege Escalation via XBL Scripts in Mozilla Firefox and Thunderbird Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Arbitrary File Read Vulnerability in Mozilla Firefox, Mozilla Suite, and SeaMonkey Heap-based buffer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 via CSS letter-spacing property Cross-Site Scripting (XSS) vulnerability in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Privileged XBL Binding Compilation Scope Vulnerability Arbitrary Code Execution via Object.watch Method in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Arbitrary Code Execution via XBL Method Binding in Mozilla Products Executable File Download via Transparent Image Overlay Integer Overflow in Mozilla Firefox and Thunderbird Denial of Service Vulnerability in Mozilla Firefox and Thunderbird CSS Border-Rendering Code Buffer Overflow Vulnerability Spoofing secure site indicators in Mozilla Firefox, Mozilla Suite, and SeaMonkey Cross-Site JavaScript Injection in Mozilla Firefox, Mozilla Suite, and SeaMonkey Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, Mozilla Suite, and SeaMonkey Multiple SQL Injection Vulnerabilities in JBook 1.4 Form.php Buffer Overflow Vulnerability in sail in BSDgames Cross-Site Scripting (XSS) Vulnerability in Bitweaver 1.3 login.php Arbitrary File Inclusion Vulnerability in PHPList 2.10.2 and Earlier Remote File Inclusion Vulnerability in Virtual War (VWar) 1.5.0 XMB Forum 1.9.5 Cross-Site Scripting (XSS) Vulnerability via Flash Video Upload PHPListPro 2.0 and Earlier Remote File Inclusion Vulnerability in config.php Autogallery 0.41 - Multiple Cross-Site Scripting (XSS) Vulnerabilities in index.php Multiple SQL Injection Vulnerabilities in MvBlog before 1.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MvBlog 1.6 Backend Arbitrary File Overwrite Vulnerability in fcheck Cron Job SQL Injection Vulnerability in SWSoft Confixx 3.0.6, 3.0.8, and 3.1.2 via SID Parameter Arbitrary SQL Command Execution in MD News 1 via admin.php Remote Authentication Bypass Vulnerability in MD News 1 Arbitrary Web Script Injection Vulnerability in Vegadns 0.99 SQL Injection Vulnerability in Vegadns 0.99: Remote Code Execution via cid Parameter Arbitrary Web Script Injection in SWSoft Confixx 3.1.2 via jahr Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in JetPhoto Cross-Site Scripting Vulnerability in index.php in blur6ex 0.3.452 Directory Traversal Vulnerability in blur6ex 0.3.452 Allows Remote File Inclusion Multiple SQL Injection Vulnerabilities in blur6ex 0.3.452 Insufficient Access Control in Hosting Controller 6.1 Allows Remote Information Disclosure Arbitrary Web Script Injection Vulnerability in JBook 1.3 Multiple SQL Injection Vulnerabilities in Papoo CMS 2.1.5 and 3 beta1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in INDEXU 5.0.0 and 5.0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tritanium Bulletin Board (TBB) 1.2.3 Cross-Site Scripting (XSS) Vulnerabilities in UserLand Manila 9.5 and Earlier PHP Remote File Inclusion Vulnerabilities in AZDG AzDGVote Arbitrary File Read and Possible Remote Code Execution Vulnerability in SAXoTECH SAXoPRESS Cleartext Database Administrator Password Exposure in mnogosearch-common 3.2.31-1 SQL Injection Vulnerability in PHPKIT 1.6.1 Release 2 and Earlier via include.php Authentication Bypass Vulnerability in HP System Management Homepage (SMH) 2.1.3.132 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpBB 2.0.19 Remote File Inclusion Vulnerability in Jeremy Ashcraft Simplog 0.9.2 and Earlier Directory Traversal Vulnerability in Jeremy Ashcraft Simplog 0.9.2 and Earlier Multiple SQL Injection Vulnerabilities in Jeremy Ashcraft Simplog 0.9.2 and Earlier Arbitrary Web Script Injection in Jeremy Ashcraft Simplog 0.9.2 and Earlier Denial of Service Vulnerability in Solaris Bourne Shell (sh) Remote File Inclusion Vulnerability in Circle R Monster Top List (MTL) 1.4: Arbitrary PHP Code Execution Local Privilege Escalation Vulnerability in Solaris 8 and 9 via LDAP Directory Server PatroNet CMS XSS Vulnerability: Remote Code Injection via URI Arbitrary PHP Code Execution via Remote File Inclusion in Sphider 1.3 and Earlier Arbitrary Web Script Injection in Adobe Document Server for Reader Extensions 6.0 Cross-Site Scripting (XSS) Vulnerability in Adobe Document Server for Reader Extensions 6.0 Session ID Leakage in Adobe Document Server for Reader Extensions 6.0 User ID Enumeration Vulnerability in Adobe Document Server for Reader Extensions 6.0 Directory Traversal Vulnerability in PAJAX 0.5.1 and Earlier via pajax_call_dispatcher.php Remote Code Execution via InstallTrigger.install Method in Mozilla Firefox 1.0.7 QuickBlogger 1.4 acc.php Directory Traversal Vulnerability Unspecified Authentication Exploit in MailEnable POP Service Directory Traversal Vulnerability in runCMS 1.2 and Earlier SQL Injection Vulnerability in Mambo 4.5.3 and Earlier Versions Arbitrary Web Script Injection via Title Field in UPDI Network Enterprise @1 Table Publisher 2006-03-23 Arbitrary Script Injection via Paging Links in WordPress Denial of Service Vulnerability in NetBSD Kernel RateIt 2.2 rateit.php SQL Injection Vulnerability Arbitrary Command Execution in Censtore 7.3.002 and Earlier via censtore.cgi Arbitrary File Inclusion Vulnerability in SimpleBBS 1.0.6 through 1.1 Cross-Site Scripting (XSS) Vulnerability in planetSearch+ Arbitrary Script Injection Vulnerability in TinyWebGallery 1.3 and 1.4 Arbitrary Web Script Injection Vulnerability in phpMyAdmin 2.7.0-pl1 Arbitrary SQL Command Execution Vulnerability in phpMyAdmin 2.7.0-pl1 SQL Injection Vulnerability in PowerClan 1.14 member.php Allows Remote Code Execution Arbitrary Web Script Injection in Musicbox 2.3.3 and Earlier SQL Injection Vulnerabilities in Musicbox 2.3.3 and Earlier Versions Arbitrary Script Injection in Lifetype 1.0.3 index.php Sensitive Information Disclosure in Lifetype 1.0.3 via Invalid Show Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in FlexBB 0.5.5 BETA User Profile Fields Multiple SQL Injection Vulnerabilities in FlexBB 0.5.5 BETA Insufficient Access Control in phpWebFTP 3.2 and Earlier Allows Information Disclosure Arbitrary File Read Vulnerability in phpWebFTP 3.2 and Earlier Memory Exhaustion Denial of Service Vulnerability in NetBSD 1.6, 2.0, 2.1, and 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tritanium Bulletin Board (TBB) 1.2.3 Remote File Inclusion Vulnerability in VBulletin 3.5.1, 3.5.2, and 3.5.4 SQL Injection Vulnerability in authcheck.php in warforge.NEWS 1.0 with Disabled Magic Quotes GPC Cross-Site Scripting (XSS) Vulnerabilities in warforge.NEWS 1.0 via Unspecified Vectors in myaccounts.php Arbitrary File Inclusion and Remote Code Execution in phpWebSite 0.10.2 and earlier Arbitrary Script Injection via id Parameter in ModX 0.9.1 ModX 0.9.1 Directory Traversal Vulnerability Arbitrary Web Script Injection in FarsiNews 2.5.3 Pro and Earlier via selected_search_arch Parameter FarsiNews 2.5.3 Pro Directory Traversal Vulnerability PhpGuestbook 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary Web Script Injection Vulnerability in phpLinks 2.1.3.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Snipe Gallery 3.1.4 and Earlier Arbitrary Code Execution via Integer Signedness Error in Asterisk 1.2.6 and Earlier SQL Injection and Remote Code Execution in PHP121 1.4 Password Credential Disclosure Vulnerability in Sybase EAServer Manager World-writable file vulnerability in Sun Java Studio Enterprise 8 Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and earlier versions allows remote command execution Information Disclosure Vulnerability in sysinfo.cgi Intel RNG Driver in NetBSD 1.6 through 3.0 Vulnerability: Incorrect Detection of pchb Interface Leading to Weak Encryption Keys Arbitrary Code Execution via Integer Signedness Error in Opera Arbitrary Web Script Injection Vulnerability in Calendarix's yearcal.php Untrusted Search Path Vulnerability in Symantec LiveUpdate for Macintosh Arbitrary SQL Command Execution in Fuju News 1.0 via archiv2.php Authentication Bypass Vulnerability in Fuju News 1.0 PHP Album 0.3.2.3 - Remote File Inclusion Vulnerability Empire Server 4.3.1 Multiple Format String Denial of Service Vulnerabilities Arbitrary Script Injection in bMachine Search Field Arbitrary Script Injection in ShoutBOOK 1.1 via global.php Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 Sensitive Information Exposure in Debian Installer Log Files Cross-Site Scripting (XSS) Vulnerability in PHP-Nuke 7.8 Your_Account Module SQL Injection Vulnerability in Your_Account Module in PHP-Nuke 7.8 Cross-Site Scripting (XSS) Vulnerabilities in LinPHA 1.1.0 stats_view.php SQL Injection Vulnerabilities in xFlow 5.46.11 and Earlier: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in xFlow 5.46.11 and Earlier Information Disclosure Vulnerability in xFlow 5.46.11 and Earlier Arbitrary SQL Command Execution in Article Publisher Pro 1.0.1 and Earlier SQL Injection Vulnerabilities in ModernBill 4.3.2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in BluePay Manager 2.0 and Earlier Denial of Service Vulnerability in Linux Kernel's choose_new_parent Function Missing LSM File_Permission Hooks in Linux Kernel 2.6.16 and Earlier Buffer Overflow Vulnerability in SCTP in Linux Kernel Inconsistent Chunk Length Vulnerability in Linux Kernel SCTP Implementation Memory Leak in __setlease in Linux Kernel: Exploiting Uninitialized Return Value Vulnerability Denial of Service Vulnerability in lease_init Function in Linux Kernel Multiple Integer Overflows in FreeType: Remote Code Execution Vulnerability Denial of Service Vulnerability in Linux Kernel 2.6.x Virtual Memory Implementation CIFS Directory Traversal Vulnerability in Linux 2.6.16 and Earlier Directory Traversal Vulnerability in smbfs Allows Local Users to Escape Chroot Restrictions Beagle 0.2.5 Argument Injection Vulnerability Unspecified Vulnerabilities in Oracle Database Server Components Unspecified Vulnerability in Oracle Database Server 9.2.0.6 Advanced Replication Component (Vuln# DB02) Oracle Database Server 10.1.0.4 Advanced Replication Buffer Overflow Vulnerability (Vuln# DB03) Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 in the Dictionary component Unspecified vulnerability in Oracle Database Server Export component (Vuln# DB05) Oracle Database Server SQL Injection Vulnerability in DBMS_LOGMNR_SESSION (Log Miner) Package Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 in Oracle Enterprise Manager Intelligent Agent component Unspecified Vulnerability in Oracle Spatial Component (Vuln# DB08) Unspecified SQL Injection Vulnerability in Oracle Spatial Component (Vuln# DB09) Unspecified SQL Injection Vulnerability in Oracle Spatial Component (Vuln# DB11) Unspecified SQL Injection Vulnerability in Oracle Spatial Component Unspecified vulnerability in Oracle Spatial component of Oracle Database Server (DB13) Arbitrary Script Injection Vulnerability in phpFaber TopSites index.php Unspecified Vulnerabilities in Oracle Collaboration Suite Email Server Component Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 Unspecified Vulnerability in Oracle E-Business Suite Financials for Asia/Pacific Component (Vuln# APPS02) Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 Unspecified Vulnerability in Oracle Application Object Library Component in Oracle E-Business Suite and Applications 11.5.10CU1 (Vuln# APPS05) Unspecified Vulnerability in Oracle Thesaurus Management System Component in Oracle E-Business Suite and OPA 4.5.2 Applications Unspecified Vulnerabilities in Oracle Enterprise Manager Reporting Framework Unspecified Vulnerability in Oracle PeopleSoft Enterprise 8.46.12 and 8.47.04 (Vuln# PSE01) Unspecified Vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 Arbitrary HTML and Script Injection in phpGraphy 0.9.11 and Earlier Cross-Site Scripting (XSS) Vulnerability in Nils Asmussen Boardsolution 1.12 and Earlier PHP Remote File Inclusion Vulnerabilities in myWebland myEvent 1.2 and 1.4 Cross-Site Scripting (XSS) Vulnerability in Martin Scheffler Betaboard 0.1 Local Privilege Escalation Vulnerability in avast! 4 Linux Home Edition 1.0.5 Ar-Blog 5.2 - Remote Code Injection via print.php Cross-Site Scripting (XSS) Vulnerability in RevoBoard 1.8 Direct static code injection vulnerability in phpBB's includes/template.php allows remote authenticated users to execute arbitrary PHP code Arbitrary PHP Code Execution Vulnerability in phpBB Administration Panel Sensitive Information Disclosure in Webplus Web+Shop 5.3.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ralph Capper Tiny PHP Forum (TPF) 3.6 Cross-Site Scripting (XSS) Vulnerabilities in dev Neuron Blog 1.1 and Earlier Multiple Buffer Overflows in W3C Amaya 9.4 and Earlier Versions Denial of Service Vulnerability in Mozilla Camino 1.0 and Earlier Pointer Overflow Vulnerability in fold_binary Function of GCC 4.1 Cross-Site Scripting (XSS) Vulnerabilities in UserLand Manila AnimeGenesis Gallery index.php Cross-site Scripting (XSS) Vulnerability Arbitrary Code Execution via Format String Vulnerabilities in xiTK Arbitrary Web Script Injection Vulnerability in jjgan852 phpLister 0.4.1 Multiple SQL Injection Vulnerabilities in myEvent 1.x Cross-Site Scripting Vulnerability in addevent.php in myEvent 1.x Coppermine 1.4.4 Directory Traversal Vulnerability Arbitrary PHP Code Injection in S9Y Serendipity 1.0 beta 2 via config.php MyBB 1.1 XSS Vulnerability in HTML Attachment Content Disposition Uninitialized Variable Vulnerability in MyBB (MyBulletinBoard) 1.1.0 Arbitrary Script Injection in Jax Guestbook 3.1, 3.31, and 3.50 Information Disclosure Vulnerability in DbbS 2.0-alpha and Earlier SQL Injection Vulnerability in topics.php in DbbS 2.0-alpha and Earlier Cross-Site Scripting (XSS) Vulnerabilities in DbbS 2.0-alpha and Earlier via profile.php SQL Injection Vulnerability in Blackorpheus ClanMemberSkript 1.0: Remote Code Execution via userID Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Papoo 2.1.5 Internet Photoshow 1.3 - PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in PMTool 1.2.2: Remote Code Execution via Order Parameter in include Files Arbitrary Command Execution in PHP Net Tools 2.7.1 via nettools.php TotalCalendar PHP Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in LinPHA before 1.1.1 SQL Injection Vulnerability in LinPHA 1.1.1's functions/db_api.php Directory Traversal Vulnerability in CuteNews 1.4.1 EditNews Module SQL Injection Vulnerability in ThWboard 2.84 beta 3 and Earlier: Remote Code Execution via showtopic.php Denial of Service Vulnerability in Cisco IOS XR MPLS Configuration (CSCsc77475) Cisco IOS XR Denial of Service Vulnerability in MPLS Packet Handling I-Rater Platinum PHP Remote File Inclusion Vulnerability Multiple SQL Injection Vulnerabilities in Green Minute 1.0 and Earlier Denial of Service Vulnerability in Ruby HTTP/XMLRPC Server Off-by-one Error in Ethereal 0.10.x up to 0.10.14: Unknown Impact and Remote Attack Vectors Denial of Service Vulnerabilities in Ethereal 0.10.x up to 0.10.14 via Unspecified Rafted Packets Multiple Buffer Overflows in Ethereal 0.10.x up to 0.10.14 Buffer Overflow Vulnerability in Ethereal 0.9.15 up to 0.10.14 via COPS Dissector Remote Code Execution Vulnerability in Ethereal 0.8.5 up to 0.10.14 via Telnet Dissector Buffer Overflow Multiple Denial of Service Vulnerabilities in Ethereal 0.10.x up to 0.10.14 Denial of Service Vulnerabilities in Ethereal 0.8.x up to 0.10.14 Multiple Denial of Service Vulnerabilities in Ethereal 0.9.x up to 0.10.14 Denial of Service Vulnerability in Ethereal 0.10.4 up to 0.10.14 via SNDCP Dissector Denial of Service Vulnerability in Neon Responder 5.4 for LANsurveyor User-Assisted Remote File Access Vulnerability in Mozilla Firefox, Netscape, and K-Meleon Cross-Site Scripting (XSS) Vulnerabilities in Smarter Scripts IntelliLink Pro 5.06 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in SibSoft CommuniMail 1.2 and Earlier Cross-site scripting (XSS) vulnerability in AWStats 6.5 and earlier through awstats.pl Multiple Cross-Site Scripting (XSS) Vulnerabilities in Visale 1.0 and Earlier Multiple SQL Injection Vulnerabilities in NicPlex Plexum X5 and Earlier Improper Storage of Information in Personal Address Book in IBM Lotus Notes 6.0 and 6.5 Arbitrary SQL Command Execution in NicPlex PlexCart X3 and Earlier via catid Parameter Cross-Site Scripting (XSS) Vulnerabilities in PerlCoders BannerFarm 2.3 and Earlier SolarWinds TFTP Server 8.1 Directory Traversal Vulnerability WinAgents TFTP Server for Windows 3.1 and earlier Directory Traversal Vulnerability Caucho Resin Directory Traversal Vulnerability SQL Injection Vulnerability in authent.php4 in RechnungsZentrale V2 1.1.3 PHP Remote File Inclusion Vulnerability in Nicolas Fischer (aka NFec) RechnungsZentrale V2 1.1.3 Information Disclosure Vulnerability in com_rss Option Denial of Service Vulnerability in com_rss Option of Mambo and Joomla! Multiple SQL Injection Vulnerabilities in WWWThreads RC 3 ActualScripts ActualAnalyzer Lite, Gold, and Server Remote File Inclusion Vulnerability CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13 XSS Vulnerability in Appliance Web User Interface Vulnerability: Local Shell Access in CiscoWorks and Cisco Hosting Solution Engine SQL Injection Vulnerability in PCPIN Chat 5.0.4 and Earlier: Remote Code Execution via Username Field Directory Traversal Vulnerability in PCPIN Chat 5.0.4 and Earlier SQL Injection Vulnerability in Haberler.asp in ASPSitem 1.83 and Earlier: Remote Code Execution via id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in aasi media Net Clubs Pro 4.0 and Earlier Denial of Service Vulnerability in Fortinet28 SMTP Port (TCP Port 25) Arbitrary Web Script Injection in KCScripts Calendar Visitor.cgi Arbitrary Web Script Injection Vulnerability in KCScripts News Publisher Unspecified KCScripts Script Cross-Site Scripting (XSS) Vulnerability in search.cgi Arbitrary Code Injection through Cross-Site Scripting (XSS) in KCScripts Classifieds Cross-Site Scripting (XSS) Vulnerability in KRANKIKOM ContentBoxX login.php Arbitrary Web Script Injection Vulnerability in EasyGallery.php Denial of Service Vulnerabilities in Linksys RT31P2 VoIP Router via Malformed SIP Messages SQL Injection Vulnerability in MyBB (MyBulletinBoard) 1.04: Remote Code Execution via Referrer Parameter Arbitrary Web Script Injection in PHP-Gastebuch 1.61 Guestbook_newentry.php Cross-Site Scripting (XSS) Vulnerability in Prayer Request Board (PRB) Beta 1 FlexBB 0.5.7 BETA and Earlier XSS Vulnerability SQL Injection Vulnerability in FlexBB 0.5.5 and Earlier via flexbb_username COOKIE Parameter in inc/start.php Arbitrary Script Injection in Manic Web MWGuest 2.1.0 via mwguest.php W2B Online Banking Cross-Site Scripting (XSS) Vulnerability InputMethods Vulnerability: Password Leakage through Incorrect Event Routing Heap-based Buffer Overflow in LZWDecodeVector Function in Mac OS X Heap-based Buffer Overflow in ImageIO and AppKit in Mac OS X 10.4.6 and earlier Denial of Service Vulnerability in _cg_TIFFSetField Function in Mac OS X 10.4.6 and Earlier Heap-based Buffer Overflow in BOM BOMArchiveHelper 10.4 (6.3) Build 312 Denial of Service and Code Execution Vulnerability in Apple Safari 2.0.3 Denial of Service and Code Execution Vulnerability in Apple Safari 2.0.3 Denial of Service Vulnerability in Apple Safari 2.0.3 via Large VALUE Attribute in HTML LI Tag Buffer Overflow Vulnerability in Freshclam HTTP Client in ClamAV 0.80 to 0.88.1 Heap-based Buffer Overflow in PHP Wordwrap Function Out-of-Bounds Offset Vulnerability in PHP 5.1.2's substr_compare Function Denial of Service Vulnerability in Microsoft Internet Explorer (mshtml.dll) Denial of Service and Possible Code Execution in Mozilla Firefox 1.5.0.2 PHP Remote File Inclusion Vulnerability in dForum 1.5 and Earlier Directory Traversal Vulnerability in Scry Gallery 1.1 Allows Remote File Read Information Disclosure Vulnerability in Scry Gallery 1.1 Unspecified Local Information Disclosure Vulnerability in Sybase Pylon Anywhere Groupware Synchronization Server Denial of Service Vulnerability in OpenTTD 0.4.7 and Earlier Denial of Service Vulnerability in OpenTTD 0.4.7 Multiplayer Menu Arbitrary Web Script Injection Vulnerability in logMethods 0.9 Apache HTTP Server 2.4.54 and Earlier Vulnerability: Memory Read/Write Crash Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery 1.1 via p parameter injection MyGamingLadder 7.0 stats.php Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerability in Community Architect Guestbook SQL Injection Vulnerabilities in RI Blog 1.1: Remote Code Execution Eval Injection Vulnerability in ClanSys 1.1 Allows Remote Code Execution Directory Traversal Vulnerabilities in IZArc Archiver 3.5 beta 3 Heap-based Buffer Overflow in Winny 2.0 b7.1 and Earlier: Remote Code Execution Vulnerability Remote File Inclusion Vulnerability in Built2Go PHP Movie Review 2B and Earlier Remote File Inclusion Vulnerability in phpMyAgenda 3.0 Final and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerabilities in Bloggage's check_login.asp Arbitrary Web Script Injection Vulnerability in 4images 1.7 and Earlier Skulltag 0.96f and Earlier Format String Denial of Service Vulnerability SQL Injection Vulnerability in SL_site 1.0: Remote Code Execution via id_page Parameter Directory Traversal Vulnerability in SL_site 1.0: Arbitrary Directory Listing and Potential XSS Cross-site scripting (XSS) vulnerability in SL_site 1.0 via recherche parameter in recherche.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpLDAPadmin 0.9.8 and Earlier Dnsmasq 2.29 Denial of Service Vulnerability SQL Injection Vulnerability in vBulletin 3.0.x Calendar.php (CVE-2004-0036) Denial of Service Vulnerability in Apple Mac OS X Safari 2.0.3 and 1.3.1 Insufficient Access Control in Asterisk@Home ARI Allows Password Information Retrieval Absolute Path Traversal Vulnerability in Asterisk@Home ARI Web Interface Buffer Overflow Vulnerability in Fenice RTSP Module Integer Overflow in RTSP_msg_len Function in Fenice 1.10 and Earlier: Denial of Service Vulnerability Denial of Service Vulnerabilities in libtiff before 3.8.1 Integer Overflow in TIFFFetchData Function in libtiff: Denial of Service and Arbitrary Code Execution Vulnerability Double Free Vulnerability in libtiff's tif_jpeg.c Allows Denial of Service and Possible Code Execution Buffer Overflow in Unicode Processing in Quick 'n Easy FTP Server Professional and Lite Arbitrary Web Script Injection via imagelist.php in Jeremy Ashcraft Simplog 0.9.3 and Earlier Multiple SQL Injection Vulnerabilities in Jeremy Ashcraft Simplog 0.9.3 and Earlier Denial of Service Vulnerability in Allied Telesyn AT-9724TS Switch Arbitrary Web Script Injection Vulnerability in phpMyAdmin 2.8.0.3, 2.8.0.2, 2.8.1-dev, and 2.9.0-dev SQL Injection Vulnerabilities in Core CoreNews 2.0.1 and Earlier: Remote Code Execution Remote Command Execution in CoreNews 2.0.1 and Earlier via PHP Remote File Inclusion SQL Injection Vulnerability in FlexBB 0.5.5: Remote Code Execution and User Credential Exposure Bypassing Uncategorized Category Blocking in Websense by Appending /? to URL Vulnerability: Password Repetition in iOpus Secure Email Attachments (SEA) Allows File Decryption Thwboard 3.0 Beta 2.84 index.php Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in ampleShop 2.1 and Earlier Multiple SQL Injection Vulnerabilities in osTicket Module in Help Center Live Multiple SQL Injection Vulnerabilities in Photokorn 1.53 and 1.542 Arbitrary Picture Access in PhpWebGallery before 1.6.0RC1 Title: Multiple Server Models Vulnerable to SQL Injection in Adobe Dreamweaver 8 and MX 2004 Command Injection Vulnerability in IP3 Networks NetAccess NA75 CLI Default Credentials Vulnerability in na-img-4.0.34.bin for IP3 Networks NetAccess NA75 World Readable and Writable Permissions in IP3 Networks NetAccess NA75: Shadow Password and Database Vulnerability SQL Injection Vulnerabilities in Application Dynamics Cartweaver ColdFusion 2.16.11 and Earlier Information Disclosure in Application Dynamics Cartweaver ColdFusion 2.16.11 and earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Edwin van Wijk phpWebFTP 2.3/3.2 DCForumLite 3.0 Cross-Site Scripting (XSS) Vulnerability in dcboard.cgi DCForumLite 3.0 - Remote SQL Injection Vulnerability in dcboard.cgi Cross-Site Scripting (XSS) Vulnerabilities in NextAge Shopping Cart's myadmin/index.php Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery member.php allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action Multiple SQL Injection Vulnerabilities in QuickEStore 7.9 and Earlier Denial of Service Vulnerability in 3Com Baseline Switch 2848-SFP Plus Model #3C16486 Argument Injection Vulnerability in Microsoft Outlook 2003 SP1 Argument Injection Vulnerability in Internet Explorer 6 for Windows XP SP2 Argument Injection Vulnerability in Mozilla Firefox 1.0.6 Allows Remote Attackers to Modify Command Line Arguments Argument Injection Vulnerability in Avant Browser 10.1 Build 17 Arbitrary PHP Code Execution in Invision Power Board (IPB) 2.1.x and 2.0.x Directory Traversal Vulnerability in Invision Power Board (IPB) 2.1.x and 2.0.x SQL Injection Vulnerability in Invision Power Board (IPB) 2.1.x and 2.0.x Multiple SQL Injection Vulnerabilities in Leadhound Full and LITE 2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Leadhound Full and LITE 2.1 Unspecified Privilege Escalation Vulnerability in libpkcs11 Library in Sun Solaris 10 SQL Injection Vulnerability in PHPSurveyor 0.995 and Earlier via surveyid Cookie Multiple Cross-Site Scripting (XSS) Vulnerabilities in MKPortal 1.1 Rc1 and Earlier Arbitrary SQL Command Execution in MKPortal 1.1 Denial of Service Vulnerability in Hitachi JP1 Products Denial of Service Vulnerability in PowerDNS Recursor 3.0.1 DevBB 1.0.0 and Earlier: Cross-Site Scripting (XSS) Vulnerability in member.php Linux Kernel Local Privilege Escalation via Shared Memory Write Permission Bypass Unspecified Denial of Service Vulnerabilities in DeleGate 9.x and 8.x Denial of Service Vulnerability in ISC BIND via Crafted DNS Message with Broken TSIG Unspecified Remote DNS Vulnerability in Juniper Networks JUNOSe E-series Routers Denial of Service Vulnerability in MyDNS 1.1.0 via Crafted DNS Message (Query-of-death) Memory Leak in pdnsd before 1.2.4: Denial of Service via Unsupported DNS Query Buffer Overflow Vulnerability in Paul Rombouts pdnsd before 1.2.4 Unspecified Denial of Service Vulnerabilities in FITELnet Products Arbitrary Web Script Injection in Verosky Media Instant Photo Gallery SQL Injection Vulnerability in Verosky Media Instant Photo Gallery 1.0.2 Arbitrary SQL Query Execution Vulnerability in Oracle Database Server 10g Release 2 Quake 3 Engine Directory Traversal Vulnerability Integer Overflow in receive_xattr Function in Rsync Multiple Cross-Site Scripting (XSS) Vulnerabilities in FarsiNews 2.5.3 Pro and Earlier Buffer Overflow Vulnerabilities in SpeedProject Squeez and SpeedCommander Remote Code Execution Vulnerability in Juniper SSL-VPN Client Denial of Service Vulnerability in Gmax Mail Client Multiple Cross-Site Scripting (XSS) Vulnerabilities in Devsyn Open Bulletin Board (OpenBB) 1.0.6 Cross-Site Scripting (XSS) Vulnerabilities in MySmartBB 1.1.x misc.php SQL Injection Vulnerabilities in MySmartBB 1.1.x: Remote Code Execution via misc.php Sensitive Information Disclosure in Virtual War (VWar) 1.5 and earlier versions through admin.php Unspecified Denial of Service Vulnerability in HP StorageWorks Secure Path for Windows 4.0C-SP2 Denial of Service Vulnerability in Nessus via Invalid sep Parameter in split() Function Race condition vulnerability in Microsoft Internet Explorer Denial of Service Vulnerability in Phex before 2.8.6 Sensitive Information Disclosure in plug.php in Land Down Under (LDU) 802 and earlier SQL Injection Vulnerability in Invision Power Board (IPB) 2.1.4: Remote Code Execution via Private Message (PM) Remote File Inclusion Vulnerability in Thumbnail AutoIndex 2.0: Arbitrary PHP Code Execution UltraISO 8.0.0.1392 Directory Traversal Vulnerability Arbitrary File Write Vulnerability in Magic ISO 5.0 Build 0166 WinISO 5.3 Directory Traversal Vulnerability PowerISO 2.9 Directory Traversal Vulnerability SQL Injection Vulnerability in MyBB 1.1.1: Remote Code Execution by Authenticated Administrators Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kamgaing Email System (Kmail) 2.3 and Earlier Arbitrary File Read Vulnerability in Jupiter CMS 1.1.4 and 1.1.5 Cross-Site Scripting (XSS) Vulnerability in Edgewall Software Trac 0.9.4 and Earlier via Wiki Macro Buffer Overflow Vulnerability in BL4 SMTP Server 0.1.4 and Earlier Remote Denial of Service Vulnerability in Océ (OCE) 3121/3122 Printer's parser.exe Arbitrary Script Injection in JSBoard 2.0.10 and 2.0.11 Privilege Escalation Vulnerability in Virtual Private Server (Vserver) 2.0.x and 2.1.x URL Redirect Cross Domain Information Disclosure Vulnerability in Microsoft Outlook Express 6 FTP Bounce Vulnerability in Fuji Xerox Printing Systems Authentication Bypass and Configuration Modification Vulnerability in Fuji Xerox Printing Systems Buffer Overflow Vulnerability in SWS Web Server 0.1.7 Arbitrary Code Execution via Format String Vulnerability in SWS Web Server 0.1.7 Remote Code Execution Vulnerability in planetGallery Thyme 1.3 Search Page Cross-Site Scripting (XSS) Vulnerability Authentication Bypass Vulnerability in JMK's Picture Gallery Artmedic Event PHP Remote File Inclusion Vulnerability Out-of-Bounds Read Vulnerability in libtiff's TIFFToRGB Function PHP Remote File Include Vulnerability in admin/config_settings.tpl.php in I-RATER Platinum Remote Code Execution in CoolMenus via index.php SQL Injection Vulnerabilities in Network Administration Visualized (NAV) before 3.0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SunShop 3.5 and Earlier SQL Injection Vulnerability in pocategories.php in MaxTrade 1.0.1 and Earlier Arbitrary SQL Command Execution in Blog Mod 0.2.x via weblog_posting.php Multiple SQL Injection Vulnerabilities in Pro Publish 2.0 Pro Publish 2.0 Remote Code Execution Vulnerability SQL Injection Vulnerability in Advanced Poll 2.0.4 via User-Agent Header IP Spoofing Vulnerability in Advanced Poll 2.0.4 SQL Injection Vulnerability in DUclassified's detail.asp Allows Remote Code Execution via iPro Parameter SQL Injection Vulnerability in BoonEx Barracuda 1.1 and Earlier: Remote Code Execution via index.php Remote File Inclusion Vulnerability in Knowledge Base Mod for PHPbb 2.0.2 and Earlier SQL Injection Vulnerability in Ruperts News Login Page SQL Injection Vulnerability in AZNEWS Allows Remote Code Execution via ID Parameter OpenPHPNuke and Earlier Versions Remote File Inclusion Vulnerability NeoMail 1.29 Cross-Site Scripting (XSS) Vulnerability in neomail.pl Multiple SQL Injection Vulnerabilities in PHP Newsfeed 20040723 Multiple Cross-Site Scripting (XSS) Vulnerabilities in OrbitHYIP 2.0 and Earlier Arbitrary Script Injection in Collaborative Portal Server (CPS) 3.4.0 and Earlier Remote File Inclusion Vulnerability in Limbo CMS 1.04 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in TextFileBB 1.0.16 Remote File Inclusion Vulnerability in DMCounter 0.9.2-b Allows Arbitrary PHP Code Execution Multiple SQL Injection Vulnerabilities in HB-NS 1.1.6: Remote Code Execution via index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in HB-NS 1.1.6 index.php Improper Handling of USB Device Access in resmgrd for SUSE Linux and Other Distributions Multiple Buffer Overflows in CGI:IRC Client.c Remote File Inclusion Vulnerability in Aardvark Topsites PHP 4.2.2 and Earlier Arbitrary File Inclusion Vulnerability in phpBB TopList 1.3.8 and Earlier Arbitrary File Inclusion Vulnerability in phpBB TopList 1.3.8 and Earlier Arbitrary File Inclusion Vulnerability in phpBB Advanced Guestbook 2.4.0 and Earlier Arbitrary Web Script Injection in DirectAdmin Hosting Management Privilege Escalation Vulnerability in EMC Retrospect for Windows Arbitrary Code Execution in EMC Retrospect for Windows Arbitrary File Inclusion Vulnerability in X7 Chat 2.0 and Earlier SQL Injection Vulnerability in Plogger Beta 2.1 and Earlier (gallery.php) Dynamic Variable Evaluation Vulnerability in Stadtaus Guestbook Script 1.7 and Earlier CRLF Injection Vulnerability in Russcom Network Loginphp's help.php Allows Email Spoofing and MIME Header Injection Arbitrary Web Script Injection Vulnerability in Russcom Network Loginphp Arbitrary Code Execution via Long File Name in ZIP Archive Buffer Overflow Vulnerability in Nagios CGI Scripts Arbitrary Web Script Injection Vulnerability in Pinnacle Cart 3.33 and Earlier SQL Injection Vulnerabilities in Avactis Shopping Cart 0.1.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Avactis Shopping Cart 0.1.2 and Earlier Password Reset Vulnerability in Cisco Unity Express (CUE) 2.2(2) and Earlier Cross-Site Scripting (XSS) Vulnerability in SloughFlash SF-Users 1.0 Authentication Bypass Vulnerability in FileProtection Express 1.0.1 and Earlier Information Disclosure Vulnerability in Request Tracker 3.5.HEAD Arbitrary Code Execution via Buffer Overflow in ArgoSoft FTP Server 1.4.3.6 Remote Code Execution Vulnerability in WarFTPD's WDM.exe via Buffer Overflow Buffer Overflow Vulnerability in Gene6 FTP Server 3.1.0 Buffer Overflow Vulnerability in FileZilla FTP Server 2.2.22 Cross-Site Scripting (XSS) Vulnerabilities in VHCS admin/server_day_stats.php Remote File Inclusion Vulnerability in FtrainSoft Fast Click 2.3.8 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in PHP Linkliste 1.0b's links.php Arbitrary Script Injection in geoBlog 1.0 via viewcat.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in CyberBuild Multiple SQL Injection Vulnerabilities in CyberBuild Buffer Overflow Vulnerability in Golden FTP Server Pro 2.70 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Albinator 2.0.8 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Albinator 2.0.8 and Earlier Untrusted Search Path Vulnerability in TrueCrypt 4.1 Allows Arbitrary Command Execution and Privilege Escalation Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base Cleartext Username and Password Exposure in PORTAL.NLM in Novell Netware 6.5 SP5 Information Disclosure Vulnerability in Zenphoto 1.0.1 Beta and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zenphoto 1.0.1 Beta and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in CMScout 1.10 and Earlier SQL Injection Vulnerability in search.php in Servous sBLOG 0.7.2 Cross-site scripting (XSS) vulnerability in ow-shared.pl in OpenWebMail (OWM) 2.51 and earlier Mailman 2.1.9 Format String Vulnerability Buffer Overflow in t2p_write_pdf_string Function in libtiff 3.8.2 and Earlier Privilege Escalation via winbind Plugin in pppd Arbitrary Web Script Injection in Horde 3 (horde3) before 3.1.1 Privilege Escalation Vulnerability in Pinball 0.3.1 Arbitrary Code Execution via Integer Overflow in wv2 Unprompted Execution of Malicious BASIC Macro in OpenOffice.org Java Applet Sandbox Escape Vulnerability in OpenOffice.org Stack-based Buffer Overflow in libmms: Remote Code Execution Vulnerability CA Resource Initialization Manager (CAIRIM) 1.x Unspecified Integrity Violation Vulnerability SQL Injection Vulnerability in Invision Gallery 2.0.6: Remote Code Execution via album parameter in post.php Unspecified Remote Attack Vector in Kerio MailServer Allows Possible Bypass of Attachment Filter SQL Injection Vulnerability in Invision Power Board 2.1.5 Topic Deletion Functionality Denial of Service Vulnerability in NetBSD 3.0 audio_write Function Weak Encryption in UltraVNC 1.0.1 Allows Privilege Escalation through Password Sniffing Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyNews 1.6.2 SQL Injection Vulnerabilities in PHP Arena paCheckBook 1.1 Arbitrary Code Injection via Cross-Site Scripting (XSS) in 321soft PhP-Gallery 0.9 Absolute Path Traversal Vulnerability in 321soft PhP-Gallery 0.9 Buffer Overflow Vulnerability in KarjaSoft Sami FTP Server 2.0.2 and Earlier Denial of Service Vulnerability in Hostapd 0.3.7-2 via EAPoL Frame Key Data Length Field SQL Injection Vulnerabilities in 4images 1.7.1 and Earlier: Remote Code Execution Information Disclosure Vulnerability in Open Bulletin Board (OpenBB) 1.0.8 SQL Injection Vulnerability in Invision Power Board's index.php Allows Remote Code Execution Remote Code Execution Vulnerability in Internet Explorer 6.0 on Windows XP SP2 Unvalidated Input Variable Types in phpBB 2.0.20 SQL Injection Vulnerability in phpBB 2.0.20 Allows Information Disclosure Symlink Attack Vulnerability in BitRock InstallBuilder Buffer Overflow Vulnerability in zawhttpd 0.8.23 and Earlier Versions Allows Remote DoS RIPd Configuration Vulnerability in Quagga 0.98 and 0.99 RIPv2 Authentication Bypass in Quagga 0.98 and 0.99 Buffer Overflow Vulnerability in XM Easy Personal FTP Server 4.3 and Earlier Buffer Overflow Vulnerability in XM Easy Personal FTP Server 4.2 and 5.0.1 via Long PORT Command Argument Arbitrary Web Script Injection in PunBB 1.2.11 via misc.php Cross-site scripting (XSS) vulnerability in w-Agora 4.2.0 Cleartext Password Vulnerability in OpenVPN 2.0.7 and Earlier Format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Big Webmaster Guestbook Script 1.02 and Earlier Scriptsez Cute Guestbook 20060211 XSS Vulnerability Buffer Overflow Vulnerability in BankTown Client Control (BtCxCtl20Com) 1.4.2.51817 and possibly 1.5.2.50209 Cross-Site Scripting (XSS) Vulnerabilities in TyroCMS Beta 1.0 Unauthenticated Remote Code Execution in CodeMunkyX Simple Poll 1.0 Remote Code Execution Vulnerability in Quake 3 Engine via Long remapShader Command Arbitrary Code Execution Vulnerability in AWStats Web Interface Heap-based buffer overflow in Apple QuickTime: Remote code execution via crafted BMP file SQL Injection Vulnerability in Newsadmin 1.1: Remote Code Execution via readarticle.php Denial of Service Vulnerability in Fujitsu NetShelter/FW Web Cache and Web Proxy Fast Click SQL Lite 1.1.3 and Earlier - PHP Remote File Inclusion Vulnerability in show.php Denial of Service Vulnerability in acFTP 1.4 via Long String with Brace Characters Cross-Site Scripting (XSS) Vulnerabilities in Web4Future News Portal SQL Injection Vulnerabilities in Web4Future News Portal Remote File Inclusion Vulnerability in Auction Mod 1.3m for phpBB Arbitrary Script Injection in UBlog 1.6 Access Edition Username Enumeration Vulnerability in WebCalendar 1.0.1 to 1.0.3 Information Disclosure Vulnerability in Xeneo Web Server 2.2.22.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CuteNews 1.4.1 and Earlier Information Disclosure Vulnerability in CuteNews 1.4.1 Arbitrary SQL Command Execution in Invision Community Blog (ICB) 1.1.2 - 1.2 Cross-Site Scripting Vulnerability in OpenFAQ 0.4.0's submit.php Remote File Inclusion Vulnerability in Statit 4 (060207) visible_count_inc.php Buffer Overflow in FileCOPA 1.01's filecpnt.exe Allows Remote DoS via Username Multiple SQL Injection Vulnerabilities in Creative Community Portal 1.1 and Earlier PHP Remote File Inclusion Vulnerability in EQdkp 1.3.0 and Earlier Arbitrary Web Script Injection Vulnerability in easyEvent 1.2 Arbitrary Web Script Injection Vulnerability in MaxxSchedule 1.0 Logon.asp MaxxSchedule 1.0 Logon.asp SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in Drupal Project Module ACal 2.2.6 - Remote File Inclusion Vulnerability in day.php Arbitrary Web Script Injection Vulnerability in Singapore 0.9.7 index.php SQL Injection Vulnerability in shopcurrency.asp in VP-ASP 6.00 Multiple SQL Injection Vulnerabilities in Ocean12 Calendar Manager Pro 1.00 Cross-Site Scripting Vulnerability in Ocean12 Calendar Manager Pro 1.00 Chirpy! 0.1 SQL Injection Vulnerability Denial of Service Vulnerability in Kerio WinRoute Firewall's Email Protocol Inspectors SQL Injection Vulnerability in FlexCustomer 0.0.4 and Earlier Allows Remote Authentication Bypass and Arbitrary SQL Command Execution Arbitrary Web Script Injection via BBCode img Tag in myWebland MyBloggie 2.1.3 and Earlier Arbitrary Code Execution via PHP Remote File Inclusion in Jetbox CMS 2.1 Denial of Service Vulnerability in Linux SCTP (lksctp) Prior to 2.6.17 Denial of Service Vulnerability in Linux SCTP (lksctp) before 2.6.17 Arbitrary Execution Vulnerability in Verisign VUpdater.Install ActiveX Control Denial of Service Vulnerability in Linux SCTP (lksctp) before 2.6.17 Denial of Service Vulnerability in Linux SCTP (lksctp) before 2.6.17 Denial of Service Vulnerability in Quagga's bgpd Denial of Service Vulnerability in Apple Mac OS X 10.4 Applications via Crafted OpenEXR Image File Path Disclosure Vulnerability in SaphpLesson 3.0 Multiple SQL Injection Vulnerabilities in SaphpLesson 3.0 Directory Traversal Vulnerability in openEngine 1.8 Beta 2 and Earlier Arbitrary PHP Code Execution in X-Scripts X-Poll (xpoll) 2.30 X7 Chat 2.0.2 XSS Vulnerability in Avatar URL Parameter PHP Remote File Inclusion Vulnerabilities in SpiffyJr phpRaid 2.9.5 through 3.0.b3 Multiple PHP Remote File Inclusion Vulnerabilities in Claroline 1.7.5 Dokeos 1.6.4 AuthLDAP.php Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Dokeos Arbitrary Web Script Injection in Vision Source 0.6 and Earlier Local Denial of Service Vulnerability in Avahi Buffer Overflow Vulnerability in Avahi-Core Allows Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerabilities in kommentar.php in 2005-Comments-Script IA-Calendar calendar_new.asp TypeName1 Parameter Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in IA-Calendar SQL Injection Vulnerability in MultiCalendars 3.0 via calsids Parameter Arbitrary Script Injection in Dynamic Galerie 1.0 Dynamic Galerie 1.0 Directory Traversal Vulnerability SQL Injection Vulnerability in search_result.asp in eDirectoryPro 2.0 and Earlier Heap-based Buffer Overflow in Microsoft Infotech Storage System Library (itss.dll) via Crafted CHM/ITS File IKEv1 Denial of Service Vulnerability in Solaris 9 and 10 Multiple SQL Injection Vulnerabilities in EImagePro SQL Injection Vulnerability in OzzyWork Galeri Admin Panel SQL Injection Vulnerability in DUGallery 2.x Admin Panel Cross-Application Scripting (XAS) Vulnerability in ICQ Client 5.04 Build 2321 and Earlier Integer overflows in DPRPC library allow remote code execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jadu CMS Registration Page Arbitrary Web Script Injection in EPublisherPro's moreinfo.asp via title Parameter Arbitrary Script Injection in Website Baker CMS User Display Name Field Directory Traversal Vulnerability in EServ/3 3.25 IMAP Service Allows Unauthorized Access and Manipulation of User Email and System Directories Information Disclosure Vulnerability in EServ/3 3.25 Allows Source Code Exposure via Crafted HTTP Requests Denial of Service Vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows Arbitrary Web Script Injection Vulnerability in BlueDragon Server and Server JX 6.2.1.286 for Windows Skype URI Handler Argument Injection Vulnerability Encoding-Based SQL Injection Vulnerability in PostgreSQL Vulnerability: Encoding-Based SQL Injection in PostgreSQL PHP Remote File Inclusion Vulnerability in ISPConfig 2.2.2 and Earlier Weak Permissions in S24EvMon.exe Allows Unauthorized Access and Denial of Service Arbitrary File Read Vulnerability in Ideal Science Ideal BB 1.5.4a and Earlier Incomplete Blacklist Vulnerability in Ideal Science Ideal BB 1.5.4a and Earlier: Remote ASP Script Execution Arbitrary ASP Script Execution Vulnerability in Ideal Science Ideal BB 1.5.4a and Earlier Multiple SQL Injection Vulnerabilities in Ideal Science Ideal BB 1.5.4a and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ideal Science Ideal BB 1.5.4a and Earlier Default Configuration Vulnerability in Cisco AVS 3110 and 3120 Multiple PHP Remote File Inclusion Vulnerabilities in SmartISoft phpListPro 2.01 and Earlier Unauthenticated Code Execution Vulnerability in 180solutions Zango Cross-Site Scripting (XSS) Vulnerability in OnlyScript.info Online Universal Payment System Script Directory Traversal Vulnerability in OnlyScript.info Online Universal Payment System Script Integer Overflow Vulnerabilities in Novell DPRPC Library SQL Injection Vulnerability in AngelineCMS 0.6.5 and Earlier: Remote Code Execution via lib/adodb/server.php Information Disclosure Vulnerability in AngelineCMS 0.6.5 and Earlier Arbitrary File Upload Vulnerability in PHP-Fusion 6.00.306 and Earlier Directory Traversal Vulnerabilities in PHP-Fusion 6.00.306 Denial of Service Vulnerability in Mozilla Firefox 1.5.0.3 SQL Injection Vulnerabilities in MyBB 1.1.1: Remote Code Execution via E-mail Verification Improper Conversion of DOS Paths with Trailing Spaces in Windows API Function Remote Code Execution via CSS Upload in Jelsoft vBulletin SQL Injection Vulnerability in MyBB 1.1.1 showthread.php Directory Traversal Vulnerability in D-Link DSL-G604T Wireless ADSL Router Modem Remote Code Execution and Privilege Escalation in plaNetStat 20050127 SQL Injection Vulnerability in index.php in evoTopsites 2.x and evoTopsites Pro 2.x Arbitrary Web Script Injection in PassMasterFlex and PassMasterFlexPlus Information Disclosure Vulnerability in Symantec Gateway Security and Enterprise Firewall Authentication Bypass Vulnerability in IBM WebSphere Application Server 6.0.2 Cross-Site Scripting (XSS) Vulnerability in ManageEngine OpManager 6.0's Search.do SQL Injection Vulnerability in AliPAGER 1.5: Remote Code Execution via ubild Parameter Cross-site scripting (XSS) vulnerability in AliPAGER 1.5 via ubild parameter in inc/elementz.php Authentication Bypass in vpopmail 5.4.14 and 5.4.15 with Cleartext Passwords Enabled Path Disclosure Vulnerability in E-Business Designer (eBD) 3.1.4 and earlier Arbitrary Web Script Injection via id Parameter in E-Business Designer (eBD) 3.1.4 and Earlier Arbitrary File Upload and Code Execution Vulnerability in E-Business Designer (eBD) 3.1.4 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium Cross-Site Scripting (XSS) Vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium Open Redirect Vulnerability in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium User Enumeration Vulnerability in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium Path Disclosure Vulnerability in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium Information Disclosure in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium Source Code Disclosure Vulnerability in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium Multiple Cross-Site Scripting (XSS) Vulnerabilities in Web-Labs CMS Cross-Site Scripting (XSS) Vulnerability in phpBB Chart Mod SQL Injection Vulnerability in charts.php in Chart Mod for phpBB Arbitrary PHP Code Execution via Remote File Inclusion in Download Manager (mxBB pafiledb) Integration Buffer Overflow in getsym in libbfd SQL Injection Vulnerability in Limbo CMS Weblinks Option (weblinks.html.php) Allows Remote Code Execution Arbitrary Web Script Injection in Macromedia ColdFusion 5 and Earlier Arbitrary Web Script Injection Vulnerability in Vizra's a_login.php User-Assisted Remote File Overwrite Vulnerability in libopenobex for ircp 1.2 Cross-site scripting (XSS) vulnerability in Clansys 1.0 and 1.1 allows remote code injection via search function Clansys 1.1 index.php Cross-Site Scripting (XSS) Vulnerability Authentication Bypass Vulnerability in RealVNC 4.1.1 and Related Products RRAS Buffer Overflow Vulnerability RASMAN Buffer Overflow Vulnerability Remote Code Execution Vulnerability in Windows DHCP Client Service SMB Driver Elevation of Privilege Vulnerability SMB Invalid Handle Vulnerability Heap-based Buffer Overflow in PolyPolygon Function on Windows 98 and Me Remote Code Execution Vulnerability in ART Image Rendering Component Remote Code Execution Vulnerability in Microsoft Windows TCP/IP Protocol Driver RPC Mutual Authentication Vulnerability in Microsoft Windows 2000 SP4 HTML Decoding Memory Corruption Vulnerability in Microsoft Internet Explorer Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer's DXImageTransform.Microsoft.Light ActiveX Control Address Bar Spoofing Vulnerability in Microsoft Internet Explorer Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and Earlier Arbitrary Code Execution via Crafted Contact Record in Microsoft Outlook Express 6 and Earlier Arbitrary Code Execution via Crafted DATETIME Record in Microsoft Excel Arbitrary Code Execution Vulnerability in Microsoft Office Excel 2000-2004 Memory corruption vulnerability in Microsoft Office files with malformed properties Arbitrary Script Injection in OZJournals 1.2 via vname Parameter in Comments Functionality Buffer Overflow Vulnerability in EMC Retrospect Client 5.1 through 7.5 Arbitrary PHP Code Execution via Remote File Inclusion in PHP Blue Dragon Platinum 2.8.0 Denial of Service Vulnerability in Empire 4.3.2 and Earlier PHP Live Helper chat.php PHPSESSID Parameter Cross-Site Scripting (XSS) Vulnerability PHP Remote File Inclusion Vulnerability in PopSoft Digital PopPhoto Studio 3.5.4 and Earlier Arbitrary Web Script Injection Vulnerability in phpODP 1.5h Multiple Cross-Site Scripting (XSS) Vulnerabilities in GPhotos 1.5 and Earlier Directory Traversal Vulnerability in GPhotos 1.5 and Earlier Stack-based Buffer Overflow in ServerNetworking::incoming_client_data Function in Outgun 1.0.3 bot 2 and Earlier Denial of Service Vulnerability in Outgun 1.0.3 Bot 2 and Earlier Buffer Over-read Vulnerability in leetnet/rudp.cpp of Outgun 1.0.3 bot 2 and earlier Remote Code Execution Vulnerability in Outgun 1.0.3 Bot 2 and Earlier Arbitrary Command Execution Vulnerability in FileZilla (Versions before 2.2.23) RadScripts RadLance Gold 7.0 Directory Traversal Vulnerability in popup.php Arbitrary File Inclusion Vulnerability in Unclassified NewsBoard (UNB) 1.6.1 Patch 1 and Earlier Directory Traversal Vulnerability in bb_lib/abbc.css.php in Unclassified NewsBoard (UNB) 1.5.3-d and Earlier Versions Stack-based Buffer Overflow in wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, FreeSSHd 1.0.9, and freeFTPd 1.0.10 Multiple Buffer Overflows in Raydium Allow Remote Code Execution Format String Vulnerability in Raydium Console Raydium Network Netcall Exec Null Dereference Vulnerability Buffer Overflow in Raydium Network Read Function in network.c Buffer Over-read Vulnerability in Raydium Network Library Denial of Service Vulnerability in GNUnet with Empty UDP Datagram Handling Directory Traversal Vulnerability in Dovecot 1.0 Beta and 1.0 Cross-Site Scripting (XSS) Vulnerabilities in FlexChat 2.0 and Earlier SQL Injection Vulnerability in e107 0.7.2 and Earlier: Remote Code Execution via Cookie Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 via theme parameter XSS Vulnerability in phpMyAdmin (Versions before 2.8.0.4) Arbitrary Web Script Injection Vulnerability in Directory Listing Script Cross-Site Scripting (XSS) Vulnerability in Bugzilla RSS 1.0 Parsing Stack-based Buffer Overflow in Pragma FortressSSH 4.0.7.20 via Long SSH_MSG_KEXINIT Messages Message Leakage Vulnerability in phpCOIN 1.2.3 and Earlier Confixx 3.1.2 FTPLogin XSS Vulnerability Remote File Inclusion Vulnerability in ezUserManager 1.6 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpRemoteView Denial of Service Vulnerability in Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier Privilege Escalation in Clam Antivirus and ClamXav Arbitrary Code Execution Vulnerability in DUware DUbanner 3.1 via add.asp Unspecified Remote Attack Vector Vulnerability in IBM WebSphere Application Server 6.0.2 Plaintext User Credential Storage Vulnerability in IBM WebSphere Application Server Arbitrary Web Script Injection via SOAP Port in IBM WebSphere Application Server EJB Access Vulnerability via Crafted LTPA Token in IBM WebSphere Application Server Unspecified Vulnerability in IBM WebSphere Application Server Administrative Console Information Disclosure Vulnerability in WebSphere 5.1.1 Common Configuration Mode and J2EE Models Unspecified Script Execution Vulnerability in IBM WebSphere Application Server Plaintext Storage of Admin and LDAP Passwords in WebSphere Application Server FFDC Logs Remote Code Disclosure Vulnerability in Caucho Resin Documentation Package Directory Traversal Vulnerability in Caucho Resin Documentation Package ZipCentral 4.01 Stack-Based Buffer Overflow Vulnerability Heap-based Buffer Overflow in libMagick Component of ImageMagick 6.0.6.2 during Filename Glob Expansion Denial of Service Vulnerability in Pioneers Meta-Server World-readable permissions on .qt/kphonerc file in kphone 4.2 expose usernames and SIP passwords to local users. World-readable permissions on environment.php in Debian package of KnowledgeTree 2.0.7 expose sensitive database credentials Denial of Service Vulnerability in SNMP NAT Helper in Linux Kernel Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) Race condition vulnerability in Linux kernel 2.6.9 and possibly other versions allows remote attackers to cause denial of service via TCP stress tests Arbitrary Command Execution in SpamAssassin with Vpopmail and Paranoid Switch Kernel Memory Read Vulnerability in Linux PowerPC Systems Local File Disclosure Vulnerability in KDE Display Manager (KDM) Authentication Bypass Vulnerability in LibVNCServer 0.7.1 Privilege Escalation and Denial of Service Vulnerability in Linux Kernel Privilege Escalation via GNOME GDM Face Browser Vulnerability Unspecified Format String Vulnerabilities in Dia with Unknown Impact and Attack Vectors Heap-based Buffer Overflow Vulnerabilities in Libextractor 0.5.13 and Earlier Arbitrary SQL Command Execution Vulnerability in PHP-Fusion 6.00.307 and Earlier Remote Code Execution in Sugar Suite Open Source (SugarCRM) 4.2 and earlier Insecure Quality of Service Configuration in BEA WebLogic Server Sensitive Data Exposure in BEA WebLogic Server 8.1 and 7.0 Information Disclosure Vulnerability in SelectaPix 1.31 and Earlier: Revealing Installation Path Information Disclosure: Administrator Password Display in BEA WebLogic Server 8.1 and 7.0 Buffer Overflow in MP3Info 0.8.4: Arbitrary Code Execution via Long Command Line Argument JSP Showcode Vulnerability in BEA WebLogic Server 8.1 and 7.0 Information Disclosure Vulnerability in BEA WebLogic Server Administration Console Information Disclosure Vulnerability in WebLogic Server Administration Console Cleartext Storage of Credentials in BEA WebLogic Server Logs WebLogic Server Administration Console JDBC Security Bypass Vulnerability Information Leakage Vulnerabilities in BEA WebLogic Server Private Key Exposure Vulnerability in BEA WebLogic Server OpenWiki 0.78 Cross-Site Scripting (XSS) Vulnerability in ow.asp Arbitrary SQL Command Execution in Cosmoshop 8.11.106 and Earlier via lshop.cgi Directory Traversal Vulnerability in Cosmoshop 8.11.106 and Earlier: Arbitrary File Read Insufficient Access Control in Bitrix Site Manager 4.1.x Allows Information Disclosure Arbitrary Code Injection through Bitrix Site Manager 4.1.x Administrative Interface Open Redirect Vulnerability in Bitrix Site Manager 4.1.x Unauthenticated Remote Code Execution via Update Functionality in Bitrix Site Manager 4.1.x Format String Vulnerability in Dia 0.94: Denial of Service and Arbitrary Code Execution Authentication Credentials Exposure in VMware ESX Server 2.x Heap-based Buffer Overflow in TZipTV Component Remote File Inclusion Vulnerability in Squirrelcart 2.2.2 and Earlier: Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in IceWarp WebMail 5.5.1 and Earlier Remote File Inclusion Vulnerability in Quezza 1.0 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in YapBB 1.2 Beta2 and Earlier: Remote Code Execution via userID Parameter in find.php Multiple PHP Remote File Inclusion Vulnerabilities in ScozNews 1.2.