Vulnerability Index: Year 2008

Vulnerability: Local Users Bypassing Permissions in Linux Kernel VFS Apache Tomcat Remote Information Disclosure Vulnerability Stack-based Buffer Overflow in PAMCallback Function in OpenPegasus CIM Management Server Cross-Site Scripting (XSS) Vulnerability in mod_proxy_ftp in Apache 2.2.x, 2.0.x, and 1.3.x Buffer Overflow in X.Org Xserver and libfont/libXfont Libraries Kernel Memory Access Vulnerability in Linux Kernel Privilege Escalation Vulnerability in PulseAudio 0.9.8 and 0.9.9 Kernel Memory Leak Vulnerability in vmsplice_to_user Function Kernel Memory Read Vulnerability in Linux 2.6.22-2.6.24 MJPEG Decoder Vulnerability Heap-based Buffer Overflow in Trend Micro ServerProtect 5.7 and 5.58 Heap-based Buffer Overflow in Trend Micro ServerProtect 5.7 and 5.58 Heap-based Buffer Overflow in Trend Micro ServerProtect 5.7 and 5.58 ATL Stack-based Buffer Overflow Vulnerability Stack-based Buffer Overflow in URL Parsing Implementation in Mozilla Firefox and SeaMonkey Memory Corruption and Buffer Overflow in Firefox and SeaMonkey HTTP Index Parser ATL Header Memcopy Vulnerability SQL Injection Vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) Versions 5.0/5.1 and 6.0/6.1 Heap-based Buffer Overflow in Cisco Unified Communications Manager (CUCM) CTLProvider.exe Service Denial of Service Vulnerability in Cisco PIX and ASA Appliances Default Password Vulnerability in Cisco Application Velocity System (AVS) Memory Corruption Vulnerability in Apple QuickTime 7.4 and Earlier Heap Corruption Vulnerability in Apple QuickTime Memory Corruption Vulnerability in Apple QuickTime Passcode Bypass Vulnerability in Apple iPhone 1.0 through 1.1.2 via Emergency Calls Memory Corruption Vulnerability in Safari Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted Compressed PICT Image X11 Vulnerability: Bypassing Access Restrictions in Apple Mac OS X 10.5 through 10.5.1 Time Machine Backup Vulnerability in Launch Services Arbitrary Command Execution Vulnerability in Mail on Apple Mac OS X 10.4.11 Unspecified vulnerability in NFS in Apple Mac OS X 10.5 through 10.5.1 Information Leakage in Apple Mac OS X 10.5 through 10.5.1 Parental Controls Terminal.app Argument Injection Vulnerability Photocast Subscription Format String Vulnerability in Apple iPhoto Buffer Overflow Vulnerabilities in AFP Client in Apple Mac OS X 10.4.11 and 10.5.2 Cross-Realm Authentication Bypass Vulnerability in AFP Server in Apple Mac OS X 10.4.11 Incorrect German Translation in Application Firewall Radio Button in Apple Mac OS X 10.5.2 Heap-based Buffer Overflow in CUPS 1.3.5 and Apple Mac OS X 10.5.2 Printer Sharing Vulnerability Stack-based Buffer Overflow in AppKit Allows Arbitrary Code Execution in Mac OS X 10.4.11 Insecure Inter-Process Communication in AppKit on Apple Mac OS X 10.4.11 CFNetwork HTTPS Proxy Spoofing Vulnerability Integer Overflow in CoreFoundation Allows Arbitrary Code Execution via Crafted Time Zone Data Remote Code Execution via Unsafe File Type Handling in Apple Mac OS X 10.4.11 Buffer Overflow Vulnerabilities in CUPS HP-GL/2-to-PostScript Filter Arbitrary Code Execution Vulnerability in Apple Mac OS X 10.4.11 via NSSelectorFromString API World-writable Directories Vulnerability in Apple Mac OS X 10.4.11 Stack-based Buffer Overflow in NSFileManager in Apple Mac OS X 10.4.11 Arbitrary Code Execution via Crafted Serialized Property List in AppKit Race condition in NSURLConnection cache management functionality in Foundation for Apple Mac OS X 10.4.11 allows remote code execution Race Condition Vulnerability in NSXML in Apple Mac OS X 10.4.11: Arbitrary Code Execution via Crafted XML File Arbitrary Applescript Execution