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Spymac WebOS (WOS) 5.0 Integer Overflow in Nagios CGI Scripts via Content-Length HTTP Header Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mobotix IP Network Cameras Arbitrary Web Script Injection in BoastMachine (bMachine) 3.1 and Earlier Microsoft Word Buffer Overflow Vulnerability IntelliTamper 2.07 Remote Code Execution Vulnerability CSRF Vulnerability in Serendipity Entry Manager Allows Unauthorized Actions Buffer Overflow Vulnerability in iMonitor 2.4 in Novell eDirectory 8.8 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AspBB 0.5.2 Arbitrary PHP Script Execution in Invision Power Board (IPB) before 2.1.6 SQL Injection Vulnerability in CANews 1.2: Remote Code Execution via Password Field Cross-site scripting (XSS) vulnerability in add_news.asp in CodeAvalanche News (CANews) 1.2 Arbitrary Web Script Injection Vulnerability in Sun ONE and Java System Servers Arbitrary Code Execution via Long USER Command in Cyrus IMAPD Arbitrary SQL Command Execution in DeluxeBB 1.06 via misc.php Multiple SQL Injection Vulnerabilities in mono AZBOARD 1.0 and Earlier Arbitrary SQL Query Execution Vulnerability in Oracle Database Server 10g Release 2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sphider's search.php PHP Remote File Inclusion Vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0 SQL Injection Vulnerability in YourFreeWorld.com Stylish Text Ads Script SQL Injection Vulnerability in login.php in YourFreeWorld.com Short URL & URL Tracker Script Arbitrary Script Injection in YourFreeWorld.com Short Url & Url Tracker Script Arbitrary Code Execution and File Access Vulnerability in FrontRange iHEAT ActiveX SQL Injection Vulnerability in Hitachi EUR Professional Edition, EUR Viewer, EUR Print Service, and EUR Print Service for ILF Privilege Escalation Vulnerability in Sun Java System Directory Server 5.2 Installation Process Arbitrary File Upload Vulnerability in Coppermine Galleries Arbitrary Script Injection in Hiox Guestbook 3.1 Remote Code Execution via Directory Traversal in XOOPS 2.0.13.2 and earlier SQL Injection Vulnerability in MyWeb Portal Office and Editions Arbitrary Web Script Injection Vulnerability in phpwcms 1.2.5-DEV Directory Traversal Vulnerability in SPAW Editor PHP Edition Directory Traversal Vulnerability in BitZipper 4.1.2 SR-1 and Earlier Remote File Inclusion Vulnerability in phpMyDirectory 10.4.4 and Earlier: Execution of Arbitrary PHP Code Insufficient Access Control in Dayfox Blog 2.0 and Earlier Allows Remote Privilege Escalation Remote Code Execution via PHPListPro Language Cookie UseBB 1.0 RC1 and Earlier XSS Vulnerability in User Date Format Processing SQL Injection Vulnerability in UseBB 1.0 RC1 and Earlier: Remote Code Execution via Member List Search Module PHP Easy Galerie 1.1 - Remote File Inclusion Vulnerability Authentication Bypass Vulnerability in phpBazar 2.1.0 and Earlier Remote File Inclusion Vulnerability in phpBazar 2.1.0 and Earlier: Arbitrary PHP Code Execution Arbitrary File Upload Vulnerability in FCKeditor Arbitrary File Upload Vulnerability in Avatar MOD 1.3 for Snitz Forums 3.4 HTTP Header Spoofing Vulnerability in Ipswitch WhatsUp Professional 2006 Information Disclosure Vulnerability in stats.php of Destiney Rated Images Script 0.5.0 Arbitrary Web Script Injection via Cross-Site Scripting (XSS) Vulnerability in Destiney Rated Images Script 0.5.0 Information Disclosure Vulnerability in Destiney Links Script 2.1.2 Information Disclosure Vulnerability in Destiney Links Script 2.1.2 Cross-Site Scripting (XSS) Vulnerability in Destiney Links Script 2.1.2 Remote Code Execution via Format String Vulnerabilities in OpenBOR and BOR Game Engines Denial of Service Vulnerability in IE Tab 1.0.9 Plugin for Mozilla Firefox 1.5.0.3 Cleartext Password Vulnerability in Sybase EAServer Sensitive User Data Exposed in Diesel PHP Job Site's install.php Zixforum 1.12 settings.asp SQL Injection Vulnerability World-writable permissions in xmcdconfig vulnerability in Debian GNU/Linux 2.6-17.1 Remote SQL Injection Vulnerability in Xtreme Topsites 1.1 Multiple SQL Injection Vulnerabilities in Xtreme Topsites 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xtreme Topsites 1.1 Cleartext Storage of Administrator Password in BEA WebLogic Server 8.1 Unspecified Arbitrary Command Execution Vulnerability in SAP with Informix Arbitrary Code Execution via Shell Metacharacters in Prodder and Perlpodder PDF Form Filling and Flattening Tool Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution in perlpodder before 0.5 via URL Metacharacters Unspecified Denial of Service Vulnerability in HP-UX B.11.00 Kernel Information Disclosure Vulnerability in Jemscripts DownloadControl 1.0 Arbitrary HTML Injection Vulnerability in Jemscripts DownloadControl 1.0 Buffer Overflow in tell_player_surr_changes function in Genecys 0.2 and earlier: Remote Code Execution Vulnerability Null Dereference Vulnerability in Genecys 0.2 and Earlier Florian Amrhein NewsPortal XSS Vulnerability Remote File Inclusion Vulnerability in Florian Amrhein NewsPortal and TR Newsportal Allows Arbitrary PHP Code Execution Arbitrary HTML Injection in IpLogger 1.7 and Earlier Remote Access Bypass and Unauthorized Operations in Linksys WRT54G Wireless-G Broadband Router Bypassing Access Restrictions and Unauthorized Operations in Sitecom WL-153 Router Firmware Remote Bypass of Access Restrictions and Unauthorized Operations in Edimax BR-6104K Router Remote Bypass of Access Restrictions and Unauthorized Operations in ZyXEL P-335WT Router Bypassing Safe Mode and File Read Vulnerability in cURL Library Multiple Cross-Site Scripting (XSS) Vulnerabilities in AlstraSoft E-Friends index.php SQL Injection Vulnerability in Alstrasoft Article Manager Pro 1.6 Sensitive Information Disclosure in Alstrasoft Article Manager Pro 1.6 Arbitrary Code Injection through Cross-Site Scripting (XSS) in Alstrasoft Article Manager Pro 1.6 Remote File Inclusion Vulnerability in UBB.threads 6.4 through 6.5.2 and 6.5.1.1 (trial) SQL Injection Vulnerability in 4R Linklist 1.0 RC2 and Earlier: Remote Code Execution via links.php CaLogic Calendars 1.2.2 - PHP Remote File Inclusion Vulnerability Arbitrary Web Script Injection in Alkacon OpenCms 6.0.0-6.0.3 Search Function DGBook 1.0 Cross-Site Scripting (XSS) Vulnerability in index.php SQL Injection Vulnerability in DGBook 1.0 Allows Remote Code Execution Unspecified Privilege Escalation Vulnerabilities in HP-UX Software Distributor Denial of Service Vulnerability in NetPanzer 0.8 and Earlier: setFrame Function Crash Multiple PHP Remote File Inclusion Vulnerabilities in Docebo 3.0.3 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Docebo 3.0.3 and Earlier Arbitrary File Inclusion and Remote Code Execution in eSyndicat Directory 1.2 Remote Code Execution Vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 Unspecified Remote Code Execution Vulnerabilities in HP OpenView Network Node Manager (OV NNM) Arbitrary Web Script Injection Vulnerability in RWiki 2.1.0pre1 through 2.1.0 Arbitrary Ruby Code Execution Vulnerability in RWiki 2.1.0pre1 through 2.1.0 PHP Remote File Inclusion Vulnerability in Nucleus 3.22 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in SkyeBox 1.2.0 post.php SQL Injection Vulnerability in Destiney Links Script 2.1.2 IpLogger 1.7 and Earlier XSS Vulnerability via HTTP_REFERER Header Buffer Overflow Vulnerability in WebTool HTTP Server Component Arbitrary File Upload Vulnerability in Russcom PHPImages SQL Injection Vulnerability in rss.php in MyBB 1.1.1 Allows Remote Code Execution SQL Injection Vulnerability in e107 before 0.7.5 Unspecified Emailing Exploit in e107 before 0.7.5 Arbitrary PHP Code Execution Vulnerability in DSChat 1.0 Arbitrary Web Script Injection Vulnerability in DSChat 1.0 and Earlier Chatty 1.0.2 and Other Versions XSS Vulnerability in Username Field Privilege Escalation Vulnerability in Vixie Cron 4.1 Arbitrary File Modification and Code Execution in artmedic newsletter 4.1 Arbitrary File Modification and Remote Code Execution in Artmedic Newsletter 4.1.2 Arbitrary Web Script Injection in phpRaid 2.9.5 view.php Arbitrary JavaScript Injection via Cross-Site Scripting (XSS) Vulnerability in MediaWiki 1.6.x Clipboard Contents Disclosure Vulnerability Information Disclosure Vulnerability in Mozilla Suite, Firefox, and Netscape Vulnerability: Password Exposure in Sun N1 System Manager 1.1 for Solaris 10 Command Injection Vulnerability in Russcom.Ping SQL Injection Vulnerability in AlstraSoft Web Host Directory 1.2 and HyperStop WebHost Directory 1.2 Path Disclosure Vulnerability in AlstraSoft Web Host Directory 1.2 and HyperStop WebHost Directory 1.2 Cross-Site Scripting (XSS) Vulnerability in AlstraSoft Web Host Directory 1.2 and HyperStop WebHost Directory 1.2 Race condition vulnerability in Linux kernel 2.6.15 to 2.6.17 on SMP platforms leading to denial of service Remote Code Execution Vulnerability in Symantec Antivirus 10.1 and Client Security 3.1 Arbitrary Account Modification Vulnerability in phpFoX Cross-Site Scripting (XSS) Vulnerability in Andrew Godwin ByteHoard 2.1 and Earlier Absolute Path Traversal Vulnerability in ByteHoard 2.1: Unauthorized File Manipulation Neocrome Land Down Under (LDU) in Neocrome Seditio 102 XSS Vulnerability via HTTP Referer Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tikiwiki 1.9.x Authentication Bypass Vulnerability in Katy Whitton NewsCMSLite Arbitrary Script Injection in TuttoPhp Guestbooks SQL Injection Vulnerability in qjForum's member.asp Allows Remote Code Execution XSS Vulnerability in prattmic and Master5006 PHPSimpleChoose 0.3 Input Forms OmegaMw7a.ASP in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) WCE Parameter Cross-Site Scripting (XSS) Vulnerability Unverifiable Cross-Site Scripting (XSS) Vulnerability in John Frank Asset Manager (AssetMan) 2.4a and Earlier Unverifiable Cross-Site Scripting (XSS) Vulnerability in Marco M. F. De Santis Php-residence 0.6 and Earlier Arbitrary Script Injection in Monster Top List (MTL) 1.4 via user_error_message Parameter Arbitrary Code Execution via Configdir Parameter in AWStats Plume 1.0.3 Remote File Inclusion Vulnerability in prepend.php Remote Code Execution Vulnerability in Alt-N MDaemon Untrusted Search Path Vulnerability in IBM AIX Update_Flash Arbitrary HTML Injection Vulnerability in perform_search.asp for ASPBB 0.52 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in CosmicShoppingCart SQL Injection Vulnerability in CosmicShoppingCart's search.php Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in Vacation Rental Script 1.0 Arbitrary HTML and Script Injection in WikiNi 0.4.2 and Earlier D-Link DSA-3100 Login Error Page XSS Vulnerability CVE-2006-1864 (FreeBSD smbfs) Directory Traversal Vulnerability Vulnerability: Access Restriction Bypass in ypserv Build Process Stack-based Buffer Overflow in libtiff's tiffsplit Command Directory Traversal Vulnerability in mod_mono Allows Remote File Read Denial of Service (CPU Consumption) in Courier MTA due to Improper Handling of Usernames with = Character Buffer Consumption Vulnerability in tempnam Function in PHP Null Dereference Vulnerability in Freetype Library (CVE-2006-1861) Credential Leakage in VMware Server Allows Privilege Escalation Multiple Cross-Site Scripting (XSS) Vulnerabilities in iFlance 1.1 iFdate 1.2 Cross-Site Scripting (XSS) Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in V-Webmail 1.3 Remote File Inclusion Vulnerability in V-Webmail 1.5 through 1.6.4 WordPress 2.0.2 and Earlier Direct Static Code Injection Vulnerability Docebo LMS 2.05 - Multiple PHP Remote File Inclusion Vulnerabilities Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pre Shopping Mall 1.0 Cross-Site Scripting (XSS) Vulnerabilities in ChatPat 1.0 SQL Injection Vulnerability in ChatPat 1.0: Remote Code Execution via Nickname Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in Realty Pro One Arbitrary Script Injection in Bulletin Board Elite-Board (E-Board) 1.1 Search Function Multiple SQL Injection Vulnerabilities in Tamber Forum 1.9.13 and Earlier PHP Remote File Inclusion Vulnerability in UBBThreads 5.x and 6.x User Enumeration Vulnerability in SiteScape Forum 7.2 and Earlier Insufficient Access Control in SiteScape Forum 7.2 and Earlier Allows Path Information Disclosure Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pre News Manager 1.0 Privilege Escalation Vulnerability in Cisco VPN Client for Windows GUI AZ Photo Album Script Pro index.php Cross-site Scripting (XSS) Vulnerability Remote File Inclusion Vulnerability in SocketMail Lite and Pro 2.2.6 and Earlier Remote Code Execution via PHP File Inclusion in Back-End CMS 0.7.2.1 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in open-medium.CMS 0.25 Arbitrary Code Injection through Search Module in CMS Mundo 1.0 Remote File Inclusion Vulnerability in BASE 1.2.4 and Earlier with Register_Globals Enabled PHP Remote File Inclusion Vulnerabilities in ActionApps 2.8.1 Arbitrary Web Script Injection via Email Address in PHP-AGTC Membership System Arbitrary SQL Command Execution Vulnerability in Achievo Employees Node Multiple Cross-Site Scripting (XSS) Vulnerabilities in EVA-Web 2.1.2 and Earlier Path Disclosure Vulnerability in EVA-Web 2.1.2 and Earlier Unspecified information leakage vulnerability in aMuleWeb for AMule before 2.1.2 Unspecified Directory Traversal Vulnerabilities in aMuleWeb for AMule Arbitrary File Read Vulnerability in Nivisec Hacks List 1.20 and Earlier for phpBB PHP Remote File Inclusion Vulnerabilities in EzUpload Pro 2.10 Arbitrary Code Execution via File Upload in DGNews 1.5 and Earlier Arbitrary Web Script Injection in Easy-Content Forums 1.0 SQL Injection Vulnerabilities in Easy-Content Forums 1.0 Information Disclosure Vulnerability in Geeklog 1.4.0sr2 and Earlier Geeklog 1.4.0sr2 and Earlier: Cross-Site Scripting (XSS) Vulnerability in getimage.php Geeklog 1.4.0sr2 SQL Injection Vulnerability in admin/auth.inc.php Geeklog 1.4.0sr2 and Earlier SQL Injection Vulnerability in Story Submission IP Address Spoofing Vulnerability in WordPress 2.0.2 on Mac OS X Unverified SSL Certificates in RedCarpet (rug) Enable Man-in-the-Middle Attacks Cleartext Message Vulnerability in Secure Elements Class 5 AVR Server and Client (C5 EVM) Denial of Service Vulnerability in Secure Elements Class 5 AVR Server Denial of Service Vulnerability in Secure Elements Class 5 AVR Server Insecure Certificate Validation in Secure Elements Class 5 AVR Server Buffer Overflow Vulnerability in Secure Elements Class 5 AVR Client (C5 EVM) before 2.8.1 Insecure Message Validation in Secure Elements Class 5 AVR (C5 EVM) before 2.8.1 Insecure RSA Key Reuse in Secure Elements Class 5 AVR (C5 EVM) Insecure Initialization Vector and Key Reuse in Secure Elements Class 5 AVR Lack of Message Digest Integrity Verification in Secure Elements Class 5 AVR (aka C5 EVM) Client and Server Predictable CEID Generation in Secure Elements Class 5 AVR Client (C5 EVM) before 2.8.1 Insecure CEID Validation in Secure Elements Class 5 AVR Client Unrestricted Access to Servers via Secure Elements Class 5 AVR Administration Console Hard-coded User ID and Password Vulnerability in Secure Elements Class 5 AVR Server Arbitrary File Overwrite Vulnerability in Secure Elements Class 5 AVR Client and Server Passing of Microsoft SQL Server Account Credentials in JIWA Financials 6.4.14 Crystal Reports .rpt File Vulnerability Cleartext Storage of Usernames and Passwords in JIWA Financials 6.4.14 SQL Injection Vulnerability in news.php in VARIOMAT: Remote Code Execution via subcat Parameter Arbitrary HTML Injection via subcat Parameter in VARIOMAT's news.php SQL Injection Vulnerability in SelectaPix 1.4 view_album.php Denial of Service Vulnerability in Mozilla Firefox with Nested Marquee Tags Arbitrary HTML Injection in PunBB 1.2.11 Admin Note Feature Arbitrary SQL Command Execution in Eggblog RSS/Posts.php (CVE-XXXX-XXXX) Fastpublish CMS 1.6.9.d Remote File Inclusion Vulnerability User Password Modification Vulnerability in Eggblog 3.0 Arbitrary Web Script Injection in Photoalbum B&W 1.3 Cross-Site Scripting (XSS) Vulnerability in Photoalbum B&W 1.3 PHP Remote File Inclusion Vulnerability in Hot Open Tickets (HOT) 11012004_ver2f Multiple SQL Injection Vulnerabilities in Enigma Haber 4.3 and Earlier SQL Injection Vulnerability in Mini-Nuke 2.3 and Earlier: Remote Code Execution via Your_Account.asp Plaintext Security Codes in Mini-Nuke 2.3 and Earlier Allow Remote Registration Exploitation Vulnerability: Password Guessing Attack in Mini-Nuke 2.3 and Earlier PHP Remote File Inclusion Vulnerability in Activity MOD Plus (Amod) 1.1.0 Blend Portal 1.2.0 PHP Remote File Inclusion Vulnerability Arbitrary User Creation Vulnerability in Nukedit 4.9.6 and Earlier Default Username and Password Vulnerability in Open-Xchange 0.8.2 and Earlier Remote File Inclusion Vulnerability in Epicdesigns tinyBB 0.3 Multiple SQL Injection Vulnerabilities in Epicdesigns tinyBB 0.3 Cross-Site Scripting (XSS) Vulnerability in Epicdesigns tinyBB 0.3 SQL Injection Vulnerability in Drupal 4.6.x and 4.7.0 Arbitrary File Upload and Execution Vulnerability in Drupal 4.6.x and 4.7.0 Arbitrary PHP Code Execution via Remote File Inclusion in F@cile Interactive Web PHP Remote File Inclusion Vulnerabilities in F@cile Interactive Web 0.8.5 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in F@cile Interactive Web 0.8.5 and Earlier PhpMyDesktop|arcade 1.0 FINAL Directory Traversal Vulnerability SQL Injection Vulnerability in Open Searchable Image Catalogue (OSIC) SQL Injection Vulnerability in search.php in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and Earlier Arbitrary Code Injection through Failed SQL Queries in OSIC Arbitrary Script Injection in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and Earlier World-readable permissions on RedCarpet configuration file in Novell Linux Desktop 9 and SUSE SLES 9 allow password theft MySQL SQL Injection Vulnerability in Multibyte Encodings Stack-based Buffer Overflow in slurpd for OpenLDAP Cross-Site Scripting (XSS) Vulnerability in UBBThreads 5.x and Earlier via debug Parameter Denial of Service Vulnerability in Eitsop My Web Server 1.0 Cross-Site Scripting (XSS) Vulnerability in Chipmunk Guestbook Directory Traversal Vulnerability in Jetty 6.0.x (Jetty6) Beta16 Arbitrary Script Source Code Disclosure in Jetty 6.0.x (Jetty6) Beta16 SQL Injection Vulnerability in 4nForum 0.91 Modules.php SQL Injection Vulnerability in Hitachi HITSENSER3 WebCalendar 1.0.3 - PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in Pre News Manager 1.0 Arbitrary Code Injection via Cross-Site Scripting (XSS) in GuestbookXL 1.3 Arbitrary Web Script Injection Vulnerability in Interlink Advantage's news_information.php Buffer Overflow Vulnerability in INETCOMM.DLL Remote File Inclusion Vulnerability in Ottoman 1.1.2 with Enabled Register Globals Remote File Inclusion Vulnerability in METAjour 2.1 with Enabled Register Globals HTTP Inspect Preprocessor Vulnerability: Bypassing uricontent Rules via Carriage Return Arbitrary File Read Vulnerability in pppBLOG 0.3.8 and Earlier Arbitrary Post Deletion Vulnerability in Hogstorps Hogstorp Guestbook 2.0 Cross-Site Scripting (XSS) Vulnerability in Hogstorps Hogstorp Guestbook 2.0 add.asp Unauthenticated Remote Post Editing Vulnerability in Hogstorps hogstorp Guestbook 2.0 QontentOne CMS search.php XSS Vulnerability Improper URL Association Vulnerability in Mozilla Firefox and Thunderbird Privileged UI Code Execution Vulnerability in Mozilla Firefox and Thunderbird Arbitrary Code Execution via nsISelectionPrivate Interface in Mozilla Firefox and SeaMonkey Buffer Overflow Vulnerability in Mozilla Firefox and Thunderbird's crypto.signText Function Memory Corruption Vulnerability in Mozilla Firefox and Thunderbird Integer Overflow Vulnerability in Mozilla Firefox and Thunderbird Double Free Vulnerability in nsVCard.cpp in Mozilla Thunderbird and SeaMonkey Incomplete Fix for Arbitrary File Reading Vulnerability in Firefox 1.5.0.2 Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and Thunderbird Remote Code Execution via PLUGINSPAGE Functionality in Mozilla Firefox User-assisted remote cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 HTTP Response Smuggling Vulnerability in Mozilla Firefox and Thunderbird Privilege Escalation via EvalInSandbox in Mozilla Firefox and Thunderbird Double Free Vulnerability in getRawDER Function in Firefox Denial of Service Vulnerability in Evolution 2.2.x and 2.3.x World-writable permissions in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 allow local privilege escalation Arbitrary File Read Vulnerability in iBoutique.MALL and iBoutique index.php Arbitrary SQL Command Execution Vulnerability in Woltlab Burning Board (WBB) 2.3.4 SQL Injection Vulnerability in Anket.asp in ASPSitem 2.0 and Earlier Remote Code Execution Vulnerability in Hesabim.asp in ASPSitem 2.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in XiTi Tracking Script 6 and 7 RC Arbitrary Script Injection in Captivate 1.0 Gallery.php Multiple SQL Injection Vulnerabilities in phpCommunityCalendar 4.0.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpCommunityCalendar 4.0.3 Cross-site scripting (XSS) vulnerability in toendaCMS 0.7.0 content_footer.php Unak CMS 1.5 RC2 Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerabilities in Unak CMS 1.5 RC2 and Earlier: Remote Code Execution Buffer Overflow Vulnerability in xine-lib HTTP Plugin PHP ManualMaker 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary Script Injection in Goss Intelligent Content Management (iCM) 7.0 and Earlier VBulletin 3.0.10 SQL Injection Vulnerability Denial of Service Vulnerability in Apache James SMTP Server Remote Password Change Vulnerability in ASPwebSoft Speedy Asp Discussion Forum Lycos Tripod htmlGEAR guestGEAR XSS Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in ar-blog 5.2 index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Belchior Foundry vCard 2.9 Multiple PHP Remote File Inclusion Vulnerabilities in Cantico Ovidentia 5.8.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dominios Europa PICRATE 1.0 Arbitrary File Read Vulnerability in iShopCart's easy-scart.cgi Multiple Buffer Overflows in iShopCart's vGetPost and main Functions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 Stable Multiple Cross-Site Scripting (XSS) Vulnerabilities in coolphp Magazine SQL Injection Vulnerability in bolum.php in tekno.Portal Remote File Inclusion Vulnerability in Cameron McKay Informium 0.12.0: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Barnraiser Igloo 0.1.9 and Earlier: Arbitrary PHP Code Execution HotWebScripts.com Weblog Oggi 1.0 - Cross-Site Scripting (XSS) Vulnerability DeltaScripts Pro Publish Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in Dusan Drobac CodeAvalanche FreeForum (aka CAForum) 1.0 Insufficient Access Control in a.shopKart 2.0 Allows Remote Database Download PostgreSQL Encoding Security Hole in Logicalware MailManager Inconsistent PHP open_basedir Configuration Synchronization in cPanel SQL Injection Vulnerability in PHPLib's sessions.inc SQL Injection Vulnerability in X-Cart Gold and Pro 4.0.18 and X-Cart 4.1.0 beta 1 Global Variable Overwrite Vulnerability in PHP-Nuke Allows Remote PHP File Inclusion Attacks Arbitrary Code Execution Vulnerability in Hawk Monitoring Agent (HMA) and Runtime Agent (TRA) Buffer Overflow in TIBCO Rendezvous, TIBCO Runtime Agent (TRA), and Hawk via HTTP Administrative Interface Arbitrary Code Execution Vulnerability in Drupal 4.6.x and 4.7.x Arbitrary Web Script Injection Vulnerability in Drupal Upload Module Arbitrary Script Injection in Drupal Taxonomy Module Remote File Inclusion Vulnerability in gnopaste 0.5.3 and earlier SQL Injection Vulnerability in saphplesson 2.0: Remote Code Execution SQL Injection Vulnerability in Pineapple Technologies Lore 1.5.6 and Earlier: Remote Code Execution via comment.php Techno Dreams Guest Book XSS Vulnerability Buffer Overflow Vulnerability in F-Secure Anti-Virus for Microsoft Exchange and Internet Gatekeeper Directory Traversal Vulnerability in WeBWorK Online Homework Delivery System 2.2.0 and Earlier Arbitrary Web Script Injection in PmWiki 2.1.6 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in ACID CMS 1.1.3 PHP Remote File Inclusion Vulnerability in SquirrelMail 1.4.6 and Earlier Remote File Inclusion Vulnerability in Redaxo 2.7.4 PHP Remote File Inclusion Vulnerabilities in Redaxo 3.0 Remote File Inclusion Vulnerability in Redaxo 3.0 up to 3.2 Unspecified Cross-Site Scripting (XSS) Vulnerability in Print.PHP in VisionGate Portal System SQL Injection Vulnerability in aspWebLinks 2.0: Remote Code Execution via linkID Parameter Remote Code Execution in aspWebLinks 2.0 via links.asp Remote Code Execution in Bytehoard 2.1 Epsilon/Delta via PHP Remote File Inclusion in server.php Arbitrary Web Script Injection in PHP Labware LabWiki 1.0 and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in dotProject 2.0.2 and Earlier Remote File Inclusion Vulnerability in dotWidget CMS 1.0.6 and Earlier SQL Injection Vulnerability in abarcar Realty Portal 5.1.5: Remote Code Execution via cat Parameter in content.php SQL Injection Vulnerability in iBWd Guestbook 1.0: Remote Code Execution via offset Parameter SQL Injection Vulnerability in xueBook 1.0: Remote Code Execution via start Parameter in index.php Privilege Escalation via sitecustomize.pl File in ActivePerl 5.8.8.817 for Windows SQL Injection Vulnerability in LifeType 1.0.4 - Remote Code Execution via ViewArticle Action SQL Injection Vulnerability in LocazoList Classifieds 1.05e: Remote Code Execution via viewmsg.asp PHP Remote File Inclusion Vulnerability in MyBloggie 2.1.1 and Earlier Remote File Inclusion Vulnerability in Webspotblogging 3.0.1 SQL Injection Vulnerability in Particle Wiki 1.0.2 and Earlier: Remote Code Execution via version Parameter SQL Injection Vulnerability in Particle Gallery 1.0.0 and Earlier: Remote Code Execution via viewimage.php CS-Cart 1.3.3 Remote File Inclusion Vulnerability in class.cs_phpmailer.php BlueShoes Framework 4.6 Multiple PHP Remote File Inclusion Vulnerabilities Remote File Inclusion Vulnerability in phpBB 2 template.php DotClear 1.2.4 and Earlier PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in CoolForum 0.8.3 beta and Earlier: Remote Code Execution via editpost.php Remote File Inclusion Vulnerabilities in Claroline 1.7.6 Unspecified Remote Code Execution Vulnerability in avast! CHM Unpacker Intelligent Solutions Inc. ASP Discussion Forum XSS Vulnerability in forum_search.asp CyBoards PHP Lite 1.25 Remote File Inclusion Vulnerability Rumble 1.02 PHP Remote File Inclusion Vulnerability Arbitrary Web Script Injection in Enigma Haber 4.2 via hava.asp Unspecified Cross-Site Scripting (XSS) Vulnerability in OSADS Alliance Database before 1.4 Stack-based Buffer Overflow in Quake 3 Engine 1.32c and Earlier: Remote Code Execution via CL_ParseDownload Function Cross-Site Scripting (XSS) Vulnerability in cat.php in PHP Pro Publish 2.0 Bookmark4U 2.0.0 and Earlier: PHP Remote File Inclusion Vulnerability Remote Code Execution via Spellchecker in DokuWiki 2006/06/04 and earlier SQL Injection Vulnerability in Alex News-Engine 1.5.0 and Earlier: Remote Code Execution via newscomments.php Arbitrary Web Script Injection in PyBlosxom Contributed Packages PHP Remote File Inclusion Vulnerabilities in DreamAccount 3.1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in ASPScriptz Guest Book 2.0 and Earlier via submit.asp Kmita FAQ 1.0 search.php Cross-site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Kmita FAQ 1.0: Remote Code Execution via catid Parameter Cross-Site Scripting (XSS) Vulnerabilities in KnowledgeTree Open Source 3.0.3 and Earlier Information Disclosure Vulnerability in KnowledgeTree Open Source 3.0.3 and earlier SQL Injection Vulnerabilities in myNewsletter 1.1.2 and Earlier: Remote Code Execution Remote File Inclusion Vulnerability in Wikiwig 4.1 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerabilities in Pixelpost 1-5rc1-2: Remote Code Execution and Administrator Privilege Escalation Remote Code Execution in Pixelpost 1-5rc1-2 and Earlier with Enabled register_globals Arbitrary HTML Injection Vulnerability in Pixelpost 1-5rc1-2 and Earlier Arbitrary HTML and Web Script Injection in GANTTy 1.0.3 Login Action Path Disclosure Vulnerability in GANTTy 1.0.3 via Invalid lang Parameter Arbitrary File Read Vulnerability in Mozilla Firefox, Mozilla Suite, Mozilla SeaMonkey, and Netscape Arbitrary HTML and Web Script Injection in MediaWiki 1.6.0 - 1.6.6 Arbitrary Password Change Vulnerability in FunkBoard CF0.71 FunkBoard 0.71 Cross-Site Scripting (XSS) Vulnerability Buffer overflow vulnerability in Asterisk 1.2.x and 1.0.x allows remote attackers to execute arbitrary code via truncated IAX2 video frames. Arbitrary Code Execution Vulnerability in ESTsoft InternetDISK Arbitrary File Reading Vulnerability in Internet Explorer 6 Information Disclosure Vulnerability in D-Link Wireless Access-Point (DWL-2100ap) Firmware Potential Directory Traversal Vulnerability in Particle Links 1.2.2 Arbitrary Web Script Injection in Particle Links 1.2.2 via admin.php Arbitrary SQL Command Execution in Partial Links 1.2.2 via index.php Sensitive Information Disclosure in Partial Links 1.2.2 via Direct Request to page_footer.php and page_header.php Denial of Service Vulnerability in libgd 2.0.33 via LZW Decoding in gdImageCreateFromGifPtr Function Remote Code Execution in MyBulletinBoard (MyBB) 1.1.2 via domecode function in inc/functions_post.php Remote Code Execution via Stack-based Buffer Overflow in PicoZip 4.01 Buffer Overflow Vulnerability in jetAudio 6.2.6.8330 (Basic) SQL Injection Vulnerability in CMS Mundo Control Panel Multiple SQL Injection Vulnerabilities in SelectaPix 1.31 Arbitrary Web Script Injection in SelectaPix 1.31 via albumID Parameter Remote Code Execution in DeluxeBB 1.06 via PHP Remote File Inclusion Vulnerability SQL Injection Vulnerabilities in DeluxeBB 1.06: Remote Code Execution via Account Registration Parameters Privilege Escalation in aRts via setuid Failure Directory Traversal Vulnerability in WinGate IMAP Server Insecure Storage of CAPTCHA UUID and Hash in ViewState Unspecified Remote Code Execution Vulnerability in Microsoft NetMeeting 3.01 Remote Code Execution Vulnerability in Sylpheed-Claws and Sylpheed URI Check Functionality Remote File Inclusion Vulnerability in Clan Manager Pro (CMPRO) 1.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in MiraksGalerie 2.62 Buffer Overflow Vulnerability in iaxclient Library Denial of Service Vulnerability in Ingate Firewall and SIParator Cross-site scripting (XSS) vulnerability in Ingate Firewall and SIParator web interface allows remote code injection and cookie theft Stack-based Buffer Overflow in Qbik WinGate 6.1.1.1077 WWW Proxy Server Multiple Cross-Site Scripting (XSS) Vulnerabilities in CodeAvalanche FreeForum 1.0 PHP Remote File Inclusion Vulnerabilities in CMS-Bandits 2.5 and Earlier OpenEMR 2.8.1 Remote File Inclusion Vulnerability Local Privilege Escalation Vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid Engine 6.0 Arbitrary PHP Code Execution via Image File Upload in CMS Mundo Denial of Service Vulnerability in 4/4GB Split Support for Non-Hugemem Linux Kernels on Red Hat Linux Desktop and Enterprise Linux 4 kdesktop_lock Termination Vulnerability in KDE SCTP conntrack Denial of Service Vulnerability Buffer Overflow Vulnerability in Linux Kernel DVD Handling Code Denial of Service Vulnerability in Linux Kernel's ftdi_sio Driver Denial of Service Vulnerability in OpenSSL 0.9.7 and 0.9.8 Denial of Service Vulnerability in OpenSSL with Parasitic Public Keys Denial of Service Vulnerability in Mailman 2.1.9rc1 Remote Code Execution in TWiki 4.0.0-4.0.2 via Modified Action Attribute in TWikiRegistration Form Remote Code Injection Vulnerability in CGI-RESCUE WebFORM 4.1 and Earlier Remote Code Execution Vulnerability in CGI-RESCUE FORM2MAIL 1.21 and Earlier Unspecified User Profile Change Vulnerability in DokuWiki with Access Control Lists Insufficient Access Control in Dmx Forum 2.1a Allows Remote Database Credential Retrieval Information Disclosure Vulnerability in DMX Forum 2.1a Insufficient Access Control in A-CART 2.0 Allows Remote Credential Theft MyBB 1.1.2 private.php Cross-Site Scripting (XSS) Vulnerability Information Disclosure in Net Portal Dynamic System (NPDS) 5.10 and earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and Earlier Directory Traversal Vulnerability in Net Portal Dynamic System (NPDS) 5.10 and Earlier Arbitrary Web Script Injection Vulnerability in OfficeFlow 2.6 and Earlier SQL Injection Vulnerability in OfficeFlow 2.6 and Earlier: Remote Code Execution via Project Parameter in files.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in KAPhotoservice 7.5 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in i.List 1.5 Beta and Earlier Cross-Site Scripting (XSS) Vulnerability in i.List 1.5 Beta and Earlier Directory Traversal Vulnerability in FilZip 3.05 Allows Remote File Write SQL Injection Vulnerability in Snitz Forum 3.4.05 and Earlier via inc_header.asp Joomla! 1.0 Remote File Inclusion Vulnerability in includes/joomla.php CesarFTP 0.99g Stack-Based Buffer Overflow Vulnerability Remote File Inclusion Vulnerability in Emergenices Personnel Information System (Empris) 20020923 and Earlier Arbitrary Web Script Injection Vulnerability in Cabacos Web CMS 3.8.498 and Earlier Xtreme Scripts Download Manager 1.0 - Multiple PHP Remote File Inclusion Vulnerabilities Cross-Site Scripting (XSS) Vulnerabilities in Particle Soft Particle Whois 1.0.3 Particle Soft Particle Wiki 1.0.2 - Cross-site scripting (XSS) vulnerability via extraneous IMG tag and STYLE attribute Local Users Can Bypass Network Resource Restrictions in Syworks SafeNET by Editing Policy.dat File Cross-Site Scripting (XSS) Vulnerability in PHP Labware LabWiki 1.0's search.php Arbitrary Code Injection via JavaScript URI in L0j1k tinyMuw 0.1.0 Path Disclosure Vulnerability in videoPage.php in L0j1k tinyMuw 0.1.0 Integer Overflow in recv_packet function in 0verkill 0.16 Arantius Vice Stats 0.5b and 1.0 SQL Injection Vulnerability in vs_resource.php SQL Injection Vulnerabilities in PHP Lite Calendar Express 2.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in EmailArchitect Email Server 6.1.0.5 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in PBL Guestbook 1.31 Unspecified Remote Authorization/Authentication Vulnerability in Coppermine Photo Gallery SQL Injection Vulnerability in Mafia Moblog 0.6M1 and Earlier: Remote Code Execution via img Parameter Information Disclosure Vulnerability in Mafia Moblog 0.6M1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in ViArt Shop Free 2.5.5 SQL Injection Vulnerability in ViArt Shop Free 2.5.5: Remote Code Execution via block_forum_topic_new.php Arantius Vice Stats SQL Injection Vulnerability PHP Remote File Inclusion Vulnerabilities in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and Earlier Remote File Inclusion Vulnerability in Enterprise Timesheet and Payroll Systems (EPS) 1.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in IntegraMOD 1.4.0 and Earlier via STYLE_URL Parameter SQL Injection Vulnerability in IntegraMOD 1.4.0 and Earlier: Remote Code Execution via Double-Encoded Characters in STYLE_URL Parameter Cross-Site Scripting (XSS) Vulnerabilities in Baby Katie Media's vSCAL and vsREAL Multiple SQL Injection Vulnerabilities in Dominios Europa PICRATE 1.0 Arbitrary Web Script Injection in Chemical Dictionary's dictionary.php Arbitrary Web Script Injection in ASP ListPics 4.3 and Earlier Arbitrary Web Script Injection Vulnerability in VanillaSoft Helpdesk 2005 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Ringlink 3.2 Arbitrary Web Script Injection in My Photo Scrapbook 1.0 and Earlier SQL Injection Vulnerabilities in My Photo Scrapbook 1.0 and Earlier: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in phazizGuestbook 2.0 PHP Remote File Inclusion Vulnerabilities in WebprojectDB 0.1.3 and Earlier Remote File Inclusion Vulnerability in LoveCompass aePartner 0.8.3 and Earlier ZMS 2.9 and Earlier Cross-Site Scripting (XSS) Vulnerability Remote File Inclusion Vulnerability in Free QBoard 1.1 and Earlier: Arbitrary PHP Code Execution OkScripts QuickLinks 1.1 - Cross-Site Scripting (XSS) Vulnerability in search.php OkScripts OkArticles 1.0 - Cross-Site Scripting (XSS) Vulnerability in search.php Cross-site scripting (XSS) vulnerability in OkMall 1.0 search.php allows remote code injection via the page parameter Easy Ad-Manager details.php Cross-Site Scripting (XSS) Vulnerability Path Disclosure Vulnerability in Easy Ad-Manager's details.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ez Ringtone Manager Denial of Service Vulnerability in Gentoo Linux JPEG Library Arbitrary HTML Injection Vulnerability in iFoto 0.20 and Earlier Versions Cross-Site Scripting (XSS) Vulnerabilities in SHOUTcast 1.9.5 DJ Fields Multiple Cross-Site Scripting (XSS) Vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 Multiple SQL Injection Vulnerabilities in Open Business Management (OBM) 1.0.3 pl1 Vulnerability: Bypassing Safe Mode and open_basedir Restrictions in PHP SQL Injection Vulnerability in phpBannerExchange before 2.0 Update 6 SQL Injection vulnerability in resetpw.php in phpBannerExchange before 2.0 Update 6 Arbitrary JavaScript Execution and Site Redirection via Microsoft Excel's Shockwave Flash Player ActiveX Object WinSCP 3.8.1 Build 328 Argument Injection Vulnerability Unspecified Vulnerability in PHP Session Handling Incorrect Variable Unset Vulnerability in PHP Unspecified Heap Corruption Vulnerability in PHP Session Extension Multiple PHP Remote File Inclusion Vulnerabilities in phpCMS 1.2.1pl2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in WS-Album 1.1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and Earlier Arbitrary Web Script Injection Vulnerability in fipsGallery 1.5 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Uapplication Uphotogallery 1.1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in EvGenius Counter 3.4 and Earlier Cross-Site Scripting (XSS) Vulnerability in Chris Lea Lucid Calendar 0.22 Cross-Site Scripting (XSS) Vulnerabilities in ClickGallery 5.0 and Earlier Multiple SQL Injection Vulnerabilities in Enthrallwebe ePhotos 2.2 and Earlier Minerva 2.0.8a Build 237 PHP Remote File Inclusion Vulnerability ClickTech Clickcart 6.0 Default.asp Cross-Site Scripting (XSS) Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in DwZone Shopping Cart 1.1.9 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in fipsCMS 4.5 and Earlier via index.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xtreme ASP Photo Gallery MyScrapbook 3.1 XSS Vulnerability in Singlepage.php Information Disclosure Vulnerability in MyScrapbook 3.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyScrapbook 3.1 and Earlier 35mmslidegallery 6.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Multiple Cross-Site Scripting (XSS) Vulnerabilities in ST AdManager Lite's publish.php Cross-site scripting (XSS) vulnerability in Cescripts Realty Room Rent index.php Cross-site scripting (XSS) vulnerability in Cescripts Realty Home Rent index.php Amr Talkbox PHP Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerability in Codewalkers Ltwcalendar 4.1.3 Multiple PHP Remote File Inclusion Vulnerabilities in ISPConfig 2.2.3 Arbitrary Web Script Injection Vulnerability in CreaFrameXe (CFXe) CMS 2.0 and Earlier LogiSphere 1.6.0 Reflective Cross-Site Scripting (XSS) Vulnerability Foing 0.7.0e and Earlier: PHP Remote File Inclusion Vulnerability in manage_songs.php Cross-Blog Authentication Vulnerability in Subtext 1.5 Multiblog Setup Arbitrary Web Script Injection Vulnerability in TikiWiki 1.9.3.2 and Earlier Versions SQL Injection Vulnerability in TikiWiki 1.9.3.2 and Earlier Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mole Group Ticket Booking Script SixCMS 6.0 Directory Traversal Vulnerability Arbitrary Script Injection in SixCMS 6.0 and Earlier Versions Cross-Site Scripting (XSS) Vulnerability in Event Registration PHP Remote File Inclusion Vulnerability in PHORUM 5.1.13 and Earlier Multiple SQL Injection Vulnerabilities in VBZooM 1.11 SQL Injection Vulnerabilities in VBZooM 1.02: Remote Code Execution SQL Injection Vulnerability in VBZooM 1.01's language.php Allows Remote Code Execution Remote Denial of Service Vulnerability in NetworkManager DHCP Daemon Unspecified Remote Code Execution Vulnerability in Microsoft Excel 2000-2004 Arbitrary Web Script Injection in P.A.I.D 2.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in 5 Star Review Arbitrary Web Script Injection Vulnerability in myPHP Guestbook 2.0.4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in myPHP Guestbook SQL Injection Vulnerability in Coppermine Photo Gallery (CPG) 1.4.8 SQL Injection Vulnerability in blog.php in blur6ex 0.3.462 Buffer Overflow in IBM DB2 Universal Database (UDB) TCP/IP Listener Unspecified Denial of Service Vulnerabilities in IBM DB2 Universal Database (UDB) Denial of Service Vulnerability in IBM DB2 Universal Database (UDB) DoubleSpeak 0.1 PHP Remote File Inclusion Vulnerability Arbitrary File Execution Vulnerability in Zeroboard 4.1 pl8 Arbitrary Script Injection in MP3 Search/Archive 1.2 Arbitrary Command Execution Vulnerability in Symantec Security Information Manager M4 Macro Library Cross-Site Scripting (XSS) Vulnerabilities in Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances Denial of Service vulnerability in Kaspersky products via invalid parameter in hooked system calls PHP Remote File Inclusion Vulnerabilities in PictureDis Professional and PictureDis Photoalbum Arbitrary PHP Code Execution via Remote File Inclusion in PhpBlueDragon CMS 2.9.1 aXentGuestbook 1.1 XSS Vulnerability in guestbook.cfm Multiple SQL Injection Vulnerabilities in APBoard 2.2-r3 and Earlier Arbitrary Web Script Injection Vulnerability in SSPwiz Plus 1.0.7 and Earlier aXentForum II viewposts.cfm Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in MySQL 4.1.x, 5.0.x, and 5.1.x Integer Overflow Vulnerability in GnuPG (gpg) Allows Remote Denial of Service Privilege Escalation through Unchecked setuid Return Codes in MIT Kerberos 5 and Heimdal Privilege Escalation Vulnerability in MIT Kerberos 5 and Heimdal Denial of Service Vulnerability in xt_sctp Netfilter for Linux Kernel Hyperlink COM Object Buffer Overflow Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in EZGallery 1.5 and Earlier Cross-Site Scripting (XSS) Vulnerability in Car Classifieds' index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpMyFactures 1.0 and Earlier Multiple SQL Injection Vulnerabilities in PhpMyFactures 1.0 and Earlier Versions Information Disclosure Vulnerability in PhpMyFactures 1.0 and Earlier Authentication Bypass and Data Modification Vulnerability in PhpMyFactures 1.2 and Earlier Unspecified Vulnerabilities in Adobe Acrobat Reader (acroread) Before 7.0.8 SQL Injection Vulnerabilities in Calendarix Basic 0.7.20060401 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in iPostMX 2005 2.0 and Earlier via RETURNURL Parameter Multiple SQL Injection Vulnerabilities in iPostMX 2005 2.0 and Earlier Unspecified Denial of Service Vulnerability in HP-UX Support Tools Manager Buffer Overflow Vulnerability in termpkg 3.3 Cisco Secure ACS for UNIX 2.3 LogonProxy.cgi Cross-Site Scripting (XSS) Vulnerability Arbitrary PHP Code Execution via Race Condition in Bitweaver 1.3 Cross-Site Scripting (XSS) Vulnerability in Bitweaver 1.3 Sensitive Information Disclosure in Bitweaver 1.3 via Invalid sort_mode Parameter CRLF Injection Vulnerability in Bitweaver 1.3 Allows HTTP Response Splitting Attacks Arbitrary Web Script Injection Vulnerability in phpMyDesktop|Arcade 1.0 Multiple PHP Remote File Inclusion Vulnerabilities in Docebo 3.0.3 and Earlier XSS Vulnerability in EmailArchitect Email Server 6.1 Allows Remote Code Injection via HTML Div Tag Cisco CallManager XSS Vulnerability Arbitrary Web Script Injection in Chipmailer 1.09 Multiple SQL Injection Vulnerabilities in Chipmailer 1.09: Remote Code Execution via main.php Parameters Information Disclosure Vulnerability in Chipmailer 1.09 via php.php XPCOM Events Remote Code Execution Vulnerability Insecure Default Permissions in PC Tools AntiVirus 2.1.0.51 Allows Local Privilege Escalation SQL Injection Vulnerability in phpRaid 3.0.4: Remote Code Execution via raid_id Parameter Multiple PHP Remote File Inclusion Vulnerabilities in phpRaid 3.0.4 and 3.0.5 OpenOffice.org Heap-based Buffer Overflow Vulnerability Race condition vulnerability in spread allows local users to cause denial of service Typo in fbgs Framebuffer Postscript/PDF Viewer Allows Bypass of Filter and Execution of Malicious Commands Format String Vulnerability in Osiris before 4.2.1 Allows Remote Code Execution Denial of Service Vulnerability in Heartbeat Subsystem Denial of Service Vulnerability in ISC DHCP Server 2.0pl5 Integer Overflow Vulnerabilities in CFSd's dodecrypt and doencrypt Functions Buffer Overflow in Streamripper HTTP Header Parsing Remote Code Execution Vulnerability in gtetrinet 0.7.8 and earlier due to Array Index Error Arbitrary Command Execution in c2faxrecv in capi4hylafax 01.02.03 Memory Leak Vulnerability in Network Security Services (NSS) 3.11 Arbitrary PHP Code Execution via Unrestricted File Upload in easy-CMS 0.1.2 Cross-Site Scripting (XSS) Vulnerabilities in NC LinkList 1.2 and Earlier via index.php SQL Injection Vulnerability in Clubpage's index.php Allows Remote Code Execution via Category Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Clubpage QTOFileManager 1.0 Cross-Site Scripting (XSS) Vulnerability in qtofm.php4 Buffer Overflow in GraceNote CDDBControl ActiveX Control Allows Remote Code Execution Multiple SQL Injection Vulnerabilities in CMS Mundo 1.0 Build 008 Multiple PHP Remote File Inclusion Vulnerabilities in Nucleus 3.23 Arbitrary Code Injection through cart_id Parameter in Edge eCommerce Shop Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyDirectory 10.4.5 and Earlier SQL Injection Vulnerabilities in Virtual War (VWar) 1.5.0 R14 and Earlier SQL Injection Vulnerability in index.php of openCI 1.0 BETA 0.20.1 and Earlier: Remote Code Execution via id Parameter Arbitrary Web Script Injection via image parameter in Tradingeye Shop R4 and earlier SQL Injection Vulnerability in VBZooM 1.11 Forum.php Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in Maximus SchoolMAX iCue and iParent Applications Remote File Inclusion and Local File Inclusion Vulnerability in IBD Micro CMS 3.5 and Earlier Buffer Overflow Vulnerability in NetPBM's pamtofits: Remote Code Execution Denial of Service Vulnerability in Toshiba Bluetooth Stack 4.00.29 and Earlier Unspecified Remote Privilege Escalation Vulnerability in Hosting Controller Arbitrary SQL Command Execution in Open-Realty 2.3.1 via sorttype Parameter Arbitrary Web Script Injection in phpMyForum 4.1.3 and Earlier SQL Injection Vulnerability in CavoxCms 1.0.16 and Earlier: Remote Code Execution via index.php Arbitrary Web Script Injection Vulnerability in AssoCIateD (ACID) 1.2.0 and Earlier Multiple SQL Injection Vulnerabilities in phpTRADER 4.9 SP5 and Earlier Arbitrary Web Script Injection Vulnerability in Ultimate Estate 1.0 and Earlier Arbitrary SQL Command Execution in Ultimate Estate 1.