via Help Viewer in Apple Mac OS X 10.4.11 and 10.5.2 Improper Rotation of Resource Records Denial of Service Vulnerability in MaraDNS Denial of Service and Remote Code Execution Vulnerability in MIT Kerberos 5 (krb5kdc) Uninitialized Stack Values Vulnerability in MIT Kerberos 5 KDC Stack-based Buffer Overflow in XnView, NConvert, and GFL SDK Allows Arbitrary Code Execution via Crafted Radiance RGBE (.hdr) File Stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 Buffer Overflow Vulnerabilities in Autonomy KeyView HTML Speed Reader Multiple Stack-Based Buffer Overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Arbitrary File Read Vulnerability in HP OpenView Network Node Manager (OV NNM) XnView 1.92 and 1.92.1 FontName Parameter Stack-based Buffer Overflow Vulnerability Heap-based Buffer Overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA Denial of Service Vulnerability in BitTorrent and uTorrent Web UI Interface Format String Vulnerability in Evolution 2.12.3 and Earlier Allows Remote Code Execution Remote Code Execution Vulnerability in xine-lib 1.1.10.1 via SDP Streamid Parameter Privilege Escalation Vulnerability in Microsoft Internet Information Services (IIS) Arbitrary Code Execution Vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 via Crafted ASP Inputs HTML Rendering Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 Remote Code Execution via Property Memory Corruption in Microsoft Internet Explorer ActiveX Control Memory Corruption Vulnerability in Microsoft Internet Explorer Heap-based Buffer Overflow in WebDAV Mini-Redirector in Microsoft Windows XP, Server 2003, and Vista Macro Execution Vulnerability in Microsoft Excel 2000-2003, Viewer 2003, and Office 2004 for Mac Remote Code Execution Vulnerability in Windows Messenger Arbitrary Code Execution Vulnerability in VBScript and JScript Scripting Engines Denial of Service Vulnerability in Windows Vista TCP/IP Support Memory Page Reuse Vulnerability in SQL Server Buffer Overflow Vulnerability in Microsoft SQL Server 2000 SP4, MSDE 2000 SP4, and WMSDE 2000 Predictable DNS Transaction IDs in Microsoft Windows Operating Systems Denial of Service Vulnerability in Active Directory and ADAM SQL Injection Vulnerability in uprofile.php in ClipShare Denial of Service Vulnerability in DivX Player 6.6.0 Directory Traversal Vulnerability in AGENCY4NET WEBFTP 1: Arbitrary File Read and Delete Arbitrary Script Injection in Appalachian State University phpWebSite 1.4.0 Search Module Cross-Site Scripting (XSS) Vulnerabilities in eTicket 1.5.5.2 and 1.5.6 RC2/RC3 via newticket.php Directory Traversal Vulnerabilities in MODx Content Management System 0.9.6.1 Denial of Service Vulnerability in Asterisk SIP Channel Driver Buffer Overflow Vulnerabilities in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and Earlier Format String Vulnerability in Georgia SoftWorks SSH2 Server (GSW_SSHD) Allows Remote Code Execution Buffer Overflow Vulnerability in RealPlayer 11 Build 6.0.14.748 Multiple SQL Injection Vulnerabilities in MyPHP Forum 3.0 and Earlier Stack-based Buffer Overflow in White_Dune 0.29 beta791 and Earlier: Remote Code Execution via .WRL File Format String Vulnerability in swDebugf Function in White_Dune 0.29 beta791 and Earlier Publisher Invalid Memory Reference Vulnerability Microsoft Office Execution Jump Vulnerability Publisher Memory Corruption Vulnerability Microsoft Works File Converter Index Table Vulnerability Remote Code Execution Vulnerability in Microsoft SQL Server 2005 SP1 and SP2 SQL Server Memory Corruption Vulnerability Microsoft Works File Converter Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution Vulnerability in Microsoft Office