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ultimate Auction 1.0 and Earlier Arbitrary Web Script Injection Vulnerability in Ultimate eShop 1.0 and Earlier Thinkfactory UltimateGoogle 1.00 XSS Vulnerability in index.php Arbitrary PHP Code Execution Vulnerability in Eduha Meeting's index.php Symlink Attack Vulnerability in Sun ONE/iPlanet Messaging Server 5.2 HotFix 1.16 Arbitrary Web Script Injection Vulnerability in ONEdotOH Simple File Manager (SFM) 0.24a and Earlier Arbitrary SQL Command Execution in SaphpLesson 1.1 and Earlier via misc.php SmartSiteCMS 1.0 and Earlier: PHP Remote File Inclusion Vulnerability in inc_foot.php SQL Injection Vulnerabilities in IMGallery 2.4 and Earlier: Remote Code Execution Arbitrary SQL Command Execution in tplShop 2.0 and Earlier via category.php Arbitrary SQL Command Execution in Free Realty 2.9-0.7 and Earlier via propview.php Arbitrary Code Execution via Cross-Site Scripting (XSS) in Free Realty propview.php Information Disclosure Vulnerability in Free Realty 2.9 CS-Forum 0.82 SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in CS-Forum 0.81 and Earlier Information Disclosure Vulnerability in CS-Forum before 0.82 CRLF Injection Vulnerability in CS-Forum Allows Arbitrary Email Header Injection Multiple PHP Remote File Inclusion Vulnerabilities in Content*Builder 0.7.5 Multiple PHP Remote File Inclusion Vulnerabilities in Content*Builder 0.7.5 Arbitrary HTML Injection Vulnerability in SquirrelMail 1.5.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in mcGuestbook 1.3 SQL Injection Vulnerability in xarancms_haupt.php in Xarancms 2.0 Remote File Inclusion Vulnerability in The Bible Portal Project 2.12 and Earlier Arbitrary File Overwrite Vulnerability in extract_chmLib Example Program Arbitrary Web Script Injection Vulnerability in Confixx Pro 3.0 and Earlier Arbitrary Web Script Injection Vulnerability in Confixx Pro 3.0's ftp_index.php Arbitrary SQL Command Execution in MobeScripts Mobile Space Community 2.0 Arbitrary File Read Vulnerability in MobeScripts Mobile Space Community 2.0 Cross-site scripting (XSS) vulnerability in MobeScripts Mobile Space Community 2.0 and earlier ASP Stats Generator 2.1.2 - Remote Code Execution via Static Code Injection Remote File Inclusion Vulnerability in CMS Faethon 1.3.2 Allows Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in CMS Faethon 1.3.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sharky e-shop 3.05 and Earlier Multiple SQL Injection Vulnerabilities in Sharky e-Shop 3.05 and Earlier Arbitrary Web Script Injection Vulnerability in HotPlug CMS 1.0 SQL Injection Vulnerability in HotPlug CMS 1.0 Allows Remote Authentication Bypass and Arbitrary SQL Execution Arbitrary Web Script Injection Vulnerability in MPCS 0.2 comment.php Ad Manager Pro 2.6 PHP Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Grayscale BandSite CMS 1.1.1 Directory Traversal Vulnerability in Singapore 0.10.0 and Earlier: Arbitrary File Read Arbitrary Web Script Injection Vulnerability in Singapore 0.10.0 and Earlier Path Disclosure Vulnerability in index.php of Singapore 0.10.0 and Earlier Invision Power Board (IPB) 2.1.6 and Earlier Cross-Site Scripting (XSS) Vulnerability JPEG Integer Overflow Vulnerability in Opera 8.54 and Earlier Denial of Service Vulnerability in Opera 9 via Long Hostname in A Tag Denial of Service Vulnerability in Internet Explorer with IFRAME and File:// URI Unspecified Denial of Service Vulnerability in HP-UX Kernel IPv4-mapped IPv6 Socket Denial of Service Vulnerability Default Administrator Login Account and Password Vulnerability in Ultimate PHP Board (UPB) 1.9.6 and Earlier Cryptographically Weak Block Cipher Vulnerability in Ultimate PHP Board (UPB) 1.9.6 and Earlier Persistent Logon Vulnerability in Ultimate PHP Board (UPB) 1.9.6 and Earlier Arbitrary Account Creation Vulnerability in Ultimate PHP Board (UPB) 1.9.6 and Earlier Directory Traversal Vulnerability in Ultimate PHP Board (UPB) 1.9.6 and Earlier Direct static code injection vulnerability in Ultimate PHP Board (UPB) 1.9.6 and earlier: Remote execution of arbitrary PHP code via configuration fields Task Scheduler Privilege Escalation Vulnerability Ralf Image Gallery (RIG) 0.7.4 and earlier versions Remote File Inclusion and Directory Traversal Vulnerability XSS Vulnerability in cjGuestbook 1.3 and Earlier via img BBCode Tag Cross-Site Scripting (XSS) Vulnerability in cjGuestbook 1.3 and Earlier SQL Injection Vulnerability in WeBBoA Hosting 1.1 Denial of Service Vulnerability in Hitachi Groupmax Address Server and Groupmax Mail Server Bypassing Text Analysis in Clearswift MAILsweeper for SMTP and MAILsweeper for Exchange Denial of Service Vulnerability in Clearswift MAILsweeper for SMTP and MAILsweeper for Exchange Sensitive Information Disclosure in JaguarEditControl (JEdit) ActiveX Control 1.1.0.20 and Earlier Arbitrary SQL Command Execution in Woltlab Burning Board (WBB) 2.1.6 via profile.php SQL Injection Vulnerability Arbitrary SQL Command Execution in Woltlab Burning Board (WBB) 2.2.2 via thread.php SQL Injection Vulnerability Arbitrary SQL Command Execution Vulnerability in Woltlab Burning Board (WBB) 2.2.1 SQL Injection Vulnerability in DataLife Engine 4.1 and Earlier: Remote Code Execution via Double-Encoded User Parameter Bypassing Anti-Virus Scanning in Fortinet FortiOS via Enhanced Passive (EPSV) FTP Mode Format String Vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 Denial of Service Vulnerability in Apple Safari 2.0.3 (417.9.3) on Mac OS X 10.4.6 Arbitrary HTML Injection Vulnerability in Sun ONE Application Server and Java System Application Server ACS Weak Session Management Vulnerability Interpretation Conflict Vulnerability: Visual Presentation Manipulation and Content Filter Bypass Buffer Overflow Vulnerability in in_midi.dll for WinAmp 2.90 up to 5.23 Open WebMail (OWM) 2.52 XSS Vulnerability in openwebmail-main.pl Arbitrary Web Script Injection Vulnerability in Azureus Tracker 2.4.0.2 and Earlier Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) Unspecified Vulnerability in IBM WebSphere Application Server: Improper Usage of UserNameToken Cache Cross-site scripting (XSS) vulnerability in Open WebMail (OWM) 2.52 and earlier versions in openwebmail-read.pl Multiple SQL Injection Vulnerabilities in FineShop 3.0 and Earlier: Remote Code Execution via index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in FineShop 3.0 and Earlier Multiple SQL Injection Vulnerabilities in thinkWMS 1.0 and Earlier Arbitrary Web Script Injection Vulnerability in Enterprise Groupware System (EGS) 1.2.4 and Earlier Multiple SQL Injection Vulnerabilities in VBZooM 1.00 and Earlier SQL Injection Vulnerability in VBZooM 1.11 and Earlier: Remote Code Execution via UserID Parameter in message.php Arbitrary Web Script Injection Vulnerability in dotProject 2.0.3 and Earlier XennoBB 1.0.5 and Earlier messages.php Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in Mutt 1.4.2.1 and Earlier SQL Injection Vulnerability in MyBB UserCP (usercp.php) SQL Injection Vulnerabilities in Anthill 0.2.6 and Earlier: Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in mvnForum 1.0 GA and Earlier via activatemember Arbitrary Web Script Injection Vulnerability in GL-SH Deaf Forum 6.4.3 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in GL-SH Deaf Forum 6.4.3 and Earlier SQL Injection Vulnerability in Phorum 5.1.14 and Earlier via search.php Windows Live Messenger 8.0 Contact List File Heap-Based Buffer Overflow Vulnerability Heap-Based Buffer Overflow in Hashcash's array_push Function Buffer Overflow in Algorithmic Research PrivateWire VPN Software Allows Remote Code Execution Cross-site scripting (XSS) vulnerability in vBulletin 3.5.x member.php with u parameter SQL Injection Vulnerability in Woltlab Burning Board (WBB) 2.0 RC2 newthread.php SQL Injection Vulnerability in Woltlab Burning Board (WBB) 1.2's showmods.php Arbitrary SQL Command Execution in Woltlab Burning Board (WBB) 2.3.1 via report.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Claroline 1.7.7 Cross-Site Scripting (XSS) Vulnerabilities in BNBT TrinEdit and EasyTracker 7.7r3.2004.10.27 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in e107 0.7.5 Arbitrary Web Script Injection Vulnerability in vlbook 1.02 Arbitrary Script Injection in Trend Micro Control Manager (TMCM) 3.5 Login Page SQL Injection Vulnerability in Weblinks Module SQL Injection Vulnerability in Weblinks Module of Mambo 4.6rc1 and Earlier Arbitrary Web Script Injection Vulnerability in Namo DeepSearch 4.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Qdig 1.2.9.3 Multiple PHP Remote File Inclusion Vulnerabilities in Bee-hive Lite 1.2 and Earlier SQL Injection Vulnerability in Infinite Core Technologies (ICT) 1.0 Gold and Earlier: Remote Code Execution via index.php Unspecified vulnerability in Novell GroupWise Windows Client API allows unauthorized access to email within the same post office Remote File Inclusion Vulnerability in THoRCMS 1.3.1 via phpbb_root_path Parameter SQL Injection Vulnerability in THoRCMS 1.3.1 CMS_Admin.php Multiple SQL Injection Vulnerabilities in Softbiz Dating 1.0 CSRF Vulnerability in Some Chess 1.5 rc2 Allows Remote User Actions Arbitrary Script Injection in Some Chess 1.5 rc1 via menu.php Webmin Directory Traversal Vulnerability SQL Injection Vulnerability in YaBB SE 1.5.5 and Earlier: Remote Code Execution via Double-Encoded User Parameter in profile.php Heap-based Buffer Overflow in RealNetworks Helix DNA Server 10.0 and 11.0 via User-Agent HTTP Header and HTTP URL Schemes Parsing SMTP Service Denial of Service Vulnerability Arbitrary Script Injection in H-Sphere 2.5.1 Beta 1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in aeDating 4.1 Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer 6.0 Folder GUID Code Execution Vulnerability in Microsoft Internet Explorer 6.0 Sensitive Information Disclosure via Direct Request in Dating Agent PRO 4.7.1 SQL Injection Vulnerabilities in Dating Agent PRO 4.7.1 Cross-Site Scripting (XSS) Vulnerability in Dating Agent PRO 4.7.1 Undocumented Hard-Coded Username and Password Vulnerability in Cisco Wireless Control System (WCS) Hard-coded Plaintext Username and Password Vulnerability in Cisco Wireless Control System (WCS) Default Administrator Credentials Vulnerability in Cisco Wireless Control System (WCS) Arbitrary File Read and Write Vulnerability in Cisco Wireless Control System (WCS) Cross-Site Scripting (XSS) Vulnerability in Cisco Wireless Control System (WCS) Login Page Sensitive Information Exposure in Cisco Wireless Control System (WCS) Cisco Wireless Access Point and Wireless Bridge Vulnerability: Unauthorized Access via Reconfiguration SQL Injection Vulnerability in Jaws 0.6.2 Search Gadget Denial of Service Vulnerability in EnergyMech (emech) before 3.0.2 Remote File Inclusion Vulnerability in CBSMS Mambo Module 1.0 and Earlier Arbitrary Web Script Injection in Open Guestbook 0.5 via title Parameter SQL Injection Vulnerability in Open Guestbook 0.5: Remote Code Execution via offset Parameter in view.php Arbitrary Script Injection in UebiMiau Webmail 2.7.10 and Earlier Denial of Service Vulnerability in Yahoo! Messenger 7.5.0.814 and 7.0.438 Cross-Site Scripting (XSS) Vulnerability in Usenet Script 0.5 via group Parameter PHP Remote File Inclusion Vulnerability in PhpMySms 2.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in phpQLAdmin 2.2.7 and Earlier Remote File Inclusion Vulnerability in CBSMS Mambo Module 1.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in DeluxeBB 1.07 and Earlier via pm.php SQL Injection Vulnerability in DeluxeBB 1.07 and Earlier: Remote Code Execution via cp.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in UebiMiau Webmail 2.7.10 and Earlier Cross-site scripting (XSS) vulnerability in Project EROS bbsengine before 20060501-0142-jam Multiple SQL Injection Vulnerabilities in Project EROS Bbsengine Unspecified Remote Attack Vector Vulnerability in Project EROS BBS Engine Arbitrary SQL Command Execution in Scout Portal Toolkit (SPT) 1.4.0 and Earlier Buffer Overflow Vulnerability in Adobe Flash Player 8.0.24.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in QaTraq 6.5 RC and Earlier Netsoft smartNet 2.0 search.jsp Cross-Site Scripting (XSS) Vulnerability Remote File Inclusion Vulnerability in RahnemaCo.com Product (Possibly eShop) Allows Arbitrary Code Execution Remote File Inclusion Vulnerability in RahnemaCo.com Product (Possibly eShop) via osCsid Parameter in page.php Multiple PHP Remote File Inclusion Vulnerabilities in phpRaid 3.0.5 PHP Remote File Inclusion Vulnerability in phpRaid 3.0.6 SQL Injection Vulnerability in register.php for phpRaid 3.0.6 and Other Versions PHP iCalendar 2.22 XSS Vulnerability in rss/index.php Arbitrary Web Script Injection Vulnerability in SiteBar 3.3.8 and Earlier OpenForum 1.2 Beta and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in openforum.asp Arbitrary SQL Command Execution in phpRaid 3.0.5 via functions_logging.php PHP Remote File Inclusion Vulnerability in MF Piadas 1.0 Arbitrary File Overwrite Vulnerability in id3 Quake 3 Engine and ioquake3 Engine Arbitrary Write-Protected cvars Overwrite Vulnerability in Quake 3 Engine QuickZip 3.06.3 Directory Traversal Vulnerability Arbitrary Code Injection in Custom Dating Biz Dating Script 1.0 Cross-Site Scripting (XSS) Vulnerability in new_ticket.cgi of Hostflow 2.2.1-15 Arbitrary SQL Command Execution in PHP/MySQL Classifieds via rate Parameter Arbitrary SQL Command Execution via Cross-Site Scripting (XSS) in PHP/MySQL Classifieds SSL Security Bar Spoofing Vulnerability in Opera before 9.0 Zorum Forum 3.5 index.php SQL Injection Vulnerability Zorum Forum 3.5 Multiple Unspecified Parameter XSS Vulnerability Buffer Overflow in png_decompress_chunk Function in libpng Unspecified Privilege Escalation Vulnerability in HP-UX mkdir Arbitrary Code Execution via Double Extension Filename Vulnerability in TWiki 01-Dec-2000 up to 4.0.3 Arbitrary Web Script Injection Vulnerability in cPanel 10.8.2-CURRENT 118 and Earlier Cross-site scripting (XSS) vulnerability in Atlassian JIRA 3.6.2-#156 in secure/ConfigureReleaseNote.jspa Information Disclosure in Atlassian JIRA 3.6.2-#156 via insecure ConfigureReleaseNote.jspa Multiple PHP Remote File Inclusion Vulnerabilities in Pearl For Mambo Module 1.6 SQL Injection Vulnerability in MyAds Module 2.04jp for Xoops Arctic 1.0.2 XSS Vulnerability in index.php Remote File Inclusion Vulnerability in CrisoftRicette 1.0pre15b Allows Arbitrary PHP Code Execution Authentication Bypass Vulnerability in Siemens Speedstream Wireless Router 2624 AliPAGER XSS Vulnerability in Chat Line Arbitrary SQL Command Execution in MyNewsGroups 0.6 via tree.php SQL Injection Vulnerability in deV!Lz Clanportal DZCP 1.3.4 via id parameter in index.php SQL Injection Vulnerabilities in HSPcomplete 3.2.2 and 3.3 Beta and Earlier Multiple SQL Injection Vulnerabilities in SmS Script AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 Filename Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Windows Explorer (explorer.exe) on Windows XP and 2003 via Long URL in .url File Cross-domain information leakage vulnerability in Mozilla Firefox Denial of Service Vulnerability in Opera 9 via Crafted Web Page Denial of Service Vulnerability in Microsoft Internet Explorer 6 Heap-based Buffer Overflow in mpg123 Allows Remote Code Execution via Long URL Denial of Service Vulnerability in TIFFFetchAnyArray Function in Apple OS X 10.4.7 and Earlier Heap-based Buffer Overflow in HTML Help ActiveX Control in Internet Explorer 6.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in NewsPHP 2006 PRO Multiple SQL Injection Vulnerabilities in NewsPHP 2006 PRO phpSysInfo 2.5.1 - Directory Traversal Vulnerability Remote File Inclusion Vulnerability in Stud.IP 1.3.0-2 and Earlier Arbitrary PHP Code Execution via Unrestricted File Upload in FCKeditor mcpuk File Manager Remote File Inclusion Vulnerability in Glossaire Module 1.7 for Xoops SQL Injection Vulnerability in NP_SEO Plugin in BLOG:CMS before 4.1.0 V3 Chat Remote Path Disclosure Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in V3 Chat Insufficient Access Control in Mp3 JudeBox Server (Mp3NetBox) Beta 1 Allows Remote Information Disclosure Insufficient Access Control in Efone 20000723 Allows Remote Information Disclosure Insufficient Access Control in Kamikaze-QSCM 0.1 Allows Remote Information Disclosure Insufficient Access Control in Blueboy 1.0.3 Allows Remote Information Disclosure Insufficient Access Control in Eupla Foros 1.0 Allows Remote Information Disclosure Denial of Service Vulnerability in Apple Safari 2.0.4/419.3 Arbitrary File Read Vulnerability in Hobbit 4.2-beta logfetch Script Remote File Inclusion Vulnerability in Randshop 1.2 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Randshop 1.1.1: Arbitrary PHP Code Execution Arbitrary Code Execution via Integer Overflow in libwmf 0.2.8.4 Arbitrary Web Script Injection in JMB Software AutoRank PHP and AutoRank Pro Privilege Escalation via passwd Command in Ubuntu 5.04 through 6.06 LTS Denial of Service (CPU Consumption) Vulnerability in Hiki Wiki 0.6.0 through 0.6.5 and 0.8.0 through 0.8.5 Denial of Service Vulnerability in FreeStyle Wiki before 3.6.2 Remote Code Execution via SturGeoN Upload Arbitrary Web Script Injection in mAds 1.0 Search Functionality Arbitrary Script Injection via Javascript Events in mAds 1.0 SQL Injection Vulnerability in Vincent Leclercq News 5.2: Remote Code Execution Arbitrary Web Script Injection in Vincent Leclercq News 5.2 Sensitive Information Disclosure in Vincent Leclercq News 5.2 via Invalid mail[] Parameter Arbitrary File Inclusion Vulnerability in Fusion News 1.0 phpMyAdmin XSS Vulnerability in table Parameter Sensitive Information Disclosure in WordPress 2.0.3 via Invalid Paged Parameter Information Disclosure Vulnerability in WordPress 2.0.3 Arbitrary File Execution Vulnerability in iMBCContents ActiveX Control Arbitrary File Read Vulnerability in Webmin and Usermin Denial of Service Vulnerability in Papyrus NASCAR Racing BXCP 0.3.0.4 Files Mod SQL Injection Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in SiteBuilder-FX 3.5 Remote File Inclusion Vulnerability in Galleria Mambo Module 1.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Taskjitsu 2.0.1 and Earlier Insecure Password Handling in Taskjitsu 2.0.1 and Earlier Arbitrary JavaScript Injection via URL in MoniWiki (CVE-2004-1632 Variant) Stack-based Buffer Overflow in Quake 3 Engine: Remote Code Execution in Soldier of Fortune 2 (SOF2MP) GOLD 1.03 Quake 3 Engine Stack-based Buffer Overflow Vulnerability VirtuaStore 2.0 SQL Injection Vulnerability Denial of Service Vulnerability in Samba 3.0.1 through 3.0.22 Buffer Overflow in xcf_load_vector Function in GIMP Allows for Denial of Service and Possible Code Execution QTOFileManager 1.0 Cross-Site Scripting (XSS) Vulnerability in qtofm.php QTOFileManager 1.0 Directory Traversal Vulnerability Remote Code Execution and Log Spoofing Vulnerability in Tor before 0.1.1.20 Unspecified Denial of Service Vulnerability in Tor Directory Server Integer Overflow Vulnerability in Tor Allows Remote Code Execution Vulnerability: Tor before 0.1.1.20 allows statistical attacks through internal circuits Insecure TLS Key Generation in Tor 0.1.1.20 and Earlier Firewall Bypass Vulnerability in Tor Versions Prior to 0.1.1.20 Privoxy Configuration File Logging Vulnerability Arbitrary Grouping of Users through Preferential Address Resolution in Tor Improper Logic in Tor Before 0.1.1.20 Allows for Man-in-the-Middle Attack Tor Circuit Disbanding Vulnerability Vulnerability: Tor Client Preference for Untrustworthy Entry Points Server Descriptor Fingerprint Spoofing Vulnerability in Tor Weak Random Number Generation in Tor Versions Prior to 0.1.1.20 CSRF vulnerability in MyBulletinBoard (MyBB) allows unauthorized deletion of forum posts SmartSiteCMS 1.0 and Earlier PHP Remote File Inclusion Vulnerability WonderEdit Pro CMS PHP Remote File Inclusion Vulnerability Arbitrary Code Execution via WebEx Downloader ActiveX Control and Java Buffer Overflow Vulnerabilities in WebEx Downloader ActiveX Control Unauthenticated Remote Proxy Server Manipulation in FastPatch for PatchLink Update Server and Novell ZENworks Directory Traversal Vulnerability in PatchLink Update Server (PLUS) and Novell ZENworks Denial of Service Vulnerability in Microsoft Internet Explorer 6 Arbitrary Web Script Injection in TigerTom TTCalc 1.0 via year Parameter in loan.php and mortgage.php Cross-site scripting (XSS) vulnerability in TigerTom TTCalc 1.0 via currency parameter in loan.php and mortgage.php SQL Injection Vulnerability in checkprofile.asp in PatchLink Update Server (PLUS) and Novell ZENworks Buffer Overflow in Asian Language Versions of Microsoft Excel Remote Code Execution Vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac Arbitrary Code Execution via Crafted Slide Notes in PowerPoint Unspecified Cross-Site Scripting (XSS) Vulnerability in Microsoft .NET Framework 2.0 Hyperlink Object Function Vulnerability in Microsoft Hyperlink Object Library (hlink.dll) Remote Code Execution Vulnerability in Microsoft Windows Server Service Winsock API Buffer Overflow Vulnerability Multiple vulnerabilities in DNS Client service in Microsoft Windows 2000, XP, and Server 2003 Arbitrary Code Execution Vulnerability in Pragmatic General Multicast (PGM) in Microsoft Windows XP SP2 and Earlier User Profile Elevation of Privilege Vulnerability Kernel Buffer Overflow Vulnerability in Microsoft Windows 2000 SP4 Heap-based Buffer Overflow in Microsoft Agent's ReadWideString Function Buffer Overflow in Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 Microsoft PowerPoint BIFF File Format Remote Code Execution Vulnerability Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 6 Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 5 SP4 and 6 Insecure File and Directory Permissions in Adobe Reader and Acrobat 6.0.4 and Earlier on Mac OSX Adobe Acrobat 6.0 to 6.0.4 Buffer Overflow Vulnerability Format string vulnerabilities in Symantec AntiVirus Corporate Edition and Client Security allow arbitrary code execution Arbitrary Code Execution Vulnerability in Symantec AntiVirus Corporate Edition and Symantec Client Security Remote Code Execution in Symantec NAVOPTS.DLL ActiveX Control Insecure File Encryption in Symantec On-Demand Agent and Virtual Desktop Module Arbitrary File Read Vulnerability in Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 Stack-based buffer overflows in libtiff before 3.8.2, allowing arbitrary code execution or denial of service Heap-based Buffer Overflow in libtiff JPEG Decoder Heap-based Buffer Overflow in PixarLog Decoder in libtiff Library Heap-based Buffer Overflow in NeXT RLE Decoder in libtiff Library Denial of Service Vulnerability in libtiff's EstimateStripByteCounts Function Integer Overflow and Unchecked Arithmetic Vulnerability in libtiff Unspecified Remote Code Execution Vulnerability in libtiff Custom Tag Support Integer Overflow in FreeType: Remote Code Execution via Crafted PCF File Remote Denial of Service Vulnerability in Linux Kernel 2.6.x with NFS and EXT3 Format String Vulnerability in MySQL Server 4.1 and 5.0 Unauthenticated Remote Privilege Escalation in Dell Openmanage CD Null Dereference Denial of Service Vulnerability in Microsoft Internet Explorer 6 on Windows XP Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 and 6.0 SP1 CRLF Injection Vulnerability in form_mail Drupal Module (CVE-2006-1225) Multiple SQL Injection Vulnerabilities in Belchior Foundry vCard PRO Multiple PHP Remote File Inclusion Vulnerabilities in Free QBoard 1.1 Arbitrary Web Script Injection in PhpWebGallery Comments Denial of Service Vulnerability in Stalker CommuniGate Pro 5.1c1 and Earlier MyPHP CMS 0.3 and Earlier Remote File Inclusion Vulnerability CSRF Vulnerability in Nuked-Klan 1.7.5 and Earlier: Arbitrary Block Deletion Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.0.10 Multiple SQL Injection Vulnerabilities in Joomla! before 1.0.10 Arbitrary Web Script Injection Vulnerability in PHPMailList 1.8.0 and Earlier Sensitive Information Disclosure in PHPMailList 1.8.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ATutor before 1.5.3 SQL Injection Vulnerability in AstroDog Press Some Chess 1.5-RC2 and Earlier Off-by-one buffer overflow in Instance_options::complete_initialization function in MySQL Instance Manager Insufficient Access Control in VirtuaStore 2.0 Allows Remote Database Information Retrieval Absolute Path Traversal Vulnerability in VirtuaStore 2.0's administrador.asp Bypassing Anti-Virus Scanning via Crafted Filename Bypassing Anti-Virus Controls by Disabling Network Drive Scanning Kaillera Server 0.86 and Earlier: Remote Code Execution via Long Nickname Denial of Service Vulnerability in MICO (Mico Is CORBA) 2.3.12 and Earlier Buffer Overflow in LsCreateLine Function in mso.dll and mso9.dll Multiple Cross-Site Scripting (XSS) Vulnerabilities in Buddy Zone 1.0.1 World-readable file vulnerability in AFP Server on Apple Mac OS X 10.3.9 and 10.4.7 Denial of Service Vulnerability in Apple Mac OS X AFP Server Denial of Service and Arbitrary Code Execution Vulnerability in Bom for Apple Mac OS X Remote Code Execution via Stack-based Buffer Overflow in bootpd in Apple Mac OS X 10.3.9 and 10.4.7 DHCP Component Information Disclosure Vulnerability in Apple Mac OS X 10.3.9 Dynamic Linker (dyld) Local Privilege Escalation Vulnerability in Apple Mac OS X 10.4.7 Dynamic Linker (dyld) Integer Overflow in ImageIO: Denial of Service and Possible Arbitrary Code Execution Memory Allocation Failure Vulnerability in ImageIO in Apple Mac OS X 10.4.7 Integer Overflow in ImageIO: Denial of Service and Possible Code Execution via Malformed GIF Image Download Validation Bypass in LaunchServices for Mac OS X 10.4.7 Remote Code Execution and Denial of Service Vulnerability in WebKit Buffer Overflow in Xsan Filesystem Driver on Mac OS X 10.4.7 and OS X Server 10.4.7 Stack-based Buffer Overflow Vulnerabilities in Apple Mac OS X AirPort Wireless Driver Heap-based Buffer Overflow in AirPort Wireless Driver on Apple Mac OS X 10.4.7 Integer Overflow Vulnerability in AirPort Wireless Driver on Mac OS X 10.4.7 Denial of Service Vulnerability in RDS.DataControl in Internet Explorer 6 Denial of Service Vulnerability in Internet Explorer 6 on Windows XP SP2 Denial of Service Vulnerability in Internet Explorer 6 on Windows XP Remote Denial of Service Vulnerability in Microsoft Internet Explorer 6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP-Blogger 2.2.5 SQL Injection Vulnerability in AjaxPortal 3.0 LoginADP Function Multiple SQL Injection Vulnerabilities in FreeHost Remote File Inclusion Vulnerability in RW::Download stats.php SQL Injection Vulnerability in SayfalaAltList.asp in Webvizyon Portal 2006 Multiple Cross-Site Scripting (XSS) Vulnerabilities in The Banner Engine (TBE) 4.0 Remote File Inclusion Vulnerability in Sabdrimer Pro 2.2.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SiteForge Collaborative Development Platform 1.0.4 and Earlier Clearswift MIMEsweeper for Web before 5.1.15 Hotfix XSS Vulnerability Denial of Service Vulnerability in Clearswift MIMEsweeper for Web Buffer Overflow in sipXtapi: Remote Code Execution via Long CSeq Field Value in INVITE Message SQL Injection Vulnerability in PHCDownload 1.0.0 and Earlier Versions Cross-Site Scripting (XSS) Vulnerabilities in Sport-slo Advanced Guestbook 1.0 BosClassifieds Classified Ads PHP Remote File Inclusion Vulnerabilities PHP Remote File Inclusion Vulnerabilities in Simpleboard Mambo Module 1.1.0 and Earlier Memory Leak Vulnerability in Juniper JUNOS 6.4 through 8.0 Arbitrary PHP Code Execution via Remote File Inclusion in PccookBook Component for Mambo and Joomla Arbitrary File Upload and Privilege Escalation in Pivot 1.30 RC2 and Earlier Arbitrary PHP Code Execution via File Inclusion in Pivot 1.30 RC2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pivot 1.30 RC2 and Earlier Nullsoft SHOUTcast DSP 1.9.6 Directory Traversal Vulnerability Directory Traversal Vulnerability in Nullsoft SHOUTcast DSP Before 1.9.7 Direct static code injection vulnerability in EJ3 TOPo 2.2.178 and earlier Randshop 1.2 index.php Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in BeatificFaith Eprayer Alpha's demo.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in DKScript.com Dragon's Kingdom Script 1.0 Improper Validation of Registry Function Calls in Check Point ZoneAlarm Internet Security Suite SQL Injection Vulnerability in Meine Links (My Links) in Kyberna ky2help Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Garry Glendown Shopping Cart 0.9 Multiple SQL Injection Vulnerabilities in Invision Power Board (IPB) 1.x and 2.x SQL Injection Vulnerabilities in Invision Power Board (IPB) 1.3 Final Denial of Service Vulnerability in Microsoft Internet Explorer 7.0 Beta Denial of Service Vulnerability in Patrice Freydiere ImgSvr Denial of Service Vulnerability in EMC VMware Player Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde Application Framework 3.0.0 - 3.1.1 Improper Restriction of Image Proxy Capability in Horde Application Framework Cross-Site Scripting (XSS) Vulnerabilities in F5 Networks FirePass 4100 5.x Vulnerability: Inbound/Outbound UDP Traffic Manipulation in NCP Secure Enterprise Client Vulnerability in Ipswitch IMail Secure Server 2006 and Collaboration Suite 2006 Premium Allows Context-Dependent Attackers to Use Server for Spam Transmission Remote Code Execution Vulnerability in PlaNet Concept planetNews Directory Traversal Vulnerability in MKPortal 1.0.1 Final Allows Remote File Inclusion Cross-Site Scripting (XSS) Vulnerabilities in PHP-Fusion 6.01.3 via Avatar and Forum Image Uploads Remote File Inclusion Vulnerability in ExtCalendar 2.0 Allows Arbitrary Code Execution Insufficient Access Control in MT Orumcek Toplist 2.2 Allows Information Disclosure Arif Supriyanto auraCMS 1.62 Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerabilities in Arif Supriyanto auraCMS 1.62: Remote Code Execution and Shoutbox Message Deletion Arbitrary SQL Command Execution in Blue Dojo Graffiti Forums 1.0 Authentication Bypass and Information Disclosure in BT Voyager 2091 Wireless Firmware Remote File Inclusion Vulnerabilities in Plume CMS 1.0.4: Arbitrary PHP Code Execution Arbitrary Script Injection in Winged Gallery 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in HiveMail 1.3 and Earlier SQL Injection Vulnerability in HiveMail 1.3 and Earlier: Remote Code Execution via fields[] Parameter in search.results.php Information Disclosure Vulnerability in HiveMail 3.1 and Earlier: Remote Installation Path Retrieval Arbitrary Web Script Injection in Juniper Networks (Redline) DX 5.1.x Web Administration Interface Cross-Site Scripting (XSS) Vulnerabilities in Fantastic Guestbook 2.0.1 Unspecified Privilege Escalation Vulnerability in NetApp Data ONTAP Unspecified Cross-Site Scripting (XSS) Vulnerability in Drupal Webform Module (4.6 and 4.7) Cross-Site Scripting (XSS) Vulnerabilities in Papoo 3 RC3 and Earlier SQL Injection Vulnerability in Papoo Forumthread.php Format String Vulnerability in Milan Mimica Sparklet 0.9.4 and Earlier: Remote Code Execution via Player Nickname Multiple Cross-Site Scripting (XSS) Vulnerabilities in Hitachi Groupmax and uCosminexus Collaboration Portals and Web Clients Buffer Overflow Vulnerability in McAfee VirusScan Enterprise 8.0.0 SQL Injection Vulnerability in SenseSites CommonSense CMS 5.0 via Date Parameter in search.php SQL Injection Vulnerability in LifeType 1.0.5 index.php Allows Remote Code Execution Fujitsu ServerView Directory Traversal Vulnerability Fujitsu ServerView Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in ASP Stats Generator 2.1.2: Remote Code Execution via order Parameter Stack-based buffer overflows in Audacious AdPlug 2.0 and earlier: Remote code execution vulnerability Heap-based Buffer Overflow Vulnerabilities in Audacious AdPlug 2.0 and Earlier Session Fixation Vulnerability in Jetbox CMS 2.1 SR1 Allows Remote Session Hijacking Dynamic Variable Evaluation Vulnerability in Jetbox CMS 2.1 SR1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jetbox CMS 2.1 SR1 SQL Injection Vulnerability in Jetbox CMS 2.1 SR1 Arbitrary Command Execution Vulnerability in Adobe Flash Player 8.0.24.0 Denial of Service Vulnerability in Adobe Flash Player 8.0.24.0 Insecure Umask in VMware SSL Key Creation Vulnerability Arbitrary Command Execution Vulnerability in Microsoft PowerPoint 2000-2003 (mso.dll) Denial of Service Vulnerability in Microsoft Internet Explorer 6 Elevated Privilege Command Execution Vulnerability in Cisco Unified CallManager (CUCM) CLI Arbitrary File Overwrite Vulnerability in Cisco Unified CallManager (CUCM) CLI (CSCse31704) Remote Code Execution Vulnerability in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) via Long Hostname in SIP Request (CSCsd96542) Unauthenticated Access to Cisco Router Web Setup (CRWS) in IOS HTTP Server Denial of Service Vulnerability in Cisco IPS 5.1(1) through 5.1(p1) Vulnerability: Root Password Zeroing Out in Ubuntu 6.06 LTS Installer SQL Injection Vulnerability in PHP-Nuke Sections Module SQL Injection Vulnerability in Nuke Advanced Classifieds Module for PHP-Nuke Stack-based buffer overflows in LookupTRM::lookup function in libtunepimp: Remote Code Execution Vulnerability Unspecified Privilege Escalation Vulnerability in DNN Modules for DotNetNuke Directory Traversal Vulnerability in FarsiNews 3.0 BETA 1 FlexWATCH Network Camera 3.0 XSS Vulnerability in index.php FlexWATCH Network Camera 3.0 Directory Traversal Vulnerability Denial of Service Vulnerability in Microsoft Internet Explorer 6 Denial of Service Vulnerability in Sun Solaris X Inter Client Exchange Library (libICE) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Softbiz Banner Exchange Script 1.0 Arbitrary PHP Code Execution via Unrestricted File Upload in Simone Vellei Flatnuke 2.5.7 and Earlier OrbitMATRIX 1.0 index.php Cross-Site Scripting (XSS) Vulnerability Sensitive Information Disclosure via Modified page_name Parameter in OrbitMATRIX 1.0 Directory Traversal Vulnerability in Phorum 5 pm.php Allows Remote File Inclusion Phorum 5.1.14 Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Chamberland Technology ezWaiter 3.0 Online and Enterprise Software SQL Injection Vulnerability in Orbitcoders OrbitMATRIX 1.0 via page_name Parameter PHP Remote File Inclusion Vulnerabilities in Phorum 5.1.14 with Enabled Register Globals Cross-Site Scripting (XSS) Vulnerabilities in Carbonize Lazarus Guestbook 1.6 and Earlier Arbitrary Code Injection via Cross-Site Scripting (XSS) in PBL Guestbook 1.32 and Earlier SQL Injection Vulnerability in PBL Guestbook 1.32 and Earlier: Remote Code Execution FastJar 0.93 Directory Traversal Vulnerability Arbitrary Script Injection in Koobi Pro CMS 5.6 via showtopic Module SQL Injection Vulnerability in Koobi Pro CMS 5.6 Showtopic Module Sensitive Information Disclosure in Koobi Pro CMS 5.6 via showtopic Module Arbitrary File Creation Vulnerability in McAfee ePolicy Orchestrator Agent Cross-Site Scripting (XSS) Vulnerabilities in FLV Players 8 Information Disclosure Vulnerability in FLV Players 8 Privilege Escalation via Race Condition in Linux Kernel Unspecified Denial of Service Vulnerability in Wireshark GSM BSSMAP Dissector Multiple Format String Vulnerabilities in Wireshark (Ethereal) 0.10.x to 0.99.0 Dissectors Denial of Service Vulnerability in Wireshark MOUNT Dissector Off-by-one errors in Wireshark: Potential Remote Attacks via NCP NMAS and NDPS Dissectors Unspecified Denial of Service Vulnerability in Wireshark SSH Dissector Buffer Overflow Vulnerability in Wireshark (Ethereal) NFS Dissector Arbitrary Command Execution Vulnerability in OSSP shiela 1.1.5 and Earlier Atomic Futex Operation Vulnerability in Linux Kernel 2.6.17-rc4 to 2.6.18-rc2 Denial of Service Vulnerability in Linux Kernel's ia64 Subsystem Mailman 2.1.9rc1 Multiple Cross-Site Scripting (XSS) Vulnerabilities HTML Rendering Memory Corruption Vulnerability COM Object Instantiation Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 and 6 Source Element Cross-Domain Vulnerability in Microsoft Internet Explorer 5.01 and 6 Window Location Information Disclosure Vulnerability MMC Redirect Cross-Site Scripting Vulnerability in Internet Explorer 5.01 and 6 Microsoft Word Integer Overflow Vulnerability Unspecified Remote Code Execution Vulnerability in Microsoft Windows 2000, XP, and Server 2003 Buffer Overflow Vulnerability in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4 Microsoft Office Chart Record Length Parsing Vulnerability Remote Code Execution Vulnerability in Microsoft Word 2000, 2002, and Office 2003 via Crafted Mail Merge File Trailing # Character Bypass in Microsoft ISA Server 2004 Denial of Service Vulnerability in Microsoft Works Spreadsheet 8.0 Buffer Overflow Vulnerability in Microsoft Works Spreadsheet 8.0 (wksss.exe) Allows Remote Denial of Service Unspecified Arbitrary Code Execution Vulnerability in Microsoft PowerPoint 2003 Unspecified Memory Corruption Vulnerability in Microsoft PowerPoint 2003 Stack Overflow Vulnerability in Microsoft Internet Explorer 6 with DXImageTransform.Microsoft.Gradient ActiveX Object Denial of Service Vulnerability in Microsoft Internet Explorer 6 Denial of Service Vulnerability in Microsoft Internet Explorer 6 Unspecified User-Assisted Vulnerability in Microsoft PowerPoint 2003 CuteNews 1.4.5 Index.PHP Cross-Site Scripting (XSS) Vulnerability Possible SQL Injection Vulnerability in ATutor 1.5.3's index.php Plaintext Password Storage Vulnerability in Finjan Vital Security Appliance 5100/8100 NG 8.3.5 Unspecified Denial of Service Vulnerability in NIS Server on Sun Solaris 8, 9, and 10 Remote Cookie Hijacking Vulnerability in SquirrelMail 1.4.6 and Earlier SQL Injection Vulnerability in AjaxPortal 3.0 with Disabled Magic Quotes GPC Unspecified Remote Vulnerability in Sybase/Financial Fusion Consumer Banking Suite Heap-based Buffer Overflow in it_read_envelope Function in DUMB Library World-readable chat logs in Mercury Messenger on multi-user Mac OS X platforms Remote Code Execution Vulnerability in Winlpd 1.26 via Stack-based Buffer Overflow CSRF Vulnerability in Hyper Estraier's communicate Function Denial of Service Vulnerability in KDE Konqueror 3.5.1 and Earlier Armagetron Advanced 2.8.2 Denial of Service Vulnerability Denial of Service Vulnerability in nNetObject.cpp in Armagetron Advanced 2.8.2 and Earlier Insecure Password Database Locking in Password Safe 2.11, 2.16, and 3.0BETA1 Arbitrary PHP Code Execution via File Upload in planetGallery Arbitrary Code Execution via Window Navigator Object in Mozilla Firefox and SeaMonkey Denial of Service Vulnerability in TippingPoint IPS Authentication Bypass Vulnerability in FatWire Content Server 5.5.0 Arbitrary Code Injection through phpage Parameter in Photocycle 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AWStats 6.5 build 1.857 and Earlier Information Disclosure in AWStats 6.5 build 1.857 and earlier via awstats.pl Remote File Inclusion Vulnerability in Flipper Poll 1.1 and Earlier: Arbitrary PHP Code Execution SoftComplex PHP Event Calendar 1.4 - Remote File Inclusion Vulnerability in calendar.php PHP Remote File Inclusion Vulnerability in CzarNews 1.12 through 1.14 via tpath parameter in cn_config.php Denial of Service Vulnerability in HP OpenVMS 7.3-2 SMPUTIL.EXE Remote Code Execution Vulnerability in D-Link Router UPnP Service SQL Injection Vulnerability in Francisco Charrua Photo-Gallery 1.0 Room.php Remote File Inclusion Vulnerability in Codeworks Gnomedia SubberZ[Lite] via myadmindir Parameter Multiple PHP Remote File Inclusion Vulnerabilities in MiniBB Forum 1.5a and Earlier Multiple SQL Injection Vulnerabilities in VBZooM 1.11 and Earlier PHP Remote File Inclusion Vulnerability in ListMessenger 0.9.3 Privilege Escalation via Unfiltered System Function Call in Rocks Clusters 4.1 and Earlier Unspecified Remote Code Execution Vulnerabilities in Ruby before 1.8.5 Unrestricted Access and Cross-Site Scripting Vulnerability in Trac before 0.9.6 Denial of Service Vulnerability in Outpost Firewall Pro Privilege escalation and command execution vulnerability in Agnitum Outpost Firewall Pro 3.51.759.6511 (462) Unspecified SQL Injection Vulnerabilities in Oracle Database 10.1.0.5 Unspecified vulnerability in Oracle Database Core RDBMS component (Oracle Vuln# DB02) Unspecified Vulnerabilities in Oracle Database 9.2.0.6 and 10.1.0.4 with Unknown Impact and Attack Vectors Unspecified vulnerability in Oracle Database Dictionary Component (Oracle Vuln# DB05) Unspecified Vulnerabilities in Oracle Database Versions 8.1.7.4 to 10.2.0.2 Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.4 Unspecified vulnerability in Oracle ODBC Driver for Oracle Database 10.1.0.4 Unspecified SQL Injection Vulnerabilities in Oracle Database 10.1.0.5 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3 and 9.0.3.1 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, 10.1.2.0.2, and 10.1.2.1 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 10.1.2.0.0 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, 9.0.4.2, and 10.1.2.0.0 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 9.0.4.1 Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4.2 and 10.1.2.0.0 Unspecified vulnerability in OC4J for Oracle Application Server 10.1.3.0 Unspecified vulnerability in OC4J for Oracle Application Server 10.1.2.0.2 and 10.1.2.1 Unspecified vulnerability in Oracle Collaboration Suite 10.1.2 Calendar with unknown impact and attack vectors Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 with Unknown Impact and Attack Vectors Unspecified Vulnerabilities in Oracle Exchange for Oracle E-Business Suite and Applications 6.2.4 Unspecified vulnerability in Oracle Enterprise Manager 9.0.1.0 and 9.2.0.1 with unknown impact and attack vectors Unspecified vulnerability in Oracle Enterprise Manager 10.1.0.3 (EM02) Unspecified Vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 Unspecified Vulnerability in PeopleSoft Enterprise Portal with Unknown Impact and Attack Vectors Unspecified Vulnerability in PeopleSoft Enterprise Portal with Unknown Impact and Attack Vectors Unspecified Vulnerability in JD Edwards HTML Server for Oracle OneWorld Tools EnterpriseOne Tools 8.95 and 8.96 Denial of Service Vulnerability in Norton Personal Firewall 2006 9.1.0.33 Buffer Overflow in FileCOPA FTP Server Allows Remote Code Execution Multiple SQL Injection Vulnerabilities in Eskolar CMS 0.9.0.0 Kernel Data Structure Corruption Vulnerability in Solaris 10 Integer Overflow Vulnerability in OWC11.DataSourceControl.11 Object in Internet Explorer 6 Integer Overflow in WebViewFolderIcon ActiveX Object in Microsoft Internet Explorer 6 on Windows XP SP2 Denial of Service Vulnerability in Mozilla Firefox 1.5.0.4 and Earlier Default Accounts and Passwords in Cisco CS-MARS 4.2.1 Oracle Database Vulnerability Arbitrary Code Execution via JMX-Console in JBoss Web Application Server Arbitrary Command Execution Vulnerabilities in Cisco CS-MARS CLI PHP Remote File Inclusion Vulnerabilities in Mail2Forum (module for phpBB) 1.2 and Earlier PHP Remote File Inclusion Vulnerability in VideoDB Component for Mambo 0.3 and Earlier Arbitrary Code Injection via file Parameter in SWsoft Plesk Control Panel Buffer Overflow in SSL_get_shared_ciphers Function in OpenSSL Heap-based Buffer Overflow in X.Org X Server's CIDAFM Function Arbitrary Code Execution via Integer Overflow in X.Org and XFree86 X Server Denial of Service Vulnerability in Linux Kernel's perfmonctl System Call KDE PAM Configuration Vulnerability in Fedora Core 5 Allows Passwordless Login Arbitrary Code Execution via Crafted XCF Images in ImageMagick Integer Overflow in ImageMagick Allows Arbitrary Code Execution via Crafted Sun Rasterfile Images Unspecified vulnerability in Linux SCTP implementation allows local privilege escalation Integer Overflow Vulnerability in GnuPG (gpg) 1.4.4: Remote Denial of Service via Crafted Message LDAP Scheme Handling Off-by-One Error in Apache Mod_Rewrite LoudMouth Component for Mambo PHP Remote File Inclusion Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in Sitemap Component for Mambo 4.5.1 CMS Remote Code Execution Vulnerability in Hashcash Component for Joomla! PHP Remote File Inclusion Vulnerability in HTMLArea3 Addon Component for ImageManager 1.5 Multiple SQL Injection Vulnerabilities in Professional Home Page Tools Guestbook Insecure Password Hash Storage in Professional Home Page Tools Guestbook Administration Login Remote File Inclusion Vulnerability in FlushCMS 1.0.0-pre2 and Earlier Remote File Inclusion Vulnerability in FlushCMS 1.0.0-pre2 and Earlier Geeklog Cross-Site Scripting (XSS) Vulnerability in Comment Validation Sensitive Information Disclosure in Zen Cart 1.3.0.2 via Empty Array Parameters Arbitrary Variable Overwrite via SQL Injection in MyBB 1.1.4 Archive Mode Unspecified User Group Manipulation Vulnerability in MyBB 1.1.4 Multiple SQL Injection Vulnerabilities in MyBB 1.1.4 Arbitrary Script Injection via SGML Numeric Character Reference in MyBB 1.0 RC2 through 1.1.4 Arbitrary File Read and Execution Vulnerability in Touch Control ActiveX Control 2.0.0.55 SQL Injection Vulnerability in Diesel Joke Site's category.php Allows Remote Code Execution Remote Code Execution in phpPolls 1.0.3 via Direct Request to phpPollAdmin.php3 Arbitrary Web Script Injection in Huttenlocher Webdesign hwdeGUEST 2.1.1 and Earlier osDate 1.1.7 and Earlier: User Rating Manipulation Vulnerability Arbitrary Script Injection via onerror Attribute in osDate 1.1.7 and Earlier Stack-based buffer overflow in FileCOPA FTP Server 1.01 allows remote code execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Top XL 1.1 and Earlier SQL Injection Vulnerabilities in phpFaber TopSites 2.0.9 and Earlier: Remote Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in iManage CMS 4.0.12 and Earlier PHP-Post Auto-Login Security Bypass Vulnerability Remote File Inclusion Vulnerability in SMF-Forum 1.3.1.3 Bridge Component for Joomla! and Mambo 4.5.3+ Remote File Inclusion Vulnerability in perForms Component for Joomla! Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in MyBB 1.1.5 init function in class_session.php Remote File Inclusion Vulnerability in IDevSpot (1) PhpHostBot 1.0 and (2) AutoHost 3.0 Remote File Inclusion Vulnerability in IDevSpot PhpLinkExchange 1.0 Vulnerability in IBM Lotus Notes allows remote attackers to obtain recipient list Insecure ACL in Citrix MetaFrame Allows Privilege Escalation by Remote Authenticated Users Insufficient Access Control in Keyifweb Keyif Portal 2.0 Allows Remote Database Download Denial of Service Vulnerability in Sun Solaris 10 via Event Port API Unspecified Denial of Service Vulnerability in Solaris 10 Kernel Debugger (kmdb) Denial of Service Vulnerability in Sun Solaris 10 via Unspecified Vectors Weak Default Permissions in Symantec pcAnywhere 12.5 Allow Privilege Escalation Insecure Password Storage in Symantec pcAnywhere 12.5 Weak Integrity Protection in Symantec pcAnywhere 12.5 Allows Unauthorized Modification of Superuser Flag Improper Hooking of CreateRemoteThread API in Sunbelt Kerio Personal Firewall 4.3.x Multiple Buffer Overflows in UFO2000: Remote Code Execution Vulnerabilities Multiple Array Index Errors in UFO2000 Allow Remote Code Execution and Denial of Service Buffer Over-read Vulnerability in UFO2000 Server Transport Denial of Service Vulnerability in UFO2000 Server Transport SQL Injection Vulnerability in ServerClientUfo::recv_packet in server_protocol.cpp Remote File Inclusion Vulnerability in SiteDepth CMS 3.01 and Earlier SQL Injection Vulnerability in Amazing Flash AFCommerce Shopping Cart Multiple Cross-Site Scripting (XSS) Vulnerabilities in DeluxeBB before 1.08 Username Bypass Vulnerability in DeluxeBB 1.07 and Earlier DeluxeBB 1.07 and Earlier SQL Injection Vulnerability Allows Authentication Bypass and User Spoofing Variable Pollution Vulnerability in DeluxeBB 1.07 and Earlier SQL Injection Vulnerability in DeluxeBB 1.07 and Earlier XSS Vulnerability in Amazing Flash AFCommerce Shopping Cart JavaScript Reference Deletion Vulnerability in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Race condition vulnerability in JavaScript garbage collection in Mozilla Firefox, Thunderbird, and SeaMonkey before 1.5.0.5 and 1.0.3 respectively Heap-based Buffer Overflow in Mozilla Thunderbird and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Integer Overflow Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution via Manipulated Object Constructor in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution via Proxy AutoConfig (PAC) Script in Mozilla Firefox and SeaMonkey Privilege Escalation Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Web Script Injection Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Multiple Memory Corruption Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Remote File Reference and Chrome URL Loading Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unpatched Regression Vulnerability in Perl Package for Red Hat Enterprise Linux 4 Allows Arbitrary File Overwrite Buffer Overflow in Cheese Tracker Loader_XM::load_instrument_internal Function Insecure Permissions in Heartbeat Shared Memory Allocation Vulnerability Clear-text Storage of Remote Connection Passwords in Krusader Bookmark File Novell GroupWise WebAccess XSS Vulnerability Novell GroupWise WebAccess XSS Vulnerability in Login Page Eval Injection Vulnerability in TWiki Configure Script Arbitrary Web Script Injection Vulnerability in Loudblog 0.