Word Arbitrary Code Execution Vulnerability in Microsoft Outlook via Crafted mailto URI Excel Data Validation Record Vulnerability Excel File Import Vulnerability Microsoft Office Cell Parsing Memory Corruption Vulnerability Memory Corruption Vulnerability in Microsoft Excel 2000-2003, Viewer 2003, and Office for Mac 2004 Excel Formula Parsing Vulnerability Excel Rich Text Validation Vulnerability Excel Conditional Formatting Code Execution Vulnerability Microsoft Office Memory Corruption Vulnerability Publisher Object Handler Validation Vulnerability Memory Allocation Vulnerability in Microsoft PowerPoint Viewer 2003 Memory Calculation Vulnerability in Microsoft PowerPoint Viewer 2003 Off-by-one Memory Corruption Vulnerability in ISC BIND 9.4.2 and Earlier Cross-site scripting (XSS) vulnerability in Moodle 1.8.3 install.php Cross-site scripting (XSS) vulnerability in Serendipity (S9Y) before 1.3-beta1 Arbitrary Web Script Injection Vulnerability in phpstats.php Remote Code Execution and Denial of Service Vulnerability in McAfee E-Business Server Insecure Cookie Handling in Apache Tomcat SingleSignOn Valve SQL Injection Vulnerability in Site@School 2.3.10 and Earlier: Remote Code Execution via album_name Parameter SQL Injection Vulnerability in Instant Softwares Dating Site Login Form Cross-Site Scripting (XSS) Vulnerability in Instant Softwares Dating Site Login Form Denial of Service Vulnerability in Pragma FortressSSH 5.0 Build 4 Revision 293 and Earlier Multiple SQL Injection Vulnerabilities in Tribisur 2.1 and Earlier Arbitrary Web Script Injection Vulnerability in Snitz Forums 2000 Sensitive Information Exposure in Snitz Forums 2000 3.4.06 and Earlier Information Disclosure Vulnerability in Snitz Forums 2000 3.4.05 Remote File Inclusion Vulnerability in SNETWORKS PHP CLASSIFIEDS 5.0: Arbitrary PHP Code Execution XOOPS Mod_Gallery PHP Remote File Inclusion Vulnerability Eval Injection Vulnerability in Loudblog 0.8.0 and Earlier: Remote Code Execution via Template Parameter Arbitrary File Read Vulnerability in Uebimiau Webmail 2.7.10 and 2.7.2 Predictable Password Generation in WebPortal CMS 0.6-beta Allows Remote Account Access Multiple SQL Injection Vulnerabilities in WebPortal CMS 0.6-beta Remote File Inclusion Vulnerability in samPHPweb's common/db.php NetRisk 1.9.7 and Earlier: PHP Remote File Inclusion and Local File Inclusion Vulnerability Unspecified vulnerability in glob in PHP before 4.4.8 with open_basedir enabled W3-mSQL Error Page Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in SmallNuke 2.0.4 and Earlier: Remote Code Execution via index.php Arbitrary Shell Command Execution in TUTOS 1.3 Information Disclosure Vulnerability in TUTOS 1.3 LDAP Authentication Bypass Vulnerability in Aruba Mobility Controller Foxit WAC Server Heap-Based Buffer Overflow Vulnerability Denial of Service Vulnerability in SeattleLab SLNet RF Telnet Server 4.1.1.3758 and Earlier Denial of Service Vulnerability in Pragma TelnetServer 7.0.4.589 SQL Injection Vulnerability in EvilBoard 0.1a (Alpha) - Remote Code Execution via index.php Arbitrary Web Script Injection Vulnerability in EvilBoard 0.1a (Alpha) Million Dollar Script 2.0.14 - Absolute Path Traversal Vulnerability SQL Injection Vulnerability in FlexBB 0.6.3 and Earlier: Remote Code Execution via flexbb_temp_id Parameter Shop-Script 2.0 Directory Traversal Vulnerability SQL Injection Vulnerability in eggBlog 3.1.0 and Earlier: Arbitrary SQL Command Execution via eggblogpassword Parameter Privilege Escalation via xprop Execution in splitvt 1.6.6 and Earlier Symlink Attack Vulnerability in Linux Kernel 2.6 with vservers Cross-Site Request Forgery Vulnerabilities in Plone CMS 3.0.5 and 3.0.6 CSRF Vulnerability in Ikiwiki Allows Unauthorized Modification of User Preferences and Passwords Predictable Random Number Generation in OpenSSL 0.9.8c-1 to 0.9.8g-9 on Debian-based Systems Vulnerability: Arbitrary File Truncation and Modification in GForge 4.5.14 Authentication Bypass in ikiwiki PasswordAuth Plugin Denial of Service Vulnerability in Boost.Regex Library Denial of Service Vulnerability in Boost.Regex Library Gforge 4.6.99 SQL Injection Vulnerability in RSS Exports Cleartext Transmission of Credentials in GE Fanuc Proficy Real-Time Information Portal Arbitrary Code Execution via Unrestricted File Upload in GE Fanuc Proficy Real-Time Information Portal Heap-based Buffer Overflow in GE Fanuc CIMPLICITY HMI SCADA System 7.0 and Earlier Versions Denial of Service Vulnerability in KAME Project's ipcomp6_input Function Arbitrary Code Injection via User-Agent Header in Liferay Portal 4.3.6 Arbitrary Web Script Injection via User-Agent Header in Liferay Portal 4.3.6 Arbitrary Script Injection in Liferay Portal 4.3.6 User Profile Greeting Field Arbitrary Web Script Injection Vulnerability in Liferay Portal 4.3.6 Admin Portlet CSRF Vulnerability in Liferay Portal Admin Portlet Sys-Hotel on Line System Absolute Path Traversal Vulnerability SQL Injection Vulnerability in NetRisk 1.9.7 and Earlier: Remote Code Execution via pid Parameter NetRisk 1.9.7 index.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in songinfo.php in SAM Broadcaster samPHPweb Multiple Cross-Site Scripting (XSS) Vulnerabilities in AwesomeTemplateEngine's example_template.php WordPress RSS2 Action Path Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in WordPress 2.0.9 and Earlier Arbitrary Web Script Injection Vulnerability in WordPress wp-db-backup.php WordPress wp-db-backup.php Directory Traversal Vulnerability Information Disclosure Vulnerability in WordPress 2.0.11 and Earlier Directory Traversal Vulnerabilities in WordPress 2.0.11 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in WP-ContactForm Plugin for WordPress CSRF Vulnerabilities in WP-ContactForm Plugin Allow Remote Administrative Actions Denial of Service Vulnerability in PRO-Search 0.17 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in RotaBanner Local 3 and Earlier ExpressionEngine 1.2.1 XSS Vulnerability in index.php CRLF Injection Vulnerability in ExpressionEngine 1.2.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cryptographp WordPress Plugin Cross-Site Scripting (XSS) Vulnerabilities in Math Comment Spam Protection Plugin for WordPress Cross-Site Request Forgery (CSRF) Vulnerabilities in Math Comment Spam Protection Plugin for WordPress Multiple Cross-Site Scripting (XSS) Vulnerabilities in Captcha! WordPress Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in PRO-Search 0.17 and Earlier Snitz Forums 2000 3.4.05 and Earlier Login.asp Cross-Site Scripting (XSS) Vulnerability Open Redirect Vulnerability in Snitz Forums 2000 3.4.06 and Earlier Authentication Bypass Vulnerability in Uebimiau Webmail 2.7.10 and 2.7.2 Denial of Service Vulnerability in HP Compaq Business Notebook PC BIOS F.04-F.11 Out-of-Bounds Memory Access Vulnerability in HP OpenView Network Node Manager (OV NNM) Unspecified Remote Code Execution Vulnerability in HP Virtual Rooms ActiveX Control Unspecified Remote Access Vulnerabilities in HP Select Identity 4.00-4.20 Unspecified Remote Access Vulnerabilities in HP Storage Essentials SRM Improper Verification of Device Name Ownership in FreeBSD's ptsname Function World-readable and World-writable Permissions Vulnerability in FreeBSD's Script Program Cross-Site Scripting (XSS) Vulnerability in Merak IceWarp Mail Server's