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ATutor 1.5.3 SQL Injection Vulnerability in GeoAuctions Enterprise 1.0.6: Remote Code Execution via index.php SQL Injection Vulnerability in GeodesicSolutions GeoAuctions Premier and GeoClassifieds Basic Kernel Memory Disclosure Vulnerability in Sun Solaris sysinfo System Call Route Manipulation Vulnerability in Sun Solaris 10 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and Earlier Arbitrary SQL Command Execution in Kailash Nadh boastMachine 3.1 and Earlier Incomplete Blacklist Vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and Earlier Allows SQL Injection Bypass CSRF Vulnerability in Kailash Nadh boastMachine 3.1 and Earlier Arbitrary File Upload Vulnerability in Kailash Nadh boastMachine Predictable Filename and Insufficient Access Control in Kailash Nadh boastMachine (formerly bMachine) 3.1 and Earlier Arbitrary SQL Command Execution in Gerrit van Aaken Loudblog 0.5 and Earlier Arbitrary Entry Overwrite and Password Reset Vulnerability in EJ3 TOPo 2.2.178 Clear-text Password Exposure in EJ3 TOPo 2.2.178 Directory Listing Vulnerability in Apache Tomcat 5 before 5.5.17 UNIDOmedia Chameleon LE Directory Traversal Vulnerability Cookie Expiration Date Manipulation Vulnerability in Professional Home Page Tools Guestbook Multiple Stack-Based Buffer Overflows in eIQnetworks Enterprise Security Analyzer (ESA) Denial of Service Vulnerability in PAM SMB Mailslot Parsing Functionality WebScarab XSS Vulnerability Zoho Virtual Office 3.2 Build 3210 XSS Vulnerability Remote File Inclusion Vulnerability in Calendar Mambo Module 1.5.7 and Earlier Buffer Overflow in Quick 'n Easy FTP Server 3.0: Remote Command Execution via Long LIST Command Argument Remote Code Execution Vulnerability in WinRAR 3.00 through 3.60 beta 6 via Long Filename in LHA Archive Remote File Inclusion Vulnerability in MultiBanners 1.0.1 for Mambo Remote File Inclusion Vulnerability in MoSpray 1.8 RC1: Arbitrary PHP Code Execution Arbitrary Web Script Injection in IPCalc 0.40 CGI Wrapper Remote Code Execution Vulnerability in Warzone 2100 and Warzone Resurrection 2.0.3 and Earlier PHP Remote File Inclusion Vulnerability in Vanilla CMS 1.0.1 and Earlier SQL Injection Vulnerability in X7 Chat 2.0.4 and Earlier: Remote Code Execution via upgradev1.php Arbitrary SQL Command Execution via Cross-Site Scripting (XSS) in Micro GuestBook Buffer Overflow Vulnerability in IBM Informix Dynamic Server (IDS) on Windows Buffer Overflow Vulnerability in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC8, 10.00.TC4, and 10.00.TC5 on Windows Remote Code Execution Vulnerability in IBM Informix Dynamic Server (IDS) Unspecified Denial of Service Vulnerability in IBM Informix Dynamic Server (IDS) Multiple Buffer Overflow Vulnerabilities in IBM Informix Dynamic Server (IDS) Plaintext Password Storage Vulnerability in IBM Informix Dynamic Server (IDS) Arbitrary File Creation and Overwrite Vulnerability in IBM Informix Dynamic Server (IDS) Arbitrary Command Execution Vulnerability in IBM Informix Dynamic Server (IDS) Arbitrary Database Creation Vulnerability in IBM Informix Dynamic Server Buffer Overflow Vulnerability in IBM Informix Dynamic Server (IDS) via SQLIDEBUG Environment Variable Remote code execution vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003 Arbitrary Code Execution Vulnerability in Microsoft Excel 2000-2004 and Excel Viewer 2003 Remote Code Execution Vulnerability in Microsoft Office XP and 2003 via Malformed Smart Tag Heap-based Buffer Overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1 Heap-based Buffer Overflow in URLMON.DLL in Microsoft Internet Explorer 6 SP1 on Windows 2000 and XP SP1 User-assisted code execution vulnerability in Microsoft Excel 2000-2004 and Excel Viewer 2003 via crafted COLINFO record in XLS file User-assisted arbitrary code execution vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac Unspecified Arbitrary Code Execution Vulnerability in PowerPoint Insecure Permissions in Opsware NAS 6.0 Allow Unauthorized Access to MySQL Root Password Integer Overflow in loadChunk Function in libmikmod: Denial of Service Vulnerability Denial of Service Vulnerability in Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Small Business Server 2003 Cross-site scripting (XSS) vulnerability in Shalwan MusicBox 2.3.4 and earlier via id parameter in top-level URI Information Disclosure Vulnerability in Shalwan MusicBox 2.3.4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gonafish LinksCaffe 3.0 Multiple SQL Injection Vulnerabilities in Gonafish LinksCaffe 3.0 Check Point Firewall-1 R55W Directory Traversal Vulnerability SQL Injection Vulnerability in Shalwan MusicBox 2.3.4 and Earlier via viewgallery Action AOL You've Got Pictures (YGP) Screensaver ActiveX Control Buffer Overflow Vulnerability Buffer Overflow in AOL You've Got Pictures (YGP) Pic Downloader ActiveX Control Stack-based Buffer Overflow in Sky Software FileView ActiveX Control Weak Authentication Vulnerability in EMC NetWorker Management Console Server Buffer Overflow Vulnerabilities in Newtone ImageKit ActiveX Controls Denial of Service Vulnerability in RSA Crypto-C and Cert-C Libraries Bypassing Smartcard Authentication in NeoScale Systems CryptoStor 700 Series Appliance Stack Overflow in Microsoft Internet Explorer 6 on Windows 2000 Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 Arbitrary Web Script Injection Vulnerability in TP-Book 1.00 and Earlier Stack-based Buffer Overflow Vulnerabilities in Tumbleweed Email Firewall (EMF) Cross-Site Scripting (XSS) Vulnerability in phpFaber TopSites 2.0.9 via i_cat Parameter CRLF Injection Vulnerability in MyWebland MyBloggie 2.1.3 Allows Session Hijacking and XSS Attacks SQL Injection Vulnerability in Etomite CMS 0.6.1 and Earlier: Remote Code Execution via Username Parameter SQL Injection Vulnerability in Webland MyBloggie 2.1.3: Remote Code Execution IKEv1 Protocol Denial of Service Vulnerability Denial of Service Vulnerability in Siemens SpeedStream 2624 Format String Vulnerability in flush_output function in GNE 0.70 and earlier Arbitrary Code Injection through XSS Vulnerability in calendar.php Denial of Service Vulnerability in Internet Explorer 6 with Outlook Installed PHP Remote File Inclusion Vulnerability in OSI Codes PHP Live! 3.2.1 and Earlier Stack-based Buffer Overflow in WinRAR SFX Module Buffer Overflow Vulnerability in Freeciv 2.1.0-beta1 and Earlier XSS Vulnerability in Blackboard Academic Suite 6.2.3.23 Allows Remote Authenticated Users to Inject Arbitrary HTML or Web Script Denial of Service Vulnerability in Microsoft Internet Explorer 6 on Windows XP SP2 Arbitrary Script Injection Vulnerability in sNews 1.4 Remote File Inclusion Vulnerability in R. Corson PHP Forge 3 Beta 2 and Earlier Cross-Site Scripting (XSS) Vulnerability in IBM and Apache HTTP Servers SQL Injection Vulnerability in SD Studio CMS index.php TCP Sequence Number Denial of Service Vulnerability File Disclosure Vulnerability in Sun Java System Application Server and Web Server Arbitrary PHP Code Execution via Remote File Inclusion in PortailPHP 1.7 Cross-Site Scripting (XSS) Vulnerability in Fire-Mouse Toplist 1.1 and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Dokeos before 1.6.5 Stack-based Buffer Overflow in ITIRecorder.MicRecorder ActiveX Control in InterActual Player Multiple SQL Injection Vulnerabilities in PhpProBid 5.24 Arbitrary Script Injection in PhpProBid 5.24 via auctionsearch.php Remote File Inclusion Vulnerability in WMNews 0.2a and Earlier: Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in Zyxel Prestige 660H-61 ADSL Router PHP Remote File Inclusion Vulnerability in a6mambohelpdesk Mambo Component Buffer Overflow Vulnerability in Midirecord 2.0 Daemon Function SQL Injection Vulnerability in Gonafish LinksCaffe 3.0 links.php (cat parameter) Arbitrary Script Injection in Alkacon OpenCms before 6.2.2 Absolute Path Traversal Vulnerability in Alkacon OpenCms downloadTrigger.jsp Unrestricted Access to Administrator Functions in Alkacon OpenCms Arbitrary JSP File Source Code Disclosure in Alkacon OpenCms Information Disclosure Vulnerability in x_atrix xGuestBook 1.02 Revealing Installation Path DotClear Vulnerability: Information Disclosure via Direct Requests Unauthenticated Remote Administrative Activities in ScriptsCenter ezUpload Pro 2.2.0 Multiple SQL Injection Vulnerabilities in phpbb-Auction Unspecified Buffer Overflow Vulnerability in Sun N1 Grid Engine Daemons SMB_COM_TRANSACTION Denial of Service Vulnerability Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 Denial of Service Vulnerability in Microsoft Internet Explorer 6 on Windows XP SP2 CSS Background Property Denial of Service Vulnerability in Opera 9 Memory Management Error in WebCore Allows Remote Code Execution Remote File Inclusion Vulnerability in Mambatstaff 3.1b and Earlier Component for Mambo Arbitrary Web Script Injection Vulnerability in PHP-Nuke INP Remote File Inclusion Vulnerability in Artlinks Component for Mambo X-Statistics 1.20 SQL Injection Vulnerability via User-Agent Header Mam-moodle Alpha Component Remote File Inclusion Vulnerability Stack-based Buffer Overflow in Easy File Sharing FTP Server 2.0 MyBB UserCP.php XSS Vulnerability Directory Traversal Vulnerability in MyBB 1.x UserCP.php Multiple PHP Remote File Inclusion Vulnerabilities in MiniBB Forum 1.5a Cross-Site Scripting (XSS) Vulnerabilities in AWBS 2.2.2 contact.php BosDev BosDates Payment.php Remote File Inclusion Vulnerability Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Taskjitsu 2.0.3 SQL Injection Vulnerability in X-Scripts X-Protection 1.10: Remote Code Execution via protect.php SQL Injection Vulnerability in X-Scripts X-Poll (top.php) Allows Remote Code Execution Arbitrary Command Execution Vulnerability in McAfee Security Center ActiveX Control Arbitrary PHP Code Execution via Remote File Inclusion in Bayesiannaivefilter Component Multiple SQL Injection Vulnerabilities in Banex PHP MySQL Banner Exchange 2.21 Remote File Inclusion Vulnerability in Banex PHP MySQL Banner Exchange 2.21 Insufficient Access Control in Banex PHP MySQL Banner Exchange 2.21 Allows for Database Credential Exposure Remote File Inclusion Vulnerability in PHP Layers Menu 2.3.5 Package Arbitrary PHP Code Execution via Remote File Inclusion in MamboXChange Moskool 1.5 DSA Signature Verification Vulnerability in Sun Solaris 10 3/05 HW2 on Sun Fire T2000 Platforms Remote File Inclusion Vulnerability in Colophon 1.2 and Earlier for Joomla! Remote File Inclusion Vulnerability in LMO Component (com_lmo) 1.0b2 and Earlier for Joomla! Arbitrary Web Script Injection Vulnerability in Scott Weedon Ajax Chat Scott Weedon Ajax Chat Directory Traversal Vulnerability Firewall Plus 5.0 Build 1119 Local Privilege Escalation Vulnerability Arbitrary Web Script Injection Vulnerability in 3Com OfficeConnect Secure Router Remote Code Execution Vulnerability in CA eTrust Antivirus WebScan Arbitrary File Installation Vulnerability in CA eTrust Antivirus WebScan Unspecified Vulnerability in CA eTrust Antivirus WebScan: Improper Processing of Outdated Components Unspecified Arbitrary Code Execution Vulnerability in Verity Third Party Library Authentication Bypass Vulnerability in ColdFusion MX 7 AdminAPI Arbitrary PHP Code Execution via Remote File Inclusion in Mambo Gallery Manager (MGM) 0.95r2 and Earlier Remote File Inclusion Vulnerability in Mambo Gallery Manager (MGM) 0.95r2 and Earlier Remote File Inclusion Vulnerability in Knusperleicht Quickie (0.2): Execution of Arbitrary PHP Code Remote File Inclusion Vulnerability in PHP(Reactor) 1.27pl1 editprofile.php Remote File Inclusion Vulnerability in Albasoftware Phpauction 2.1 and phpAdsNew 2.0.5 Arbitrary Code Execution via Crafted ZIP Archive in PowerArchiver 9.62.03 Knusperleicht Newsletter 3.5 and Earlier: PHP Remote File Inclusion Vulnerability in index.php PHP Remote File Inclusion Vulnerabilities in Knusperleicht FileManager 1.2 and Earlier Remote File Inclusion Vulnerability in Knusperleicht newsReporter 1.1 and Earlier: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in Knusperleicht Shoutbox 4.4 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Paul M. Jones Savant2 Remote File Inclusion Vulnerability in Vlad Vostrykh Voodoo Chat 1.0RC1b and Earlier Arbitrary Code Execution Vulnerability in Intel Centrino Wireless Network Drivers Remote File Inclusion Vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 via copyright.php SQL Injection Vulnerability in XMB 1.9.6 Alpha and Earlier: Remote Code Execution via u2u_send_recp Function Multiple PHP Remote File Inclusion Vulnerabilities in UHP Component for Mambo/Joomla SQL Injection Vulnerability in ATutor 1.5.3.1 and Earlier: Remote Code Execution via links/index.php Remote File Inclusion Vulnerability in WoWRoster 1.5.x and Earlier Remote File Inclusion Vulnerability in WoWRoster 1.5.1 and Earlier BlackICE PC Protection 3.6.cpj Vulnerability: Unauthorized Replacement of pamversion.dll Directory Traversal Vulnerability in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 Hard-coded password vulnerability in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to access sensitive information Cross-site scripting (XSS) vulnerability in user.module in Drupal 4.6 and 4.7 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. Arbitrary File Access Vulnerability in Hobbit Monitor 4.1.2p2 Directory Traversal Vulnerability in vbPortal 3.0.2 through 3.6.0 Beta 1 Remote Denial of Service Vulnerability in BomberClone 0.11.6 and Earlier Memory Disclosure Vulnerability in BomberClone 0.11.6 and Earlier Knusperleicht Guestbook 3.5 - PHP Remote File Inclusion Vulnerability Knusperleicht Faq 1.0 - PHP Remote File Inclusion Vulnerability Arbitrary Web Script Injection Vulnerability in Virtual War (Vwar) 1.5.0 and Earlier SQL Injection Vulnerability in Virtual War (Vwar) 1.5.0 and Earlier via war.php Kayako eSupport 2.3.1 Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in circeOS SaveWeb Portal 3.4 Directory Traversal Vulnerabilities in Symantec Brightmail AntiSpam (SBAS) before 6.0.4 Denial of Service Vulnerability in Symantec Brightmail AntiSpam (SBAS) Denial of Service Vulnerability in HP ProCurve Switches Arbitrary Web Script Injection Vulnerability in toendaCMS XSS Vulnerability in INM CMS G3 Search Module Heap-based Buffer Overflow in ClamAV's pefromupx Function Arbitrary Variable Overwrite and User Data Exposure in SquirrelMail 1.4.0 to 1.4.7 Buffer Over-read Vulnerability in sscanf PHP Function Vulnerability: Pattern Identification through Birthday Attack on Custom Padding Mechanism in ScatterChat 1.0.x Memory Corruption and Code Execution Vulnerability in Intel 2100 PRO/Wireless Network Connection Driver PROSet Arbitrary String Validation Vulnerability in ip2long Function in PHP Buffer underflow vulnerability in FESTAHES_Load function in Festalon 0.5.0 through 0.5.5 SQL Injection Vulnerability in XennoBB 2.1.0 and Earlier: Arbitrary SQL Command Execution in profile.php Remote File Inclusion Vulnerability in SAPID CMS 123 rc3 Unspecified Remote Vulnerabilities in WordPress Before 2.0.4 AGEphone 1.24 and 1.38.1 Stack-Based Buffer Overflow Vulnerability Unspecified Vulnerability in Gallery 1.5.1-RC2 and Earlier: Sensitive Information Disclosure Privilege Escalation via MERGE Table in MySQL 4.1 and 5.0 Cisco IOS CallManager Express (CME) SIP User Directory Information Disclosure Vulnerability Heap-based Buffer Overflow in Lhaplus.exe Allows Remote Code Execution Remote File Inclusion Vulnerability in ModernGigabyte ModernBill 1.6 SQL Injection Vulnerability in CounterChaos 0.48c and Earlier: Remote Code Execution via Referer HTTP Header ZoneMetrics ZoneX Publishers Gold Edition 1.0.3 and Earlier PHP Remote File Inclusion Vulnerability Arbitrary Code Execution Vulnerability in Fenestrae Faxination Server Multiple Cross-Site Scripting (XSS) Vulnerabilities in GaesteChaos 0.2 and Earlier Multiple SQL Injection Vulnerabilities in GaesteChaos 0.2 and Earlier: Remote Code Execution Remote File Inclusion Vulnerability in myWebland myEvent 1.3 and Earlier: Arbitrary PHP Code Execution Pike SQL Injection Vulnerability in Versions Prior to 7.6.86 SQL Injection Vulnerabilities in myWebland myBloggie 2.1.4 and Earlier: Remote Code Execution via trackback.php Sensitive Information Disclosure in myWebland myBloggie 2.1.4 and Earlier Remote File Inclusion Vulnerability in phpCodeCabinet 0.5 and Earlier Remote File Inclusion Vulnerability in Torbstoff News 4's news.php Allows Arbitrary PHP Code Execution Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows and 0.1.10_rc5 and earlier on Linux/BSD SQL Injection Vulnerability in Netious CMS 0.4 and Earlier: Remote Code Execution via Username Parameter Session Hijacking Vulnerability in Netious CMS 0.4 Arbitrary File Creation/Overwrite Vulnerability in Sun Ray Server Software 3.x Remote File Inclusion Vulnerability in phpAutoMembersArea (phpAMA) 3.2.4 and Earlier Remote File Inclusion Vulnerability in PHP Live Helper 2.0 and Earlier PHP Remote File Inclusion Vulnerabilities in Turnkey Web Tools PHP Simple Shop 2.0 and Earlier Remote File Inclusion Vulnerability in ME Download System 1.3 via templates/header.php Multiple PHP Remote File Inclusion Vulnerabilities in ME Download System 1.3 Multiple PHP Remote File Inclusion Vulnerabilities in Olaf Noehring The Search Engine Project (TSEP) 0.942 and Earlier SQL Injection Vulnerabilities in Katzlbt Address Book Authentication Process Buffer Overflow in Mitch Murray Eremove 1.4: Remote Code Execution via Email Attachment Arbitrary Script Injection in Simplog 0.9.3 and Earlier via archive.php PHP Remote File Inclusion Vulnerabilities in USOLVED NEWSolved Lite 1.9.2 Visual Events Calendar 1.1 - PHP Remote File Inclusion Vulnerability in calendar.php PHP remote file inclusion vulnerability in phpPrintAnalyzer 1.1 allows remote code execution Remote File Inclusion Vulnerability in Dmitry Sheiko SAPID Shop 1.2 and Earlier PHP Remote File Inclusion Vulnerabilities in Csaba Godor SAPID Blog Beta 2 and Earlier SQL Injection Vulnerability in YenerTurk Haber Script 1.0 and 2.0 PHP Remote File Inclusion Vulnerabilities in Dmitry Sheiko SAPID Gallery 1.0 and Earlier Denial of Service Vulnerability in GDIPlus.dll CakePHP 1.1.7.3363 Cross-Site Scripting (XSS) Vulnerability in error.php Weak Hashing Scheme in pswd.js Script Allows for Offline Brute Force Attacks Cross-Site Scripting (XSS) Vulnerabilities in Elaine Aquino Online Zone Journals (OZJournals) 1.5 Format String Vulnerability in Imendio Planner 0.13: Arbitrary Code Execution via Filename Sign Extension Vulnerability in createBrushIndirect Function in GDI Library Allows Denial of Service via Crafted WMF File Multiple SQL Injection Vulnerabilities in Club-Nuke [XP] 2.0 LCID 2048 PHP Remote File Inclusion Vulnerabilities in Fabian Hainz phpCC Beta 4.2 Remote File Inclusion Vulnerability in JD-Wiki Component for Joomla! (com_jd-wiki) 1.0.2 and Earlier PHP Remote File Inclusion Vulnerabilities in Wim Fleischhauer Docpile: Wim's Edition (Docpile:WE) 0.2.2 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Wim Fleischhauer Docpile: Wim's Edition (Docpile:WE) 0.2.2 Remote File Inclusion Vulnerability in Vincenzo Valvano Comet WebFileManager (CWFM) 0.9.1 Arbitrary Username Bypass Vulnerability in DeluxeBB 1.08 PM System Arbitrary Web Script Injection via Topic Title Field in DeluxeBB 1.08 Insecure Cookie Handling in DeluxeBB 1.08 and Earlier Versions Arbitrary Command Execution in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 via preview_email.cgi Hardcoded Admin Password Vulnerability in Barracuda Spam Firewall PHP Remote File Inclusion Vulnerability in myWebland myEvent 1.x viewevent.php Critical Unspecified Vulnerability in phpAutoMembersArea (phpAMA) before 3.2.4 Remote File Inclusion Vulnerability in Olaf Noehring The Search Engine Project (TSEP) 0.942 and Earlier XSS Vulnerability in OZJournals 1.5 via keywords parameter in index.php Cross-Site Scripting (XSS) Vulnerability in mojoGallery's admin.cgi CivicSpace 0.8.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities Multiple Buffer Overflows in AlsaPlayer 0.99.76 and Earlier Arbitrary Script Injection in Webligo BlogHoster 2.2 via Comment Post Cross-Site Scripting (XSS) Vulnerabilities in Archangel Management Archangel Weblog 0.90.02 Simpliciti Locked Browser Vulnerability: Unauthorized Actions via JavaScript Window.Blur Loop Denial of Service Vulnerability in Linux Kernel on PowerPC PPC970 Systems Denial of Service Vulnerability in BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 BIND Denial of Service Vulnerability Unspecified Denial of Service Vulnerabilities in Cisco Secure Access Control Server (ACS) CSRadius Service Stack-based Buffer Overflow Vulnerability Predictable Session Identifier Vulnerability in Business Objects Crystal Enterprise 9 and 10 Remote File Inclusion Vulnerability in SQLiteWebAdmin 0.1 and Earlier Allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Jason Alexander phNNTP 1.3 and Earlier Cross-Site Scripting (XSS) Vulnerability in mojoGallery's admin.cgi Cross-Site Scripting (XSS) Vulnerability in Fill Threads Database (FTD) 3.7.3 Arbitrary Web Script Injection via Comment Title in blursoft blur6ex 0.3 SQL Injection Vulnerability in Drupal Job Search Module Arbitrary SQL Command Execution in Bibliography Module for Drupal Arbitrary web script injection vulnerability in Bibliography module for Drupal Case-insensitive ScriptAlias Directive Vulnerability in Apache 2.2.2 on Windows Remote Code Execution via File Upload in Ruby on Rails Unspecified Remote Code Execution Vulnerability in Ruby on Rails Dependency Resolution Mechanism Remote File Inclusion Vulnerability in Brian Fraval hitweb 4.2 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in PHPMyRing 4.2.0 and Earlier: Remote Code Execution via view_com.php Remote File Inclusion Vulnerability in PgMarket 2.2.3 Allows Arbitrary PHP Code Execution Stack-based Buffer Overflows in Lhaz Before 1.32 Denial of Service Vulnerability in squeue_drain Function in Sun Solaris 10 Multiple SQL Injection Vulnerabilities in GeheimChaos 0.5 and Earlier SQL Injection Vulnerability in GeheimChaos 0.5 and Earlier: Remote Code Execution via Temp_entered_password Parameter Arbitrary Code Injection through Recipe Module in Drupal 4.6 and Earlier Remote File Inclusion Vulnerability in See-Commerce 1.0.625 and Earlier Authentication Bypass and Entry Deletion Vulnerability in Simple One-File Guestbook 1.0 and Earlier Boite de News 4.0.1 - PHP Remote File Inclusion Vulnerability Privilege Escalation via DEBUG_FILE Environment Variable in libXm Library Stack-based Buffer Overflow in DConnect Daemon 0.7.0 and Earlier: Remote Code Execution via Large Nickname Null Pointer Dereference in dc_chat function of DConnect Daemon 0.7.0 and earlier Format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote code execution Heap-based Buffer Overflow Vulnerabilities in Symantec VERITAS Backup Exec for Netware Server Remote Agent for Windows Server and Backup Exec Continuous Protection Server Remote Agent for Windows Server Remote File Inclusion Vulnerability in Webring Component (com_webring) for Joomla! 1.0 and earlier Remote File Inclusion Vulnerability in Remository Component (com_remository) 3.25 and Earlier for Mambo and Joomla! Buffer Overflow Vulnerabilities in ArcSoft MMS Composer Denial of Service Vulnerability in ArcSoft MMS Composer Heap-based Buffer Overflow in SAP Internet Graphics Service (IGS) Allows Remote Code Execution Unspecified Denial of Service Vulnerability in SAP Internet Graphics Service (IGS) PHP Remote File Inclusion Vulnerability in Calendarix 0.7.20060401 and Earlier Unspecified Vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 Information Disclosure Vulnerabilities in IBM WebSphere Application Server Arbitrary Code Execution Vulnerabilities in Microsoft Windows Help File Viewer Race Condition Vulnerability in Sun Solaris 10 Allows Denial of Service via Unspecified Vectors IPCheck Server Monitor Directory Traversal Vulnerability Arbitrary SQL Command Execution in Virtual War (VWar) 1.5.0 and Earlier Arbitrary SQL Command Execution in Virtual War (VWar) 1.5.0 R14 and Earlier Denial of Service Vulnerability in Netgear FVG318 Firmware 1.0.40 Integer Overflow in ReadSGIImage Function in ImageMagick Denial of Service Vulnerability in Linux Kernel's UDF Filesystem Driver Buffer Overflow in GNU Debugger (GDB) 6.5 Allows Arbitrary Code Execution via Crafted DWARF File Mod_tcl module 1.0 for Apache 2.x Format String Vulnerability Unspecified vulnerability in func_topic_threaded.php in Invision Power Board (IPB) before 2.1.7 21013.60810.s allows remote attackers to access posts outside the topic PHP Remote File Inclusion Vulnerability in Pearlabs Mafia Moblog 6 and Earlier YaBB index.php Cross-Site Scripting (XSS) Vulnerability Remote File Inclusion Vulnerability in Spaminator 1.7 and Earlier: Arbitrary PHP Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in Chaussette 080706 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in MVCnPHP 3.0 Arbitrary File Read Vulnerability in XennoBB 2.1.0 and Earlier Dragonfly CMS 9.0.6.1 and Earlier XSS Vulnerability in Search Field PHP Remote File Inclusion Vulnerability in cls_fast_template.php in myWebland miniBloggie 1.0 and Earlier Remote File Inclusion Vulnerability in phpPrintAnalyzer 1.2 and Earlier NetCommons 1.0.8 and Earlier XSS Vulnerability Remote File Inclusion Vulnerability in TinyWebGallery 1.5 and Earlier Integer Overflow in Libexif's exif_data_load_data_entry Function Arbitrary File Inclusion Vulnerabilities in G/PGP (GPG) Plugin for Squirrelmail Integer Overflow Vulnerability in i386_set_ldt Call in FreeBSD 5.5 and Earlier Versions Denial of Service Vulnerability in Sun Java System Directory Server Heap-based Buffer Overflow in Novell eDirectory NCP Engine Integer Signedness Error in i386_set_ldt Call in FreeBSD 5.5 and Earlier Versions SQL accounting code in GNU Radius 1.2 and 1.3: Format String Vulnerability Heap-based Buffer Overflow in ClamAV PE File Parsing Heap-based Buffer Overflow in Microsoft DirectX SDK (February 2006) and Earlier Versions Access Control Bypass in SmartLine DeviceLock before 5.73 Build 305 Denial of Service Vulnerability in NCPENGINE of Novell eDirectory 8.7.3.8 Plaintext Password Logging Vulnerability in Novell eDirectory 8.7.3.8 Unspecified Denial of Service Vulnerability in HP-UX Unspecified Denial of Service Vulnerability in HP-UX LP Subsystem Multiple PHP Remote File Inclusion Vulnerabilities in Dolphin 5.1 Directory Traversal Vulnerability in AutoHTML Module for PHP-Nuke Directory Traversal Vulnerability in XMB (Extreme Message Board) 1.9.6 and Earlier Buffer Overflow Vulnerabilities in MODPlug Tracker and libmodplug Remote Code Execution and Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 and Other Versions Unspecified Remote UDP Packet Injection Vulnerability in Cisco PIX 500 Series Security Appliances PHP Remote File Inclusion Vulnerability in Peoplebook Component for Mambo Remote File Inclusion Vulnerability in WEBInsta CMS 0.3.1 and Earlier Versions Multiple Buffer Overflows in libmusicbrainz: Remote Code Execution and Denial of Service Vulnerabilities Remote File Inclusion Vulnerability in Wheatblog (wB) 1.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in Soft3304 04WebServer 1.83 and Earlier Authentication Bypass Vulnerability in 04WebServer 1.83 and Earlier Remote Code Execution Vulnerability in HP OpenView Storage Data Protector SQL Injection Vulnerability in Spidey Blog Script 1.5 and Earlier: Remote Command Execution via pid Parameter MMP Component (com_mmp) 1.2 and Earlier for Mambo - PHP Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerabilities in PHProjekt 5.1 and Earlier Versions Multiple PHP Remote File Inclusion Vulnerabilities in WebDynamite ProjectButler 0.8.4 Arbitrary Web Script Injection in ASPPlayground.NET Forum Advanced Edition 2.4.5 Unicode PHP Remote File Inclusion Vulnerabilities in Bob Jewell Discloser 0.0.4 and Earlier Directory Traversal Vulnerability in Skippy WP-DB-Backup Plugin for WordPress 1.7 and Earlier Remote File Inclusion Vulnerability in WEBInsta Mailing List Manager 1.3e Open Mail Relay Vulnerability in phPay 2.02 and 2.02.1 Arbitrary Web Script Injection in Owl Intranet Engine 0.90 and Earlier Arbitrary SQL Command Execution Vulnerability in Owl Intranet Engine 0.90 and Earlier Remote File Inclusion Vulnerability in Thatware 0.4.6: Arbitrary PHP Code Execution Multiple SQL Injection Vulnerabilities in Zen Cart 1.3.0.2 and Earlier Remote File Inclusion Vulnerability in Zen Cart 1.3.0.2 and Earlier with Enabled register_globals Remote File Inclusion Vulnerability in WEBInsta CMS 0.3.1 Arbitrary File Inclusion Vulnerability in Zen Cart 1.3.0.2 and Earlier Remote Code Execution Vulnerability in Terminal Services COM Object Cross-Site Scripting (XSS) Vulnerabilities in Novell GroupWise WebAccess before 7 Support Pack 3 Public Beta Stack-based Buffer Overflow in IBM Access Support eGatherer ActiveX Control Unspecified Vulnerabilities in IBM WebSphere Application Server Sensitive Information Disclosure in IBM WebSphere Application Server (WAS) 6.0.2.13 Arbitrary Code Injection via year parameter in Virtual War (VWar) 1.5.0 and earlier Case-Sensitive Database Name Vulnerability in MySQL Privilege Escalation through SUID Routines in MySQL Authentication Bypass Vulnerability in Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 PHP Remote File Inclusion Vulnerability in mosListMessenger Component (com_lm) before 20060719 for Mambo and Joomla! PHP Remote File Inclusion Vulnerabilities in Lizge V.20 Web Portal Denial of Service Vulnerability in IrfanView 3.98 with Plugins Race condition vulnerability in grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data Symlink Attack Vulnerability in Globus Toolkit Remote File Inclusion Vulnerability in dotProject 2.0.4 and Earlier: Arbitrary PHP Code Execution Buffer Overflow Vulnerability in Sony SonicStage Mastering Studio PHP Remote File Inclusion Vulnerabilities in POWERGAP Remote File Inclusion Vulnerability in Invisionix Roaming System Remote (IRSR) 0.2 and Earlier SQL Injection Vulnerability in WebTorrent (WTcom) 0.2.4 and Earlier: Remote Code Execution via cat Parameter Remote File Inclusion Vulnerability in Outreach Project Tool (OPT) Max 1.2.6 and Earlier Fusion News 3.7 - PHP Remote File Inclusion Vulnerability in index.php Remote File Inclusion Vulnerability in Reporter Mambo Component (com_reporter) Allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in JIM 1.0.1 Component for Joomla or Mambo Privilege Escalation in Linux vServer 2.6 Before 2.6.17 Remount Code Authentication Bypass in SQL-Ledger 2.4.4 through 2.6.17 Race Condition Vulnerability in archivemail 0.6.2 Arbitrary File Read Vulnerability in Usermin Password Reset Tool Vulnerability in Plone 2.5 and 2.5.1 Release Candidate Local Privilege Escalation via Symlink Attack on thttpd's start_thttpd Temporary File Group Masquerading Vulnerability in PlonePAS Buffer Overflow Vulnerability in man-db 2.4.3 and Earlier: Arbitrary Code Execution via -H Flag Buffer Overflow in PowerDNS Recursor 3.1.3 and Earlier: Remote Code Execution via Malformed TCP DNS Query PowerDNS Recursor Denial of Service Vulnerability Concurrent JavaScript Timed Events Vulnerability in Mozilla Firefox 1.5.0.6 and Earlier Privilege Escalation Vulnerability in setlocale in IBM AIX 5.1.0 through 5.3.0 Arbitrary Script Injection in Horde IMP H3 before 4.1.3 Remote File Inclusion Vulnerability in index.php of Horde Application Framework before 3.1.2 Denial of Service Vulnerability in IBM DB2 Universal Database (UDB) Absolute Path Traversal Vulnerability in ASSP's Get Functionality Arbitrary Code Injection via Path Parameter in Fotopholder 1.8 Fotopholder 1.8 Directory Traversal Vulnerability Multiple Buffer Overflows in cscope 15.5 and Earlier: Denial of Service and Arbitrary Code Execution Vulnerabilities Multiple PHP Remote File Inclusion Vulnerabilities in Mambo-phpshop Multiple PHP Remote File Inclusion Vulnerabilities in lmtg_myhomepage Component for Mambo Inconsistent ICMP Response Disclosure in Kaspersky Anti-Hacker 1.8.180 Stealth Mode Inadequate Protection of Norton Registry Keys in Symantec Norton Personal Firewall 2006 SQL Injection Vulnerabilities in CubeCart 3.0.11 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in CubeCart 3.0.11 and Earlier Remote File Inclusion Vulnerability in X-Shop Component (com_x-shop) 1.7 and Earlier for Mambo and Joomla! Remote File Inclusion Vulnerability in Mambelfish Component (com_mambelfish) 1.1 and Earlier for Mambo Jelsoft vBulletin 3.5.4 Remote File Inclusion Vulnerability in install/upgrade_301.php Denial of Service Vulnerability in Jelsoft vBulletin 3.5.4 Jelsoft vBulletin XSS Vulnerability via PDF Attachment Upload Remote File Inclusion Vulnerability in CatalogShop Component for Mambo Remote File Inclusion Vulnerability in Tutti Nova 1.6 and Earlier PHP Remote File Inclusion Vulnerabilities in Tutti Nova 1.6 and Earlier Remote File Inclusion Vulnerability in SportsPHool 1.0 Allows Arbitrary PHP Code Execution Arbitrary SQL Command Execution in XennoBB 2.2.1 and Earlier via icon_topic Parameter Remote File Inclusion Vulnerability in ANJEL Component for Mambo Remote File Inclusion Vulnerability in AkoComment 1.1 Module for Mambo 4.5 Arbitrary PHP Code Execution via Remote File Inclusion in MamboWiki Component PHP Remote File Inclusion Vulnerabilities in SOLMETRA SPAW Editor 1.0.6 and 1.0.7 Arbitrary SQL Command Execution in LBlog 1.05 and Earlier via comments.asp Remote File Inclusion Vulnerability in Fantastic News 2.1.3 and Earlier: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in Mambo's Contentpublisher Component Multiple PHP Remote File Inclusion Vulnerabilities in NES Game and NES System c108122 and Earlier Remote File Inclusion Vulnerability in a6mambocredits Component (com_a6mambocredits) 2.0.0 and Earlier for Mambo Remote Code Execution Vulnerability in Sony VAIO Media Server Sony VAIO Media Server Directory Traversal Vulnerability Remote File Inclusion Vulnerability in PHlyMail Lite 3.4.4 and Earlier Denial of Service Vulnerability in Honeyd before 1.5b via ARP Packets Multiple Cross-Site Scripting (XSS) Vulnerabilities in cPanel 10 Directory Traversal Vulnerability in TWiki 4.0.0 through 4.0.4 Panda ActiveScan 5.53.00 XSS Vulnerability in ascan_6.asp Arbitrary File Inclusion Vulnerability in bigAPE-Backup Component for Mambo 1.1 SQL Injection Vulnerability in osCommerce Shopping Cart Directory Traversal Vulnerabilities in osCommerce cache.php Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.4 tiki-searchindex.php Arbitrary SQL Command Execution in SimpleBlog 2.0 and Earlier via comments.asp Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 Java Plug-in and Java Web Start Vulnerability Race condition in libnsl and TLI/XTI API routines in Sun Solaris 10 Buffer Overflow in sppp Driver in FreeBSD, NetBSD, and OpenBSD Remote Code Execution Vulnerability in SAP DB and MaxDB via Long Database Name Unspecified Local Command Execution Vulnerability in Sun Solaris 8 and 9 Unspecified Local File Modification Vulnerability in Sun Solaris Format Command Cross-Site Scripting (XSS) Vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 Unprotected VNC Server on AK-Systems Windows Terminal 1.2.5 ExVLP Allows Unauthorized Access to RDP and Citrix Sessions Denial of Service Vulnerability in Mozilla Firefox 1.5.0.6 via Crafted FTP Response Sonium Enterprise Adressbook 0.2 - PHP Remote File Inclusion Vulnerability Vulnerability: Passwords Changed to Non-Random Values in Cisco PIX, ASA, and FWSM Appliances Unspecified FTP Command Execution Vulnerabilities in Cisco VPN 3000 Series Concentrators Denial of Service Vulnerability in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x Unquoted Windows Search Path Vulnerability in SSH Tectia Products Privilege Escalation in SSH Tectia Management Agent 2.1.2 Arbitrary Script Injection via GIF Image in WoltLab Burning Board (WBB) 2.3.5 Buffer Overflow in WFTPD Server 3.23: Remote Code Execution via SIZE Command Buffer Overflow in Solaris Format Command OpenSEF 2.0.0 Component for Joomla! - PHP Remote File Inclusion Vulnerability Coppermine Photo Gallery Component (com_cpg) 1.0 and Earlier for Mambo - PHP Remote File Inclusion Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in EstateAgent Component Arbitrary SQL Command Execution in CityForFree indexcity 1.0 via SQL Injection in list.php Arbitrary Web Script Injection Vulnerability in CityForFree indexcity 1.0 Arbitrary Script Injection in Doika Guestbook 2.5 Stack-based Buffer Overflow in Justsystem Ichitaro Software Cross-Site Scripting (XSS) Vulnerabilities in CloudNine Interactive Links Manager 2006-06-12 Arbitrary SQL Command Execution in CloudNine Interactive Links Manager 2006-06-12 PHP Remote File Inclusion Vulnerabilities in Shadows Rising RPG (Pre-Alpha) 0.0.5b and Earlier SCSI Dissector Denial of Service Vulnerability in Wireshark Off-by-one errors in IPSec ESP Preference Parser in Wireshark 0.99.2 leading to Denial of Service Denial of Service Vulnerability in Wireshark DHCP Dissector Denial of Service Vulnerability in Wireshark's SSCOP Dissector Denial of Service Vulnerability in gzip 1.3.5 via Crafted GZIP Archive Stack Modification Vulnerability in GZIP 1.3.5 Allows Denial of Service and Possible Code Execution Buffer Underflow Vulnerability in Gzip 1.3.5's build_tree Function Arbitrary Code Execution Vulnerability in GZIP's LHZ Component Denial of Service Vulnerability in gzip 1.3.5 LHZ Component RSA PKCS #1 v1.5 Padding Vulnerability Vulnerability: Signature Forgery in Mozilla Network Security Service (NSS) Library Denial of Service Vulnerability in Red Hat Enterprise Linux 3 SMP Kernel Null Pointer Dereference Vulnerability in OpenSSL SSLv2 Client Code CRLF Injection Vulnerability in CGI-Rescue Mail F/W System Remote Code Execution via Crafted Audit Endpoint Response in Asterisk MGCP Remote Code Execution and File Overwrite Vulnerability in Asterisk 1.2.10 SQL Injection Vulnerability in Cool Manager and Cool Messenger Office/School Server Arbitrary PHP Code Execution via Remote File Inclusion in Kochsuite Component PHP Remote File Inclusion Vulnerability in ToendaCMS 1.0.3 and Earlier SQL Injection Vulnerability in OneOrZero 1.6.4.1: Remote Code Execution via id Parameter in index.php Arbitrary Web Script Injection Vulnerability in OneOrZero 1.6.4.1 Cisco 11000 Series Content Service Switches Vulnerability: Information Disclosure via ArrowPoint Cookie Functionality Arbitrary File Read Vulnerability in Sun Java System Content Delivery Server Remote File Inclusion Vulnerability in Phome Empire CMS 3.7 and Earlier Arbitrary Web Script Injection Vulnerability in Drupal Easylinks Module Arbitrary SQL Command Execution Vulnerability in Drupal Easylinks Module Remote File Inclusion Vulnerability in Diesel Smart Traffic's clients/index.php Allows Arbitrary PHP Code Execution Cross-Site Scripting (XSS) Vulnerability in Diesel Pay's index.php PowerZip 7.06 Build 3895 Stack-Based Buffer Overflow Vulnerability Arbitrary Code Injection in E-commerce 4.7 for Drupal Cross-Site Scripting (XSS) Vulnerabilities in Diesel Job Site's Forgot Password Functionality XSS Vulnerability in Diesel Paid Mail's getad.php Allows Remote Code Injection Arbitrary PHP Code Execution via Remote File Inclusion in CropImage Component for Mambo Heap-based Buffer Overflow in MDaemon POP3 Server PHP Remote File Inclusion Vulnerabilities in VistaBB 2.0.33 and Earlier RedBLoG 0.5 index.php Remote File Inclusion Vulnerability SQL Injection Vulnerability in All Topics Hack 1.5.0 and Earlier for phpBB 2.0.21 IntegraMOD Portal PHP Remote File Inclusion Vulnerability IntegraMOD Portal Absolute Path Traversal Vulnerability in functions_portal.php Remote Privilege Escalation in Alt-N WebAdmin 3.2.3 and 3.2.4 Directory Traversal Vulnerabilities in Alt-N WebAdmin 3.2.3 and 3.2.4 Remote File Inclusion Vulnerability in Lurm Constructor Component for Mambo Remote File Inclusion Vulnerability in pSlash 0.70 Allows Arbitrary PHP Code Execution Denial of Service Vulnerability in IrfanView 3.98 with Plugins PHP Remote File Inclusion Vulnerability in Contacts XTD Component for Mambo Multiple Cross-Site Scripting (XSS) Vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal Multiple SQL Injection Vulnerabilities in Guder und Koch Netzwerktechnik Eichhorn Portal Rssxt Component for Joomla! Multiple PHP Remote File Inclusion Vulnerabilities SMTP Daemon Stack-based Buffer Overflow in Ipswitch Collaboration 2006 Suite and IMail Denial of Service Vulnerability in MySQL 4.1.13 and Earlier Integer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted H.264 Movie Buffer Overflow Vulnerabilities in Apple QuickTime Heap-based Buffer Overflow in Apple QuickTime FLIC Movie Processing Buffer Overflow in Apple QuickTime: Remote Code Execution via Crafted SGI Image Integer Overflow in Apple QuickTime H.264 Movie Processing Privilege Escalation Vulnerability in Apple Mac OS X 10.4 through 10.4.7 Integer Overflow in Apple QuickTime: Remote Code Execution Vulnerability Uninitialized Object Operation Vulnerability in Apple QuickTime SSL Encryption Without Authentication Vulnerability in CFNetwork Buffer Overflow in Apple ImageIO on Mac OS X 10.4 through 10.4.7 via Malformed JPEG2000 Image Privilege Escalation via Mach Exception Ports Kerberos Ticket Access Vulnerability in Apple Mac OS X with Fast User Switching Bypassing Service Access Controls in LoginWindow on Apple Mac OS X 10.4 through 10.4.7 Denial of Service Vulnerability in QuickDraw Manager in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 Insecure Log File Creation Vulnerability in Apple Type Services (ATS) Server Kerberos Ticket Persistence Vulnerability in Apple Mac OS X 10.4 through 10.4.7 Buffer Overflow Vulnerabilities in Apple Type Services (ATS) Server in Mac OS X 10.4 through 10.4.8 Insecure Password Management in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 Apple Type Services (ATS) Server Stack-Based Buffer Overflow Vulnerability CFNetwork FTP Command Execution Vulnerability Heap-based Buffer Overflow in Finder Allows Remote Code Execution FTP Server Denial of Service and User Enumeration Vulnerability Unauthenticated Installation Vulnerability in Apple Mac OS X Installer Application Buffer Overflow Vulnerability in PPPoE on Apple Mac OS X 10.3.x and 10.4.x Weak Cipher Negotiation Vulnerability in Apple Mac OS X 10.3.x up to 10.3.9 Denial of Service Vulnerability in Apple Mac OS X 10.4 through 10.4.8 Vulnerability: OCSP Service in Apple Mac OS X Allows Acceptance of Revoked Certificates Certificate Revocation List (CRL) Vulnerability in Apple Mac OS X 10.3.9 and 10.4.x Privilege Escalation Vulnerability in Apple Mac OS X VPN Service Arbitrary Code Execution Vulnerability in WebKit for Apple Mac OS X 10.3.x through 10.3.9 and 10.4 through 10.4.8 Insecure Permissions in Apple Remote Desktop Packages Allow Privilege Escalation Privilege Escalation via Untrusted Search Path in IBM AIX's mkvg Command Arbitrary SQL Command Execution in Xoops edituser.php Arbitrary File Inclusion Vulnerability in Wikepage 2006.2a Opus 10 SQL Injection Vulnerability in note.php in ProManager 0.73 Phaos 0.9.2 include_lang.php Directory Traversal Vulnerability Arbitrary Web Script Injection Vulnerability in YaPIG 0.95b PHP Remote File Inclusion Vulnerability in Jetbox CMS 2.1 Multiple PHP Remote File Inclusion Vulnerabilities in Bigace 1.8.2 Arbitrary PHP Code Execution via Remote File Inclusion in phpCOIN 1.2.3 Multiple PHP Remote File Inclusion Vulnerabilities in phpCOIN 1.2.3 Remote File Inclusion Vulnerability in AlberT-EasySite (AES) 1.0a5 and Earlier Authentication Bypass Vulnerability in eFiction before 2.0.7 Remote File Inclusion Vulnerability in Jupiter CMS 1.1.5 via template parameter PHP Remote File Inclusion Vulnerability in PHlyMail Lite 3.4.4 and earlier Bypassing Cisco Network Admission Control (NAC) and Cisco Clean Access (CCA) Agent Installation Vulnerability Buffer Overflow Vulnerabilities in Zend Platform 2.2.1 and Earlier Directory Traversal and Code Injection Vulnerability in Zend Platform 2.2.1 and Earlier Session Identifier Character Set Limitation in PHP Sendmail Use-after-free Denial of Service Vulnerability Denial of Service Vulnerability in OpenBSD 3.8 and 3.9 Replay Protection Bypass in isakmpd of OpenBSD 3.8 and 3.9 Remote Code Execution Vulnerability in Tagger LE Heap-based Buffer Overflow in SpIDer for Dr.Web Scanner for Linux 4.33 Insecure File and Directory Permissions in pkgadd on Sun Solaris 10 Remote File Inclusion Vulnerability in Ay System Solutions CMS 2.6 and Earlier PHP Remote File Inclusion Vulnerabilities in Ay System Solutions CMS 2.6 and Earlier PHP iAddressBook before 0.95 Cross-Site Scripting (XSS) Vulnerability AlstraSoft Video Share Enterprise PHP Remote File Inclusion Vulnerability Multiple SQL Injection Vulnerabilities in Cybozu Garoon 2.1.0 for Windows Multiple PHP Remote File Inclusion Vulnerabilities in CuteNews 1.3.x Heap-based Buffer Overflow in DirectAnimation.PathControl COM Object Privilege Escalation via Unchecked setuid and seteuid Calls in X.Org and XFree86 PHP Remote File Inclusion Vulnerabilities in interact 2.2 with register_globals Enabled Arbitrary Script Injection via GIF Image in MyBulletinBoard (MyBB) 1.1.7 Remote Proxy Vulnerability in PHPBB 2.0.20 UserCP Avatar Upload CJ Tag Board 3.0 Remote Code Execution Vulnerability Remote File Inclusion Vulnerability in Web3news 0.95 and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in PmWiki before 2.1.18 HLstats 1.34 hlstats.php q Parameter Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Xchat 2.6.7 and Earlier via PRIVMSG Command Remote File Inclusion Vulnerability in phpECard 2.1.4 and Earlier: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in phpECard 2.1.4 and Earlier Directory Traversal Vulnerability in phpGroupWare 0.9.16.010 and Earlier Integer Overflow in AnywhereUSB/5 1.80.00: Denial of Service via USB String Descriptor Arbitrary Web Script Injection Vulnerability in PHP iAddressBook before 0.96 Improper Implementation of Acceptable Host IP Addresses in Paessler IPCheck Server Monitor Unrestricted Access to Administrator Functions in Gonafish.com LinksCaffe 2.0 and 3.0 SQL Injection Vulnerability in Jetstat.com JS ASP Faq Manager 1.10: Remote Code Execution via Password Field Denial of Service Vulnerability in Nokia Browser Arbitrary Code Execution Vulnerability in Microsoft Terminal Server Unset Variable Vulnerability in Joomla! before 1.0.11 Directory Traversal Vulnerability in Simple Machines Forum (SMF) 1.1RCx and 1.0.x Unspecified Vulnerabilities in Joomla! Before 1.0.11 Remote Code Execution Vulnerability in PEAR.php in Joomla! before 1.0.11 Joomla! before 1.0.11 Vulnerability: PHP Remote File Inclusion Arbitrary File Upload Vulnerability in Joomla! Admin Upload Image Functionality Unspecified Vulnerabilities Allowing User Authentication Bypass in Joomla! Unspecified vulnerability in com_content in Joomla! before 1.0.11 allows unauthorized email form submission Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.0.11 Unrestricted Access to Joomla! Admin Popups Functionality Vulnerability Unspecified Injection Flaws in Joomla! before 1.0.11 Multiple PHP Remote File Inclusion Vulnerabilities in Visual Shapers ezContents 2.0.3 SQL Injection Vulnerability in Visual Shapers ezContents 2.0.3: Remote Code Execution via groupname Parameter in headeruserdata.php Arbitrary Web Script Injection Vulnerability in Visual Shapers ezContents 2.0.3 Incomplete Blacklist Vulnerability in nk_CSS Function in Nuked-Klan 1.7 SP4.3 Vulnerability: Bypassing safe_mode and open_basedir settings in PHP functions file_exists and imap_reopen Heap-based Buffer Overflows in str_repeat and wordwrap Functions in PHP Vulnerability: Unauthorized Actions Allowed in cURL Extension with open_basedir or safe_mode Enabled Buffer Overflow in LWZReadByte_ Function in PHP GD Extension Out-of-Bounds Read Vulnerability in PHP's stripos Function PHP Integer Overflow Vulnerability in Memory Allocation Routines Insufficient Access Control in DUware DUpoll 3.0 and 3.1 Allows Unauthorized Access to Sensitive Information Remote File Inclusion Vulnerability in ExBB Italia 0.2 and Earlier Remote File Inclusion Vulnerabilities in MiniBill 2006-07-14 (1.2.2) Directory Traversal Vulnerabilities in Cybozu Office and Share 360 Arbitrary File Read Vulnerability in Cybozu Collaborex, AG Pocket, Mailwise, and Garoon Unspecified Remote Information Disclosure Vulnerability in Cybozu Office 6.5 Build 1.2 for Windows Insecure File Permissions in xbiff2 1.9 Allows Unauthorized Access to Sensitive Information Remote Code Execution Vulnerability in Microsoft Visual Studio 6.0 ActiveX COM Objects Remote Code Execution Vulnerability in Microsoft Internet Explorer Arbitrary Web Script Injection in IwebNegar 1.1 comments.php Arbitrary SQL Command Execution in IwebNegar 1.1 via comments.php PHP Remote File Inclusion Vulnerability in PhpAlbum 2.15 for PortailPHP Insecure SSL Certificate Verification in ModernBill 5.0.4 and Earlier Arbitrary Script Injection Vulnerability in ezPortal/ztml CMS 1.0 SQL Injection Vulnerability in ezPortal/ztml CMS 1.0 Authentication Bypass Vulnerability in ezPortal/ztml CMS 1.0 Arbitrary File Read Vulnerability in NX5Linx 1.0 SQL Injection Vulnerability in NX5Linx 1.0: Remote Code Execution via 'c' and 'l' Parameters CRLF Injection Vulnerability in NX5Linx 1.0 links.php Arbitrary Command Execution Vulnerability in idmlib.sh in Novell Identity Manager (IDM) 3.0.1 Unspecified TIFF Viewer Vulnerability in Sony PSP Photo Viewer Unspecified vulnerability in Tor and ScatterChat allows remote attackers to route arbitrary Tor traffic or cause denial of service Arbitrary Code Execution via Integer Overflow in Novell eDirectory LDAP Service Arbitrary Code Execution Vulnerability in Novell eDirectory LDAP Service Denial of Service Vulnerability in Novell GroupWise Messenger Agents Integer overflows in WV library allow remote code execution via crafted Microsoft Word file Heap-based Buffer Overflow in libgsf Allows Arbitrary Code Execution Integer Signedness Error in FreeBSD 6.0-RELEASE Allows Local Users to Cause Denial of Service Denial of Service Vulnerability in Novell iManager 2.5 and 2.0.2 Denial of Service Vulnerability in Qbik WinGate 6.1.4 and Earlier Integer Overflow Vulnerabilities in GIMP Image Loader Plug-ins NCP Fragment Length Denial of Service Vulnerability in Novell eDirectory Denial of Service Vulnerability in Novell eDirectory's BerDecodeLoginDataRequest Function Unspecified Local Privilege Escalation Vulnerability in dtterm on IBM AIX 5.2 and 5.3 Denial of Service Vulnerability in 2Wire, Inc. HomePortal and OfficePortal Series Modems and Routers SQL Injection Vulnerabilities in Digiappz Freekot 1.01 Login_verif.asp CubeCart 3.0.12 and Earlier XSS Vulnerability in Links Array Arbitrary SQL Command Execution in CubeCart 3.0.12 and Earlier Insufficient Validation of Gateway Parameter in CubeCart 3.0.12 and Earlier Allows PHP Remote File Inclusion Cross-Site Scripting (XSS) Vulnerabilities in Membrepass 1.5 SQL Injection Vulnerability in membrepass 1.5: Remote Code Execution via recherchemembre.php Arbitrary PHP Code Execution via Direct Static Code Injection in membrepass 1.5 Remote File Inclusion Vulnerability in Pheap CMS 1.1 and Earlier Remote Code Execution in Yet Another Community System (YACS) CMS 6.6.1 and earlier via articles/article.php Multiple PHP Remote File Inclusion Vulnerabilities in Plume CMS 1.0.6 and Earlier Remote Code Execution Vulnerability in Microsoft Word 2000, 2002, and Office 2003 Denial of Service Vulnerability in Linux Kernel 2.6.17.10 and 2.6.17.11 and 2.6.18-rc5 Arbitrary SQL Command Execution in CMS Frogss 0.4 and Earlier Password Disclosure Vulnerability in NET$SESSION_CONTROL.EXE in DECnet-Plus on OpenVMS ALPHA 7.3-2 and Alpha 8.2 Memory Map Boundary Crossing Vulnerability in Linux Kernel 2.6.17 and Earlier on IA64 and SPARC Platforms Sensitive Information Disclosure via Ticket Parameter in Cerberus Helpdesk 3.2 Build 317 Arbitrary Web Script Injection Vulnerability in Learn.com LearnCenter Denial of Service Vulnerability in RapDrv.sys of BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier Null Character Injection Vulnerability in Webmin and Usermin HLStats 1.34 index.php Cross-Site Scripting (XSS) Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in ExBB 1.9.1 PHP Remote File Inclusion Vulnerability in ModuleBased CMS Pre-Alpha Remote Privilege Escalation in Lyris ListManager 8.95 SQL Injection Vulnerability in Lyris ListManager 8.95 Arbitrary PHP Code Execution in e107 0.75 and Earlier Information Disclosure Vulnerability in CHXO Feedsplitter 2006-01-21 CHXO Feedsplitter 2006-01-21 Directory Traversal Vulnerability Remote Code Execution in CHXO Feedsplitter 2006-01-21 via Eval Injection CHXO Feedsplitter 2006-01-21 XSS Vulnerability Remote File Inclusion Vulnerability in com_comprofiler Plugin for Mambo and Joomla! Stack-based Buffer Overflow in ReadFile Function in BeCubed Compression Plus Buffer Overflow in Retro64 / Miniclip CR64Loader ActiveX Control PHP Remote File Inclusion Vulnerability in JIM Component for Mambo and Joomla! Remote File Inclusion Vulnerability in Bob Jewell Discloser Plugin 0.0.4 Arbitrary PHP Code Execution via Double Extension File Upload in DeluxeBB 1.06 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Yet Another Community System (YACS) CMS 6.6.1 Arbitrary JavaScript Execution Vulnerability in Internet Explorer 6 on Windows XP SP2 Arbitrary JavaScript Execution Vulnerability in Mozilla Firefox 1.5.0.6 Proxy DNS Service Vulnerability in Symantec Gateway Security (SGS) Arbitrary Script Injection in MyHeadlines before 4.3.2 Module for PHP-Nuke SQL Injection Vulnerability in Simple Machines Forum 1.1 RC3 via cur_cat Parameter in Sources/ManageBoards.php Heap-based buffer overflow in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote attackers to execute arbitrary code via a JavaScript regular expression with a minimal quantifier Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Vulnerability: DNS Spoofing Attack on Mozilla Firefox and Thunderbird Auto-Update Mechanism Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox Popup Blocker Remote JavaScript Execution via XBL File in Mozilla Thunderbird and SeaMonkey Unspecified Remote Code Execution and Denial of Service Vulnerabilities in Firefox, Thunderbird, and SeaMonkey ip6_tables Protocol and Extension Header Bypass Vulnerabilities Denial of Service Vulnerabilities in Screen's UTF8 Combining Characters Handling Denial of Service Vulnerability in Wireshark MIME Multipart Dissector Multiple SQL Injection Vulnerabilities in The Address Book 1.04e Arbitrary Web Script Injection via File Upload in The Address Book 1.04e Multiple Cross-Site Scripting (XSS) Vulnerabilities in The Address Book 1.04e Sensitive Information Disclosure in The Address Book 1.04e via export.php Arbitrary File Inclusion Vulnerability in The Address Book 1.04e Arbitrary User Creation Vulnerability in The Address Book 1.04e Unrestricted File Upload Vulnerability in The Address Book 1.04e CSRF Vulnerability in The Address Book 1.04e Allows Unauthorized User Actions FlashChat before 4.6.2 - Multiple PHP Remote File Inclusion Vulnerabilities Authentication Bypass Vulnerability in Tr Forum 2.0 SQL Injection Vulnerability in admin/editer.php in Tr Forum 2.0 Authentication Bypass Vulnerability in Tr Forum 2.0 Admin Panel Cross-Site Scripting (XSS) Vulnerabilities in vtiger CRM 4.2.4 and Earlier Authentication Bypass Vulnerability in vtiger CRM 4.2.4 Remote File Inclusion Vulnerability in DynCMS 6 and Earlier Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in Jetstat.com JS ASP Faq Manager 1.10 and Earlier PHP Remote File Inclusion Vulnerabilities in AlstraSoft Template Seller SQL Injection Vulnerability in 8pixel.net Simple Blog 2.3 and Earlier Arbitrary Web Script Injection Vulnerability in SoftBB 0.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in PHP Advanced Transfer Manager (phpAtm) 1.21 and Earlier Insufficient Access Control in µforum 0.4c Allows Unauthorized Access to User Information Remote File Inclusion Vulnerability in MyBace Light Skrip with register_globals Enabled SQL Injection Vulnerability in ICBlogger 2.0 and Earlier: Remote Code Execution via YID Parameter in devam.asp Multiple SQL Injection Vulnerabilities in ssLinks 1.22 via links.php SQL Injection Vulnerability in Autentificator 2.01: Remote Code Execution via user Parameter Remote authenticated users with selfwrite ACL privileges can modify arbitrary Distinguished Names (DN) in OpenLDAP before version 2.3.25 SQL Injection Vulnerability in Annuaire 1Two 2.2: Remote Code Execution via id Parameter in index.php Arbitrary PHP Code Execution via Unrestricted File Upload in TikiWiki 1.9.4 Sirius and Earlier Null Password Bypass Vulnerability in NCH Swift Sound Web Dictate 1.02 Remote Code Execution Vulnerability in Lanifex Database of Managed Objects (DMO) 2.3 Beta and Earlier Remote File Inclusion Vulnerability in Longino Jacome php-Revista 1.1.2 Multiple SQL Injection Vulnerabilities in Longino Jacome php-Revista 1.1.2 Authentication Bypass in Longino Jacome php-Revista 1.1.2 via admin/index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Longino Jacome php-Revista 1.1.2 Multiple PHP Remote File Inclusion Vulnerabilities in PHProjekt Content Management Module Remote File Inclusion Vulnerability in GrapAgenda 0.11 and Earlier: Arbitrary PHP Code Execution Buffer Overflow in _tor_resolve Function in dsocks.c in dsocks 1.4 Arbitrary SQL Command Execution in ReplyNew.asp in ZIXForum 1.12 Unspecified Denial of Service Vulnerabilities in SnapGear before 3.1.4u1 Plaintext Storage of User Credentials in PDAapps Verichat for Pocket PC 1.30bh Plaintext Storage of Usernames and Passwords in Shape Services IM+ Mobile Instant Messenger for Pocket PC 3.10 SMTP Service Denial of Service Vulnerability in MailEnable Arbitrary File Upload and Execution Vulnerability in vtiger CRM 4.2.4 Remote File Inclusion Vulnerability in John Lim ADOdb Privilege Escalation Vulnerability in Avira AntiVir PersonalEdition Classic 7.0 Build 151 Privilege Escalation and Mail Queue Access Vulnerability in Alt-N WebAdmin PHP Remote File Inclusion Vulnerability in Pheap 1.2 via settings.php Remote File Inclusion Vulnerability in AnnonceV 1.1: Arbitrary PHP Code Execution Denial of Service Vulnerability in Linux Kernel 2.6.17.8 DVB Driver CRLF Injection Vulnerability in Mailman Utils.py Vulnerability: Local User Bypass of Apache HTTP Server Options in PHP Heap-based Buffer Overflow in alwil avast! Anti-virus Engine Denial of Service Vulnerability in System Information ActiveX Control Arbitrary Web Script Injection in VCD-db Comment Handling Remote File Inclusion Vulnerability in C-News.fr C-News 1.0.1 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Sky GUNNING MySpeach 3.0.2 and Earlier Direct static code injection vulnerability in admin/save_opt.php in SoftBB 0.1, allowing remote authenticated users to upload and execute arbitrary PHP code. Multiple SQL Injection Vulnerabilities in SoftBB 0.1 Information Disclosure Vulnerability in SoftBB 0.1 Allows Remote Attackers to Obtain Installation Path Arbitrary Web Script Injection Vulnerability in VBZooM index.php Arbitrary PHP Code Injection Vulnerability in MySource Classic 2.14.6 Directory Traversal Vulnerability in SZEWO PhpCommander 3.0 and Earlier ACGV News 0.9.1 - Multiple PHP Remote File Inclusion Vulnerabilities ACGV News 0.9.1 and Earlier: PHP Remote File Inclusion Vulnerability in article.php PHP Remote File Inclusion Vulnerabilities in C-News.fr C-News 1.0.1 and Earlier Bypassing allowScriptAccess Protection in Adobe Flash Player Arbitrary SQL Command Execution in Muratsoft Haber Portal 3.6 Plaintext Logging of Administrator Password in AuditWizard 6.3.2 SQL Injection Vulnerability in Uni-Vert PhpLeague 0.82 and Earlier PHP Remote File Inclusion Vulnerability in phpFullAnnu 5.1 and Earlier Akarru Social BookMarking Engine Remote File Inclusion Vulnerability Arbitrary Web Script Injection Vulnerability in Drupal Pathauto Module Arbitrary PHP Code Execution via Remote File Inclusion in Sponge News 2.2 and Earlier Remote File Inclusion Vulnerability in BinGo News (BP News) 3.01 and Earlier Remote File Inclusion Vulnerability in BinGo News (BP News) 3.01 and Earlier: Arbitrary PHP Code Execution Integer Overflow Vulnerability in Cisco IOS GRE IP Tunneling Directory Traversal Vulnerability in Php Download on Threesquared.net Default Password Vulnerability in Amazing Little Poll and Amazing Little Picture Poll Insufficient Access Control Allows Remote Reading of Admin Password in Amazing Little Poll and Amazing Little Picture Poll Format String Vulnerability in Easy Address Book Web Server 1.2 Buffer Overflow in XKEYBOARD Extension Allows Privilege Escalation Remote File Inclusion Vulnerability in Web Provence SL_Site 1.0 and Earlier Insecure Permissions in Panda Platinum Internet Security 2006 and 2007 Sequential Message Number Leakage in Panda Platinum Internet Security 2006 and 2007 Predictable URL Vulnerability in Panda Platinum Internet Security 2006 and 2007 Cross-Site Scripting (XSS) Vulnerabilities in AOL ICQ Toolbar 1.3 for Internet Explorer Origin Validation Bypass in AOL ICQ Toolbar 1.3 for Internet Explorer Heap-based Buffer Overflow in AOL ICQ Pro 2003b Build 3916 and Earlier Weak Permissions in Linux Kernel Source Code Archive Remote File Inclusion Vulnerability in Premod Shadow 2.7.1 and Earlier: Arbitrary PHP Code Execution Cross-site scripting (XSS) vulnerability in MKPortal M1.1 Rc1 index.php PHP Remote File Inclusion Vulnerabilities in Stefan Ernst Newsscript (WM-News) 0.5 Beta Multiple SQL Injection Vulnerabilities in RunCMS 1.4.1 Arbitrary Web Script Injection in Rob Hensley AckerTodo 4.0 via task_id Parameter Remote File Inclusion Vulnerability in Somery 0.4.6 and Earlier with Enabled Register Globals PHP Remote File Inclusion Vulnerabilities in PhotoKorn Gallery 1.52 and Earlier Remote File Inclusion Vulnerability in Fantastic News 2.1.4 Remote File Inclusion Vulnerability in profitCode ppalCart 2.5 EE SQL Injection Vulnerability in PHP-Fusion 6.01.4 and Earlier Remote Code Execution via X-FORWARDED-FOR Header in DokuWiki Unrestricted File Upload Vulnerability in DokuWiki (before 2006-03-09c) Sensitive Information Exposure in TIBCO RendezVous 7.4.11 and Earlier PHP Remote File Inclusion Vulnerability in phpopenchat before 3.0.2 Remote File Inclusion Vulnerability in News Evolution 3.0.3 Default Debug Feature in DokuWiki Allows Information Disclosure Canon imageRUNNER Remote UI Exposes Usernames and Passwords in Address Book Export, Enabling Sensitive Information Disclosure IBM Director Redirect.bat Directory Traversal Vulnerability Unspecified Denial of Service Vulnerabilities in IBM Director Sensitive Information Disclosure via HTTP TRACE in IBM Director Arbitrary File Read Vulnerability in Zope's Docutils Module XMLHTTP ActiveX Control Server-Side Redirect Vulnerability Remote Code Execution Vulnerability in Microsoft XML Parser and XML Core Services HTML Rendering Memory Corruption Vulnerability Remote Code Execution Vulnerability in Client Service for NetWare (CSNW) in Microsoft Windows NetWare Driver Denial of Service Vulnerability Remote Code Execution Vulnerability in Microsoft Windows Workstation Service Windows Object Packager Command Injection Vulnerability Remote Code Execution Vulnerability in Microsoft Word 2004 and v.X for Mac Arbitrary Code Execution Vulnerability in PowerPoint Office Web Components URL Parsing Vulnerability SMB Rename Vulnerability in Microsoft Windows Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 5.01, 6, and 7 Buffer Overflow in Windows Media Format Runtime Allows Remote Code Execution via Crafted ASF File WMI Object Broker Cross-Zone Scripting Vulnerability Arbitrary SQL Command Execution in Timesheet.php 1.2.1 via login.php MyBB 1.1.7 inc/functions_post.php Cross-site Scripting (XSS) Vulnerability Arbitrary Code Injection through XSS Vulnerability in MyBB Admin CP Login Form Multiple Cross-Site Scripting (XSS) Vulnerabilities in Vikingboard 0.1b SQL Injection Vulnerability in Vikingboard 0.1b's topic.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in NewsGator FeedDemon Cross-Site Scripting (XSS) Vulnerabilities in Sage Atom 1.0 Feed Reader Cross Context Scripting in Sage 1.3.6: Multiple XSS Vulnerabilities in RSS Feed Remote File Inclusion Vulnerability in PSYWERKS PUMA 1.0 RC2 config.php Allows Arbitrary Code Execution PHP Remote File Inclusion Vulnerability in SpoonLabs Vivvo Article Management CMS 3.2 and Earlier SQL Injection Vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and Earlier Remote File Inclusion Vulnerability in Fire Soft Board (FSB) RC3 and Earlier: Arbitrary PHP Code Execution Authentication Bypass and User Identity Spoofing Vulnerability in Drupal Pubcookie Module Cross-Site Scripting (XSS) Vulnerabilities in KorviBlog 1.3.0 livre_or.php PHP Remote File Inclusion Vulnerabilities in MyABraCaDaWeb 1.0.3 with Enabled Register Globals Remote File Inclusion Vulnerability in mcGalleryPRO 2006 Allows Arbitrary PHP Code Execution Directory Traversal Vulnerability in CCleague Pro Sports CMS 1.0.1 RC1 Allows Remote File Execution Remote File Inclusion Vulnerability in Open Bulletin Board (OpenBB) 1.0.8 and Earlier RaidenHTTPD 1.1.49 Remote File Inclusion Vulnerability Denial of Service Vulnerability in ColdFusion Flash Remoting Gateway Local Bypass of Security Restrictions in Adobe ColdFusion MX 7 and 7.01 Arbitrary Web Script Injection Vulnerability in Adobe ColdFusion MX 6.1 through 7.02 Arbitrary Script Injection in Tumbleweed EMF Administration Module 6.2.2 Build 4123 Arbitrary Code Execution via Directory Traversal in login.pl and admin.pl in SQL-Ledger and LedgerSMB Unspecified Overflow Vulnerability in Microsoft Visual Basic (VB) 6 PHP Remote File Inclusion Vulnerability in Haakon Nilsen SIPS 0.3.1 and Earlier SQL Injection Vulnerabilities in Tikiwiki 1.9.4's tiki-g-admin_processes.php Information Disclosure Vulnerability in MagpieRSS SQL Injection Vulnerabilities in CMS.R. 5.5 index.php SQL Injection Vulnerability in Jetbox CMS index.php PHP Remote File Inclusion Vulnerability in Jetbox CMS phpthumb.php Arbitrary Script Injection in Jetbox CMS via OriginalImageData Parameter Information Disclosure Vulnerability in Jetbox CMS Arbitrary Code Execution via PHP Remote File Inclusion in IDevSpot PhpLinkExchange 1.0 Arbitrary Script Injection in IDevSpot PhpLinkExchange 1.0 via user_add.php Information Disclosure Vulnerability in WordPress 2.0.2 through 2.0.5 ClearText Credential Transmission Vulnerability Insecure Authentication in ScaryBear PocketExpense Pro 3.9.1 Arbitrary PHP Code Execution via Remote File Inclusion in Web Server Creator 0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IdevSpot TextAds Multiple SQL Injection Vulnerabilities in F-ART BLOG:CMS 4.1 Multiple PHP Remote File Inclusion Vulnerabilities in PHP Advanced Transfer Manager (phpATM) 1.20 Remote File Inclusion Vulnerability in OPENi-CMS 1.0.1 Arbitrary Web Script Injection Vulnerability in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 Information Disclosure Vulnerability in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 PHProg 1.1 Directory Traversal Vulnerability Cross-Site Scripting (XSS) and Full Path Disclosure Vulnerability in PHProg before 1.1 Cross-Site Scripting (XSS) Vulnerability in alpha.php in phpMyDirectory 10.4.6 and Earlier SQL Injection Vulnerability in alpha.php in phpMyDirectory 10.4.6 and Earlier Multiple SQL Injection Vulnerabilities in e107 0.7.5 Admin Section Arbitrary File Upload Vulnerability in phpBB 2.0.21 Arbitrary File Upload and Code Execution in PunBB 1.2.12 Multiple Cross-Site Scripting (XSS) Vulnerabilities in RSSOwl Cross-Site Scripting (XSS) Vulnerabilities in Luke Hutteman SharpReader Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ykoon RssReader Lack of LtpaToken Expiration in IBM Lotus Domino Web Access (DWA) 7.0.1 Remote File Inclusion Vulnerability in Thomas LETE WTools 0.0.1-ALPH: Arbitrary PHP Code Execution Denial of Service Vulnerability in NETGEAR DG834GT Wireless ADSL Router Firmware 1.01.28 Arbitrary File Read Vulnerability in Stefan Ernst Newsscript (WM-News) 0.5 Beta Directory Traversal Vulnerabilities in Stefan Ernst Newsscript (aka WM-News) 0.5beta Multiple Direct Static Code Injection Vulnerabilities in Stefan Ernst Newsscript (WM-News) 0.5 Beta Remote File Inclusion Vulnerability in abf_js.php in p4CMS 1.05 Remote File Inclusion Vulnerability in MiniPort@l 2.0: Arbitrary PHP Code Execution via skiny Parameter Arbitrary Web Script Injection Vulnerability in ForumJBC 4 Insufficient Access Control in HotPlug CMS Allows Remote Reading of Sensitive Information Denial of Service Vulnerability in Sun StorEdge 6130 Array Controllers Vulnerability: Denial of Service in Cisco IOS 12.1(19) VTP Feature Vulnerability: Denial of Service in Cisco IOS and CatOS due to VTP Revision Value Overflow Vulnerability: Heap-based Buffer Overflow in Cisco IOS 12.1(19) VTP Feature Heap-based Buffer Overflow in DirectAnimation Path Control COM Object SQL Injection Vulnerability in ccHost 3.0: Remote Code Execution via Crafted URL Remote File Inclusion Vulnerability in Vitrax Premodded phpBB 1.0.6-R3 and Earlier PHP Remote File Inclusion Vulnerability in phpBB XS 0.58 and Earlier Heap-based Buffer Overflow in FutureSoft TFTP Server Multithreaded (MT) 1.1 Authentication Bypass and Information Disclosure in WebSPELL 4.01.01 Arbitrary SQL Command Execution in WebSPELL 4.01.01 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Moodle 1.6.1 and Earlier SQL Injection Vulnerability in Moodle 1.6.1 and Earlier: Arbitrary SQL Command Execution in blog/edit.php Information Disclosure Vulnerability in Moodle 1.6.1 and Earlier Sensitive Information Disclosure in AlphaMail Logging Functionality Remote File Inclusion Vulnerability in Telekorn SignKorn Guestbook (SL) 1.3 and Earlier Buffer Overflow in Open Movie Editor 0.0.20060901: Local Denial of Service and Arbitrary Code Execution Improper Handling of Excess Data in DigestAlgorithm.Parameters Field in GnuTLS Multiple SQL Injection Vulnerabilities in TualBLOG 1.0's icerik.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in e107 0.7.5 Unspecified Denial of Service Vulnerability in HP-UX ARPA Transport Software Arbitrary Script Injection Vulnerability in Snitz Forums 2000 3.4.06 Arbitrary Script Injection in CloudNine Interactive CJ Tag Board 3.0 Sensitive Password Exposure in SQL-Ledger before 2.4.4 Buffer Overflow Vulnerability in ffmpeg for xine-lib Multiple Buffer Overflows in libavcodec in FFmpeg: Remote Code Execution Vulnerability Race Condition Vulnerability in Deja Vu Allows Arbitrary Code Execution Format String Vulnerability in Symantec AntiVirus Corporate Edition and Client Security Arbitrary Command Execution Vulnerability in Novell Identity Manager (IDM) 3.0.1 Denial of Service Vulnerability in Wireshark XOT Dissector Integer Overflow Vulnerabilities in Imlib2 Image Loaders Out-of-Bounds Memory Read Vulnerability in imlib2's loader_tga.c Heap-based Buffer Overflow in imlib2's loader_tga.c Stack-based Buffer Overflow in imlib2 loader_pnm.c Buffer Overflow in Texinfo's readline Function in util/texindex.c Integer Overflow Vulnerability in Qt and KDE Libraries Arbitrary Code Execution via Integer Overflow in PHP Unserialize Function Unlinked File Read Vulnerability in Linux Kernel 2.6.x Unspecified Impact and Attack Vectors in Linux Kernel's mincore Function Opera 9.0 and 9.01 Heap-Based Buffer Overflow Vulnerability Unspecified Denial of Service Vulnerability in X.25 on HP-UX Arbitrary Web Script Injection Vulnerability in Drupal 4.7 Userreview Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in eMuSOFT emuCMS 0.3 and Earlier Remote File Inclusion Vulnerability in Reamday Enterprises Magic News Pro 1.0.3 and Earlier Quicksilver Forums (QSF) 1.2.1 and Earlier: PHP Remote File Inclusion Vulnerability in lib/activeutil.php Cross-Site Scripting (XSS) Vulnerabilities in SoftComplex PHP Event Calendar 1.5.1 Shadowed Portal 5.599 and Earlier: PHP Remote File Inclusion Vulnerability in bottom.php PHP Remote File Inclusion Vulnerabilities in Vmist Downstat 1.8 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in PhotoPost Multiple Cross-Site Scripting (XSS) Vulnerabilities in David Czarnecki Blojsom 2.31 Directory Traversal Vulnerability in EditBlogTemplatesPlugin.java in Blojsom 2.30 Unspecified Vulnerability in IP over DNS (iodine) before 0.3.2 with Unknown Impact and Attack Vectors Buffer Overflow Vulnerability in Verso NetPerformer FRAD ACT SDM-95xx, SDM-93xx, and SDM-92xx Denial of Service Vulnerability in Verso NetPerformer FRAD ACT SDM-95xx, SDM-93xx, and SDM-92xx Remote File Inclusion Vulnerability in Jule Slootbeek phpQuiz 0.01 Path Disclosure Vulnerability in Bluview Blue Magic Board (BMB) 5.5 SQL Injection Vulnerability in login.php in DCP-Portal SE 6.0 PHP Remote File Inclusion Vulnerabilities in DCP-Portal SE 6.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in DCP-Portal SE 6.0 Denial of Service Vulnerability in Sophos Anti-Virus 5.1 Arbitrary File Creation Vulnerability in Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2 Arbitrary Web Script Injection Vulnerability in IBM Lotus Domino Remote File Inclusion Vulnerability in Claroline 1.7.7 and Earlier Remote File Inclusion Vulnerability in TeamCal Pro 2.8.001 and Earlier Bypassing Authentication Vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 Buffer Overflow Vulnerabilities in Ipswitch WS_FTP Server 5.05 before Hotfix 1 PHP Remote File Inclusion Vulnerabilities in Brian Fraval Hitweb 3.0 Remote File Inclusion Vulnerability in MobilePublisherPHP 1.5 RC2 and Earlier via abspath Parameter Remote File Inclusion Vulnerability in BolinOS 4.5.5 and Earlier PHP Remote File Inclusion Vulnerability in BolinOS 4.5.5 and Earlier SQL Injection Vulnerability in QuadComm Q-Shop 3.5 browse.asp SQL Injection Vulnerability in kategorix.asp in Haberx 1.02 through 1.1 Denial of Service Vulnerability in Symantec Norton Personal Firewall 2006 and Other Symantec Products Multiple Cross-Site Scripting (XSS) Vulnerabilities in Roller WebLogger 2.3 SQL Injection Vulnerability in ClickTech ClickBlog 2.0 Login Page (default.asp) Allows Remote Code Execution Remote File Inclusion Vulnerability in Serverstat Component for Mambo Unrestricted File Upload Vulnerability in Limbo CMS 1.0.4.2L and Earlier Unspecified Vulnerabilities in Limbo CMS 1.0.4.2 SQL Injection Vulnerability in Loginprocess.asp in Mohammed Mehdi Panjwani Complain Center 1 SQL Injection Vulnerability in Default.aspx in EasyPage PHP Remote File Inclusion Vulnerabilities in mcLinksCounter 1.1 Remote File Inclusion Vulnerability in All Enthusiast ReviewPost 2.5 Remote Information Disclosure in Walter Beschmout PhpQuiz Buffer Overflow Vulnerability in kextload in Apple OS X SQL Injection Vulnerability in mods.php in GNUTurk 2G and Earlier: Remote Code Execution via t_id Parameter Stack-based Buffer Overflow in Microsoft Outlook and Internet Explorer 6.0 via VML File PHP Remote File Inclusion Vulnerability in phpunity-postcard.php in phpunity.postcard PHP Remote File Inclusion Vulnerabilities in AEDating 4.1 and Earlier Versions Arbitrary SQL Command Execution in Keyvan1 EShoppingPro 1.0 via search_run.asp SQL Injection Vulnerability in Keyvan1 ECardPro 2.0: Remote Code Execution via search.asp Information Disclosure Vulnerability in Jupiter CMS Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jupiter CMS Unrestricted File Upload Vulnerability in Jupiter CMS Gallery Upload Function Multiple SQL Injection Vulnerabilities in Jupiter CMS Variable overwrite vulnerability in David Bennett PHP-Post (PHPp) 1.0 and earlier Directory Traversal Vulnerability in David Bennett PHP-Post (PHPp) 1.0 and Earlier SQL Injection Vulnerability in profile.php in PHP-Post (PHPp) 1.0 and Earlier Sensitive Information Disclosure in PHP-Post (PHPp) 1.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in David Bennett PHP-Post (PHPp) 1.0 and Earlier SQL Injection Vulnerability in Review.asp in Julian Roberts Charon Cart 3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IDevSpot BizDirectory Multiple Cross-Site Scripting (XSS) Vulnerabilities in IDevSpot iSupport 1.8 PHP Remote File Inclusion Vulnerability in Shadowed Portal 5.599 and Earlier Vulnerability: Privilege Escalation and On-Access Scan Bypass in McAfee VirusScan Enterprise Privilege Escalation via Apple Remote Desktop Installation CSS-formatted HTML INPUT Element Denial of Service Vulnerability in Microsoft Internet Explorer 6 and Earlier Telekorn SignKorn Guestbook (SL) 1.3 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities Multiple PHP Remote File Inclusion Vulnerabilities in UNAK-CMS 1.5 and Earlier SQL Injection Vulnerability in Techno Dreams Articles & Papers Package 2.0 and Earlier Arbitrary SQL Command Execution in Techno Dreams FAQ Manager Package 1.0 PHP remote file inclusion vulnerability in bb_usage_stats/includes/bb_usage_stats.php in phpBB XS 0.58 and earlier Arbitrary Web Script Injection in iDevSpot NixieAffiliate 1.9 and Earlier Arbitrary Affiliate Deletion Vulnerability in IDevSpot NexieAffiliate 1.9 and Earlier Insufficient Access Control in CMtextS 1.0 Allows Remote Attackers to Obtain Administrator Password Remote File Inclusion Vulnerability in guanxiCRM 0.9.1 and Earlier: Arbitrary PHP Code Execution Path Disclosure Vulnerability in ePPIServlet Script of CA eTrust Security Command Center Directory Traversal Vulnerability in CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2 Remote Spoofing and Replay Vulnerability in CA eTrust Security Command Center and eTrust Audit Command Injection Vulnerability in Symantec Veritas NetBackup Arbitrary Code Execution via Dynamic Variable Evaluation in Qualiteam X-Cart 4.1.3 and Earlier Artmedic Links 5.0 - PHP Remote File Inclusion Vulnerability in index.php SQL Injection Vulnerability in More.groupware 0.74: Remote Code Execution via new_calendarid Parameter Sensitive Information Disclosure via Non-Existent File URL in OSU 3.11alpha and 3.10a Sensitive Information Disclosure via URL Wildcard in OSU 3.11alpha and 3.10a Cisco Guard DDoS Mitigation Appliance XSS Vulnerability Denial of Service Vulnerability in Cisco IDS and IPS Web Administration Interface Bypassing Traffic Inspection in Cisco IPS 5.0 and 5.1 PHP DocWriter 0.3 and Earlier: Remote File Inclusion Vulnerability Arbitrary File Inclusion and Code Execution in AlstraSoft E-friends 4.85 Directory Traversal Vulnerability in A.l-Pifou 1.8p2 Arbitrary Script Injection in Innovate Portal 2.0 index.php SQL Injection Vulnerability in uye_profil.asp in Tekman Portal (TR) 1.0 Arbitrary Script Injection in PT News 1.7.8 search.php (XSS Vulnerability) Multiple PHP Remote File Inclusion Vulnerabilities in Simple Discussion Board 0.1.0 Arbitrary File Read Vulnerability in Site@School (S@S) 2.4.02 and Earlier PHP Remote File Inclusion Vulnerabilities in Site@School (S@S) 2.4.02 and Earlier Remote File Inclusion Vulnerability in Site@School (S@S) 2.4.03 and Earlier Arbitrary File Upload and Execution Vulnerability in Site@School (S@S) 2.4.02 and Earlier Arbitrary Web Script Injection in eSyndiCat Portal System's search.php OpenSSH Denial of Service Vulnerability via Duplicate Blocks in SSH Packet OpenSSH Denial of Service Vulnerability: Invalid Protocol Sequence Crash Arbitrary Code Execution Vulnerability in Kaspersky Labs Anti-Virus 6.0.0.303 and Other Products Privilege Escalation via Crafted Irp IOCTL Functions in Symantec AntiVirus and Security Products Unspecified File Handling Vulnerability in Moodle Database Module Unvalidated Module Instance ID in Moodle before 1.6.2 Information Disclosure Vulnerability in Moodle before 1.6.2 Path Disclosure Vulnerability in Moodle before 1.6.2 Information Disclosure Vulnerability in Moodle Backup Scheduler Sensitive Information Disclosure in Moodle Login/Forgot Password Functionality Multiple Cross-Site Scripting (XSS) Vulnerabilities in Moodle before 1.6.2 Arbitrary File Write Vulnerability in Moodle before 1.6.2 Arbitrary Local URI Content Disclosure in Moodle before 1.6.2 PHP Remote File Inclusion Vulnerability in ProgSys 0.151 and Earlier PHP Remote File Inclusion Vulnerabilities in Cardway DigitalWebShop 1.128 and Earlier Remote File Inclusion Vulnerability in CMSDevelopment Business Card Web Builder (BCWB) 0.99 and Earlier Unvalidated Output Cross-Site Scripting (XSS) Vulnerability in Drupal 4.7 Search Keywords Module Stack-based Buffer Overflow in ProSysInfo TFTP Server TFTPDWIN 0.4.2 and Earlier Unvalidated Input in Drupal Site Profile Directory Allows Cross-Site Scripting (XSS) Cisco IOS SNMP Community String Vulnerability Arbitrary Code Execution via JSP File Attachment in Neon WebMail for Java Arbitrary Mail Message Movement Vulnerability in Neon WebMail for Java SQL Injection Vulnerabilities in Neon WebMail for Java Arbitrary User Modification Vulnerability in Neon WebMail for Java Neon WebMail for Java Directory Traversal Vulnerability Neon WebMail for Java before 5.08 Updateuser Servlet Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in MyReview 1.9.4: Remote Code Execution via GetMember Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sun Secure Global Desktop (SSGD) Information Disclosure Vulnerability in Sun Secure Global Desktop (SSGD) Arbitrary Web Script Injection in Php Blue Dragon 2.9.1 and Earlier SQL Injection Vulnerability in GetModuleConfig Function in Php Blue Dragon 2.9.1 and Earlier Directory Traversal Vulnerability in Php Blue Dragon 2.9.1 and Earlier Directory Traversal Vulnerability in Exponent CMS 0.96.3 Allows Remote File Execution Cross-site scripting (XSS) vulnerability in MAXdev MDPro 1.0.76 before 20060918 Arbitrary Code Execution Vulnerability in Apple QuickTime 7.1.3 Player and Plug-In Remote File Inclusion Vulnerability in phpQuestionnaire (phpQ) 3.12 NextAge Cart Multiple Cross-Site Scripting (XSS) Vulnerabilities Remote File Inclusion Vulnerability in PNphpBB 1.2g allows arbitrary PHP code execution Multiple PHP Remote File Inclusion Vulnerabilities in WAHM E-Commerce Pie Cart Pro Remote File Inclusion Vulnerability in WAHM E-Commerce Pie Cart Pro's enc/content.php Allows Arbitrary PHP Code Execution Information Disclosure Vulnerability in MyBB (aka MyBulletinBoard) Plugin hello.php MyBB (MyBulletinBoard) Archive XSS Vulnerability Arbitrary HTML Injection Vulnerability in Perpetual Motion Interactive Systems DotNetNuke Remote Code Execution Vulnerability in Ipswitch WS_FTP Limited Edition (LE) 5.08 Arbitrary Web Script Injection Vulnerability in Yahoo! Messenger for WAP Path Disclosure Vulnerability in John Lim ADOdb Library for PHP Unrestricted File Upload Vulnerabilities in Walter Beschmout PhpQuiz 1.2 and Earlier SQL Injection Vulnerabilities in Walter Beschmout PhpQuiz 1.2 and Earlier Direct static code injection vulnerability in cfgphpquiz/install.php in PhpQuiz 1.2 and earlier allows remote attackers to inject arbitrary PHP code in config.inc.php via modified configuration settings. Buffer Overflow Vulnerability in Python's repr Function MAC Address Spoofing Vulnerability in Symantec Sygate NAC Cisco NAC Vulnerability: MAC Address Spoofing Bypass Vulnerability: Cisco NAC Bypass via DNS, DHCP, and EAPoUDP Tunneling Grayscale BandSite CMS Multiple PHP Remote File Inclusion Vulnerabilities Multiple Cross-Site Scripting (XSS) Vulnerabilities in Grayscale BandSite CMS Grayscale BandSite CMS Path Disclosure Vulnerability PHP Remote File Inclusion Vulnerabilities in Patrick Michaelis Wili-CMS Multiple Cross-Site Scripting (XSS) Vulnerabilities in Patrick Michaelis Wili-CMS Path Disclosure Vulnerability in Patrick Michaelis Wili-CMS Multiple PHP Remote File Inclusion Vulnerabilities in PhotoPost RSA Keon Certificate Authority (KeonCA) Manager 6.5.1 and 6.6 Log Tampering Vulnerability Remote File Inclusion Vulnerabilities in JD-WordPress for Joomla! (com_jd-wp) 2.0-1.0 RC2 Multiple PHP Remote File Inclusion Vulnerabilities in AllMyGuests 0.4.1 and Earlier Unquoted Windows Search Path Vulnerabilities in Apache Friends XAMPP 1.5.2 Remote File Inclusion Vulnerability in BSQ Sitestats (bsq_sitestats) for Joomla! Unspecified Remote Code Execution Vulnerability in JoomlaLib (com_joomlalib) before 1.2.2 ATM Subsystem Memory Access Vulnerability Multiple Buffer Overflows in WS_FTP Server 5.05 and Earlier Versions Sensitive Information Disclosure Vulnerability in WS_FTP Server Log Analyzer Arbitrary File Overwrite Vulnerability in IBM Inventory Scout for AIX Unspecified Command Execution Vulnerability in IBM AIX 5.2.0 and 5.3.0 Local File Overwrite Vulnerability in rdist Command in IBM AIX 5.2.0 and 5.3.0 Unspecified Command Execution Vulnerability in IBM AIX 5.2.0 and 5.3.0 Buffer Overflow Vulnerability in cfgmgr in IBM AIX 5.2.0 and 5.3.0 Untrusted Search Path Vulnerability in uucp on IBM AIX 5.2.0 and 5.3.0 Arbitrary Command Execution and File Overwrite Vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 Unspecified Arbitrary Command Execution and File Overwrite Vulnerability in xlock on IBM AIX 5.2.0 and 5.3.0 Untrusted Search Path Vulnerability in acctctl in IBM AIX 5.3.0 Untrusted Search Path Vulnerability in snappd Allows Arbitrary Command Execution Denial of Service Vulnerability in Sun Solaris 8, 9, and 10 Denial of Service Vulnerability in Sun Solaris 10 x64 Systems with IPv6 Unspecified Privilege Escalation Vulnerability in cPanel before 10.9.0 12 Tree Arbitrary PHP Code Execution via Remote File Inclusion in Kietu 3.2 hit.php Unrestricted File Upload Vulnerability in e-Vision CMS 1.0 SQL Injection Vulnerability in admin/all_users.php in Szava Gyula and Csaba Tamas e-Vision CMS Cleartext Password Exposure in ContentKeeper 123.25 and Earlier Information Disclosure Vulnerability in Google Mini 4.4.102.M.36 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in SolidState 0.4 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in redgun RedBLoG 0.5 Remote File Inclusion Vulnerability in Joshua Wilson pNews System 1.1.0 Arbitrary SQL Command Execution in kategori.asp in xweblog 2.1 and Earlier Unspecified Vulnerabilities in sHTTPScanner 0.4 with Unknown Impact Unspecified Vulnerabilities in sHTTPScanner with Unknown Impact and Attack Vectors Unspecified Vulnerabilities in sHTTPScanner with Unknown Impact and Attack Vectors Path Disclosure Vulnerability in Jeroen Vennegoor JevonCMS Directory Traversal Vulnerability in SWsoft Plesk 7.5 Reload and Plesk 7.6 for Windows SQL Injection Vulnerability in WoltLab Burning Board (wBB) 2.3.x: Version Disclosure via thread.php SQL Injection Vulnerability in exV2 2.0.4.3 and Earlier: Remote Code Execution via sort Parameter Arbitrary File Read Vulnerability in CakePHP before 1.1.8.3544 Remote File Inclusion Vulnerability in PHPartenaire 1.0 (dix.php3) Denial of Service Vulnerability in StoresAndCalendarsList.cgi in Paul Smith Computer Services vCAP 1.9.0 Beta and Earlier Arbitrary File Read Vulnerability in Paul Smith Computer Services vCAP 1.9.0 Beta and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Paul Smith Computer Services vCAP 1.7.0 Remote Code Execution and Cross-Site Scripting (XSS) via MySource Matrix and MySource 2.x Arbitrary Site Access and XSS via MIME Encoded URL in MySource Matrix 3.8 Hard-coded Username and Password Vulnerability in FiWin SS28S WiFi VoIP SIP/Skype Phone Firmware Version 01_02_07 Unspecified Vulnerability in Joomla! Events 1.3 Beta Module with Unknown Impact and Attack Vectors Unspecified Vulnerability in SEF404x (com_sef) for Joomla! Unspecified Vulnerability in Hot Properties Joomla Extension Unspecified Vulnerability in mosMedia (com_mosmedia) 1.0.8 and Earlier for Joomla! Joomlaboard Forum Component (com_joomlaboard) Remote File Inclusion Vulnerabilities Unspecified Vulnerability in Prince Clan Chess Component: Potential Impact and Attack Vectors Unspecified PHP Remote File Inclusion Vulnerability in PollXT Component Unspecified Vulnerability in RS Gallery2 for Joomla! with Unspecified Impact and Attack Vectors Arbitrary Code Execution Vulnerability in RS Gallery2 Component for Joomla Arbitrary Code Execution via Remote File Inclusion in Security Images Component for Joomla Unspecified Vulnerability in Classifieds Component for Joomla! with Unspecified Impact Directory Traversal Vulnerability in Rob Landley BusyBox HTTPD OpenSSH Signal Handler Race Condition Vulnerability Unspecified User Validation Vulnerability in Portable OpenSSH Remote File Inclusion Vulnerability in Web-News 1.6.3 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in uye_ayrinti.asp in iyzi Forum 1 Beta 2 and Earlier Remote File Inclusion Vulnerability in syntaxCMS 1.1.1 through 1.3 Opial Audio/Video Download Management 1.0 - Cross-Site Scripting (XSS) Vulnerability in Login View Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ktools.net PhotoStore Remote Code Execution Vulnerability in Call of Duty Games via Long Map Argument Multiple Cross-Site Scripting (XSS) Vulnerabilities in WWWthreads 5.4.2 and Earlier Arbitrary Web Script Injection in Jamroom 3.0.16 Login Page Remote Code Execution in Advanced-Clan-Script (AVCX) 3.4 and earlier via PHP Remote File Inclusion in mcf.php Arbitrary PHP Code Execution via Remote File Inclusion in PBLang (PBL) 4.66z and Earlier Arbitrary Web Script Injection in Elog 2.6.1 via XSS Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in BirdBlog 1.4 and Earlier Remote File Inclusion Vulnerability in ZoomStats 1.0.2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in DanPHPSupport 0.5 and Earlier Versions PHP System Administration Toolkit (PHPSaTK) Remote File Inclusion Vulnerability in loader.php Remote File Inclusion Vulnerability in Brudaswen Admin Index.php Arbitrary Script Injection Vulnerability in Indexed Search Extension for Typo3 Remote File Inclusion Vulnerability in faceStones Personal 2.0.42 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in eyeOS before 0.9.1 Insecure Permissions in Novell Mono's System.CodeDom.Compiler Classes Allow Arbitrary File Overwrite and Code Execution Denial of Service Vulnerability in Sun Solaris 8, 9, and 10 via Crafted IPv6 Packets Arbitrary Script Injection in PHP Invoice 2.2 via XSS Vulnerability Denial of Service Vulnerability in Solaris 10 Kernel SSL Proxy Service OpenConcept Back-End 0.4.5 - Multiple PHP Remote File Inclusion Vulnerabilities Remote File Inclusion Vulnerability in Chris Smith Minerva Build 238 and Earlier Remote File Inclusion Vulnerability in Kristian Niemi Polaring 00.04.03 and Earlier Remote File Inclusion Vulnerability in paBugs 2.0 Beta 3 and Earlier: Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in Six Apart Movable Type Search Function QuickBlogger (QB) 1.4 - Remote File Inclusion Vulnerability in acc.php Unspecified Code Execution Vulnerability in Sugar Suite Open Source (SugarCRM) Remote File Inclusion Vulnerability in Integrated MODs (IM) Portal 1.2.0 and Earlier Format String Vulnerability in eBay Skype for Mac 1.5.*.79 and Earlier Arbitrary PHP Code Execution via Static Code Injection in Blog Pixel Motion 2.1.1 Remote Code Execution in Blog Pixel Motion 2.1.1 via Username and Password Modification PHP Remote File Inclusion Vulnerabilities in evoBB 0.3 and Earlier Remote File Inclusion Vulnerability in phpHeaven phpMyChat 0.1 PHP Remote File Inclusion Vulnerability in Jim Plush My-BIC 0.6.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phoenix Evolution CMS (PECMS) Unspecified Privilege Escalation Vulnerability in HP-UX CIFS Server (Samba) A-Blog 2 Navigation/Menu.php Remote File Inclusion Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in Tagmin Control Center PHP remote file inclusion vulnerability in includes/functions_kb.php in phpBB XS 2 (Spain version): Arbitrary PHP code execution via phpbb_root_path parameter Remote File Inclusion Vulnerability in MyPhotos 0.1.3b beta Cross-Site Scripting (XSS) Vulnerabilities in VirtueMart Joomla! eCommerce Edition CMS 1.0.11 Remote File Inclusion Vulnerability in net2ftp index.php Allows Arbitrary PHP Code Execution Denial of Service Vulnerability in DokuWiki Image Resizing Arbitrary Command Execution in DokuWiki's lib/exec/fetch.php Remote Code Execution in WEB//NEWS (webnews) 1.4 and Earlier via PHP Remote File Inclusion in parse/parser.php PHP Remote File Inclusion Vulnerability in Comdev CSV Importer 3.1 and Possibly 4.1 PHP Remote File Inclusion Vulnerability in Newswriter SW 1.42 and Earlier Remote File Inclusion Vulnerability in bbsNew 2.0.1: Arbitrary PHP Code Execution Jelsoft vBulletin 2.x global.php SQL Injection Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in SyntaxCMS 1.1.1 through 1.3 FacileForms XSS Vulnerability in Mambo and Joomla! Multiple SQL Injection Vulnerabilities in Devellion CubeCart 2.0.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in Devellion CubeCart 2.0.x Path Disclosure Vulnerability in Devellion CubeCart 2.0.x Arbitrary Code Injection via msg Parameter in PHP Invoice 2.2 Denial of Service Vulnerability in libksba Library Remote Code Execution Vulnerability in InterVations NaviCOPA Web Server 2.01 via Buffer Overflow Directory Traversal Vulnerability in Yuuki Yoshizawa Exporia 0.3.0 Cross-Site Scripting (XSS) Vulnerabilities in SAP Internet Transaction Server (ITS) 6.1 and 6.2 Arbitrary File Inclusion Vulnerability in KGB 1.87 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in phpMyAdmin before 2.9.1-rc1 Insufficient Access Control in phpMyAdmin Allows Information Disclosure PHP Remote File Inclusion Vulnerability in PDD Package for PHPSelect Web Development Division Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zen Cart 1.3.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Scott Metoyer Red Mombin 0.7 SQL Injection Vulnerability in PostNuke 0.762 Admin Section Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) Multiple PHP Remote File Inclusion Vulnerabilities in Albrecht Guenther PHProjekt 5.1.x before 5.1.2 Multiple PHP Remote File Inclusion Vulnerabilities in Joshua Muheim phpMyWebmin 1.0 Directory Traversal Vulnerability in Joshua Muheim phpMyWebmin 1.0 Remote File Inclusion Vulnerability in PowerPortal 1.3a Allows Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bartels Schoene ConPresso before 4.0.5a SQL Injection Vulnerability in Bartels Schoene ConPresso 4.0.5a: Remote Code Execution via nr Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in ph03y3nk Just Another Flat File (JAF) CMS 4.0 RC1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ph03y3nk JAF CMS 4.0 RC1 Static Code Injection Vulnerability in JAF CMS 4.0 RC1 Multiple PHP Remote File Inclusion Vulnerabilities in phpMyAgenda 3.0 Final and Earlier Buffer Overflow Vulnerability in GuildFTPd 0.999.13: Remote Code Execution via Globbing Characters Denial of Service Vulnerability in Mercury SiteScope 8.2 (8.1.2.0) Multiple PHP Remote File Inclusion Vulnerabilities in A-Blog 2 Multiple PHP Remote File Inclusion Vulnerabilities in Groupee UBB.threads 6.5.1.1 Multiple Direct Static Code Injection Vulnerabilities in Groupee UBB.threads 6.5.1.1 Information Disclosure Vulnerability in Groupee UBB.threads 6.5.1.1 Unspecified vulnerability in MkPortal allows remote attackers to corrupt web site content and potentially impact Urlobox SQL Injection Vulnerability in Lappy512 PHP Krazy Image Host Script (phpkimagehost) 0.7a Remote File Inclusion Vulnerability in Kevin A. Gordon Open Geo Targeting (geotarget) Script Remote Code Execution Vulnerability in CA BrightStor ARCserve Backup R11.5 Multiple Buffer Overflow Vulnerabilities in CA BrightStor ARCserve Backup Arbitrary Script Injection in OlateDownload 3.4.0 via userupload.php SQL Injection Vulnerabilities in OlateDownload 3.4.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Yblog Remote File Inclusion Vulnerability in VAMP Webmail 2.0beta1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Forum82 2.5.2b and Earlier Arbitrary File Inclusion Vulnerabilities in OpenBiblio before 0.5.2 SQL Injection Vulnerability in OpenBiblio Reports System Unspecified Remote Root Access Vulnerability in HP Ignite-UX Server Microsoft Internet Explorer UTF-7 Encoded URL XSS Vulnerability Unvalidated Argument Vulnerability in Sunbelt Kerio Personal Firewall DeluxeBB 1.09 Remote File Inclusion Vulnerability in cp/sig.php Arbitrary PHP Code Execution via Remote File Inclusion in VideoDB 2.2.1 and Earlier Remote Code Execution Vulnerability in McAfee ePolicy Orchestrator and ProtectionPilot Format String Vulnerability in TrendMicro OfficeScan Corporate Edition (OSCE) Allows Remote Code Execution Denial of Service and Access Denial Vulnerability in NFS Lockd in Linux Kernel Stack-based Buffer Overflow in Mozilla Firefox Allows Remote Code Execution via JavaScript Unspecified Vulnerabilities in Mozilla Firefox Disputed by Vendor and Researchers Title-based Password Distribution Vulnerability in IBM Client Security Password Manager Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP2 and Earlier Insecure Permissions Vulnerability in IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux Cross-Site Scripting (XSS) Vulnerabilities in Sum Effect Software digiSHOP 4.0 cart.php Remote File Inclusion Vulnerability in Skrypty PPA Gallery 1.0 and Earlier Easy Banner Free PHP Web Scripts functions.php Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in BasiliX 1.1.1 and Earlier Arbitrary Script Injection in Simon Brown Pebble 2.0.0 RC1 and RC2 Search Functionality Cross-site scripting (XSS) vulnerability in John Himmelman (aka DaRk2k1) PowerPortal 1.1 Vulnerability: Inadequate Error Handling in pam_ldap Mediasvr.exe Stack-based Buffer Overflow Vulnerability Mediasvr.exe Stack-based Buffer Overflow Vulnerability EFLAGS Context Switch Vulnerability in Linux Kernel Kernel Memory Leakage Vulnerability in Linux 2.6 on s390 CSRF Vulnerability in TeraStation HD-HTGL Firmware 2.05 Beta 1 and Earlier Buffer Overflow in NTLM Authentication in MailEnable Professional and Enterprise 2.0 Remote Code Execution and Denial of Service Vulnerabilities in MailEnable Professional and Enterprise Symlink-based Open_basedir Bypass Vulnerability in PHP 5.1.6 and Earlier Denial of Service Vulnerability in Intoto iGateway VPN and iGateway SSL-VPN PHP Remote File Inclusion Vulnerability in Newswriter SW 1.42 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Joshua Muheim phpMyWebmin 1.0 Remote File Inclusion Vulnerability in Dan Jensen Travelsized CMS 0.4 and Earlier Dayfox Blog 2.0 - Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerability in PKR Internet Taskjitsu 2.0.6: Remote Code Execution via key Parameter Eval Injection Vulnerability in Template.php in HAMweather 3.9.8.4 and Earlier PHP remote file inclusion vulnerability in phpMyProfiler 0.9.6 and earlier allows remote attackers to execute arbitrary PHP code Remote File Inclusion Vulnerability in Bulletin Board Ace (BBaCE) 3.5 and Earlier Directory Traversal Vulnerability in webGENEius GOOP Gallery 2.0.2 Remote File Inclusion Vulnerability in Klinza Professional CMS 5.0.