admin/index.html SQL Injection Vulnerability in PHP Webquest 2.6 (soporte_horizontal_w.php) Allows Remote Code Execution Multiple stack-based buffer overflows in WebLaunch ActiveX Control allow remote code execution Directory Traversal Vulnerability in WebLaunch ActiveX Control Unrestricted File Upload Vulnerability in Wp-FileManager 1.2 Plugin for WordPress Buffer Overflow Vulnerability in JustSystems JSFC.DLL Allows Remote Code Execution via Crafted .JTD File SQL Injection Vulnerability in Newbb_plus Module of RunCMS 1.6.1 via Client-Ip Parameter in index.php Heap-based Buffer Overflow in xine-lib's rmff_dump_cont Function Multiple Buffer Overflows in yaSSL 1.7.5 and Earlier: Remote Code Execution Vulnerabilities Denial of Service Vulnerability in yaSSL 1.7.5 and Earlier CSRF Vulnerability in Linksys WRT54GL Router Firmware 4.30.9 Allows Remote Administrative Actions Unauthenticated Administrative Access Vulnerability in LevelOne WBR-3460 Router Remote File Inclusion Vulnerability in osDate 2.0.8 and Earlier Versions Multiple Directory Traversal Vulnerabilities in Tuned Studios Webpage Templates Multiple SQL Injection Vulnerabilities in Zero CMS 1.0 Alpha Unrestricted File Upload Vulnerability in Zero CMS 1.0 Alpha and Earlier Buffer Overflow Vulnerability in Apple Quicktime Player RTSP Tunneling Arbitrary Code Execution Vulnerability in Microsoft VFP_OLE_Server ActiveX Control Remote Code Execution Vulnerability in Microsoft Visual FoxPro ActiveX Control Arbitrary Command Execution Vulnerability in Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 Heap-based buffer overflows in xine-lib 1.1.9 allow remote code execution via SDP attributes Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Identity Manager Frame Injection Vulnerability in Sun Java System Identity Manager Open Redirect Vulnerability in Sun Java System Identity Manager Unspecified Local Privilege Escalation Vulnerability in libdevinfo in Sun Solaris 10 Unspecified Denial of Service Vulnerability in Lotus Domino 7.0.2 Arbitrary Command Execution in SAP MaxDB 7.6.03 and Earlier Authentication Bypass Vulnerability in UploadImage 1.0 Authentication Bypass Vulnerability in UploadScript 1.0 Heap-based Buffer Overflow in IBM Tivoli Storage Manager (TSM) Express 5.3 Buffer Overflow in ActiveX Control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager Allows Remote Code Execution Database Credential Leakage in PHP Webquest 2.6 via admin/backup_phpwebquest.php Buffer Overflow in Microsoft Visual InterDev 6.0 (SP6) via Long Project Line in Studio Solution (.SLN) File Unrestricted File Upload Vulnerability in PhotoPost vBGallery Directory Traversal Vulnerability in CherryPy Allows Arbitrary File Manipulation SQL Injection Vulnerability in Binn SBuilder's full_text.php Allows Remote Code Execution via nid Parameter SQL Injection Vulnerability in activate.php in TutorialCMS 1.02 SQL Injection Vulnerability in archive.php in iGaming 1.5 and Earlier Versions SQL Injection Vulnerabilities in Matteo Binda ASP Photo Gallery 1.0 Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 Arbitrary Web Script Injection Vulnerability in PHP Running Management (phpRunMan) Directory Traversal Vulnerabilities in minimal Gallery 0.8 Information Disclosure Vulnerability in minimal Gallery 0.8 via php_info.php Denial of Service Vulnerability in Mambo Search Component and Module SQL Injection Vulnerability in Agares PhpAutoVideo 2.21: Remote Code Execution via articlecat Parameter SIP Module Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in Meta Tags Module for Drupal Multiple Cross-Site Scripting (XSS) Vulnerabilities in F5 BIG-IP 9.4.3 Web Management Interface Search Function CSRF Vulnerability in eTicket 1.5.5.2 Allows Unauthorized Administrative Access Multiple SQL Injection Vulnerabilities in eTicket 1.5.5.2 Arbitrary Web Script Injection Vulnerability in eTicket 1.5.5.2 Unspecified Denial of Service Vulnerability in dotoprocs Function in Sun Solaris 10 SQL Injection Vulnerability in TaskFreak! 