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in osCommerce 2.2 Milestone 2 Update 060817 Remote File Inclusion Vulnerability in Nivisec Static Topics Module for phpBB 1.0 and Earlier PHPGreetz 0.99 and Earlier: Remote File Inclusion Vulnerability in includes/footer.php Remote File Inclusion Vulnerability in Josh Schmidt WikyBlog 1.2.3 and Earlier Arbitrary Script Injection in net2ftp 0.93 via username parameter Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Wheatblog 1.0 and 1.1 Denial of Service Vulnerability in Motorola SURFboard SB4200 Cable Modem Insecure Storage of Sensitive Information in PDshopPro Arbitrary Code Execution Vulnerability in WZFILEVIEW.FileViewCtrl.61 ActiveX Control Adobe Contribute Publishing Server Local Privilege Escalation Vulnerability Arbitrary File Reading Vulnerability in Adobe Breeze 5 Licensed Server and Breeze 5.1 Licensed Server via URL Parsing PKCS #1 v1.5 Signature Forgery Vulnerability Unauthenticated Remote Configuration Modification in Linksys WRT54g Firmware 1.00.9 Remote Code Execution and SQL Injection Vulnerability in Invision Power Board (IPB) 2.1.7 and Earlier Cross-Site Scripting (XSS) Vulnerability in Invision Power Board (IPB) 2.1.7 and Earlier Invision Gallery 2.0.7 Directory Traversal Vulnerability SQL Injection Vulnerability in Invision Gallery 2.0.7: Remote Code Execution via Album Parameter Remote File Inclusion Vulnerability in phpMyTeam 2.0 Allows Arbitrary Code Execution SQL Injection Vulnerabilities in PHP Classifieds 7.1 PHP Remote File Inclusion Vulnerability in Admin Topic Action Logging Mod 0.95 and Earlier IronWebMail Directory Traversal Vulnerability Remote Removal of Trend Micro OfficeScan Clients via HTTP Request Remote File Deletion Vulnerability in Trend Micro OfficeScan Insufficient Permission Checks in Sun Solaris 10 Allow Packet Interception and Spoofing Weak Permissions Vulnerability in Xsession Script Symlink Attack Vulnerability in Xsession Script Arbitrary Code Execution via Long URI in Sergey Lyubka Simple HTTPD (shttpd) 1.34 SQL Injection Vulnerability in Emek Portal 2.1: Remote Code Execution via giris_yap.asp Integer Overflow in systrace_preprepl Function Allows Privilege Escalation and Denial of Service SQL Injection Vulnerability in Moodle 1.6.2 Blog Module Multiple PHP Remote File Inclusion Vulnerabilities in WebYep 1.1.9 SQL Injection Vulnerabilities in Cahier de texte 2.0: Remote Code Execution PHP Remote File Inclusion Vulnerabilities in Dimension of phpBB 0.2.6 and Earlier Remote File Inclusion Vulnerability in Nivisec User Viewed Posts Tracker Module for phpBB Remote File Inclusion Vulnerability in Dimitri Seitz Security Suite IP Logger 1.0.0 for phpBB SQL Injection Vulnerabilities in AAIportal before 1.4.0 PHP Remote File Inclusion Vulnerability in Prologin.fr Freenews 1.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in TorrentFlux 2.1 admin.php SQL Injection Vulnerabilities in Google Gadget login.php of Rob Hensley ackerTodo 4.2 and Earlier Timing-based User Enumeration Vulnerability in OpenSSH Portable 4.1 FreeForum 0.9.7 and Earlier: PHP Remote File Inclusion Vulnerability in forum.php Denial of Service Vulnerability in Grandstream GXP-2000 VoIP Desktop Phone Multiple PHP Remote File Inclusion Vulnerabilities in iSearch 2.16 Denial of Service Vulnerability in Polycom SoundPoint IP 301 VoIP Desktop Phone Multiple PHP Remote File Inclusion Vulnerabilities in phpWebSite 0.10.2 PHP remote file inclusion vulnerability in Dimension of phpBB 0.2.6 and earlier in includes/functions_kb.php SQL Injection Vulnerability in 4images 1.7.x search.php Blue Smiley Organizer before 4.46 SQL Injection Vulnerability Unspecified File Upload Vulnerability in Blue Smiley Organizer Multiple Cross-Site Scripting (XSS) Vulnerabilities in eXpBlog 0.3.5 and Earlier Remote File Inclusion Vulnerability in Docmint 2.0 and Earlier with Enabled Register Globals OpenDock Easy Gallery 1.4 and Earlier PHP Remote File Inclusion Vulnerabilities Etomite CMS 0.6.1.1 SQL Injection Vulnerability OpenDock Easy Doc 1.4 and Earlier PHP Remote File Inclusion Vulnerabilities OpenDock Easy Blog 1.4 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities Eazy Cart Remote Authentication Bypass Vulnerability Remote Price Manipulation Vulnerability in Eazy Cart Multiple Cross-Site Scripting (XSS) Vulnerabilities in Eazy Cart Insecure Storage of Sensitive Information in Eazy Cart Allows Remote Database Download Arbitrary PHP Code Execution via Remote File Inclusion in TagIt! Tagboard 2.1.B Build 2 BlueShoes 4.6_public PHP Remote File Inclusion Vulnerability in GoogleSearch.php Deep CMS 2.0a PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in Webmedia Explorer 2.8.7 PHP remote file inclusion vulnerability in strload.php in phpOnline 2.1 allows remote code execution via LangFile parameter Remote File Inclusion Vulnerability in Mark Van Bellen Detailed User Registration (com_registration_detailed) Plugin Remote File Inclusion Vulnerability in Greg Neustaetter gCards 1.13 via addnews.php Remote File Inclusion Vulnerability in Claroline 1.8.0 and Earlier Remote File Inclusion Vulnerability in Ciamos CMS 0.9.6b and Earlier Arbitrary Command Execution Vulnerability in Asbru Web Content Management Remote Code Execution in Compteur 2 via PHP Remote File Inclusion in param_editor.php Remote File Inclusion Vulnerability in Compteur 2's compteur.php Allows Arbitrary Code Execution PHPMyNews 1.4 and Earlier: Multiple Remote File Inclusion Vulnerabilities CRLF Injection Vulnerability in Hastymail 1.5 and Earlier Directory Traversal Vulnerability in phpMyAgenda 3.1 and Earlier: Arbitrary File Inclusion Arbitrary Web Script Injection Vulnerability in MysqlDumper 1.21 b6 Denial of Service Vulnerability in Microsoft Dynamics GP 9.0 and Earlier Multiple Buffer Overflows in Microsoft Dynamics GP 9.0 and Earlier Remote Code Execution Vulnerability in Trend Micro ServerProtect 5.7 and 5.58 Remote Code Execution Vulnerability in Trend Micro ServerProtect 5.7 and 5.58 Arbitrary Code Execution via Crafted PDF File in Microsoft Malware Protection Engine Arbitrary Code Execution via Crafted UDP Packet in McAfee ePolicy Orchestrator and Common Management Agent Remote Code Execution Vulnerability in McAfee ePolicy Orchestrator, ProtectionPilot, and Common Management Agent Remote Code Execution Vulnerability in McAfee ePolicy Orchestrator, ProtectionPilot, and Common Management Agent Integer Overflow Vulnerability in McAfee ePolicy Orchestrator, ProtectionPilot, and Common Management Agent Remote Code Execution via Stack-based Buffer Overflow in Snort DCE/RPC Preprocessor Heap-based Buffer Overflow in Cisco Unified Communications Manager (CUCM) Allows Remote Code Execution Heap-based Buffer Overflow in Cisco Unified Communications Manager (CUCM) RIS Data Collector Service Remote File Inclusion Vulnerability in Leicestershire communityPortals 1.0 build 20051018 and Earlier Remote File Inclusion Vulnerability in n@board 3.1.9e and Earlier: Arbitrary PHP Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in SH-News 3.1 and Earlier Minichat 6.0 ftag.php Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in Shen Cheng-Da PHP News Reader (pnews) 2.6.4 and Earlier SQL Injection Vulnerability in XeoPort 0.81: Remote Code Execution via xp_body_text Parameter Denial of Service Vulnerability in Novell BorderManager 3.8 via Unspecified Attack Vectors Multiple SQL Injection Vulnerabilities in Xeobook 0.93's sign.php Default Administrator Credentials Vulnerability in Cisco 2700 Series Wireless Location Appliances PHP Remote File Inclusion Vulnerabilities in Vtiger CRM 4.2 and Earlier WebUI Command Injection Vulnerability in Xerox WorkCentre and WorkCentre Pro 232, 238, 245, 255, 265, and 275 PHP Remote File Inclusion Vulnerability in Download-Engine 1.4.2 Exhibit Engine 1.5 RC 4 and Earlier: PHP Remote File Inclusion Vulnerability in photo_comment.php Arbitrary Web Script Injection Vulnerability in PhpOutsourcing Noah's Classifieds 1.3 and Earlier Unrestricted Cross-Site Scripting (XSS) Vulnerability in phplist 2.10.3 Denial of Service Vulnerability in ClamAV 0.88.5 and earlier Denial of Service Vulnerability in PowerPoint 2003 Race condition vulnerability in Mutt mail client 1.5.12 and earlier allows local users to overwrite arbitrary files on NFS filesystems Insecure Temporary File Creation in Mutt Mail Client Arbitrary Web Script Injection in Gcontact 0.6.5 Unspecified Remote Access Vulnerability in HP Version Control Agent Remote File Inclusion Vulnerability in SpamBlockerMODv 1.0.2 and Earlier for phpBB PHP Remote File Inclusion Vulnerabilities in Redaction System 1.0000 Information Disclosure in Secure Computing SafeWord RemoteAccess 2.1 Remote File Inclusion Vulnerability in IncCMS Core 1.0.0 and Earlier PHP Remote File Inclusion Vulnerability in lat2cyr.php in phpbb module 1.0.1 and earlier PHP Remote File Inclusion Vulnerabilities in Journals System Module for phpBB PHP Remote File Inclusion Vulnerabilities in AFGB GUESTBOOK 2.2 Open Conference Systems (OCS) before 1.1.6 - Multiple PHP Remote File Inclusion Vulnerabilities Prillian French 0.8.0 PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in J-Pierre DEZELUS Les Visiteurs 2.0.1 Remote File Inclusion Vulnerability in Buzlas 2006-1 Full: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in Ajax Shoutbox 0.0.5 and Earlier Module for phpBB Arbitrary SMTP Command Injection in Hastymail 1.5 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in TribunaLibre 3.12 Beta Remote File Inclusion Vulnerability in registroTL's main.php Allows Arbitrary PHP Code Execution Insecure Storage of Sensitive Information in registroTL Remote File Inclusion Vulnerability in eboli's index.php Allows Arbitrary Code Execution Remote File Inclusion Vulnerability in Nayco JASmine (Jasmine-Web) Allows Arbitrary PHP Code Execution Arbitrary File Read Vulnerability in Foafgen 0.3 Arbitrary File Read Vulnerability in Album Photo Sans Nom 1.6 Unspecified Cross-Site Scripting (XSS) Vulnerabilities in phplist before 2.10.3 SQL Injection Vulnerabilities in phplist before 2.10.3 Unspecified Vulnerability in IBM WebSphere Application Server (PK29360) Unauthenticated Access Vulnerability in IBM WebSphere Application Server (PK28374) Multiple PHP Remote File Inclusion Vulnerabilities in Dimitri Seitz Security Suite IP Logger Prillian French 0.8.0 PHP Remote File Inclusion Vulnerability Untrusted Search Path Vulnerability in OpenBase SQL and Apple Xcode Arbitrary File Creation Vulnerability in OpenBase SQL 10.0 and Earlier CRLF Injection Vulnerability in Adobe Flash Player Plugin Denial of Service Vulnerability in Linux Kernel Altivec Support Unspecified PL/SQL Injection Vulnerability in Oracle Database XMLDB Component Unspecified SQL Injection Vulnerability in Oracle Spatial Component in Oracle Database 10.2.0.2 Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 Unspecified SQL Injection Vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 with Remote Authenticated Attack Vectors Unspecified vulnerabilities in Oracle Database Change Data Capture (CDC) component (Vuln# DB05 and DB06) Unspecified Remote Authenticated Vulnerability in Oracle Database (Vuln# DB09) Unspecified SQL Injection Vulnerability in Oracle Database 10.1.0.5 Unspecified vulnerability in Oracle Spatial component in Oracle Database versions 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 with remote authenticated attack vectors related to mdsys.sdo_geom Unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.2 with unknown impact and remote authenticated attack vectors Unspecified SQL Injection Vulnerabilities in Oracle Database XMLDB Component Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 with remote authenticated attack vectors related to mdsys.sdo_tune Unspecified Remote Authenticated Vulnerability in Oracle Database Scheduler Component (Vuln# DB19) Unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 Unspecified Remote Code Execution Vulnerability in Oracle HTTP Server 9.2.0.7 Unspecified HTTPS and SSL Vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Collaboration Suite 9.0.4.2 Unspecified HTTPS and SSL Vulnerability in Oracle HTTP Server 9.2.0.7, Oracle Collaboration Suite 9.0.4.2, and Oracle E-Business Suite and Applications 11.5.10CU2 (Vuln# OHS05) Unspecified Remote HTTPS/SSL Vulnerability in Oracle HTTP Server 9.2.0.7 on HP Tru64 UNIX (Vuln# OHS07) Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 Unspecified Vulnerabilities in Oracle Application Express Unspecified Remote Vulnerabilities in Oracle Application Express 1.5 up to 1.6.1 Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server and Oracle Collaboration Suite, aka Vuln# OHS01 Unspecified Remote Vulnerability in Oracle HTTP Server and Applications Unspecified Remote Vulnerability in Oracle Single Sign-On Component (Vuln# SSO01) Unspecified Remote Vulnerability in Oracle Containers for J2EE (OC4J02) Unspecified Remote Code Execution Vulnerability in Oracle HTTP Server Component (Vuln# OHS03) Unspecified Remote Code Execution Vulnerability in Oracle Forms Component Unspecified Remote Vulnerabilities in Oracle Reports Developer Component Unspecified Remote Code Execution Vulnerability in Oracle Forms Component Unspecified Remote Vulnerability in Oracle Containers for J2EE (OC4J03) Unspecified Remote Code Execution Vulnerability in Oracle Containers for J2EE (OC4J04) Unspecified Remote Vulnerability in Oracle Single Sign-On Component Unspecified Remote Authenticated Vulnerability in Oracle Containers for J2EE (OC4J05) Unspecified Remote Code Execution Vulnerability in Oracle Forms Unspecified Remote Vulnerabilities in Oracle Collaboration Suite 9.0.4.2 Unspecified Vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 with Remote Authenticated Attack Vectors Unspecified Remote Vulnerability in Oracle Exchange Component in Oracle E-Business Suite 6.2.4 Unspecified Remote Authenticated Vulnerability in Oracle Application Object Library in Oracle E-Business Suite 11.5.10CU2 Unspecified Remote Authenticated Vulnerabilities in Oracle E-Business Suite 11.5.10CU2 Unspecified Remote Authenticated Vulnerability in Oracle Email Center Component in Oracle E-Business Suite 11.5.9 Unspecified Remote Authenticated Vulnerabilities in Oracle E-Business Suite 11.5.10 Unspecified Remote Authenticated Vulnerability in Oracle Install Base Component in Oracle E-Business Suite 11.5.10CU1 Unspecified Remote Authenticated Vulnerability in Oracle Pharmaceutical Applications 4.5.1 (Vuln# PHAR01) Unspecified Remote Vulnerabilities in Oracle PeopleSoft Enterprise PeopleTools Unspecified Remote Authenticated Vulnerabilities in Oracle PeopleSoft Enterprise PeopleTools Unspecified Remote Authenticated Vulnerability in Oracle PeopleSoft Enterprise 8.80 GA, 8.90 GA, 8.8 Bundle 11, and 8.9 Bundle 4 (Vuln# PSE05) Unspecified Remote Authenticated Vulnerability in JD Edwards HTML Server (Vuln# JDE01) Arbitrary Code Execution via Font Glyph Width Value in NVIDIA Binary Graphics Driver Remote File Inclusion Vulnerability in Contenido CMS Sensitive Data Exposure in Contenido CMS Unspecified Remote Unauthorized Access Vulnerability in 3Com Switch SS3 4400 Switches SQL Injection Vulnerability in comadd.php in Def-Blog 1.0.1 and Earlier: Remote Code Execution via Article Parameter Remote File Inclusion Vulnerability in CDS Agenda 4.2.9 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in SpamOborona 1.0b and Earlier phpBB Module Arbitrary PHP Code Execution via Remote File Inclusion in NuralStorm Webmail 0.98b and Earlier Remote File Inclusion Vulnerability in PlusXL phpBB Module Allows Arbitrary Code Execution SQL Injection Vulnerability in WebSPELL 4.01.01 and Earlier: Remote Code Execution via getsquad Parameter Sensitive Information Disclosure in PHP-Wyana via Invalid lang Parameter Remote File Inclusion Vulnerability in ACP User Registration (MMW) 1.00 Module for phpBB Denial of Service Vulnerability in Xfire 1.64 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in OpenDock FullCore 4.4 and Earlier Insecure Memory Handling in Cisco Secure Desktop (CSD) Allows Unauthorized Memory Access Unchecked Disable Printing Box in Cisco Secure Desktop Settings Allows Data Leakage during SSL VPN Sessions Buffer Overflow in Microsoft Class Package Export Tool (clspack.exe) Allows Arbitrary Code Execution Denial of Service Vulnerability in TCP Fusion on Sun Solaris 10 File Descriptor Leak Vulnerability in X.Org libX11 Arbitrary SQL Command Execution in Simplog 0.9.3.1 via comments.php PHPRecipeBook 2.36 Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in CyberBrau 0.9.4's forum/track.php Remote File Inclusion Vulnerability in AROUNDMe 0.5.2 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in PHPmybibli 3.0.1 and Earlier Stack-based Buffer Overflow in Symantec Automated Support Assistant ActiveX Control Unspecified User-Assisted Remote Information Disclosure Vulnerability in Symantec Automated Support Assistant Toshiba Bluetooth Driver Denial of Service and Code Execution Vulnerability Insecure Permissions in Passgo Defender 5.2 Application Directory osTicket open_form.php Remote File Inclusion Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 SQL Injection Vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 PHP Remote File Inclusion Vulnerability in BoonEx Dolphin 5.2 Arbitrary PHP Execution via Unrestricted File Upload in FreeWPS (possibly 2.11 and earlier) Arbitrary Code Execution via en_login_id Parameter in PHP Outburst Easynews 4.4.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in SuperMod 3.0.0 for YABB (YaBBSM) Information Disclosure Vulnerability in Barry Nauta BRIM before 1.2.1 Remote File Inclusion Vulnerability in News Defilante Horizontale 4.1.1 and Earlier Module for phpBB Arbitrary Web Script Injection Vulnerability in F5 Networks FirePass 1000 SSL VPN 5.5 Denial of Service Vulnerability in McAfee Network Agent (mcnasvc.exe) 1.0.178.0 Remote File Inclusion Vulnerability in pbpbb Archive Topic Remote File Inclusion Vulnerability in University of Glasgow Specimen Image Database (SID) Denial of Service Vulnerability in Kerio WinRoute Firewall 6.2.2 and Earlier Arbitrary PHP Code Execution in WSN Forum 1.3.4 and Earlier Remote File Inclusion Vulnerability in Lodel (patchlodel) 0.7.3 via calcul-page.php PHP Remote File Inclusion Vulnerability in Lou Portail 1.4.1 Remote Code Execution Vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 Denial of Service Vulnerability in XORP 1.2 and 1.3 via Invalid OSPF LSA Length Field Remote File Inclusion Vulnerability in LoCal Calendar System 1.1 Remote Code Execution in Php AMX 0.9.0 via plugins/main.php Unauthenticated Access to Sensitive Ticket Data in Cerberus Helpdesk 3.2.1 Multiple PHP Remote File Inclusion Vulnerabilities in Barry Nauta BRIM 1.2.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in db-central Enterprise CMS and db-central CMS Search Functionality Remote Code Execution in PHPOutsourcing Zorum 3.5 and Earlier via PHP Remote File Inclusion Vulnerability Multiple Direct Static Code Injection Vulnerabilities in phpPowerCards 2.10 ALiCE-CMS 0.1 Remote File Inclusion Vulnerability in modules/guestbook/index.php Remote File Inclusion Vulnerability in P-News 1.16 and 1.17: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in phpBB 2.0.10 and Earlier (groupcp.php) Arbitrary PHP Code Execution via Remote File Inclusion in FreeFAQ 1.0.e Directory Traversal Vulnerability in phpAdsNew 2.0.8 Upgrade.php Remote File Inclusion Vulnerability in Comdev Forum 4.1 Allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Comdev Misc Tools 4.1 Remote File Inclusion Vulnerability in Comdev Form Designer 4.1 Remote File Inclusion Vulnerability in Comdev Web Blogger 4.1 Cross-Site Scripting (XSS) Vulnerability in ViewVC 1.0.2 and Earlier Unspecified Remote Data Modification Vulnerability in XIAO Gang WWW Interactive Mathematics Server (WIMS) Integer Overflow Vulnerability in Asterisk Skinny Channel Driver Denial of Service Vulnerability in Asterisk SIP Channel Driver SQL Injection Vulnerability in Casinosoft Casino Script 3.2: Remote Code Execution via cfam Parameter Arbitrary Web Script Injection Vulnerability in DEV Web Management System (WMS) 1.5 Buffer Overflow Vulnerability in drmstor.dll ActiveX Object Arbitrary Command Execution in Ingo H3 Horde Module via Procmail SQL Injection Vulnerability in Kinesis Interactive Cinema System (KICS) CMS Cross-Site Scripting (XSS) Vulnerabilities in TorrentFlux 2.1 Buffer Overflow in dtmail on HP Tru64 UNIX and HP-UX: Arbitrary Code Execution via Long -a Argument Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bugzilla Information Disclosure Vulnerability in Bugzilla Bugzilla CSRF Vulnerability in editversions.cgi Buffer overflow vulnerabilities in GraphicsMagick and ImageMagick allow for denial of service and potential code execution Cross-Site Scripting (XSS) Vulnerabilities in Casinosoft Casino Script (Masvet) 3.2 Registration Form Remote File Inclusion Vulnerability in Hinton Design phpht Topsites common.php Multiple PHP Remote File Inclusion Vulnerabilities in Download-Engine 1.4.2 and Earlier PHP Remote File Inclusion Vulnerabilities in Hinton Design phpht Topsites Local Privilege Escalation Vulnerability in Avahi Vulnerability: Signature Forgery in Mozilla Network Security Service (NSS) Library Arbitrary JavaScript Bytecode Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Denial of Service Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution Vulnerability in PHP htmlentities and htmlspecialchars Functions Heap-based Buffer Overflow in showQueryPackage Function in RPM Package Manager 4.4.8 Denial of Service Vulnerability in Ruby 1.8 CGI Library Unspecified Denial of Service Vulnerability in Wireshark HTTP Dissector Denial of Service Vulnerability in Wireshark WBXML Dissector Remote File Inclusion Vulnerability in Softerra PHP Developer Library 1.5.3 and Earlier Remote File Inclusion Vulnerability in Softerra PHP Developer Library 1.5.3 and Earlier Remote File Inclusion Vulnerability in Softerra PHP Developer Library 1.5.3 and Earlier Insecure Password Generation in OneOrZero Helpdesk Allows Arbitrary User Access Cross-Site Scripting (XSS) Vulnerabilities in Drupal XML Parser via Crafted RSS Feed CSRF Vulnerability in Drupal 4.6.x and 4.7.x Arbitrary Form Information Disclosure Vulnerability in Drupal 4.6.x and 4.7.x Multiple stack-based buffer overflows in Novell eDirectory and NetMail Unspecified Denial of Service Vulnerability in Novell eDirectory NCP Engine Remote File Inclusion Vulnerability in 2le.net Castor PHP Web Builder 1.1.1 Multiple PHP Remote File Inclusion Vulnerabilities in 2le.net Castor PHP Web Builder 1.1.1 Unspecified Denial of Service Vulnerability in FreeBSD 6.1 Unspecified Denial of Service Vulnerability in FreeBSD 6.1 RSA Key Padding Vulnerability in SSH Tectia Products Multiple PHP Remote File Inclusion Vulnerabilities in SpeedBerg 1.2beta1 Arbitrary Javascript Execution via Cross-Site Scripting (XSS) in Sun Java System Messaging Server and iPlanet Messaging Server Arbitrary File Write Vulnerability in Marshal MailMarshal SMTP and MailMarshal for Exchange SQL Injection Vulnerability in XchangeBoard 1.70 Allows Remote Code Execution Denial of Service Vulnerability in BlackBerry Enterprise Server 4.1 SP2 for IBM Lotus Domino SQL Injection Vulnerabilities in Segue CMS 1.5.8 and Earlier SQL Injection Vulnerabilities in UltraCMS 0.9: Remote Code Execution via User Credentials Sensitive Information Disclosure in Maerys Archive (Maarch) 2.0.1 and earlier Remote File Inclusion Vulnerability in DigitalHive 2.0 RC2 PHP Remote File Inclusion Vulnerabilities in pandaBB Module for PHP-Nuke Multiple PHP Remote File Inclusion Vulnerabilities in Trawler Web CMS 1.8.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Timothy Claason KnowledgeBank 1.01 Remote File Inclusion Vulnerability in Segue CMS 1.5.8 and Earlier Directory Traversal Vulnerability in Segue CMS 1.5.8 and Earlier: Arbitrary File Inclusion Cross-Site Scripting (XSS) Vulnerabilities in Serendipity (s9y) 1.0.1 and Earlier in Media Manager Administration Page SQL Injection Vulnerabilities in XchangeBoard 1.70 and Earlier Buffer Overflow in AOL.PicDownloadCtrl.1 ActiveX Control (YGPPicDownload.dll) 9.2.3.0 Heap-based Buffer Overflow in AOL.PicDownloadCtrl ActiveX Control (YGPPicDownload.dll) 9.2.3.0 Arbitrary Script Injection in Simple Machines Forum (SMF) 1.1 RC2 index.php Arbitrary Web Script Injection in Simple Machines Forum (SMF) index.php Arbitrary PHP Code Execution in 2BGal 3.0 via Multiple File Inclusion Vulnerabilities Multiple PHP Remote File Inclusion Vulnerabilities in WiClear 0.10 Multiple PHP Remote File Inclusion Vulnerabilities in Der Dirigent (DeDi) 1.0.3 SQL Injection Vulnerabilities in WoltLab Burning Book 1.1.2 via addentry.php Eval Injection Vulnerability in WoltLab Burning Book 1.1.2: Remote Code Execution via SQL Injection in addentry.php Arbitrary File Inclusion Vulnerability in PH Pexplorer 0.24 Direct static code injection vulnerability in delete.php in JaxUltraBB (JUBB) 2.0 Arbitrary Script Injection in Zwahlen Online Shop's article.htm via cat Parameter Arbitrary SQL Command Execution and Login Bypass Vulnerability in GeoNetwork opensource before 2.0.3 Arbitrary SQL Command Execution in WGCC 0.5.6b and Earlier via quiz.php Arbitrary Web Script Injection in lib-history.inc.php in phpAdsNew and phpPgAds Cross-Site Scripting (XSS) Vulnerabilities in WikiNi before 0.4.4 Multiple PHP Remote File Inclusion Vulnerabilities in Rhode Island Open Meetings Filing Application (OMFA) Multiple PHP Remote File Inclusion Vulnerabilities in RSSonate Remote File Inclusion Vulnerability in MambWeather 1.8.1 and Earlier Component for Mambo Remote File Inclusion Vulnerability in DeltaScripts PHP Classifieds 7.1 via functions.php Remote File Inclusion Vulnerability in Net_DNS 0.03 and Earlier PHP Remote File Inclusion Vulnerabilities in Johannes Erdfelt Kawf 1.0 and Earlier Remote File Inclusion Vulnerability in EZ-Ticket 0.0.1 via ezt_root_path Parameter Cross-site scripting (XSS) vulnerability in index.php in phplist 2.10.2 via p parameter SQL Injection Vulnerability in PHP-Nuke 7.9 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Teake Nutma Foing Remote File Inclusion Vulnerability in Intelimen InteliEditor 1.2.x Directory Traversal Vulnerability in SchoolAlumni Portal 2.26 mod.php Cross-site scripting (XSS) vulnerability in SchoolAlumni Portal 2.26 allows remote code injection via search query parameter in katalog module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Boesch SimpNews before 2.34.01 Remote File Inclusion Vulnerability in Ascended Guestbook 1.0.0 and Earlier: Arbitrary PHP Code Execution Cross-site scripting (XSS) vulnerability in RMSOFT Gallery System 2.0 in rmgs/images.php PHP Remote File Inclusion Vulnerabilities in AROUNDMe 0.6.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zwahlen Online Shop Freeware 5.2.2.50 Cross-Site Scripting (XSS) Vulnerabilities in WebHostManager (WHM) 10.8.0 cPanel 10.9.0 R50 Directory Traversal Vulnerability in D-Link DSL-G624T Firmware 3.00B01T01.YA-C.20060616 Cross-Site Scripting (XSS) Vulnerabilities in D-Link DSL-G624T Firmware 3.00B01T01.YA-C.20060616 Unauthenticated Directory Listing Vulnerability in D-Link DSL-G624T Firmware 3.00B01T01.YA-C.20060616 Remote File Inclusion Vulnerability in UeberProject Management System 1.0 and Earlier Denial of Service Vulnerability in PostgreSQL 8.1.x Denial of Service Vulnerability in PostgreSQL Coercion of Unknown Element to ANYARRAY Denial of Service Vulnerability in PostgreSQL 8.1.x Remote File Inclusion Vulnerability in PHP Generator of Object SQL Database (PGOSD) Address Bar Spoofing Vulnerability in Microsoft Internet Explorer 7 SMTP Address Format Filtering Bypass in Symantec Mail Security for Domino Server 5.1.x Remote File Inclusion Vulnerability in Open Tibia Server Content Management System (OTSCMS) 1.3.0 through 1.4.1 Remote File Inclusion Vulnerability in OTSCMS 1.0.0 - 1.0.3 Remote File Inclusion Vulnerability in Open Tibia Server Content Management System (OTSCMS) 2.0.0 through 2.1.3 Remote File Inclusion Vulnerability in Adobe PHP SDK's CachedGateway.php Denial of Service Vulnerability in FreeBSD and OpenBSD Kernel via /dev/crypto IOCTL Requests QK SMTP 3.01 Stack-Based Buffer Overflow Vulnerability Heap-based Buffer Overflow in RevilloC MailServer 1.21 and Earlier Denial of Service Vulnerability in Cisco Security Agent for Linux Directory Traversal and Remote Code Execution Vulnerability in Imageview 5 Remote Code Execution via PHP File Inclusion in EPNadmin 0.7 and 0.7.1 Buffer Overflow in localtime_r Function in HP-UX B.11.11 and Other Versions Stack-based Buffer Overflow in HP-UX swpackage and swmodify Commands Format String Vulnerability in swask Command in HP-UX B.11.11 and Possibly Other Versions Memory Tracking Vulnerability in ADODB.Connection ActiveX Control Cross-site scripting (XSS) vulnerability in heading.php in Boesch ProgSys 0.151 and earlier SQL Injection Vulnerability in Discuz! GBK 5.0.0 via admincp.php Remote Code Execution in SourceForge 1.0.4 via PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in Yahoo! Messenger (Service 18) before 8.1.0.195 Cross-Site Scripting (XSS) Vulnerability in MAXdev MD-Pro 1.0.76 user.php CRLF Injection Vulnerability in MAXdev MD-Pro 1.0.76 CRLF Injection Vulnerability in Shop-Script's premium/index.php Heap-based Buffer Overflows in AOL Nullsoft WinAmp Allow Remote Code Execution FTPXQ Server 3.0.1 Denial of Service Vulnerability via Long MKD Command Default Testing Accounts Vulnerability in FtpXQ Server 3.0.1 Arbitrary File Read Vulnerability in CruiseWorks 1.09c and 1.09d Arbitrary Code Execution Vulnerability in CruiseWorks 1.09c and 1.09d User-assisted remote code execution vulnerability in Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and related applications TIF Folder Information Disclosure Vulnerability in Microsoft Internet Explorer 6 and Earlier TIF Folder Information Disclosure Vulnerability in Microsoft Internet Explorer 6 and Earlier Script Error Handling Memory Corruption Vulnerability in Microsoft Internet Explorer 6 DHTML Script Function Memory Corruption Vulnerability in Microsoft Internet Explorer 6 SNMP Memory Corruption Vulnerability in Microsoft Windows Arbitrary File Upload Vulnerability in Microsoft Windows 2000 SP4 Remote Installation Service (RIS) File Manifest Corruption Vulnerability in Microsoft Windows XP SP2 and Server 2003 GDI Invalid Window Size Elevation of Privilege Vulnerability PHP Remote File Inclusion Vulnerabilities in MDweb 1.3 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in CMS Faethon 2.0 Ultimate and Earlier Multiple SQL Injection Vulnerabilities in LedgerSMB (LSMB) 1.1.0 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in ArticleBeach Script 2.0 and Earlier SQL Injection Vulnerabilities in PacPoll 4.0 and Earlier: Remote Code Execution Authentication Bypass in PacPoll 4.0 and Earlier via Polllog Cookie Buffer Overflow Vulnerability in Desknet's (niokeru) before 5.0J R1.0 Remote File Inclusion Vulnerability in University of British Columbia iPeer 2.0 AirPcap Support Vulnerability: Unspecified Attack Vectors in Wireshark 0.99.3 Directory Traversal Vulnerability in AEP Smartgate 4.3b SSL Server Arbitrary User Account Manipulation in MiniHTTP Web Forum & File Server PowerPack 4.0 Arbitrary HTML Injection Vulnerability in GOOP Gallery 2.0 Cross-site scripting (XSS) vulnerability in Oracle Application Express (formerly HTML DB) before 2.2.1 Insecure Storage of Passwords in Axalto Protiva 1.1 Stack-based Buffer Overflow in eap_do_notify Function in xsupplicant Memory Leak Vulnerability in xsupplicant before 1.2.6 SQL Injection Vulnerability in Snitz Forums 2000 3.4.06 (pop_mail.asp) Arbitrary File Inclusion Vulnerability in phpCards 1.3 Arbitrary Web Script Injection in phpcards.footer.php in phpCards 1.3 SQL Injection Vulnerabilities in BytesFall Explorer (bfExplorer) 0.0.7.1 and Earlier Directory Traversal Vulnerability in INCA IM-204's /cgi-bin/webcm Arbitrary SQL Command Execution in Extended Tracker (xtracker) 4.7 Arbitrary Directory Listing Vulnerability in TorrentFlux 2.1 Remote File Inclusion Vulnerability in Teake Nutma Foing (Fully Modded phpBB) 2021.4.40 Unspecified Vulnerability in Toshiba Bluetooth Stack before 4.20.01 Remote File Inclusion Vulnerability in GestArt Beta 1 (aide.php3) with Enabled Register Globals Arbitrary PHP Code Execution via Remote File Inclusion in MP3 Streaming DownSampler (mp3SDS) 3.0 Denial of Service Vulnerability in Microsoft Windows NAT Helper Components Textpattern 1.19 Remote File Inclusion Vulnerability in publish.php Arbitrary Code Execution Vulnerabilities in OpenPBS Directory Traversal Vulnerability in Thepeak File Upload Manager 1.3 Arbitrary File Read Vulnerability in Netref 4's cat_for_aff.php Denial of Service Vulnerability in Linux Kernel 2.6 up to 2.6.18-stable PHP Remote File Inclusion Vulnerability in MiniBILL 2006-10-10 (1.2.3) and Earlier Remote File Inclusion Vulnerability in ask_rave 0.9 PR and Earlier Versions SQL Injection Vulnerability in Coppermine Photo Gallery 1.4.9: Remote Code Execution via picmgr.php Remote File Inclusion Vulnerability in Electronic Engineering Tool (EE Tool) 0.4-1 and Earlier PHP Remote File Inclusion Vulnerabilities in Multi-Page Comment System (MPCS) 1.0.0 and Earlier Remote File Inclusion Vulnerability in N/X 2002 Professional Edition WCMS 4.1 and Earlier phpFaber CMS 1.3.36 Cross-Site Scripting (XSS) Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in QnECMS 2.5.6 and Earlier SQL Injection Vulnerability in UNISOR CMS Login Page SQL Injection Vulnerabilities in Hosting Controller 6.1 before Hotfix 3.3 Arbitrary Virtual Directory Creation and Deletion Vulnerability in Hosting Controller 6.1 before Hotfix 3.3 Arbitrary Web Script Injection in iG Shop 1.4 change_pass.php Cross-Site Scripting (XSS) Vulnerability in iG Shop 1.4 change_pass.php Null Dereference Denial of Service Vulnerability in Firefox and Seamonkey PHP Remote File Inclusion Vulnerabilities in phpProfiles 2.1 Beta SQL Injection Vulnerability in Web Wiz Forums' forum/search.asp Allows Remote Code Execution Remote File Inclusion Vulnerability in Simple Website Software (SWS) 0.99 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Faq Administrator 2.1b SQL Injection Vulnerabilities in PHPMyRing 4.2.1 and Earlier: Remote Code Execution Privilege Escalation Vulnerability in OpenWBEM 3.2.0 via Local or HTTP Digest Authentication Arbitrary SQL Command Execution Vulnerability in Techno Dreams Guest Book 1.0 SQL Injection Vulnerability in Techno Dreams Announcement Unspecified Vulnerability in NmnLogger 1.0.0 and Earlier: Configuration-related Attack Vector Arbitrary Script Injection Vulnerability in foresite CMS search_de.html Denial of Service Vulnerability in Sophos Anti-Virus and Endpoint Security Heap-based Buffer Overflow in Sophos Anti-Virus and Endpoint Security: Denial of Service via CHM File CHM Name Length Memory Consumption Vulnerability Denial of Service Vulnerability in Ubuntu Linux 6.10 for PowerPC Unspecified vulnerability in Ubuntu PowerPC Kernel allows local denial of service Arbitrary Code Execution Vulnerability in ICQPhone.SipxPhoneManager ActiveX Control Information Disclosure Vulnerability in DigiOz Guestbook (before 1.7.1) via Non-Numeric Page Parameter Arbitrary Web Script Injection via CSS Function in Sun iPlanet Messaging Server Messenger Express Cross-site scripting (XSS) vulnerability in Sun Java System Messenger Express 6 Unspecified Denial of Service Vulnerability in Network Security Services (NSS) SQL Injection Vulnerability in OpenDocMan 1.2p3: Remote Code Execution via Username Parameter Memory Leak in push_align function in Vilistextum before 2.6.9 Multiple Off-by-One Errors in src/text.c in Vilistextum: Unknown Impact and Attack Vectors Arbitrary File Download, Local File Execution, and File Deletion Vulnerabilities in BlooMooWeb ActiveX Control PAM_extern before 0.2 Password Exposure Vulnerability Authentication Bypass Vulnerability in Cisco Security Agent Management Center (CSAMC) 5.1 Arbitrary Web Script Injection via User-Agent Header in VIRtech Netquery (XSS Vulnerability) SQL Injection Vulnerability in easy notesManager (eNM) 0.0.1: Remote Code Execution Insecure Permissions in IBM Informix Dynamic Server and CSDK Installation Scripts Symlink Attack Vulnerability in IBM Informix Dynamic Server 10.00, Informix CSDK 2.90, and Informix I-Connect 2.90 Remote File Inclusion Vulnerability in phpBB Spider Friendly Module 1.3.10 and Earlier SQL Injection Vulnerability in E-Annu 1.0 via login parameter in includes/menu.inc.php PHP Remote File Inclusion Vulnerabilities in P-Book 1.17 and Earlier Ampache 3.3.2 Unspecified Remote Access Vulnerability Remote File Inclusion Vulnerability in Gepi 1.4.0 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Free Image Hosting 1.0 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Free Image Hosting 1.0 and Earlier MySource CMS 2.16.2 and Earlier: PHP Remote File Inclusion Vulnerability in init_mysource.php Arbitrary PHP Code Execution via Remote File Inclusion in miniBB 2.0.2 and Earlier PHP Remote File Inclusion Vulnerabilities in miniBB 2.0.2 and Earlier with Enabled Register Globals Unspecified SQL Injection Vulnerabilities in Pentaho Business Intelligence Suite SQL Injection Vulnerability in Uni-Vert PhpLeague 0.82 and Earlier: Remote Code Execution via champ Parameter Arbitrary File Creation Vulnerability in TORQUE Resource Manager Remote File Inclusion Vulnerability in J-Pierre DEZELUS Les Visiteurs 2.0.1 Integer Overflow in ffs_mountfs Function in FreeBSD 6.1 Denial of Service Vulnerability in libarchive Library Sensitive Information Disclosure in QuickTime for Java on Mac OS X 10.4 through 10.4.8 Double Free Vulnerability in Squashfs Module in Linux Kernel 2.6.x Information Disclosure Vulnerability in Tikiwiki 1.9.5 Arbitrary Script Injection in Tikiwiki 1.9.5 via tiki-featured_link.php Arbitrary File Read Vulnerability in HP NonStop Server G06.29 Directory Traversal Vulnerabilities in WordPress Plugin wp-db-backup.php Unspecified vulnerabilities in PHP allowing local users to bypass open_basedir restrictions SQL Injection Vulnerability in PHPEasyData Pro 1.4.1 and 2.2.1 via cat Parameter in index.php Unspecified Denial of Service Vulnerabilities in MDaemon and WorldClient Unspecified JavaScript Exploit Vulnerability in Alt-N Technologies MDaemon Heap-based Buffer Overflow in Airport Driver for Orinoco-based Airport Cards in Mac OS X 10.4.8 Arbitrary File Read Vulnerability in ECI Telecom B-FOCuS Wireless 802.11b/g ADSL2+ Router Mirapoint WebMail XSS Vulnerability: Arbitrary Web Script Injection via CSS Function Arbitrary Script Injection in Easy File Sharing (EFS) Web Server 4.0 Forum Threads Arbitrary File Read Vulnerability in Easy File Sharing (EFS) Web Server 4.0 Arbitrary File Read Vulnerability in Easy File Sharing (EFS) Easy Address Book 1.2 Directory Traversal Vulnerability in FreeNews 2.1 aff_news.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in ZendGData Library Cross-site scripting (XSS) vulnerability in phpMyAdmin error.php allows remote code injection via encoded characters SQL Injection Vulnerability in BytesFall Explorer (bfExplorer) 0.0.6 SQL Injection Vulnerability in Journal Module of Francisco Burzi PHP-Nuke 7.9 and Earlier Denial of Service Vulnerability in Outpost Firewall PRO 4.0 (964.582.059) Multiple PHP Remote File Inclusion Vulnerabilities in Segue CMS 1.5.9 and Earlier SQL Injection Vulnerability in DataparkSearch Engine 4.42 and Earlier: Remote Code Execution via Malformed Hostname Heap-based Buffer Overflow in ICQ 2003b Build 3916's Answering Service Function Directory Enumeration Vulnerability in AEP Smartgate 4.3b SSL Server Memory Corruption Vulnerability in alloccgblk of UFS Filesystem in Solaris 10 Remote File Inclusion Vulnerability in sazcart 1.5 Allows Arbitrary PHP Code Execution Denial of Service Vulnerability in XM Easy Personal FTP Server 5.2.1 and Earlier Arbitrary Forum Reply and Unauthorized Actions Vulnerability in Yazd Discussion Forum Remote File Inclusion Vulnerability in Modx CMS 0.9.2.1 and Earlier Arbitrary File Inclusion Vulnerability in Lithium CMS 4.04c and Earlier SQL Injection Vulnerability in logout.php in T.G.S. CMS 0.1.7 and Earlier Directory Traversal Vulnerability in PostNuke 0.763 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in ATutor 1.5.3.2 Directory Traversal Vulnerability in PunBB 1.2.14: Arbitrary File Inclusion via Language Parameter SQL Injection Vulnerability in PunBB search.php (CVE-2006-3017) Predictable Cookie Seed in PunBB Allows Unauthorized Actions SQL Injection Vulnerabilities in PunBB before 1.2.14 Allow Arbitrary SQL Command Execution Leicestershire communityPortals 1.0_2005-10-18_12-31-18 PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in Wireshark LDAP Dissector Multiple Cross-Site Scripting (XSS) Vulnerabilities in AirMagnet Enterprise Cross-Application Scripting (XAS) Vulnerability in AirMagnet Enterprise Console and Remote Sensor Console Multiple Cross-Site Scripting (XSS) Vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 Management Interface SQL Injection Vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 Management Interface Arbitrary Code Execution Vulnerability in XMLHTTP ActiveX Control 4.0 Insecure Certificate Validation in AirMagnet Enterprise Console Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Memory Corruption Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey ISDN PPP CCP Reset State Timer Initialization Vulnerability Directory Traversal Vulnerability in JBoss Application Server (jbossas) Allows Remote File Access and Code Execution Integer Overflow in Linux Kernel's get_fdb_entries Function Allows Arbitrary Code Execution Apache HTTP Server mod_status XSS Vulnerability Unspecified Denial of Service and Privilege Escalation Vulnerability in Linux Kernel's listxattr System Call Uninitialized Variable in aio_setup_ring Function Leads to Denial of Service Vulnerability EFLAGS Context Switch Vulnerability in Linux Kernel Race condition vulnerability in ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows denial of service Privilege Escalation and Denial of Service Vulnerability in Windows Graphics Rendering Engine Path Disclosure Vulnerability in Rhadrix If-CMS PHP Remote File Inclusion Vulnerabilities in phpDynaSite 3.2.2 and Earlier Arbitrary Web Script Injection Vulnerability in Rhadrix If-CMS 1.01 and 2.07 Remote File Inclusion Vulnerability in Free File Hosting and Free Image Hosting Multiple PHP Remote File Inclusion Vulnerabilities in Free File Hosting 1.1 Remote File Inclusion Vulnerability in Free File Hosting 1.1 and Earlier SQL Injection Vulnerability in rss.php in Article Script 1.6.3 and Earlier Remote File Inclusion Vulnerability in Article System 0.6 volume.php Remote File Inclusion Vulnerability in Drake CMS 0.2.2 Alpha Rev.846 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Cyberfolio 2.0 RC1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in admin.tool CMS 3 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in ac4p Mobile Unspecified Cross-Site Scripting (XSS) Vulnerability in Arkoon SSL360 1.0 and 2.0 SQL Injection Vulnerabilities in FreeWebshop 2.2.1 and Earlier: Arbitrary SQL Command Execution FreeWebshop 2.2.1 Directory Traversal Vulnerability Arbitrary Web Script Injection in Hyper NIKKI System before 2.19.9 Arbitrary Web Script Injection Vulnerability in FunkBoard 0.71 PHP Remote File Inclusion Vulnerability in Ariadne 2.4.1 Authentication Bypass and Privilege Escalation in Creasito E-Commerce Content Manager 1.3.08 Local Privilege Escalation in Linux-ftpd 0.17 and Other Versions Denial of Service Vulnerability in OpenLDAP 2.3.29 and Earlier Remote Code Execution Vulnerability in XLink Omni-NFS Server 5.2 Remote Code Execution Vulnerability in iodine 0.3.2 via Crafted DNS Response Unauthenticated Command Execution and Denial of Service Vulnerability in HP OpenView Client Configuration Manager (CCM) Disputed Denial of Service Vulnerability in Firefox 1.5.0.7 on Kubuntu Linux Arbitrary File Read Vulnerability in SAP Web Application Server Denial of Service Vulnerability in SAP Web Application Server 6.40 and 7.00 Directory Traversal Vulnerability in e107 0.7.5 and Earlier: Arbitrary Code Execution Authentication Bypass and Password Modification Vulnerability in IPrimal Forums IPrimal Forums PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in War FTP Daemon (WarFTPd) 1.82.00-RC11 Multiple Format String Vulnerabilities in ELOG 2.6.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in ELOG 2.6.2 and Earlier Unspecified Remote Code Execution Vulnerability in XLink Omni-NFS Enterprise Out-of-bounds Read Vulnerability in libpng's sPLT Chunk Handling Code Weaker Verification Vulnerability in OpenSSH's Privilege Separation Monitor Multiple PHP Remote File Inclusion Vulnerabilities in OpenEMR 2.8.1 and Earlier PHP Remote File Inclusion Vulnerabilities in Soholaunch Pro Edition 4.9 r46 and Earlier SQL Injection Vulnerabilities in Xenis.creator CMS Default.asp SQL Injection Vulnerability in Xenis.creator CMS Default.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in xenis.creator CMS Default.asp Xenis.Creator CMS Default.asp Cross-Site Scripting (XSS) Vulnerability Path Type Validation Vulnerability in owserver Module SQL Injection Vulnerability in The Web Drivers Simple Forum (message_details.php) Allows Remote Code Execution via id Parameter Remote File Inclusion Vulnerability in mxBB Smartor Album Module 1.02 and Earlier Remote File Inclusion Vulnerability in Advanced Guestbook 2.3.1 Remote Certificate Validation Bypass in Microsoft Internet Explorer 7 Sensitive Browser Session Information Leakage in Cisco Secure Desktop System Policy Evasion Vulnerability in Cisco Secure Desktop Insecure Default Permissions in Cisco Secure Desktop (CSD) Installation: Local Privilege Escalation Vulnerability Unspecified Vulnerabilities in Jonathon J. Freeman OvBB before 0.13a Arbitrary Web Script Injection Vulnerability in XOOPS 1.0 OpenEMR 2.8.1 Remote File Inclusion Vulnerability CVE-2006-xxxx: Unspecified Denial of Service Vulnerability in Kerio MailServer Unspecified Denial of Service Vulnerability in Novell eDirectory 8.8 Unspecified Remote Code Execution Vulnerability in Novell eDirectory Stack-based Buffer Overflow in ProFTPD 1.3.0 and Earlier: Remote Code Execution Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Dmitry Sheiko Business Card Web Builder (BCWB) 2.5 Insecure Permissions in Parallels Desktop for Mac Allow Local Users to Modify DHCP Configuration Buffer Overflow Vulnerabilities in IBM Lotus Domino 6.x and 7.x Proxy Server Vulnerability in Verity Ultraseek before 5.7 Arbitrary Code Execution Vulnerability in SuperBuddy ActiveX Control Heap-based Buffer Overflow in IMA_SECURE_DecryptData1 Function in Citrix MetaFrame XP and Presentation Server Stack-based Buffer Overflow in NetBackup bpcd Daemon Memory Corruption Vulnerability in Linux Kernel's zlib_inflate Function Integer Overflow and Heap-Based Buffer Overflow in ffs_rdextattr Function in FreeBSD 6.1 Kayako SupportSuite 3.00.32 - Cross-Site Scripting (XSS) Vulnerability in index.php Remote Code Execution Vulnerability in Texas Imperial Software WFTPD Pro Server 3.23.1.1 Cross-Site Scripting (XSS) Vulnerabilities in phpComasy CMS 0.7.9pre and Earlier SQL Injection Vulnerability in DeltaScripts PHP Classifieds 7.1 and Earlier: Remote Code Execution via user_id Parameter Multiple SQL Injection Vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and Earlier Remote File Inclusion Vulnerability in All In One Control Panel (AIOCP) 1.3.007 and Earlier Information Disclosure: Full Path Disclosure in All In One Control Panel (AIOCP) 1.3.007 and earlier Unauthenticated File Upload Vulnerability in GreenBeast CMS 1.3 Directory Traversal Vulnerability in OpenSolution Quick.Cms.Lite 0.3 Unauthenticated User Lookup Vulnerability in IBM Lotus Notes Domino Unrecognized File Type Vulnerability in Darwin Kernel (XNU) 8.8.1 Static Code Injection Vulnerability in SimpleChat 1.0.0 Module for iWare Professional CMS Arbitrary PHP Code Execution via Remote File Inclusion in NewP News Publication System 1.0.0 PHPAdventure 1.1-Alpha and Earlier: Remote File Inclusion Vulnerability in ad_main.php Multiple SQL Injection Vulnerabilities in Abarcar Realty Portal PHP Remote File Inclusion Vulnerabilities in DodosMail 2.0.1 and Earlier Insecure Default Permissions in Unicore Client Keystore File Speedywiki 2.0 index.php XSS Vulnerability Information Disclosure Vulnerability in Speedywiki 2.0 Unrestricted File Upload Vulnerability in Speedywiki 2.0 Directory Traversal Vulnerability in FreeWebshop 2.2.2 and Earlier: Arbitrary File Read and Inclusion Arbitrary Script Injection Vulnerability in FreeWebshop 2.2.2 and Earlier Remote File Inclusion Vulnerability in IrayoBlog alpha-0.2.4 Essentia Web Server 2.15 for Windows Stack-based Buffer Overflow Vulnerability Arbitrary File Creation Vulnerability in OpenBase SQL (CVE-XXXX-XXXX) OpenBase SQL Untrusted Search Path Privilege Escalation Vulnerability Arbitrary Script Injection in Immediacy CMS 5.2 via logon.aspx Buffer Overflow Vulnerabilities in Novell Netware Client Spooler Service Multiple Buffer Overflows in IBM Tivoli Storage Manager (TSM) Stack-based Buffer Overflow in Adobe Download Manager Memory Corruption Vulnerability in Adobe Reader and Acrobat 7.0.8 and Earlier Arbitrary File Disclosure in Adobe ColdFusion MX 7 and JRun 4 Cross-Site Scripting (XSS) Vulnerability in Adobe ColdFusion MX 7 7.0 and 7.0.1 Arbitrary Web Script Injection Vulnerability in Adobe JRun 4.0 Administrator Console Denial of Service Vulnerability in Citrix MetaFrame XP and Presentation Server Directory Traversal Vulnerability in NAV Web Interface Remote Code Execution in LetterIt 2 via PHP Remote File Inclusion in inc/session.php Stack-based Buffer Overflow in GNU gv 3.6.2 and Earlier Versions MyAlbum 3.02 and Earlier: PHP Remote File Inclusion Vulnerability in language.inc.php Arbitrary File Inclusion Vulnerability in phpManta 1.0.2 and Earlier Insecure Transmission of Passwords in fetchmail before 6.3.6-rc4 Buffer Overflow Vulnerabilities in Imagemagick 6.0 and 6.2 Arbitrary Command Execution via Shell Metacharacters in pstotext File Name Heap-based Buffer Overflow Vulnerabilities in OpenOffice.org and StarOffice Vulnerability: Insecure Mount Options Handling in Linux Kernel's smbfs Arbitrary Perl Code Execution in login.pl Script in SQL-Ledger and LedgerSMB Buffer Overflow in l2tpns Cluster Process Heartbeat Function Denial of Service Vulnerability in Clam AntiVirus (ClamAV) 0.88 and Earlier Arbitrary Command Execution via SMTP Level E-mail Address in EoC.py Denial of Service Vulnerability in libsoup HTTP Library Denial of Service Vulnerability in Enigmail Extension CSRF Vulnerability in Edgewall Trac 0.10 and Earlier SQL Injection Vulnerability in ASPPortal 4.0.0 Beta and Earlier (default1.asp) SQL Injection Vulnerability in Munch Pro 1.0 subMenu Page SQL Injection Vulnerability in cl_CatListing.asp in Dynamic Dataworx NuCommunity 1.0 Arbitrary Code Execution Vulnerability in Broadcom BCMWL5.SYS Wireless Device Driver Multiple Cross-Site Scripting (XSS) Vulnerabilities in cPanel 10 Unspecified Remote Code Execution Vulnerabilities in DirectAnimation ActiveX Controls for Microsoft Internet Explorer SQL Injection Vulnerability in NuStore 1.0 Products.asp Allows Remote Code Execution SQL Injection Vulnerability in propertysdetails.asp in Dynamic Dataworx NuRealestate (NuRems) 1.0 and Earlier SQL Injection Vulnerability in CampusNewsDetails.asp in Dynamic Dataworx NuSchool 1.0 SQL Injection Vulnerability in Superfreaker Studios UPublisher 1.0: Remote Code Execution via viewarticle.asp SQL Injection Vulnerability in BrewBlogger (BB) 1.3.1 via printLog.php Arbitrary SQL Command Execution in Superfreaker Studios USupport 1.0 Arbitrary SQL Command Execution in Superfreaker Studios UStore 1.0 via ID Parameter SQL Injection Vulnerability in MoreInfo.asp in ASPired2Poll 1.0 and Earlier Remote File Inclusion Vulnerabilities in iWonder Designs Storystream 0.4.0.0 Directory Traversal Vulnerability in Rama CMS 0.68 and Earlier EncapsCMS 0.3.6 Remote File Inclusion Vulnerability in core/core.php Path Disclosure Vulnerability in REMLAB Web Mech Designer 2.0.5 Multiple Directory Traversal Vulnerabilities in PhpMyChat Plus 1.9 and Earlier Directory Traversal Vulnerability in PhpMyChat 0.14.5 and Earlier PHP Remote File Inclusion Vulnerability in install.php3 in @cid stats 2.3 Arbitrary Web Script Injection Vulnerability in Zend Framework Preview 0.2.0 Hardcoded IP Address Vulnerability in Hawking Technology WR254-CA Wireless Router Remote File Manipulation Vulnerability in viksoe GMail Drive Shell Extension GSpace Vulnerability: Remote File System Manipulation via E-mail Messages Multiple PHP Remote File Inclusion Vulnerabilities in MWChat Pro 7.0 Remote Code Execution in Web Directory Pro Remote File Inclusion Vulnerability in Jean-Christophe Ramos SCRIPT BANNIERES (ban 0.1 and PLS-Bannieres 1.21) SQL Injection Vulnerability in Jean-Christophe Ramos SCRIPT BANNIERES (aka ban 0.1 and PLS-Bannieres 1.21) SQL Injection Vulnerabilities in Lucas Rodriguez San Pedro Yet Another News System (YANS) 0.2b Login Function Unauthenticated Remote Configuration and User Account Manipulation in SCARF PHP Remote File Inclusion Vulnerabilities in Campware Campsite (20061110) Multiple PHP Remote File Inclusion Vulnerabilities in Campware Campsite before 2.6.2 Unspecified Vulnerability in Campware Campsite: Security Fix for Encrypted Passwords Remote Certificate Validation Bypass in Microsoft Internet Explorer 7 SQL Injection Vulnerability in ls.php in SAMEDIA LandShop: infield Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in SAMEDIA LandShop's ls.php Vulnerability: File Injection Bypass in Intego VirusBarrier X4 SQL Injection Vulnerabilities in OmniStar Article Manager Unrestricted File Upload Vulnerability in RapidKill 5.7 Pro ActiveCampaign KnowledgeBuilder 2.2 PHP Remote File Inclusion Vulnerability in visEdit_control.class.php Remote File Inclusion Vulnerability in Yuuki Yoshizawa Exporia 0.3.0 via lan Parameter Cross-Site Scripting (XSS) Vulnerabilities in Wheatblog (wB) add_comment.php Path Disclosure Vulnerability in Wheatblog (wB) index.php Remote File Inclusion Vulnerability in Chris Mac gtcatalog 0.9.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in Efficient IP iPmanager (IPm) 2.3 via errmsg Parameter Arbitrary Code Execution Vulnerability in Links and Elinks with smbclient SQL Injection Vulnerabilities in mail.php in Vallheru before 1.0.7 SQL Injection Vulnerability in cpLogin.asp in ASP Scripter Easy Portal 1.4 and Live Support 1.3 PHP Remote File Inclusion Vulnerabilities in Phpjobscheduler 3.0 PHP Remote File Inclusion Vulnerability in Phpjobscheduler 3.0 PHP Remote File Inclusion Vulnerabilities in Aigaion Web Based Bibliography Management System 1.2.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Aigaion Web Based Bibliography Management System 1.2.1 Insecure Application Access Control in Kahua before 0.7 SQL Injection Vulnerability in UltraSite 1.0's update.asp Allows Remote Code Execution SQL Injection Vulnerability in Estate Agent Manager 1.3 and Earlier: Remote Code Execution via UserName Field SQL Injection Vulnerability in ShopSystems 4.0 and Earlier: Remote Code Execution via sessid Parameter SQL Injection Vulnerability in dept.asp in SiteXpress E-Commerce System Integer Overflow Vulnerabilities in Grisoft AVG Anti-Virus Uninitialized Variable and Crafted CAB File Vulnerability in Grisoft AVG Anti-Virus Denial of Service Vulnerability in Grisoft AVG Anti-Virus Unspecified Integer Issues Vulnerability in Grisoft AVG Anti-Virus Arbitrary Web Script Injection in Website Designs For Less Inventory Manager SQL Injection Vulnerabilities in Website Designs for Less Inventory Manager Arbitrary Web Script Injection Vulnerability in MGinternet Car Site Manager (CSM) Multiple SQL Injection Vulnerabilities in MGinternet Car Site Manager (CSM) FunkyASP Glossary 1.0 - Remote SQL Injection Vulnerability in glossary.asp Directory Traversal Vulnerabilities in Conxint FTP Server 2.2.0603 Remote File Inclusion Vulnerability in phpPeanuts 1.1 and Earlier: Arbitrary PHP Code Execution ALFTP FTP Server 4.1 beta 1 Directory Traversal Vulnerability ALTools ALFTP FTP Server 4.1 beta 1 Installation Path Disclosure Vulnerability Exophpdesk 1.2 - Remote File Inclusion Vulnerability in pipe.php SQL Injection Vulnerability in ASP Smiley 1.0: Remote Code Execution via Username Field SQL Injection Vulnerability in Evolve Shopping Cart's viewcart.asp SQL Injection Vulnerability in NetVIOS 2.0 and Earlier: Remote Code Execution via NewsID Parameter SQL Injection Vulnerability in 20/20 DataShed's Listings.asp Allows Remote Code Execution Plaintext Storage of Sensitive Information in XLineSoft PHPRunner 3.1 Multiple SQL Injection Vulnerabilities in INFINICART Multiple Cross-Site Scripting (XSS) Vulnerabilities in INFINICART A+ Store E-Commerce browse.asp SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in A+ Store E-Commerce's account_login.asp Buffer Overflow Vulnerability in Mercury Mail Transport System 4.01b for Windows Multiple SQL Injection Vulnerabilities in Hpecs Shopping Cart Arbitrary File Extraction Vulnerability in PentaZip and PentaSuite-PRO Denial of Service Vulnerability in PentaZip and PentaSuite-PRO Insecure Permissions in PassGo SSO Plus Allows Privilege Escalation Remote Code Execution and Information Disclosure in Panda ActiveScan Race condition vulnerability in Panda ActiveScan 5.53.00 and earlier versions allows remote code execution Insecure Permissions in MDaemon Application Folder Allows Arbitrary Code Execution CRLF Injection Vulnerability in evalFolderLine Function in fvwm 2.5.18 and Earlier Information Disclosure Vulnerability in Verity Ultraseek before 5.7 Absolute Path Traversal Vulnerability in Verity Ultraseek 5.6.2: Arbitrary File Read Remote Code Execution Vulnerability in NetGear WG111v2 Wireless Adapter Dovecot 1.0test53 through 1.0.rc14 Off-by-One Buffer Overflow Vulnerability NULL pointer dereference vulnerability in fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4 Cross-Site Scripting (XSS) Vulnerabilities in BlogMe 3.0 Comments SQL Injection Vulnerabilities in BlogMe 3.0 Admin Login Multiple SQL Injection Vulnerabilities in MultiCalendars Unspecified Vulnerability in E-Xoopport before 2.2.0 with Unknown Impact and Attack Vectors Insecure Permissions in Renasoft NetJetServer 2.5.3.939 and Earlier Versions Allow Remote Information Disclosure Authentication Bypass Vulnerability in Renasoft NetJetServer 2.5.3.939 Directory Traversal Vulnerabilities in SeleniumServer FTP Server 1.0 Plaintext Password Storage in SeleniumServer FTP Server 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in JBMC Software DirectAdmin 1.28.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Helm Web Hosting Control Panel 3.2.10 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Extreme CMS 0.9 Unauthenticated Access and Potential XSS in Extreme CMS 0.9 SQL Injection Vulnerability in ASPintranet Default.asp Unspecified Denial of Service Vulnerability in Windows 2000 Advanced Server SP4 Heap-based buffer overflow vulnerability in mod_auth_kerb 5.0 allows remote attackers to cause denial of service VMWare VirtualCenter Client SSL Certificate Spoofing Vulnerability SQL Injection Vulnerabilities in CactuShop: Remote Code Execution Remote Code Execution Vulnerability in Microsoft Word Arbitrary User Profile Modification Vulnerability in WebEvents 2.0 and Earlier Privilege Escalation in Linux Netkit FTP Server (linux-ftpd) 0.17 Unspecified Information Disclosure Vulnerability in Java Runtime Environment (JRE) Swing Library SAP Remote Information Disclosure Vulnerability SAP Web Application Server Denial of Service Vulnerability Arbitrary Script Injection in MGinternet Car Site Manager (CSM) Integer Signedness Error in FireWire (IEEE-1394) Drivers Unspecified Bounds Checking Vulnerability in NetBSD-current Kernel Buffer Overflow Vulnerability in Safari JavaScript Implementation on Mac OS X 10.4 Arbitrary User Metadata Disclosure in WordPress before 2.0.5 Denial of Service Vulnerability in WordPress 2.0.5 PHP Remote File Inclusion Vulnerability in Jim Plush My-BIC 0.6.5 Arbitrary Web Script Injection in Bill Roberts Bloo 1.0 via googlespell_proxy.php Cross-Site Scripting (XSS) Vulnerability in Blog Torrent Preview 0.92 via announce.php SQL Injection Vulnerability in BestWebApp Dating Site Login Component Arbitrary Web Script Injection in BestWebApp Dating Site Login Form Remote Code Execution in Bill Roberts Bloo 1.0 via PHP Remote File Inclusion Multiple Buffer Overflows in Eudora WorldMail Denial of Service Vulnerability in QUALCOMM Eudora WorldMail 4.0 Heap-based Buffer Overflow in Real Networks Helix Server and Helix Mobile Server: Remote Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Reader 7.0 through 7.0.8 Directory Traversal Vulnerability in Anton Vlasov DoSePa 1.0.4 SQL Injection Vulnerability in vir_Login.asp in Property Pro 1.0 Multiple SQL Injection Vulnerabilities in E-Calendar Pro 3.0 Multiple SQL Injection Vulnerabilities in GCIS ASPCart Multiple Cross-Site Scripting (XSS) Vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.8 Directory Traversal Vulnerabilities in Simple PHP Blog (SPHPBlog) Multiple SQL Injection Vulnerabilities in SitesOutlet E-commerce Kit-1 PayPal Edition Arbitrary Web Script Injection Vulnerability in BLOG:CMS 4.1.3 and Earlier OpenHuman 1.0 SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Dan Jensen Travelsized CMS 0.4.1 and Earlier Arbitrary SQL Command Execution in Powie's PHP Forum (pForum) 1.29a and Earlier Arbitrary SQL Command Execution in Powie's PHP MatchMaker 4.05 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jelsoft vBulletin 3.6.x Admin Control Panel PHP Remote File Inclusion Vulnerabilities in Laurent Van den Reysen WORK System E-commerce 3.0.2 and Earlier Versions Remote File Inclusion Vulnerability in phpWebThings 1.5.2 and Earlier Arbitrary PHP Code Execution via File Inclusion in Oliver (formerly Webshare) 1.2.2 and Earlier PHPQuickGallery 1.9 and Earlier: Remote File Inclusion Vulnerability in gallery_top.inc.php Multiple PHP Remote File Inclusion Vulnerabilities in Comdev One Admin Pro 4.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in eggblog 3.1.0 Etomite 0.6.1.2 Directory Traversal Vulnerability SQL Injection Vulnerability in Etomite CMS 0.6.1.2: Remote Code Execution via index.php Remote File Inclusion Vulnerability in Shambo2 Component for Mambo 4.5 SQL Injection Vulnerabilities in ClickTech Texas Rank'em Remote File Inclusion Vulnerability in MosReporter Component for Mambo and Joomla! Username Enumeration Vulnerability in NetEpi Case Manager Denial of Service Vulnerability in ext3fs_dirhash Function Denial of Service Vulnerability in Linux Kernel 2.6.x Ext2 File System Stack-based Buffer Overflow in A5AGU.SYS 1.0.1.41 for D-Link DWL-G132 Wireless Adapter NULL pointer dereference vulnerability in Linux kernel 2.6.x up to 2.6.18 with SELinux hooks enabled NULL Pointer Dereference Vulnerability in Linux Kernel 2.6.x up to 2.6.18 Denial of Service Vulnerability in Linux Kernel 2.6.x Minix Filesystem Code Buffer Overflow in NetGear MA521 PCMCIA Adapter Driver (MA521nd5.SYS) 5.148.724.2003 Denial of Service Vulnerability in Linux Kernel's NTFS Filesystem Code Remote Code Execution via Malformed DMG Image in Apple Mac OS X 10.4.8 Denial of Service Vulnerability in Apple Mac OS X 10.4.8 via Malformed UDTO HFS+ Disk Image Stack-based Buffer Overflow in Un4seen XMPlay 3.3.0.5 and Earlier via M3U File Remote Code Execution Vulnerability in Fuzzball MUCK Message Parsing Interpreter (MPI) Remote File Inclusion Vulnerability in CalSnails Module for MxBB Portal 1.06 SQL Injection Vulnerabilities in Dragon Calendar / Events Listing 2.x Multiple SQL Injection Vulnerabilities in 20/20 DataShed: Remote Code Execution Arbitrary Image File Listing Vulnerability in mAlbum 0.3 and Earlier Information Disclosure: Installation Path Exposure in mAlbum 0.3 and Earlier Arbitrary SQL Command Execution in ASP Nuke 0.80 and Earlier Arbitrary Content Disclosure in TWiki 4.0.5 and Earlier SQL Injection Vulnerability in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 SQL Injection Vulnerabilities in Enthrallweb eShopping Cart SQL Injection Vulnerabilities in Enthrallweb eShopping Cart BaalAsp Forum addpost1.asp XSS Vulnerability Remote Code Execution Vulnerability in CA BrightStor ARCserve Backup 11.5 and Earlier Cross-Site Password Leakage Vulnerability Remote File Inclusion Vulnerability in a-ConMan 3.2 Beta: Arbitrary PHP Code Execution LoudMouth 2.4 Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerabilities in gNews Publisher's categories.asp Arbitrary PHP Code Execution via Remote File Inclusion in Telaen 1.1.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in CreaScripts Creadirectory SQL Injection Vulnerability in CreaScripts Creadirectory's search.asp Allows Remote Code Execution Directory Traversal Vulnerability in aBitWhizzy.php Allows Remote File Read Insecure Permissions Assignment in Kile before 1.9.3 Remote Code Execution in e-Ark 1.0 via PHP Remote File Inclusion Vulnerability Arbitrary Web Script Injection Vulnerability in Weblog.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in BlueCollar i-Gallery 3.4 BaalAsp Forum Multiple Cross-Site Scripting (XSS) Vulnerabilities Multiple SQL Injection Vulnerabilities in BaalAsp Forum Grim Pirate GrimBB XSS Vulnerability Multiple SQL Injection Vulnerabilities in vehiclelistings.asp in 20/20 Auto Gallery Arbitrary PHP Code Execution via Remote File Inclusion in PicturesPro Photo Cart 3.9 Multiple SQL Injection Vulnerabilities in ActiveNews Manager Multiple SQL Injection Vulnerabilities in ActiveNews Manager ActiveNews Manager activenews_search.asp XSS Vulnerability Arbitrary File Overwrite Vulnerability in GNU tar Arbitrary Code Execution via Integer Overflow in X.Org Render Extension Arbitrary Code Execution via Integer Overflow in ProcDbeGetVisualInfo Function Arbitrary Code Execution via Integer Overflow in ProcDbeSwapBuffers Function Path Traversal and Information Disclosure Vulnerability in Mono's XSP Server Format String Vulnerability in GNOME Foundation Display Manager (gdmchooser) Allows Arbitrary Code Execution Buffer overflow vulnerability in Linux kernel Bluetooth driver allows for remote code execution Denial of Service Vulnerability in D-Bus match_rule_equal Function Arbitrary Web Script Injection Vulnerability in EC-CUBE before 1.0.1a-beta SQL Injection Vulnerabilities in CandyPress Store 3.5.2.14: Remote Code Execution SQL Injection Vulnerabilities in BPG-InfoTech Content Management System Multiple SQL Injection Vulnerabilities in Alan Ward A-Cart Pro 2.0 Insufficient Access Control Vulnerability in LifeType 1.0.x and 1.1.x Sensitive Information Disclosure in Monkey Boards 0.3.5 Arbitrary SQL Command Execution in fipsCMS 4.5 and Earlier via index.asp Arbitrary SQL Command Execution in fipsForum 2.6 and Earlier via default2.asp Arbitrary SQL Command Execution in fipsGallery 1.5 and Earlier via index1.asp Arbitrary Script Injection in mmgallery 1.55 via thumbs.php Information Disclosure Vulnerability in mmgallery 1.55 KPresenter Import Filter Integer Overflow Vulnerability Remote Code Execution Vulnerability in Acer Notebook LunchApp.APlunch ActiveX Control Unspecified Impact Buffer Overflow Vulnerability in TIN before 1.8.2 Arbitrary Variable Setting Vulnerability in Coppermine Photo Gallery (CPG) 1.4.8 Unspecified Cross-Site Scripting (XSS) Vulnerability in SeleniumServer Web Server 1.0 Remote Code Execution Vulnerability in NetGear WG311v1 Wireless Adapter Memory Corruption Vulnerability in Apple Mac OS X Denial of Service Vulnerability in Apple Mac OS X Kernel via kevent Queue Registration ReiserFS Memory Corruption Denial of Service Vulnerability Integer Overflow Vulnerability in fatfile_getarch2 in Apple Mac OS X Apple Mac OS X AppleTalk Local Denial of Service Vulnerability Untrusted Search Path Vulnerability in Kerio WebSTAR Server Suite 5.4.2 and Earlier Multiple SQL Injection Vulnerabilities in Link Exchange Lite Visual Studio Crystal Reports RPT File Buffer Overflow Vulnerability Heap-based Buffer Overflow in Windows Media Player (WMP) 10.00.00.4036 Unspecified Vulnerabilities in IBM WebSphere Application Server 6.1.0 before Fix Pack 3 EAL4 Authentication Check Bypass Vulnerability in IBM WebSphere Application Server 6.1.0 PHP Remote File Inclusion Vulnerabilities in Sisfo Kampus 0.8 Arbitrary Directory Listing Vulnerability in Sisfo Kampus 0.8 Directory Traversal Vulnerability in Sisfo Kampus 2006 (Semarang 3) Allows Remote File Read Remote File Inclusion Vulnerability in Sisfo Kampus 2006 (Semarang 3) Buffer Overflow Vulnerability in Tftpd32 3.01 Allows Remote Denial of Service Multiple Cross-Site Scripting (XSS) Vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 Uninitialized Function Pointer Vulnerability in Kerberos 5 RPC Library Denial of Service Vulnerability in GSS-API Library for Kerberos 5 Insecure Storage of LDAP Credentials in CRYPTOCard CRYPTO-Server Buffer Overflow in HPDF_Page_Circle Function in libharu 2.0.7 and Earlier SQL Injection Vulnerabilities in JiRos Links Manager Multiple Cross-Site Scripting (XSS) Vulnerabilities in JiRos Links Manager's submitlink.asp SQL Injection Vulnerability in JiRos FAQ Manager 1.0: Remote Code Execution via tID Parameter Remote Code Execution in OWLLib 1.0 via PHP Remote File Inclusion in OWLMemoryProperty.php PHP Remote File Inclusion Vulnerability in Messagerie Locale centre.php Multiple SQL Injection Vulnerabilities in vSpin.net Classified System 2004 Cross-Site Scripting (XSS) Vulnerabilities in vSpin.net Classified System 2004 Remote File Inclusion Vulnerability in HIOX Star Rating System Script (HSRS) 1.0 and Earlier Multiple SQL Injection Vulnerabilities in HIOX Star Rating System Script (HSRS) 1.0 and Earlier Cross-site scripting (XSS) vulnerability in HIOX Star Rating System Script (HSRS) 1.0 and earlier SQL Injection Vulnerability in ContentNow 1.39 and Earlier: Remote Code Execution and Path Disclosure Multiple Cross-Site Scripting (XSS) Vulnerabilities in PMOS Help Desk 2.4, InverseFlow Help Desk 2.31, and Ace Helpdesk 2.31 Cross-Site Scripting (XSS) Vulnerabilities in DeskPRO 2.0.0 and 2.0.1 via newticket.php Arbitrary SQL Command Execution in Doug Luxem Liberum Help Desk 0.97.3 and Earlier SQL Injection Vulnerabilities in Doug Luxem Liberum Help Desk 0.97.3 and Earlier Cross-site scripting (XSS) vulnerability in TikiWiki 1.9.6 in tiki-edit_structures.php Arbitrary JavaScript Injection in TikiWiki's tiki-setup_base.php Environment Variable Injection Vulnerability in OpenBSD's ld.so Privilege Escalation via Unsanitized Environment Variables in BSD Distributions Arbitrary Web Script Injection Vulnerability in JCE Admin Component for Joomla PHP Remote File Inclusion Vulnerabilities in Active PHP Bookmarks (APB) 1.1.02 Remote Code Execution via Email Field in TikiWiki tiki-register.php Heap-based Buffer Overflow in GnuPG's ask_outfile_name Function Buffer Overflow in mod_tls tls_x509_name_oneline Function in ProFTPD 1.3.0a and Earlier Buffer Underflow Vulnerability in ProFTPD 1.3.0a and Earlier Buffer Overflow in RealMedia RTSP Stream Handler Buffer Overflow in shared_region_make_private_np Function in Mac OS X 10.4.6 and Earlier Arbitrary Web Script Injection in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 Arbitrary File Inclusion and Remote Code Execution Vulnerability in Horde Kronolith H3 Unspecified Cross-Site Scripting (XSS) Vulnerability in Blogn 1.9.4 SQL Injection Vulnerability in Neocrome Seditio 1.10 and Earlier: Remote Code Execution via Double-URL-Encoded ID Parameter Arbitrary Code Execution Vulnerability in Trend Micro OfficeScan 7.3 Arbitrary Code Execution Vulnerability in Trend Micro OfficeScan 7.3 Cross-Site Scripting (XSS) Vulnerability in Expinion.net iNews Publisher (iNP) 2.5 and Earlier SQL Injection Vulnerabilities in ClickTech ClickContact Default.asp Plaintext Password Storage Vulnerability in Gabriele Teotino GNotebook 0.7.0.1 Stack-based Buffer Overflow Vulnerabilities in 3Com 3CTftpSvc 2.0.1 Stack-based Buffer Overflow in Allied Telesyn TFTP Server (AT-TFTP) 1.9 Arbitrary File Read Vulnerability in Wabbit PHP Gallery 0.9 Multiple Directory Traversal Vulnerabilities in enomphp 4.0 SQL Injection Vulnerabilities in ClickTech Click Gallery Arbitrary Script Injection in ClickTech Click Gallery's view_search.asp SQL Injection Vulnerability in displayCalendar.asp in ClickTech Click Blog SQL Injection Vulnerability in Anna^ IRC Bot before 0.30 (Caprice) Allows Remote Code Execution SQL Injection Vulnerability in 8pixel.net SimpleBlog 2.3 and Earlier: Remote Code Execution via admin/edit.asp Unauthenticated Remote Privilege Escalation in 8pixel.net SimpleBlog 3.0 and Earlier SQL Injection Vulnerability in BasicForum 1.1 and Earlier: Remote Code Execution via edit.asp Multiple SQL Injection Vulnerabilities in Ultimate Survey Pro's index.asp SQL Injection Vulnerabilities in Fixit iDMS Pro Image Gallery Fixit iDMS Pro Image Gallery Search Functionality XSS Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in b2evolution 1.8.2 through 1.9 beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 BlazeVideo BlazeDVD Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerabilities in Francisco Burzi PHP-Nuke 7.9 and Earlier: rate_article and rate_complete Functions Heap-based Buffer Overflow in Borland idsql32.dll 5.1.0.4 and 5.2.0.2 Remote File Inclusion Vulnerability in NukeAI 0.0.3 Beta Module for PHP-Nuke Arbitrary File Read Vulnerability in Flyspray ME 1.0.1 Multiple SQL Injection Vulnerabilities in Enthrallweb eHomes Cross-Site Scripting (XSS) Vulnerabilities in Enthrallweb eHomes' result.asp SQL Injection Vulnerability in WarHound General Shopping Cart's item.asp Allows Remote Code Execution SQL Injection Vulnerability in Evolve Shopping Cart's products.asp Multiple SQL Injection Vulnerabilities in Enthrallweb eClassifieds Multiple SQL Injection Vulnerabilities in MidiCart ASP Shopping Cart and ASP Plus Shopping Cart SQL Injection Vulnerability in listpics.asp in ASP ListPics 5.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in BirdBlog 1.4.0 Remote File Inclusion Vulnerability in Site News (site_news) 2.00 and Earlier Versions PHP Remote File Inclusion Vulnerability in PEGames' index.php Arbitrary SQL Command Execution in Wallpaper Website (Wallpaper Complete Website) 1.0.09 SQL Injection Vulnerabilities in Wallpaper Website (Wallpaper Complete Website) 1.0.09 and Earlier SQL Injection Vulnerability in Nivisec Hacks List 1.21 and Earlier phpBB Module Remote File Inclusion Vulnerability in Mermaid 1.2 Module for PHP-Nuke Multiple SQL Injection Vulnerabilities in dev4u CMS index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in dev4u CMS index.php SQL Injection Vulnerabilities in Recipes Website 1.1.14: Remote Code Execution Multiple Privileged Account Creation Vulnerability in 2X ThinClientServer Enterprise Edition before 4.0.2248 Stack-based Buffer Overflow in NetBackup bpcd Daemon Google Search Appliance and Google Mini XSS Vulnerability PHP Remote File Inclusion Vulnerability in Puntal Installation Scripts Multiple PHP Remote File Inclusion Vulnerabilities in GeekLog 1.4 Multiple Format String Vulnerabilities in NeoEngine and NeoWTK Denial of Service Vulnerability in Core::Receive Function of NeoEngine Arbitrary HTML Injection Vulnerability in Codewalkers ltwCalendar Password Logging Vulnerability in Codewalkers ltwCalendar SQL Injection Vulnerability in vuBB 0.2.1 and Earlier: Remote Code Execution via User Parameter Information Disclosure Vulnerability in vuBB 0.2.1 and Earlier DreamAccount 3.1 Remote File Inclusion Vulnerability in admin/index.php SQL Injection Vulnerability in Downloads Module of PostNuke SQL Injection Vulnerabilities in PHP-Nuke Content Module Stack Overwrite Vulnerability in GnuPG (gpg) Allows Arbitrary Code Execution Adobe Reader 7.0 through 7.0.8 AcroPDF ActiveX Control Denial of Service and Arbitrary Code Execution Vulnerability SQL Injection Vulnerability in Woltlab Burning Board Lite 1.0.2 - Remote Code Execution via decode_cookie function in thread.php AutoFill Form Field Visibility Vulnerability Empty Password Authentication Vulnerability in MailEnable NetWebAdmin Professional and Enterprise 2.32 Directory Traversal Vulnerability in Sorin Chitu Telnet-FTP Server 1.0 Denial of Service Vulnerability in Sorin Chitu Telnet-FTP Server 1.0 Multiple Directory Traversal Vulnerabilities in Serendipity 1.0.3 and Earlier Multiple SQL Injection Vulnerabilities in index.asp in FipsSHOP Arbitrary Command Execution in Coalescent Systems freePBX SQL Injection Vulnerabilities in Photo Organizer (PO) 2.32b and Earlier Insecure Ownership Check in Photo Organizer 2.32b and Earlier SQL Injection Vulnerabilities in Uapplication UPhotoGallery 1.1 Sensitive Information Disclosure in GPhotos 1.5 via Invalid rep Parameter Arbitrary Web Script Injection Vulnerability in Chama Cargo 4.36 and Earlier Format String Vulnerability in Songbird Media Player 0.2 and Earlier Allows Remote Denial of Service VUPlayer 2.44 Stack-Based Buffer Overflow Vulnerability Denial of Service Vulnerability in Microsoft Windows Live Messenger 8.0 and Earlier Insecure Storage of Sensitive Information in Cahier de texte 2.0 Unparsed Content Disclosure in Cahier de texte 2.0 via administration/telecharger.php Direct static code injection vulnerability in util.php in NukeAI 0.0.3 Beta module for PHP-Nuke Arbitrary Code Injection via Folder Name in AlternC File Manager Sensitive Information Disclosure in AlternC File Manager Cleartext Transmission of SQL Password in AlternC 0.9.5 and Earlier Directory Traversal Vulnerabilities in AlternC 0.9.5 and Earlier: Arbitrary File Creation and File Reading SQL Injection Vulnerability in login.asp in Redbinaria SIAP Buffer Overflow Vulnerability in Quintessential Player 4.50.1.82 and Earlier Arbitrary File Creation Vulnerability in PHPJunkYard MBoard 1.22 and Earlier Teredo Client Source Routing Bypass Vulnerability Teredo Vulnerability: Bypassing IPv4 Ingress Filtering for Intranet Hosts Teredo Vulnerability: Inbound Connection Bypass for Restricted NAT Clients Teredo Client Vulnerability: Induced Packet Sending to Third Parties Information Disclosure Vulnerability in PostNuke 0.7.5.0 and Minor Versions SQL Injection Vulnerability in Neocrome Land Down Under (LDU) 8.x and Earlier: Remote Code Execution via URL-encoded ID Parameter Multiple SQL Injection Vulnerabilities in Infinitytechs Restaurants CM Multiple SQL Injection Vulnerabilities in ASPMForum Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPOLL 0.96 Arbitrary Script Injection in Simple PHP Gallery 1.1 Information Disclosure Vulnerability in Simple PHP Gallery 1.1 SQL Injection Vulnerability in Expinion.net iNews Publisher (iNP) 2.5 and Earlier Race Condition Vulnerability in Sun Solaris Kernel HTTP Request Smuggling Vulnerability in Sun Java System Proxy Server ContentServ 4.x Directory Traversal Vulnerability in admin/FileServer.php Arbitrary Script Injection in @lex Guestbook 4.0.1 via XSS Vulnerability Sensitive Information Disclosure in @lex Guestbook 4.0.1 via Nonexistent Skin Parameter SQL Injection Vulnerability in Oxygen (O2PHP Bulletin Board) 1.1.3 and Earlier via viewthread.php Remote File Inclusion Vulnerability in dicshunary 0.1 alpha's check_status.php Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in Vikingboard 0.1.2 via Invalid s Parameter Cross-Site Scripting (XSS) Vulnerabilities in Vikingboard 0.1.2 Arbitrary File Inclusion Vulnerability in Vikingboard 0.1.2 Remote File Inclusion Vulnerability in Kai Blankenhorn Bitfolge Simple and Nice Index File (aka snif) 1.5.2 and Earlier Weak Permissions in Palm Desktop 4.1.4 and Earlier Allow Unauthorized Access to User Data Remote Code Execution Vulnerability in AtomixMP3 2.3 and Earlier via Long Pathname in M3U File Multiple Buffer Overflows in Niek Albers CoolPlayer 216 and Earlier Arbitrary SQL Command Execution in Woltlab Burning Board (wBB) Lite 1.0.2 Stack-based buffer overflows in MailEnable IMAP module allow remote code execution Stack Overflow Vulnerability in MailEnable IMAP Module Denial of Service and Out-of-Bounds Memory Access Vulnerability in Apple Airport Extreme Firmware 0.1.27 Heap-based Buffer Overflow in F-Prot Antivirus Allows Remote Code Execution via Crafted CHM File Unspecified Vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 Arbitrary PHP Code Execution via Remote File Inclusion in mx_tinies 1.3.0 Module for MxBB Portal 1.06 Denial of Service Vulnerability in RpcGetPrinterData Function KDE Graphics Stack Consumption Vulnerability in KFILE JPEG Plugin SQL Injection Vulnerability in Metyus Okul Yonetim Sistemi 1.0: Remote Code Execution Arbitrary Code Execution via Integer Overflow in Novell ZENworks 7 Asset Management (ZAM) Arbitrary Script Injection Vulnerability in CuteNews 1.3.6 Arbitrary Host Addition and Denial of Service Vulnerability in DenyHosts 2.5 Arbitrary Host Addition and Denial of Service Vulnerability in fail2ban 0.7.4 and Earlier Denial of Service Vulnerability in Ruby's read_multipart Function Arbitrary File Modification Vulnerability in Linux Kernel 2.6.19 Privilege Escalation Vulnerability in Net-SNMP 5.3 before 5.3.0.1 Format String Vulnerability in Novell Modular Authentication Services (NMAS) Denial of Service Vulnerability in Novell Client for Windows Privilege Escalation via Symantec LiveState 7.1 Agent for Windows Multiple Array Index Errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 and Earlier Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 Remote Denial of Service Vulnerability in elogd.c Arbitrary File Creation and Overwrite Vulnerability in TorrentFlux 2.2 Remote File Deletion Vulnerability in TorrentFlux 2.2 Arbitrary Command Execution Vulnerability in TorrentFlux 2.2 Arbitrary Command Execution in TorrentFlux 2.2 via metaInfo.php Arbitrary Code Execution Vulnerability in MadWifi 0.9.2.1 Memory Corruption Vulnerability in Linux Kernel 2.6.19's tr_rx Function Heap-based Buffer Overflow in Citrix Presentation Server Client Buffer Overflow Vulnerabilities in Sophos Anti-Virus Scanning Engine Arbitrary Code Execution Vulnerability in Eudora WorldMail 3.1.x SQL Injection Vulnerabilities in giris.asp in Aspee and Dogantepe Ziyaretci Defteri Unrestricted File Upload Vulnerability in deV!L`z Clanportal (DZCP) before 1.3.6.1 SQL Injection Vulnerability in deV!L`z Clanportal (DZCP) before 1.3.6.1 Denial of Service Vulnerability in nVIDIA nView's keystone.exe Multiple PHP Remote File Inclusion Vulnerabilities in mg.applanix 1.3.1 and Earlier Multiple SQL Injection Vulnerabilities in KLF-REALTY SQL Injection Vulnerability in Neocrome Seditio 1.10 and Earlier: Remote Code Execution via polls.php Unspecified SQL Injection Vulnerabilities in Neocrome Seditio 1.10 and Earlier Directory Traversal Vulnerability in SAP Internet Graphics Service (IGS) 6.40 and 7.00 Unspecified Denial of Service and Information Disclosure Vulnerability in SAP Internet Graphics Service (IGS) Unrestricted File Upload Vulnerability in TFT-Gallery Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in mowdBB RC-6 board.php SQL Injection Vulnerabilities in PWP Technologies The Classified Ad System Insufficient Access Control in listpics 5 Allows Remote Database Download Insecure Storage of Sensitive Data Under Web Root Denial of Service Vulnerability in FRISK Software F-Prot Antivirus Unspecified Denial of Service Vulnerabilities in BOMArchiveHelper in Mac OS X Multiple SQL Injection Vulnerabilities in DuWare DuNews SQL Injection Vulnerability in DuWare DuClassmate's default.asp Allows Remote Code Execution via iCity Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPNews 1.3.0 Templates Arbitrary Web Script Injection in PHPNews 1.3.0 and Earlier SQL Injection Vulnerability in Stefan Frech Online-Bookmarks 0.6.12 Login Function Arbitrary Web Script Injection Vulnerability in Stefan Frech Online-Bookmarks 0.6.12 PHP Upload Center 2.0 - Remote File Inclusion Vulnerability in activate.php Heap-based Buffer Overflow in Bitflux Upload Progress Meter Arbitrary Web Script Injection Vulnerability in BlueSocket Secure Controller (BSC) Arbitrary Web Script Injection Vulnerability in Inside Systems Mail (ISMail) 2.0 and Earlier SQL Injection Vulnerability in DUware DUpaypal 3.1 (and earlier) via iType Parameter Cross-site scripting (XSS) vulnerability in Cerberus Helpdesk allows remote code injection via spellwin.php Multiple SQL Injection Vulnerabilities in DUware DUdownload 1.1 Remote File Inclusion Vulnerability in awrate 1.0 Login.php.inc SQL Injection Vulnerability in Invision Community Blog Mod 1.2.4 via Preview Message Functionality SQL Injection Vulnerability in Invision Gallery 2.0.7 Allows Remote Attackers to Cause Denial of Service and Other Impacts Arbitrary Web Script Injection Vulnerability in JAB Guest Book Multiple Cross-Site Scripting (XSS) Vulnerabilities in JAB Guest Book 20061205 Sensitive Information Disclosure in PhpMyAdmin 2.7.0-pl2 via libraries/common.lib.php CRLF Injection Vulnerabilities in PhpMyAdmin 2.7.0-pl2 Arbitrary Script Injection via File Upload in Simple Machines Forum (SMF) 1.1 and Earlier Arbitrary Code Execution via Directory Traversal in Simple File Manager (SFM) 0.24a Sensitive Data Exposure: Remote Retrieval of Admin Password Hash Insufficient Access Control in BTSaveMySql 1.2 Allows Remote Data Disclosure Buffer Overflow Vulnerability in BrightStor Backup Discovery Service in Multiple CA Products Arbitrary Web Script Injection Vulnerability in Ultimate HelpDesk's index.asp Directory Traversal Vulnerability in Ultimate HelpDesk's getfile.asp Allows Remote File Read Insecure Log File Permissions Vulnerability in Positive Software H-Sphere Control Panel Local Bypass of safe_mode and open_basedir Restrictions in PHP 5.2.0 and 4.4 Absolute Path Traversal Vulnerability in abitwhizzy.php (CVE-2006-6084 Variant) Vulnerability: Stack-based Buffer Overflow in Intel Network Adapter Drivers Arbitrary Script Injection in Drupal CVS Management/Tracker Multiple SQL Injection Vulnerabilities in LINK Content Management Server (CMS) Cross-Site Scripting (XSS) Vulnerability in LINK CMS's naprednaPretraga.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in ac4p Mobile Open Solution Quick.Cart 2.0 Multiple Directory Traversal Vulnerabilities Directory Traversal Vulnerabilities in Open Solution Quick.Cart 2.0 Directory Traversal Vulnerability in plx Web Studio (aka plxWebDev) plx Pay 3.2 and Earlier Arbitrary Web Script Injection in Jonas Gauffin Publicera 1.0-rc2 and Earlier SQL Injection Vulnerability in Jonas Gauffin Publicera 1.0-rc2 and Earlier: Remote Code Execution Memory Leak Vulnerabilities in Ulrik Petersen Emdros Database Engine before 1.2.0.pre231 BlazeVideo HDTV Player Stack-based Buffer Overflow Vulnerability Integer Overflow in banner/banner.c in FreeBSD, NetBSD, and OpenBSD Multiple SQL Injection Vulnerabilities in Superfreaker Studios UPublisher 1.0 SQL Injection Vulnerability in Superfreaker Studios UPublisher 1.0 Arbitrary Code Execution Vulnerability in JustSystems Hanako and Ichitaro Software Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyStats 1.0.8 and Earlier SQL Injection Vulnerability in MyStats 1.0.8 and Earlier: Remote Code Execution via mystats.php Path Disclosure Vulnerability in MyStats 1.0.8 and Earlier Denial of Service Vulnerability in INNOVATION Data Processing FDR/UPSTREAM 3.3.0 Remote Code Execution via Invalid Characters in BitDefender Mail Protection for SMB 2.0 Bypassing Virus Detection in Clam AntiVirus (ClamAV) 0.88.6 via Invalid Characters in Base64 Encoded Content Bypassing Virus Detection in F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 Bypassing Virus Detection in Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 Denial of Service and Bypass Vulnerability in F-Secure Anti-Virus for Linux Gateways 4.65 Buffer Overflow Vulnerability in VMWare 5.5.1 ActiveX Control Denial of Service Vulnerability in Linksys WIP 330 Wireless-G IP Phone 1.00.06A Amateras sns 3.11 XSS Vulnerability Multiple SQL Injection Vulnerabilities in dettaglio.asp in Dol Storye PHP remote file inclusion vulnerability in admin/lib-maintenance.inc.php in phpAdsNew 2.0.4-pr2 PHP Remote File Inclusion Vulnerabilities in PhpLeague - Univert PhpLeague 0.81 Arbitrary PHP Code Execution via Remote File Inclusion in b2evolution 1.8.5 through 1.9 beta Buffer Overflow Vulnerability in libpthread on HP Tru64 UNIX Arbitrary File Inclusion Vulnerability in JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.1.0 beta 2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in JCE Admin Component in Ryan Demmer Joomla Content Editor (JCE) 1.1.0 beta 2 and Earlier XSS Vulnerability in phpBB 2.0.x Private Message Box Implementation Remote Code Execution Vulnerability in Agileco AgileBill and AgileVoice 1.4.x Stack-based Buffer Overflow in MailEnable IMAP Service Buffer Overflow Vulnerabilities in Novell NetMail Remote Code Execution Vulnerability in Novell NetMail IMAPD ThinkEdit 1.9.2 Remote File Inclusion Vulnerability Command Injection Vulnerability in Xerox WorkCentre and WorkCentre Pro Remote Access Vulnerability in Xerox WorkCentre and WorkCentre Pro Configuration Modification Vulnerability in Xerox WorkCentre and WorkCentre Pro Unencrypted HTTP Traffic Vulnerability in Xerox WorkCentre and WorkCentre Pro Email Signature Modification Vulnerability in Xerox WorkCentre and WorkCentre Pro Remote File Download Vulnerability in Xerox WorkCentre and WorkCentre Pro Inaccurate Timestamp Recording Vulnerability in Xerox WorkCentre and WorkCentre Pro Unspecified Authentication Bypass Vulnerability in Xerox WorkCentre and WorkCentre Pro Lack of Authentication Failure Traps in Xerox WorkCentre and WorkCentre Pro SNMP Implementation XSS Vulnerability in Xerox WorkCentre and WorkCentre Pro Denial of Service Vulnerability in Xerox WorkCentre and WorkCentre Pro Sensitive User Data Exposure in Xerox WorkCentre and WorkCentre Pro Information Disclosure Vulnerability in Xerox WorkCentre and WorkCentre Pro Unspecified HTTP Security Vulnerabilities in Xerox WorkCentre and WorkCentre Pro Local Privilege Escalation via Alternate Boot Media in Xerox WorkCentre and WorkCentre Pro Stack-based Buffer Overflow in CDDBControlAOL.CDDBAOLControl ActiveX Control Buffer Overflow in Novell Client 4.91 NDPS Print Provider for Windows (NDPPNT.DLL): Unknown Impact and Remote Attack Vectors Stack-based Buffer Overflow in Nostra DivX Player 2.1 and 2.2.00.0 via Long String in M3U File Arbitrary Local File Inclusion Vulnerability in Envolution 1.1.0 and Earlier SQL Injection Vulnerability in iWare Professional 5.0.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Vt-Forum Lite 1.3 and 1.5 Multiple SQL Injection Vulnerabilities in Vt-Forum Lite 1.3 and Earlier Insecure Storage of Sensitive Information in Vt-Forum Lite 1.3 and Earlier SQL Injection Vulnerabilities in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SWsoft Plesk 8.0.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyArticles Module for RunCMS Arbitrary PHP Code Execution via Remote File Inclusion in J-OWAMP Web Interface 2.1 Arbitrary Command Execution in execInBackground.php in J-OWAMP Web Interface 2.1b and Earlier Multiple SQL Injection Vulnerabilities in DUware DUdirectory 3.1 Remote Code Execution Vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 Information Disclosure Vulnerability in Tikiwiki 1.9.5 and 1.9.2 Denial of Service Vulnerability in Trend Micro Scan Engine Arbitrary HTML and Script Injection in PhpBB Toplist 1.3.7 Information Disclosure Vulnerability in Yourfreeworld.com Short Url & Url Tracker Script Path Disclosure Vulnerability in tr1.php of Yourfreeworld Stylish Text Ads Script CM68 News 12.02.06 - PHP Remote File Inclusion Vulnerability in engine/oldnews.inc.php Unrestricted File Upload Vulnerability in Midicart's admin/add.php Vulnerability: Price Manipulation through Negative Quantity in Midicart's Viewcart Directory Traversal Vulnerability in WBmap.php in WikyBlog 1.3.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in WBmap.php in WikyBlog 1.3.2 and Earlier Improper Access Restriction in Xerox WorkCentre and WorkCentre Pro Unvalidated FQDN in Xerox WorkCentre SSL Certificate Validation Unblocked PostgreSQL Port in Xerox WorkCentre and WorkCentre Pro SNMP Agent Non-Writable Object Error Vulnerability Weak File Permissions in Xerox WorkCentre and WorkCentre Pro Vulnerability: Insecure Configuration of Port 443 in Xerox WorkCentre and WorkCentre Pro Unspecified Vulnerabilities in Xerox WorkCentre and WorkCentre Pro Untrusted Search Path Vulnerability in McAfee VirusScan for Linux Denial of Service Vulnerability in Mandiant First Response (MFR) Local Privilege Escalation and Denial of Service Vulnerability in FRAgent.exe Man-in-the-Middle (MITM) Attack Vulnerability in Mandiant First Response (MFR) Multiple SQL Injection Vulnerabilities in AnnonceScriptHP 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AnnonceScriptHP 2.0 Sensitive Information Disclosure in AnnonceScriptHP 2.0 via idmembre Parameter Stack Overflow and Application Crash Vulnerability in Clam AntiVirus (ClamAV) 0.88.6 Information Disclosure Vulnerability in Adobe ColdFusion MX7 Cross-Site Scripting (XSS) Vulnerability in Adobe ColdFusion MX 7.x before 7.0.2 Remote Denial of Service Vulnerability in MailEnable IMAP Service Cross-Site Scripting (XSS) Vulnerabilities in ShopSite 8.1 and Earlier SQL Injection Vulnerability in EasyPage Arbitrary Web Script Injection Vulnerability in DT Guestbook 1.0f Stack-based Buffer Overflow in Dialog Wrapper Module ActiveX Control Denial of Service Vulnerability in SISCO OSI Stack Buffer Overflow Vulnerabilities in SupportSoft ActiveX Controls Buffer Overflow in OpenLDAP's krbv4_ldap_auth Function Allows Remote Code Execution Local Privilege Escalation via Directory Traversal in ld.so.1 on Sun Solaris 8, 9, and 10 Stack-based Buffer Overflow in ld.so.1 in Sun Solaris 8, 9, and 10 Denial of Service Vulnerability in CA Anti-Virus 2007 and CA Internet Security Suite 2007 Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, SeaMonkey, and Mozilla Memory Overwrite Vulnerability in js_dtoa Function Heap-based Buffer Overflow in Mozilla Firefox, Thunderbird, and SeaMonkey Privilege Escalation and Code Installation Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey LiveConnect bridge code Use-after-free vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Protection Bypass in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution via SVG Comment DOM Node in Mozilla Firefox, SeaMonkey Heap-based Buffer Overflow Vulnerabilities in Mozilla Thunderbird and SeaMonkey Privacy Leak in Mozilla Firefox 2.0: Feed Preview Feature Allows Browsing Habit Tracking Cross-Site Scripting (XSS) Protection Bypass in Mozilla Firefox 2.0 CSRF Vulnerability in phpBB 2.0.21 Allows Unauthorized Message Sending Arbitrary Script Injection via ABOUT: URI in SiteKiosk Skin Feature Unspecified ActiveX Control in SiteKiosk Allows Local File Reading Insufficiently Restrictive FilesMatch Directive in dadaIMC .99.3 Allows Remote Code Execution Arbitrary Directory Listing Vulnerability in Winamp Web Interface (Wawi) 7.5.13 and Earlier Arbitrary File Download Vulnerability in Winamp Web Interface (Wawi) 7.5.13 and Earlier Insufficient Directory Comparison in Winamp Web Interface (Wawi) Allows Unauthorized Access Default Value Misconfiguration in Mantis: Potential Impact and Attack Vectors PHP Remote File Inclusion Vulnerabilities in KDPics 1.16 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in KDPics 1.16 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in ProNews 1.5 SQL Injection Vulnerability in ProNews 1.5 lire-avis.php Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Messageriescripthp 2.0 SQL Injection Vulnerability in Messageriescripthp 2.0: Remote Code Execution via lire-avis.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in WikiTimeScale TwoZero before 2.31 Arbitrary Web Script Injection Vulnerability in BoxTrapper in cPanel 11 SQL Injection Vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and Earlier SQL Injection Vulnerability in vdateUsr.asp in EzHRS HR Assist 1.05 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Gizzar 03162002 and Earlier Remote File Inclusion Vulnerability in Gizzar 03162002 and Earlier Session Hijacking Vulnerability in Drupal Chatroom Module Information Disclosure in Drupal Chatroom Module Arbitrary SQL Command Execution in Drupal Help Tip Module (CVE-XXXX-XXXX) Arbitrary Code Injection through Node Titles in Drupal Help Tip Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Vt-Forum Lite 1.3 and Earlier Directory Traversal Vulnerability in osCommerce 3.0a3 Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in osCommerce 3.0a3 Potential data corruption and node lockups in dev_queue_xmit function in Linux kernel 2.6 Cross-Site Scripting (XSS) Vulnerability in Cilem Haber Free Edition's hata.asp Authentication Bypass Vulnerability in IBM WebSphere Host On-Demand D-LINK DWL-2000AP+ Firmware 2.11 Denial of Service Vulnerability Multiple Buffer Overflows in Winamp Web Interface (Wawi) 7.5.13 and Earlier: Remote Code Execution and Denial of Service Vulnerabilities SQL Injection Vulnerability in bt-trackback.php in Bluetrait before 1.2.0 PHP Remote File Inclusion Vulnerability in Animated Smiley Generator's Warez Distributions Arbitrary SQL Command Execution in Fantastic News 2.1.4 and Earlier SQL Injection Vulnerabilities in AppIntellect SpotLight CRM 1.0 Login Page CM68 News Cross-Site Scripting (XSS) Vulnerability Remote File Inclusion Vulnerability in mx_errordocs Module for mxBB (ErrorDocs 1.0.0 and earlier) Remote File Inclusion Vulnerability in Cutenews AJ-Fork (CN:AJ) 167f and Earlier Buffer Overflow in Winamp iPod Plugin (ml_ipod) 2.00 p19 and Earlier Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in cPanel WebHost Manager (WHM) 3.1.0 Rad Upload 3.02 PHP Remote File Inclusion Vulnerability Phorum 3.2.11 and Earlier PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in Tucows Client Code Suite (CCS) Arbitrary PHP Code Execution via Remote File Inclusion in BLOG:CMS 4.1.3 and Earlier PHP Remote File Inclusion Vulnerability in NewsSuite 1.03 Module for mxBB Denial of Service Vulnerability in Kerio MailServer before 6.3.1 SQL Injection Vulnerabilities in EasyFill 0.5.1 and Earlier Versions Arbitrary Code Execution via Dangerous File Extensions in EyeOS Unspecified Vulnerabilities in Skulls! Before 0.2.6 with Unknown Impact and Attack Vectors Denial of Service Vulnerability in Crob FTP Server 3.6.1 b.263 SQL Injection Vulnerability in Lotfian Request For Travel 1.0: Remote Code Execution via PID Parameter in ProductDetails.asp Remote File Inclusion Vulnerability in mx_modsdb 1.0.0 Module for MxBB Portal User-assisted remote code execution vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 Stack-based Buffer Overflow in ProFTPD mod_ctrls Module FileZilla Server Denial of Service Vulnerability Remote Denial of Service Vulnerability in FileZilla Server Arbitrary PHP Code Execution via Remote File Inclusion in mxBB CPanel Module Arbitrary PHP Code Execution via Remote File Inclusion in Knowledge Base (mx_kb) 2.0.2 Module Arbitrary File Inclusion Vulnerability in Knowledge Base (mx_kb) 2.0.2 Module Arbitrary File Source Code Disclosure in GenesisTrader 1.0 Unrestricted File Upload Vulnerability in GenesisTrader 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in GenesisTrader 1.0 form.php Bypassing Access Policies in Citrix Advanced Access Control (AAC) and Access Gateway Unspecified Remote Data Access Vulnerability in Citrix Access Gateway Lack of Per-Item Access Control in Mantis Bug Tracker Allows Information Disclosure Remote File Inclusion Vulnerability in Brian Drawert Yet Another PHP LDAP Admin Project (yaplap) 0.6 and 0.6.1 Heap-based Buffer Overflow in Golden FTP Server (goldenftpd) 1.92 and 4.70 via Long PASS Command SQL Injection Vulnerability in Neocrome Land Down Under (LDU) 8.x and Earlier: Remote Code Execution via id Parameter in polls.php Arbitrary Command Execution via IIS 5.1 IUSR_Machine Account Weak Permissions in Microsoft Windows XP: Local File Write and Read Vulnerability in %WINDIR%\pchealth\ERRORREP\QHEADLES Unrestricted Access Vulnerability in ProNews 1.5 Allows Unauthorized Modification of News Items Arbitrary PHP Code Execution via Remote File Inclusion in Vernet Loic PHP_Debug 1.1.0 Cross-Site Scripting (XSS) Vulnerabilities in ScriptMate User Manager 2.1 and Earlier Information Disclosure Vulnerability in ScriptMate User Manager 2.1 and Earlier Buffer Overflow Vulnerabilities in italkplus (Italk+) Before 0.92.1 Insecure Extension List Population in Mozilla Firefox 2.0 and 3.0 Arbitrary PHP Code Execution via Remote File Inclusion in Vortex Blog (vBlog, aka C12) a0.1_nonfunc Arbitrary Web Script Injection Vulnerability in Apache OFBiz Ecommerce Forum Unrestricted Content Manipulation in Apache OFBiz Ecommerce Component Arbitrary Script Injection in Apache OFBiz and Opentaps 0.9.3 AR Memberscript usercp_menu.php Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in EXlor 1.0 via repphp Parameter in fonctions/template.php Multiple PHP Remote File Inclusion Vulnerabilities in Bloq 0.5.4 Remote File Inclusion Vulnerability in AMAZONIA MOD for phpBB SQL Injection Vulnerability in ScriptMate User Manager 2.0: Remote Code Execution via utilities/usermessages.asp SQL Injection Vulnerabilities in ScriptMate User Manager 2.1 and Earlier Arbitrary Code Execution via HyperAccess 8.4 Session File HyperAccess 8.4 Argument Injection Vulnerability Directory Traversal Vulnerability in viewnfo.php in TorrentFlux and torrentflux-b4rt Arbitrary Command Execution in TorrentFlux 2.2 via maketorrent.php Double URL-encoded Cross-site Scripting (XSS) Vulnerability in TorrentFlux 2.2 dir.php Denial of Service Vulnerability in Windows Media Player 10.00.00.4036 Denial of Service Vulnerability in Windows Explorer 6.00.2900.2180 Buffer Overflow in YMMAPI.YMailAttach ActiveX Control in Yahoo! Messenger Directory Traversal Vulnerability in TorrentFlux 2.2's downloaddetails.php Stack-based Buffer Overflow in MailEnable POP Service SQL Injection Vulnerabilities in Clarens jclarens before 0.6.2 Insecure Storage of JKS Password in WebSphere Application Server for IBM Tivoli Identity Manager Unspecified vulnerability in SSH key-based authentication in HP Integrated Lights Out (iLO) 1.70 through 1.87 and iLO 2 1.00 through 1.11 on Proliant servers Denial of Service Vulnerability in Nexuiz before 2.2.1 Remote Console Command Injection Vulnerability in Nexuiz Client Commands Barman 0.0.1r3 - PHP Remote File Inclusion Vulnerability in interface.php Remote File Inclusion Vulnerability in PhpMyCms 0.3 via basepath_start Parameter Directory Traversal Vulnerability in phpAlbum 0.4.1 Beta 6 and Earlier Root Password Hash Disclosure in FAI 2.10.1 and 3.1.2 Arbitrary PHP Code Execution via Remote File Inclusion in Activity Games (mx_act) 0.92 Module Multi-Gallery Admin Session Spanning Vulnerability in w00t Gallery 1.4.0 Information Disclosure Vulnerability in Microsoft Project Server 2003 Process Spoofing Vulnerability in AntiHook 3.0.0.23 - Desktop Process Spoofing Vulnerability in AVG Anti-Virus plus Firewall 7.5.431 Process Spoofing Vulnerability in Comodo Personal Firewall 2.3.6.81 Process Spoofing Vulnerability in Filseclab Personal Firewall 3.0.0.8686 Process Spoofing Vulnerability in Soft4Ever Look 'n' Stop (LnS) 2.05p2 Process Spoofing Vulnerability in Sygate Personal Firewall 5.6.2808 Denial of Service Vulnerability in Sambar Server 6.4 FTP Server Cross-site scripting (XSS) vulnerability in Moodle 1.6.1 mod/forum/discuss.php Unspecified Cross-Site Scripting (XSS) Vulnerability in Moodle 1.5 Integer Overflow Vulnerability in BitDefender Products: cevakrnl.xmd Integer Overflow Vulnerability in OpenOffice.org (OOo) 2.1 Insufficiently Restrictive Regular Expression in WeBWorK PG Translator.pm Allows Arbitrary Macro File Loading Remote File Inclusion Vulnerability in osprey 1.0 ListRecords.php Remote File Inclusion Vulnerability in osprey 1.0 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Genepi 1.6 and Earlier: Arbitrary PHP Code Execution YapBB 1.2 Beta2 and Earlier: PHP Remote File Inclusion Vulnerability in yapbb_session.php Multiple PHP Remote File Inclusion Vulnerabilities in ExtCalThai Component for Mambo Arbitrary PHP Code Execution via Remote File Inclusion in JumbaCMS 0.0.1 Unspecified Vulnerability in IBM WebSphere Application Server Utility Classes Information Disclosure Vulnerability in IBM WebSphere Application Server Remote Denial of Service Vulnerability in IBM DB2 8.1 before FixPak 14 Unspecified Privilege Escalation Vulnerabilities in chetcpasswd 2.4.1 Cross-Site Scripting (XSS) Vulnerabilities in Omniture SiteCatalyst Session and Credential Inheritance Vulnerability in CA CleverPath Portal SQL Injection Vulnerability in haber.asp in Contra Haber Sistemi 1.0 Denial of Service Vulnerability in Fightersoft Multimedia Star FTP Server 1.10 Remote File Inclusion Vulnerability in Meeting (mx_meeting) Module for mxBB PHP Remote File Inclusion Vulnerability in mxBB Web Links Module (mx_links) 2.05 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Drupal Project Issue Tracking and Project Modules Arbitrary Script Injection in MySite Drupal Module PHP Remote File Inclusion Vulnerability in RateMe 1.3.2 and Earlier Cross-site scripting (XSS) vulnerability in display.php in HyperVM 1.2 and earlier Remote File Inclusion Vulnerability in Charts (mx_charts) Module for mxBB Race condition vulnerability in Intel 2200BG wireless driver 9.0.3.9 Buffer Overflow in glob.c in libc: Remote Code Execution Vulnerability Denial of Service Vulnerability in NetBSD's accept Function Denial of Service Vulnerability in NetBSD's sendmsg Function Kernel Panic Vulnerability in NetBSD's procfs Implementation Memory Leak and Information Disclosure Vulnerability in ptrace in NetBSD Uninitialized Stack Memory Disclosure Vulnerability in NetBSD Inktomi Search 4.1.4 Information Disclosure Vulnerability Denial of Service Vulnerability in Microsoft Office Outlook Recipient ActiveX Control Denial of Service Vulnerability in KDE libkhtml 4.2.0 and Earlier Arbitrary Variable Overwrite Vulnerability in PHP-Update 2.7 and Earlier Unspecified Local User Authentication Bypass Vulnerability in novell-lum on SUSE Linux Enterprise Desktop 10 and Open Enterprise Server 9 Denial of Service Vulnerability in Marathon Aleph One Server Component Format String Vulnerability in Marathon Aleph One Buffer Overflow Vulnerability in Astonsoft DeepBurner Pro and Free 1.8.0 and Earlier VerliAdmin 0.3 and Earlier: PHP Remote File Inclusion Vulnerability in index.php SQL Injection Vulnerabilities in VerliAdmin 0.3 and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in VerliAdmin 0.3 and Earlier Arbitrary Script Injection in WebCalendar 1.0.4 and Earlier Unspecified Vulnerability in Nortel CallPilot 4.x Server with Unknown Impact and Attack Vectors SQL Injection Vulnerability in Burak Yylmaz Download Portal's down.asp Allows Remote Code Execution SQL Injection Vulnerabilities in Burak Yylmaz Download Portal Denial of Service Vulnerability in WinFtp Server 2.0.2 Plaintext Storage of Credentials in Ozeki HTTP-SMS Gateway Arbitrary Web Script Injection Vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 Arbitrary Code Execution via Integer Overflow in ESET NOD32 Antivirus OLE2 and CHM Parsers Denial of Service Vulnerability in ESET NOD32 Antivirus Arbitrary Command Execution via Shell Metacharacters in Netrik 1.15.4 and Earlier X-Forwarded-For Header Spoofing Vulnerability Lack of Documentation for Permissions on /etc/chetcpasswd.allow in Pedro Lineu Orso chetcpasswd before 2.3.1 Unlimited Client Requests in Pedro Lineu Orso chetcpasswd 2.3.3 Vulnerability Information Disclosure Vulnerability in Pedro Lineu Orso chetcpasswd 2.3.3 PAM Bypass Vulnerability in chetcpasswd 2.4.1 and Earlier Heap-based Buffer Overflow in chetcpasswd before 2.4 via Long X-Forwarded-For HTTP Header Heap-based Buffer Overflow in chetcpasswd 2.3.3 via Long REMOTE_ADDR Environment Variable Remote File Inclusion Vulnerability in Carsen Klock TextSend 1.5: Arbitrary PHP Code Execution Unspecified Cross-Site Scripting (XSS) Vulnerability in WebAPP 0.9.9.4 and 0.9.9.3.4 Network Edition (NE) Bypassing Filtering Mechanisms in WebAPP 0.9.9.4 and 0.9.9.3.4 Network Edition Multiple PHP Remote File Inclusion Vulnerabilities in Paristemi 0.8.3 and Earlier Arbitrary Command Execution in Typo3 rtehtmlarea Extension Multiple PHP Remote File Inclusion Vulnerabilities in Valdersoft Shopping Cart 3.0 and Earlier Format string vulnerabilities in zabbix before 20061006 leading to denial of service and potential code execution Buffer Overflow Vulnerabilities in Zabbix before 20061006: Denial of Service and Arbitrary Code Execution Arbitrary PHP Code Execution via Directory Traversal in E-Uploader Pro 1.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Carsen Klock TextSend 1.5 Double Free Privilege Escalation Vulnerability in Microsoft Windows CRLF Injection Vulnerability in Oracle Portal 10g and Earlier GConf 2.14.0 Local Denial of Service Vulnerability CRLF Injection Vulnerabilities in Oracle Portal 9.0.2 and Other Versions Unspecified Cross-Site Scripting (XSS) Vulnerability in @Mail WebMail Cross-Site Request Forgery (CSRF) Vulnerability in @Mail WebMail 4.51 and 5.x Cross-Site Scripting (XSS) Vulnerability in @Mail before 4.61 Cross-Site Scripting (XSS) Vulnerabilities in Oracle Portal 9i and 10g Unspecified Cross-Site Scripting (XSS) Vulnerability in @Mail Webadmin Unspecified Authentication Bypass Vulnerabilities in Soumu Workflow SQL Injection Vulnerability in Soumu Workflow for Groupmax, Soumu Workflow, and Koukyoumuke Soumu Workflow Stack-based Buffer Overflow in NeoTraceExplorer.NeoTraceLoader ActiveX Control Arbitrary Web Script Injection Vulnerability in MGinternet Property Site Manager Multiple SQL Injection Vulnerabilities in MGinternet Property Site Manager PHP Remote File Inclusion Vulnerabilities in PgmReloaded 0.8.5 and Earlier Newxooper 0.9.1 - PHP Remote File Inclusion Vulnerability in mapage.php Arbitrary Web Script Injection in SugarCRM Open Source 4.5.0f and Earlier via Crafted Email Messages Buffer Overflow Vulnerability in Hitachi Directory Server 2 P-2444-A124 and P-1B44-A121 Memory Leak Vulnerability in Hitachi Directory Server 2 P-2444-A124 and P-1B44-A121 PowerClan 1.14a and Earlier: PHP Remote File Inclusion Vulnerability in footer.inc.php Arbitrary SQL Command Execution in Eric GUILLAUME Uploader&Downloader 3 Vulnerability: Unauthorized VLAN Management Packet Acceptance in Allied Telesis AT-9000/24 Ethernet Switch Default Password Vulnerability in Allied Telesis AT-9000/24 Ethernet Switch Denial of Service Vulnerability in GNU Wget 1.10.2 via Malicious FTP Server Azucar CMS 1.3 Remote File Inclusion Vulnerability in admin/index_sitios.php Cross-Site Scripting (XSS) Vulnerabilities in Knusperleicht ShoutBox 2.6 Remote Code Execution Vulnerability in Bandwebsite 1.5 Denial of Service Vulnerability in Workstation Service of Microsoft Windows 2000 SP4 and XP SP2 Denial of Service Vulnerability in BolinTech Dream FTP Server 1.02 Directory Traversal Vulnerabilities in PHPBuilder 0.0.2 and Earlier Inertianews 0.02 Beta - PHP Remote File Inclusion Vulnerability Inertianews 0.02 Beta and Earlier: PHP Remote File Inclusion Vulnerability Unspecified Denial of Service and Spam Vulnerability in LAN Messenger Arbitrary Web Script Injection Vulnerability in a-blog 1.51 and Earlier Vulnerability: Local Privilege Escalation via X.Org /dev/xf86 Device in OpenBSD and NetBSD Multiple Buffer Overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) Versions 5.0 Update 7 and Earlier: File Manipulation and Execution Vulnerabilities Remote File Inclusion Vulnerability in cwmVote 1.0 archive.php Allows Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in Support Cards 1 (osTicket) Arbitrary Code Injection through Cross-Site Scripting (XSS) in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c Sensitive Information Disclosure in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows unauthorized data access between applets Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows unauthorized data access between applets Remote File Inclusion Vulnerability in cwmCounter 5.1.1 and Earlier: Arbitrary PHP Code Execution Paristemi 0.8.3 - PHP Remote File Inclusion Vulnerability in buycd.php Multiple PHP Remote File Inclusion Vulnerabilities in phpProfiles 3.1.2b and Earlier CSRF Vulnerability in urlobox in MKPortal Allows Arbitrary Message Deletion Buffer Overflow Vulnerabilities in HP LaserJet 5000 and 5100 Series Printers World-writable permissions in phpProfiles before 2.1.1 allow local users to modify or delete certain profile files and directories Directory Listing Vulnerability in phpProfiles before 2.1.1 Unspecified Privilege Escalation Vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) Xt-News 0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities Xt-News 0.1 show_news.php SQL Injection Vulnerability Remote File Inclusion Vulnerability in Newxooper 0.9 and Earlier Buffer Overflow Vulnerability in OpenSER 1.1.0 parse_expression Function Format String Vulnerability in XM Easy Personal FTP Server 5.0.1 Format string vulnerability in XM Easy Personal FTP Server 5.2.1 and 5.3.0 Buffer Overflow Vulnerability in FTPRush 1.0.0.610 via Long Host Field Event Viewer in Microsoft Windows Vulnerability: Improper Display of Log Data Containing '%' Characters Multiple SQL Injection Vulnerabilities in Ixprim 1.2 Information Disclosure Vulnerability in Ixprim 1.2 Guessable IXP_CODE in Ixprim 1.2 allows for remote administration panel access Arbitrary File Read Vulnerability in cwmExplorer 1.0 Http Explorer 1.02 Directory Traversal Vulnerability Denial of Service Vulnerability in RealPlayer 10.5 ActiveX Control PHP Remote File Inclusion Vulnerabilities in Phpmymanga 0.8.1 and Earlier: Arbitrary Code Execution Remote Code Execution Vulnerability in Novell NetMail IMAPD Denial of Service Vulnerability in Novell NetMail IMAPD PHP Remote File Inclusion Vulnerabilities in Keep It Simple Guest Book (KISGB) Remote File Inclusion Vulnerability in Keep It Simple Guest Book (KISGB) authenticate.php Arbitrary PHP Code Execution in Pagetool 1.07 via Multiple File Inclusion Vulnerabilities Multiple SQL Injection Vulnerabilities in cwmExplorer 1.1.0 and Earlier Denial of Service Vulnerability in oftpd before 0.3.7 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PWP Technologies The Classified Ad System Default.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP Live! 3.2.2 and Earlier PHP Remote File Inclusion Vulnerabilities in Jinzora Media Jukebox 2.7 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Irokez CMS 0.7.1 and Earlier Remote Code Execution via Format String Vulnerability in w3m's inputAnswer Function Arbitrary Administrative User Creation Vulnerability in Fishyshoop 0.930 beta Remote File Inclusion Vulnerability in Ciberia Content Federator 1.0 Denial of Service Vulnerability in acFTP 1.5 via Crafted Argument to REST or PBSZ Command Multiple SQL Injection Vulnerabilities in Future Internet Future Internet Cross-Site Scripting (XSS) Vulnerability in index.cfm Arbitrary Web Script Injection Vulnerability in TimberWolf 1.2.2 Jelsoft vBulletin Cross-Site Scripting (XSS) Vulnerability via SWF File Execution SQL Injection Vulnerability in HLstats Login Form Sensitive Information Disclosure in HLstats 1.20-1.34 via Playinfo Mode Arbitrary Web Script Injection Vulnerability in pnamazu 2006.02.28 and Earlier Arbitrary File Upload Vulnerability in Logahead UNU 1.0 (before 20061226) Netbula Anyboard SQL Injection Vulnerability Authentication Bypass and Remote Code Execution in Open Newsletter 2.5 and Earlier Arbitrary PHP Code Execution in Open Newsletter 2.5 and Earlier Arbitrary SQL Command Execution in Newsletter MX 1.0.2 and Earlier LuckyBot 3 - Multiple PHP Remote File Inclusion Vulnerabilities PHP Remote File Inclusion Vulnerability in Phpbbxtra 2.0 Archive Topic Module Direct Static Code Injection Vulnerability in Ultimate PHP Board (UPB) 2.0b1 and Earlier SQL Injection Vulnerability in SelGruFra.asp in ChatWM 1.0 SQL Injection Vulnerability in Calendar MX BASIC 1.0.2 and Earlier: Remote Code Execution via ID Parameter in calendar_detail.asp Remote File Inclusion Vulnerability in Okul Merkezi Portal 1.0: Arbitrary PHP Code Execution SQL Injection Vulnerability in Efkan Forum 1.0 Default.asp Remote File Inclusion Vulnerability in My_eGallery 2.5.6 Module in myPHPNuke Remote File Inclusion Vulnerability in MTCMS 2.0 and Earlier: Arbitrary PHP Code Execution Denial of Service and Arbitrary Memory Read Vulnerability in Microsoft Windows CSRSS SQL Injection Vulnerability in Cacti 0.8.6i and Earlier with register_argc_argv Enabled Remote Code Execution in Limbo CMS Event Module 1.0 via PHP Remote File Inclusion Arbitrary PHP Code Execution via Remote File Inclusion in SH-News 0.93 SQL Injection Vulnerability in actualpic.asp in Enthrallweb ePages SQL Injection Vulnerability in Types.asp in Enthrallweb eCars 1.0 SQL Injection Vulnerability in Dragon Business Directory - Pro 3.01.12 and Earlier: Remote Code Execution via ID Parameter SQL Injection Vulnerability in newsdetail.asp in Enthrallweb eJobs SQL Injection Vulnerability in Enthrallweb eMates 1.0: Remote Code Execution via newsdetail.asp SQL Injection Vulnerability in list.asp in Softwebs Nepal Ananda Real Estate 3.4 and Earlier Cross-site scripting (XSS) vulnerability in WordPress 2.0.5 wp-admin/templates.php PHP Remote File Inclusion Vulnerabilities in Vladimir Menshakov Buratinable Templator (aka Bubla) 1.0.0rc2 and Earlier Memory Corruption Vulnerability in DB Hub 0.3 Remote Denial of Service Vulnerability in KsIRC 1.3.12 Multiple PHP Remote File Inclusion Vulnerabilities in myPHPCalendar 10.1 Arbitrary SQL Command Execution Vulnerability in Mxmania File Upload Manager (FUM) 1.0.6 and Earlier Directory Traversal Vulnerability in Hosting Controller 7c's FolderManager Cross-Site Scripting (XSS) Vulnerabilities in DMXReady Secure Login Manager 1.0 Multiple SQL Injection Vulnerabilities in DMXReady Secure Login Manager 1.0 Information Disclosure Vulnerability in AlstraSoft Web Host Directory Authentication Bypass and Password Change Vulnerability in AlstraSoft Web Host Directory Insufficient Access Control in AlstraSoft Web Host Directory Allows Unauthorized Database Download Improper Validation of MM_recordId Parameter in Enthrallweb eCoupons Allows Unauthorized Profile Modifications Improper Validation of MM_recordId Parameter in Enthrallweb eNews Allows Unauthorized Profile Modifications Insecure Profile Update Vulnerability in Enthrallweb eClassifieds Arbitrary PHP Code Execution via Remote File Inclusion in Yrch! 1.0 Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jim Hu and Chad Little PHP iCalendar 2.23 rc1 and Earlier Sensitive Information Disclosure in Calendar MX BASIC 1.0.2 and Earlier Unspecified Security Leak Vulnerability in Personal .NET Portal Tab Editor Denial of Service Vulnerability in Macromedia Flash 8 (Flash8b.ocx) Multiple SQL Injection Vulnerabilities in Efkan Forum 1.0 and Earlier Insecure Storage of Sensitive Information in Efkan Forum 1.0 and Earlier Remote File Inclusion Vulnerability in b2 Blog 0.5 and Earlier SQL Injection Vulnerability in aFAQ 1.0: Remote Code Execution via catcode Parameter in faqDsp.asp Arbitrary Web Script Injection Vulnerability in Joomla! before 1.0.12 Unvalidated Input Vulnerability in Joomla! before 1.0.12 Unspecified Vulnerabilities in Joomla! Before 1.0.12 with Unknown Impact and Attack Vectors SQL Injection Vulnerability in Neocrome Land Down Under (LDU) 8.x and Earlier: Remote Code Execution via journal.php Unspecified ASN.1 Parsing Vulnerabilities in osp-cert in IBM OS/400 V5R3M0 Stack-based buffer overflows in ISO plugin for Total Commander allow remote code execution Remote Code Execution and Information Disclosure in Rediff Bol Downloader ActiveX Control Unspecified Remote Attack Vector Vulnerability in phpBB 2.0.22 Unspecified Remote Code Execution Vulnerability in phpBB before 2.0.22 Lack of Session Checks in phpBB Forms: Unknown Impact and Remote Attack Vectors SQL Injection Vulnerability in Acronym Mod 0.9.5 for phpBB2 Plus 1.53 Remote File Inclusion Vulnerability in BE IT EasyPartner 0.0.9 Beta Component for Joomla! Arbitrary Script Injection in CMS Made Simple User Comment Module Arbitrary Script Injection in CMS Made Simple 1.0.2 Search Action SQL Injection Vulnerabilities in While You Were Out (WYWO) InOut Board 1.0 Denial of Service Vulnerability in RealPlayer 10.5 ActiveX Control ASPTicker 1.0 admin.asp SQL Injection Vulnerability Improper Exit Handling in Cahier de texte (CDT) 2.2 Allows Unauthorized Administrative Actions Remote File Inclusion Vulnerability in Shadowed Portal 5.7 Roster Module (character_roster) Cross-Site Scripting (XSS) Vulnerabilities in ac4p Mobilelib Gold 2's contact_us.php Eval Injection Vulnerability in tDiary 2.0.3 and 2.1.4.200 61127 Remote Code Execution Vulnerability in Durian Web Application Server 3.02 Memory Corruption Vulnerability in QuickCam VC Linux Device Driver Denial of Service Vulnerability in AIDeX Mini-WebServer 1.1 Early Release 3 Arbitrary PHP Code Injection Vulnerability in WebText CMS 0.4.5.2 and Earlier Arbitrary Script Injection in Docebo LMS Credits Module Teredo Authentication Bypass Vulnerability SQL Injection Vulnerability in coupon_detail.asp in Website Designs For Less Click N' Print Coupons 2005.01 and earlier Buffer Overflow in sendToMythTV Function in MythControlServer.c SQL Injection Vulnerabilities in Outfront Spooky Login 2.7 Cross-Site Scripting (XSS) Vulnerabilities in Outfront Spooky Login 2.7 Enigma2 Plugin Remote File Inclusion Vulnerability Enigma2 Coppermine Bridge 1.0 - PHP Remote File Inclusion Vulnerability SAFileUp 5.0.14 Directory Traversal Vulnerability Insufficient Access Control in STphp EasyNews PRO 4.0 Allows Unauthorized Access to Sensitive Information PHP Remote File Inclusion Vulnerabilities in Vladimir Menshakov buratinable templator (aka bubla) 0.9.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 Arbitrary Local File Inclusion Vulnerability in MAXdev MDForum 2.0.1 and Earlier Denial of Service Vulnerability in Avahi's consume_labels Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in eNdonesia 8.4 Arbitrary File Read Vulnerability in eNdonesia 8.4 mod.php Multiple SQL Injection Vulnerabilities in eNdonesia 8.4 mod.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in eNdonesia 8.4 friend.php Buffer Overflow in OpenSER OSP Module Allows Remote Code Execution Buffer Overflow Vulnerability in OpenSER's fetchsms Function Arbitrary File Inclusion Vulnerability in Matteo Lucarelli 3editor CMS 0.42 and Earlier Privilege Escalation via rights[7] Parameter in PHP-Update 2.7 and Earlier Unrestricted File Upload Vulnerability in PHP-Update 2.7 and Earlier SQL Injection Vulnerabilities in PHP-Update 2.7 and Earlier in code/guestadd.php Buffer Overflow Vulnerability in Get_Wep Function of ATMEL Linux PCI PCMCIA USB Drivers 3.4.1.1 Golden Book XSS Vulnerability PHP Remote File Inclusion Vulnerability in PHPIrc_bot 0.2 Buffer Overflow in WZFILEVIEW.FileViewCtrl.61 ActiveX Control in WinZip 10.0 Build 6667 Denial of Service Vulnerability in Macromedia Shockwave 10 ActiveX Control Sensitive Information Disclosure in phpwcms 1.2.5-DEV Unrestricted File Upload Vulnerability in logahead UNU 1.0 Sensitive Information Exposure in P-News 1.16 and 1.17 Sensitive Information Exposure in FreeStyle Wiki (fswiki) 3.6.2 and Earlier Insecure Storage of Sensitive Information in Voodoo Chat 1.0RC1b Insufficient Access Control in Vz (Adp) Forum 2.0.3 Allows Remote Retrieval of Admin Credentials Arbitrary Web Script Injection in Jonathon J. Freeman OvBB 0.13a GetLocation Function Tor Hidden Service IP Address Discovery Vulnerability Unspecified Vulnerabilities in SPINE Before 1.2 with Unknown Impact and Attack Vectors Unauthorized Inquiry Responses Vulnerability in Sony Ericsson T60 Bluetooth Stack Unauthorized Pair-Up Vulnerability in Plantronic Headset Bluetooth Stack Widcomm Bluetooth for Windows (BTW) 3.0.1.905 Directory Traversal Vulnerability CarWhisperer vulnerability in Widcomm Bluetooth for Windows (BTW) before 4.0.1.1500 HidAttack: Remote Control of Mouse and Keyboard via BlueZ Vulnerability Unspecified Implementation Bug in Apple Mac OS 10.4 Bluetooth Stack Remote Root Access Vulnerability in Microsoft Windows Bluetooth Stack Remote Root Access Vulnerability in Microsoft Windows Mobile Pocket PC Edition Bluetooth Stack Toshiba Bluetooth Stack Remote Root Vulnerability Remote Root Access Vulnerability in Broadcom Bluetooth Stack Widcomm Bluetooth Stack Remote Root Vulnerability Unspecified vulnerability in Mac OS Bluetooth stack with unknown impact and local attack vectors Unspecified Vulnerability in Bluesoil Bluetooth Stack: Unknown Impact and Attack Vectors Buffer Overflow Vulnerability in Widcomm Bluetooth Stack Remote Code Execution via Stack-based Buffer Overflow in Karl Dahlke Edbrowse 3.1.3 Denial of Service Vulnerability in Fersch Formbankserver 1.9 SQL Injection Vulnerability in Digitizing Quote And Ordering System 1.0: Remote Authenticated User Arbitrary SQL Command Execution SQL Injection Vulnerability in phpMyFAQ 1.6.7 and Earlier: Remote Code Execution Arbitrary PHP Script Upload Vulnerability in phpMyFAQ 1.6.7 and Earlier Unspecified Information Disclosure Vulnerability in IBM AIX FTP Server Denial of Service Vulnerability in IBM AIX 5.2.0 and 5.3.0 FTPD Denial of Service Vulnerability in Getahead Direct Web Remoting (DWR) 1.1.3 Buffer Overflow Vulnerabilities in CA BrightStor ARCserve Backup R11.5 Server Unspecified Admin Login Vulnerability in GeoBB 1.0 with Unknown Impact Remote Code Execution via Malicious RSS Feed in Firefox Sage Extension Arbitrary Web Script Injection in Nucleus CMS 3.24 Denial of Service Vulnerability in Linux Kernel: Unrecoverable Zombie Process Arbitrary SQL Command Execution Vulnerability in Deadlock User Management System (phpdeadlock) 0.64 and Earlier SQL Injection Vulnerability in bitweaver 1.3.1 and Earlier: Remote Code Execution via newsletters/edition.php Sensitive Information Disclosure in bitweaver 1.3.1 and earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in bitweaver 1.3.1 and Earlier Unknown Impact Buffer Overflow in eXtremail 2.1 Multiple SQL Injection Vulnerabilities in Rialto 1.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Rialto 1.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Rapid Classified 3.1 Arbitrary SQL Command Execution in Rapid Classified 3.1 via viewad.asp Backtracking Attack Vulnerability in Snort before 2.6.1 Multiple SQL Injection Vulnerabilities in Image Gallery with Access Database Sensitive Information Disclosure in Easy Chat Server 2.1 Cross-Site Scripting (XSS) Vulnerabilities in Portix-PHP 0.4.2 Forum Post Fields SQL Injection Vulnerability in Portix-PHP 0.4.2 Login Component Xtreme ASP Photo Gallery Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Xtreme ASP Photo Gallery's displaypic.asp NitroTech 0.0.3a Directory Traversal Vulnerability Local Privilege Escalation via Symlink Attack in GNU ed Remote Code Execution Vulnerability in POP3/SMTP to OWA (pop2owa) 1.1.3 Sensitive Information Disclosure in FreeWebshop 2.2.2 and Earlier via Invalid Action Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpMyAdmin before 2.9.1.1 Information Disclosure Vulnerability in PhpMyAdmin Bypassing IP-based Access Rules in phpMyAdmin SQL Injection Vulnerability in Virtuemart 1.0.7 Remote Configuration Modification Vulnerability in NEC MultiWriter 1700C Web Server FTP Bounce Vulnerability in NEC MultiWriter 1700C FTP Server Denial of Service Vulnerability in MyODBC Japanese Conversion Edition Cleartext Password Storage in Conti FTPServer 1.0 Build 2.8 Conti FTPServer 1.0 Build 2.8 Directory Traversal Vulnerability Arbitrary Script Injection Vulnerability in OdysseusBlog's blog.php Privilege Escalation Vulnerability in Computer Associates Host Intrusion Prevention System (HIPS) Drivers Virtual Keyboard Vulnerability in GlobeTrotter Mobility Manager Allows Keystroke Capture Denial of Service Vulnerability in Flock Beta 1 0.7 Opera Denial of Service Vulnerability via Nested Marquee Tags Denial of Service Vulnerability in Microsoft Internet Explorer via Nested Marquee Tags Docebo 3.0.3 and Earlier PHP Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerabilities in phpBlueDragon 2.9.1 Bypassing Startup-Shield Security Restrictions in WebRoot Spy Sweeper 4.5.9 and Earlier Vulnerability: Inadequate Handling of Non-ZIP Archives in WebRoot Spy Sweeper 4.5.9 and Earlier File Name-Based Malware Detection Bypass in WebRoot Spy Sweeper 4.5.9 and Earlier Remote File Inclusion Vulnerability in RS Gallery2 Component for Joomla! (com_rsgallery2) 1.11.2 PHP Remote File Inclusion Vulnerabilities in Docebo LMS 3.0.3 Cleartext User Password Disclosure in MailEnable Professional CRLF Injection Vulnerability in DokuWiki 2006-03-09e and Earlier Arbitrary PHP Code Execution in phpGraphy before 0.9.13a Phorum Group Moderation Control Center XSS Vulnerability Predictable Session Identifier Vulnerability in Jetty Bypassing Fraud Protection Mechanism in Opera 9.10 Final Bypassing Phishing Protection Mechanism in Mozilla Firefox 2.0 on Windows Possible SQL Injection Vulnerability in BtitTracker 1.3.2 and Earlier Unauthenticated Remote Access and Administrative Activities in Headstart Solutions DeskPRO Insufficient Access Control in Headstart Solutions DeskPRO CentiPaid 1.4.3 PHP Remote File Inclusion Vulnerability in centipaid_class.php CentiPaid 1.4.2 and Earlier: PHP Remote File Inclusion Vulnerability in centipaid_class.php Arbitrary JavaScript Execution via Cross-Site Scripting (XSS) in FreeTextBox's Basic Toolbar Selection Arbitrary JavaScript Execution via Cross-Site Scripting (XSS) in FCKEditor's Basic Toolbar Selection Arbitrary Command Execution Vulnerability in Amarok's Magnatune Component Unspecified Vectors in Amarok's Magnatune.com Album Browser Lead to Denial of Service Vulnerability Denial of Service Vulnerability in 3proxy 0.5 to 0.5.2 with NT-encoded Passwords Insecure Authentication Order in 3proxy 0.5 to 0.5.2 Cross-Domain Information Disclosure Vulnerability in MYweb4net Browser 3.8.8.0 Cross-Domain Information Disclosure Vulnerability in GreenBrowser 3.4.0622 Cross-Domain Information Disclosure Vulnerability in Maxthon 1.5.6 Build 42 Cross-Domain Information Disclosure Vulnerability in PhaseOut 5.4.4 Cross-Domain Information Disclosure Vulnerability in FineBrowser Freeware 3.2.2 Cross-Domain Information Disclosure Vulnerability in Slim Browser 4.07 Build 100 Cross-Domain Information Disclosure Vulnerability in NetCaptor 4.5.7 Personal Edition Cross-Domain Information Disclosure Vulnerability in Enigma Browser 3.8.8 Cross-Domain Information Disclosure Vulnerability in Fast Browser Pro 8.1 Cross-Domain Information Disclosure Vulnerability in GoSuRF Browser 2.62 Multiple SQL Injection Vulnerabilities in Neuron Blog 1.1's addcomment2.php Unrestricted File Upload Vulnerability in OzzyWork Gallery (Possibly 2.0 and Earlier) Privilege Escalation Vulnerability in mycontacts.php of V3 Chat Multiple Cross-Site Scripting (XSS) Vulnerabilities in warforge.NEWS 1.0 Unspecified Cryptographic Vulnerability in MailEnable Standard, Professional, and Enterprise Editions Information Disclosure Vulnerability in install/loader_help.php in Headstart Solutions DeskPRO Arbitrary File Read Vulnerability in Headstart Solutions DeskPRO Path Disclosure Vulnerability in Headstart Solutions DeskPRO Directory Traversal Vulnerability in avatar.php in PhpMyChat Plus 1.9 and Earlier Cross-site scripting (XSS) vulnerability in add_comment.php in Wheatblog (wB) 1.1 Remote File Inclusion Vulnerability in Fusion Polls Admin Panel Cross-Site Scripting (XSS) Vulnerability in PSY Auction's email_request.php SQL Injection Vulnerability in PSY Auction's item.php Allows Remote Code Execution Remote File Inclusion Vulnerability in Robin de Graff Somery 0.4.4 upload/admin/team.php Buffer Overflow in Tiny FTPd 1.4 and Earlier: Remote Denial of Service Vulnerability Unspecified vulnerability in Joomla! before 1.0.10 with unknown impact and attack vectors related to securing mosmsg from misuse Joomla! Frontend Submission Form Spoofing Vulnerability Unspecified Impact and Attack Vectors in Joomla! MosGetParam Implementation Develooping Flash Chat PHP Remote File Inclusion Vulnerability Arbitrary Command Execution in SCart 2.0 via show_text Action IP Address Spoofing Vulnerability in Simple Machines Forum (SMF) Improper User Session Handling in BloggIT 1.01 and Earlier Allows Remote Privilege Escalation Jobline 1.1.1 - PHP Remote File Inclusion Vulnerability in admin.jobline.php Remote Authentication Bypass Vulnerability in phpjobboard Multiple PHP Remote File Inclusion Vulnerabilities in Indexu 5.0.1 Arbitrary Code Execution in phpwcms 1.2.5-DEV and Earlier Arbitrary Code Execution in phpwcms 1.2.5-DEV and Earlier CRLF Injection Vulnerability in phpwcms 1.2.5-DEV and Earlier Plume CMS 1.1.3 - Remote File Inclusion Vulnerability in dbinstall.php Arbitrary URL Display Vulnerability in fx-APP 0.0.8.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in fx-APP 0.0.8.1 Multiple PHP Remote File Inclusion Vulnerabilities in Harpia CMS 1.0.5 and Earlier SQL Injection Vulnerability in Bookmark4U 2.0 and 2.1 via admin/config.php Remote File Inclusion Vulnerability in Aardvark Topsites PHP 4.2.2 and Earlier Remote Code Execution Vulnerability in Microsoft ISA Server 2004 Denial of Service Vulnerability in Single CPU Sun Systems Running Solaris 7, 8, or 9 Denial of Service Vulnerability in Microsoft Internet Explorer 6 SP2 and Earlier Denial of Service Vulnerability in Microsoft Internet Explorer 6 SP2 and Earlier Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2900 SP2 and Earlier Arbitrary Code Execution via PHP Remote File Inclusion in FlashBB 1.1.5 and Earlier Super Link Exchange Script 1.0 XSS Vulnerability in Search Box Arbitrary SQL Query Execution Vulnerability in Super Link Exchange Script 1.0 Arbitrary File Read Vulnerability in Super Link Exchange Script 1.0 Remote Code Execution in Andys Chat 4.5 via PHP Remote File Inclusion in register.php Mathcad 12 through 13.1 XML Worksheet Security Bypass Vulnerability Buffer overflow vulnerabilities in MERCUR Messaging 2005 before Service Pack 4: Remote Denial of Service Denial of Service Vulnerability in MERCUR Messaging 2005 Denial of Service Vulnerability in MERCUR Messaging 2005 Denial of Service Vulnerability in MERCUR Messaging 2005 SMTP Service Arbitrary Web Script Injection Vulnerability in Chipmunk Directory's index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Chipmunk Blogger Remote File Inclusion Vulnerability in Clan Manager Pro (CMPRO) 1.11 and Earlier PHP Remote File Inclusion Vulnerability in Clan Manager Pro (CMPRO) 1.1.0 and Earlier PHP Remote File Inclusion Vulnerability in Clan Manager Pro (CMPRO) 1.1.0 Bypassing IP Ban Restrictions in Shoutpro 1.0 via Path Parameter Multiple PHP Remote File Inclusion Vulnerabilities in Claroline 1.7.5 Improper Argument Order in Method Method of WikkaWiki Allows Remote Access to Arbitrary PHP Files Arbitrary JavaScript Injection in WikkaWiki (Wikka Wiki) before 1.1.6.2 Denial of Service and Memory Consumption Vulnerability in Linux Kernel 2.6.x PHP Remote File Inclusion Vulnerabilities in DotWidget For Articles (dotwidgeta) 0.2 Bypassing Keyword Filtering and Signatures in Arkoon FAST360 UTM Appliances Denial of Service Vulnerability in Arkoon FAST360 UTM Appliances TotalCalendar 2.30 PHP Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in DreamCost HostAdmin 3.1 and Earlier SQL Injection Vulnerability in Sphider search.php (CVE-2006-2506.2) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sphider before 1.3.1c Cross-Site Scripting (XSS) Vulnerabilities in Scriptsez.net E-Dating System Path Disclosure Vulnerability in Scriptsez.net E-Dating System Predictable File Names in Scriptsez.net E-Dating System Allow for XSS Attacks Path Disclosure Vulnerability in Kamgaing Email System (kmail) 2.3 and Earlier Arbitrary File Inclusion Vulnerability in TinyPHPforum 3.6 and Earlier Arbitrary Web Script Injection in Invision Power Board (IPB) 2.1.6 and Earlier Denial of Service Vulnerability in Microsoft Internet Explorer via XML File and XSL Stylesheet Remote Denial of Service Vulnerability in Microsoft Internet Explorer 6 and Earlier Remote Code Execution Vulnerability in Oracle 10g R2 and Other Versions via Invalid alter session set events Command Remote File Inclusion Vulnerability in CliServ Web Community 0.65 and Earlier Remote File Inclusion Vulnerability in Socketwiz Bookmarks 2.0 and Earlier via smarty_config.php Arbitrary File Upload and Execution Vulnerability in Etomite CMS SQL Injection Vulnerability in Invision Power Board (IPB) 2.1 up to 2.1.6 via CLIENT_IP Parameter Arbitrary Script Injection in GeoClassifieds Enterprise 2.0.5.2 and Earlier Opentools Attachment Mod XSS Vulnerability Authentication Bypass Vulnerability in SmartSiteCMS 1.0 Buffer Overflow in meta_read_flac function allows arbitrary code execution in Aqualung 0.9beta5 and earlier, and CVS 0.193.2 and earlier Cross-Site Scripting (XSS) Vulnerability in Advanced Guestbook 2.4 for phpBB SQL Injection Vulnerability in Advanced Guestbook 2.4 for phpBB Multiple Cross-Site Scripting (XSS) Vulnerabilities in Professional Home Page Tools Login Script Variable Extraction Vulnerability in exV2 2.0.4.3 and Earlier: Remote Code Execution and Directory Traversal Arbitrary File Deletion via Directory Traversal in exV2 2.0.4.3 and Earlier PHP Remote File Inclusion Vulnerabilities in PhpNews 1.0 Authentication Bypass and Arbitrary File Upload in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 Directory Traversal Vulnerability in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 Arbitrary Content Injection and XSS Vulnerability in Rigter Portal System (RPS) 1.0, 2.0, and 3.0 via add_art.php Hot Links dlback.php and dlback.cgi Scripts Information Disclosure and Database Download Vulnerability CRLF Injection Vulnerability in Dotdeb PHP Mail Function SQL Injection Vulnerabilities in Simple PHP Forum before 0.4 SQL Injection Vulnerability in Ban 0.1: Remote Code Execution via id Parameter in connexion.php PHP Remote File Inclusion Vulnerability in phpBB Security 1.0.1 and Earlier Remote File Inclusion Vulnerability in phpht Topsites FREE 1.022b SQL Injection Vulnerability in Mambo LaiThai 4.5.4 SP2 and Earlier Arbitrary Web Script Injection Vulnerability in Mambo LaiThai 4.5.4 Security Patch 2 and Earlier Privilege Escalation via FTPD in Gentoo and Debian Linux Integer Signedness Error in Network Receive Packet Function in Dimension 3 Engine (Dim3) 1.5 and Earlier Buffer Overflow in network_host_handle_join function in dimension 3 engine (dim3) 1.5 and earlier Unspecified Vulnerabilities in TaskFreak! before 0.1.4 Privilege Escalation via TIOCSTI ioctl in Apache HTTP Server 1.3.34-4 SolarPay index.php Directory Traversal Vulnerability Remote File Inclusion Vulnerability in phpBB Insert User 0.1.2 and Earlier SQL Injection Vulnerability in admin.php in PHPWind 5.0.1 and Earlier PHP Remote File Inclusion Vulnerabilities in phpBurningPortal Quiz-Modul 1.0.1 Directory Traversal Vulnerabilities in EZOnlineGallery 1.3 and Earlier Remote File Inclusion Vulnerability in Chad Auld MOStlyContent Editor (MOStlyCE) for Mambo 4.5.4 Remote File Inclusion Vulnerability in Smarty 2.6.9 Remote File Inclusion Vulnerability in Power Phlogger 2.0.9 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Coalescent Systems freePBX 2.1.3 Upgrade.php Bypassing Access Policies in util-linux-2.12a Login Vulnerability Unrestricted File Upload Vulnerability in IMCE Drupal Module IMCE Directory Traversal Vulnerability in Delete Function Authentication Bypass Vulnerability in Futomi's CGI Cafe KMail CGI 1.0.3 and Earlier Directory Traversal Vulnerability in MD-Pro 1.0.76 and Earlier Unrestricted File Upload Vulnerability in P-News 2.0 Insufficient Access Control in P-News 2.0 Allows Unauthorized Access to User Information SQL Injection Vulnerability in PHPKit 1.6.1 RC2: Remote Code Execution via catid Parameter SQL Injection Vulnerability in Kubix 0.7 and Earlier: Bypass Authentication and Remote Code Execution Multiple Directory Traversal Vulnerabilities in Kubix 0.7 and Earlier SQL Injection Vulnerability in DMXReady Site Engine Manager 1.0 Remote File Inclusion Vulnerability in J. He PHPGiggle 12.08 and Earlier Remote File Inclusion Vulnerability in maintain 3.0.0-RC2 via phphtmllib parameter Denial of Service Vulnerability in Linksys SPA-921 VoIP Desktop Phone Arbitrary Web Script Injection in BSQ Sitestats IP Address Lookup Functionality Multiple SQL Injection Vulnerabilities in BSQ Sitestats Component for Joomla Remote File Inclusion Vulnerability in BSQ Sitestats Component for Joomla Arbitrary Web Script Injection in Joomla BSQ Sitestats 1.8.0 and 2.2.1 SQL Injection Vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1: Remote Code Execution PHP Remote File Inclusion Vulnerabilities in JAF CMS 4.0 and 4.0 RC2 Remote File Inclusion Vulnerability in JAF CMS 4.0 RC1 forum/forum.php Allows Arbitrary PHP Code Execution Local Privilege Escalation Vulnerability in ISS BlackICE PC Protection 3.6 cpj and cpu Remote File Inclusion Vulnerability in Jinzora 2.1 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Jinzora 2.6 Arbitrary File Inclusion Vulnerability in PHPMyDesk 1.0beta Directory Traversal Vulnerability in Upload Tool for PHP 1.0 Unrestricted File Upload Vulnerability in Upload Tool for PHP 1.0 PHP Poll Creator (phpPC) 1.04 - Remote File Inclusion Vulnerability in lib/functions.inc.php PHP Poll Creator (phpPC) 1.04 and Earlier Multiple Remote File Inclusion Vulnerabilities TinyPortal before 0.8.6 Shoutbox Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in wwv_flow_utilities.gen_popup_list in Oracle APEX/HTMLDB Remote Denial of Service Vulnerability in Kmail 1.9.1 on KDE 3.5.2 PKCS #1 v1.5 Signature Forgery Vulnerability in libike Library Absolute Path Traversal Vulnerability in Oracle Database Server with UTL_FILE_DIR Configuration Hard-coded Cryptographic Keys in Utimaco Safeguard's Centralized Management Feature Arbitrary Web Script Injection Vulnerability in Call Center Software 0.93 and Earlier SQL Injection Vulnerability in Call Center Software 0.93 and Earlier: Remote Code Execution and Authentication Bypass Sensitive Information Disclosure in Call Center Software 0.93 and Earlier via Modified user_id Parameter Remote File Inclusion Vulnerability in Leicestershire communityPortals 1.0 build 20051018 and earlier Remote File Inclusion Vulnerability in phpBB Import Tools Mod 0.1.4 and Earlier PHP Remote File Inclusion Vulnerability in maluinfo 206.2.38 for Brazilian PHPBB Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mambo 4.6.x SQL Injection Vulnerabilities in Mambo 4.6.x via mcname Parameter in moscomment.php and com_comment.php Untrusted Search Path Vulnerability in libtool-ltdl Library (libltdl.so) 1.5.22-2.3 in Fedora Core 5 Privilege Escalation Vulnerability in ASP-Nuke Community 1.5 and Earlier Remote Code Execution in MiniBB Forum 2 via PHP Remote File Inclusion Vulnerability Path Disclosure Vulnerability in Iono Templates ISAKMP Cookie Reuse Vulnerability in Novell BorderManager 3.8 SP4 Remote File Inclusion Vulnerability in Keyword Replacer (keyword_replacer) 1.0 and earlier Buffer Overflow Vulnerability in Google Earth v4.0.2091 (beta) via Long Href Element Oracle Application Express (APEX) Cross-Site Scripting (XSS) Vulnerability in NOTIFICATION_MSG Parameter BTI-Tracker 1.3.2 Directory Traversal Vulnerability Denial of Service Vulnerability in Outpost Firewall PRO 4.0 SQL Injection Vulnerability in giris_yap.asp in Hazir Site 2.0: Bypassing Authentication via k_a class or sifre parameter Weak File Permissions in PuTTY 0.59 and Earlier: Local Information Disclosure Vulnerability Unencrypted Database Storage Vulnerability in DreameeSoft Password Master 1.0 Insecure File Access Vulnerability in IBM WebSphere Application Server Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 5.0 through 5.1.1.0 Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 5.1.1.9 and Earlier Authentication Bypass Vulnerability in ProRat Server 1.9 Fix2 Remote File Inclusion Vulnerability in PHP Add Name Module Allows Arbitrary Code Execution Remote File Inclusion Vulnerability in Ultimate PHP Board (UPB) 2.0 and Earlier Multiple SQL Injection Vulnerabilities in Koan Software Mega Mall Information Disclosure Vulnerability in product_review.php SQL Injection Vulnerabilities in PHP-Stats 0.1.9.1b and Earlier Arbitrary PHP Code Execution via Direct Static Code Injection in PHP-Stats 0.1.9.1b and Earlier PHP Remote File Inclusion Vulnerability in phpBB Dimension Module Insecure SSLv2 Encryption Enabled in Sendmail 8.13.1-2 Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier allows email spoofing via localhost.localdomain domain name Denial of Service Vulnerability in MadWifi Ad-Hoc Mode Denial of Service Vulnerability in MadWifi before 0.9.3 Denial of Service via Channel Switch Announcement Information Elements in MadWifi Unencrypted Packet Leakage and Authentication Disruption Vulnerability in MadWifi PHP Remote File Inclusion Vulnerabilities in Morcego CMS 0.9.6 and Earlier MNews 2.0 Remote File Inclusion Vulnerability Exhibit Engine (EE) 1.22 and Earlier: PHP Remote File Inclusion Vulnerability in styles.php PHP Remote File Inclusion Vulnerabilities in Exhibit Engine (EE) 1.22 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in CMSmelborp Beta Arbitrary File Disclosure in web-app.net WebAPP before 0.9.9.3.5 Cross-site scripting (XSS) vulnerability in show_recent_searches function in web-app.net WebAPP before 20060909 Information Disclosure Vulnerability in web-app.net WebAPP Arbitrary Script Injection in WebAPP.net WebAPP (before 20060403) via logs.cgi Cross-site scripting (XSS) vulnerability in topics.pl in web-app.net WebAPP before 20060515 Privilege Escalation via Untrusted Search Path in LDAP Account Manager (LAM) Cross-Site Scripting (XSS) Vulnerability in Microsoft ASP .NET Framework 2.0.50727.42 Remote Code Execution in Smarty 2.6.1 via PHP Remote File Inclusion Vulnerability Agora 1.4 RC1 PHP Remote File Inclusion Vulnerability in MysqlfinderAdmin.php Arbitrary Web Script Injection Vulnerability in Apache Tomcat Cross-site scripting (XSS) vulnerability in Apache Tomcat calendar application (versions 4.0.0 - 4.0.6, 4.1.0 - 4.1.31, 5.0.0 - 5.0.30, and 5.5.0 - 5.5.15) allows remote script injection via time parameter in cal2.jsp and potentially other vectors. Apache Tomcat 5.5.15 AJP Connector Buffer Over-read Vulnerability Unspecified Vulnerability in IBM WebSphere Application Server (WAS) with Unknown Impact and Attack Vectors (PK26123) Remote Image Display Vulnerability in EMC RSA Security SiteKey RSA Security SiteKey Vulnerability: Forever Persisting Challenge-Bypass Tokens Insecure Implementation of EMC RSA Security SiteKey Flash Token Improper Access Rights Check in Mambo 4.6.1 Allows Remote Content Reading NULL Pointer Dereference and Oops Vulnerability in Linux Kernel's compat_sys_mount Function Local File Inclusion Vulnerability in PHP imap_body Function Denial of Service Vulnerability in PHP array_fill Function Denial of Service Vulnerability in Microsoft Internet Explorer 6 Buffer Overflow Vulnerability in ageet AGEphone Before 1.4.0 Remote File Inclusion Vulnerability in Adam van Dongen Forum Component Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpTrafficA before 1.2beta2 Denial of Service Vulnerability in Microsoft Windows 2000, XP, and Server 2003 via Crafted PNG Image Weak Permissions in Firebird 1.5 Semaphore Array Allows Denial of Service Multiple Buffer Overflows in Firebird 1.5 with Unknown Impact and Attack Vectors Database Overwrite Vulnerability in Firebird 1.5 Unspecified Denial of Service Vulnerabilities in Firebird 1.5 AI90: Memory Page Access Bit Vulnerability in Intel Core 2 Processors Privilege Escalation: Arbitrary Table Locking in Apache Derby Arbitrary Drop Schema Vulnerability in Apache Derby Inadequate Permission Enforcement in eZ publish before 3.8.1 Allows Unauthorized Translations Language-based Draft Creation Vulnerability in eZ Publish Unspecified Denial of Service Vulnerability in SAP SAPLPD and SAPSPRINT Off-by-one errors in fsplib.c leading to denial of service vulnerabilities Buffer Overflow in Media Player Classic (MPC) 6.4.9.0 via Crafted FLI File Arbitrary Code Execution via PreviewAction in XWiki Denial of Service Vulnerability in PCRE Library due to Malformed POSIX Character Class Denial of Service Vulnerability in PCRE Library Integer Overflow in PCRE Library Allows Arbitrary Code Execution Integer Overflow in PCRE Library Allows Arbitrary Code Execution Denial of Service Vulnerability in skge Driver 1.5 on Linux Kernel 2.6.15 Memory Calculation Vulnerability in PCRE Library SQL Injection Vulnerability in Civica Software's display.asp Denial of Service Vulnerability in MySQL 5.0.x and 5.1.x via EXPLAIN SELECT FROM on INFORMATION_SCHEMA Table Arbitrary Web Script Injection in Openfire Admin Console Login Form Untrusted Search Path Vulnerability in Lynx Allows Arbitrary Code Execution Denial of Service Vulnerability in Teamtek Universal FTP Server 1.0.50 Arbitrary Code Execution Vulnerability in Default Configuration of xterm on Debian GNU/Linux and Ubuntu PHP Remote File Inclusion Vulnerability in Ixprim 2.0 Theme_Manager.class.php MyShoutPro 1.2 Cross-Site Scripting (XSS) Vulnerability NULL pointer dereference vulnerability in _gnutls_x509_oid2mac_algorithm function in GnuTLS before 1.4.2 Inadequate Screen Locking in gnome-power-manager 2.14.0 ACL Bypass Vulnerability in IBM FileNet P8 Application Engine Unauthenticated Access to Site Preferences Modification in IBM FileNet P8 Application Engine Null Byte Injection Vulnerability in PHP before 5.3.4 Memory Leak Vulnerability in libpng 1.2.13beta1 and Earlier Versions Denial of Service Vulnerability in Monkey's Audio 4.01b2 Lack of Certificate Subject Pinning in NetworkManager 0.9.x with 802.11X Authentication SQL Injection Vulnerability in Weblinks Component for Joomla! and Mambo 1.0.9 and Earlier NULL pointer dereference vulnerability in OpenSSL allows for denial of service via crafted S/MIME message Integer Overflow in calloc Function in jemalloc for FreeBSD and NetBSD Default Password Vulnerability in GE Healthcare Infinia II Denial of Service Vulnerability in nscd Daemon