0.6.1 and Earlier: Remote Code Execution via sContext Parameter Cross-Site Request Forgery (CSRF) Vulnerability in BUEditor Drupal Module CSRF Vulnerability in Drupal Aggregator Module Allows Unauthorized Deletion of Feed Items Cross-Site Scripting (XSS) Vulnerability in Drupal 4.7.x and 5.x with Internet Explorer 6 Arbitrary Web Script Injection Vulnerability in Drupal 4.7.x and 5.x Drupal Atom Module Permission Management Vulnerability Cross-site scripting (XSS) vulnerability in Devel module for Drupal before version 5.x-0.1 Arbitrary Code Execution Vulnerability in Drupal Fileshare Module SQL Injection Vulnerability in X7 Chat 2.0.5: Remote Code Execution via index.php SQL Injection Vulnerability in liretopic.php in Xforum 1.4 and Possibly Others SQL Injection Vulnerability in index.php of MTCMS 2.0 and Earlier Versions SQL Injection Vulnerability in liste.php in ID-Commerce 2.0 and Earlier SQL Injection Vulnerability in DomPHP 0.81 and Earlier: Remote Code Execution via mail Parameter Remote File Inclusion Vulnerability in DomPHP 0.81 and Earlier Arbitrary Web Script Injection Vulnerability in Simple Machines Forum (SMF) 1.1.4 and Earlier Denial of Service Vulnerability in ngIRCd 0.10.x and 0.11.0 SQL Injection Vulnerability in Article Dashboard's admin/login.php Remote File Inclusion Vulnerability in VisionBurst vcart 3.3.2 SQL Injection Vulnerabilities in ImageAlbum 2.0.0b2 PHP Remote File Inclusion Vulnerability in Member Area System (MAS) 1.7 and Possibly Others Multiple SQL Injection Vulnerabilities in Digital Hive 2.0 RC2 and Earlier Arbitrary SQL Command Execution in RichStrong CMS via showproduct.asp Cross-Site Scripting (XSS) Vulnerability in Dansie Photo Album 1.0 Unspecified Authentication Bypass Vulnerability in FreeSeat 1.1.5d Multiple Seat Booking Vulnerability in FreeSeat Heap-based Buffer Overflow in Xine Library Allows Remote Code Execution via Long SDP Data Heap-based Buffer Overflow in libaccess_realrtsp Plugin in VLC Media Player PhotoKorn Remote Database Credential Disclosure Denial of Service Vulnerability in Apple Safari 2.x via Crafted Web Page Predictable RandomPool State Vulnerability in Paramiko 1.7.1 and Earlier Arbitrary PHP Code Execution in Mapbender 2.4 to 2.4.4 via mapFiler.php SQL Injection Vulnerabilities in Mapbender 2.4.4 Untrusted Search Path Vulnerability in apt-listchanges.py FTP Bounce Vulnerability in Canon Printers Arbitrary Code Execution via Crafted MIME Type in Mozilla Thunderbird and SeaMonkey Arbitrary Command Execution Vulnerability in SAP MaxDB 7.6.0.37 Arbitrary Code Execution via Integer Signedness Error in SAP MaxDB 7.6.0.37 Symantec Antivirus Products Denial of Service Vulnerability Symantec Decomposer Stack-based Buffer Overflow Vulnerability Directory Traversal Vulnerability in pkgadd in SCO UnixWare 7.1.4 Stack-based Buffer Overflow in Borland CaliberRM 2006 Allows Remote Code Execution Stack-based Buffer Overflow in AutoFix Support Tool ActiveX Control in Symantec Norton Products Arbitrary Code Execution via ActiveDataInfo.LaunchProcess Method in Symantec Norton Products Remote Code Execution Vulnerability in ClamAV 0.92.1 via Crafted PeSpin Packed PE Binary Integer Overflow in libclamav Allows Remote Code Execution via Crafted Petite Packed PE File Heap-based Buffer Overflow in OpenOffice.org OLE Importer Privilege Escalation via I2O Utility Filter Driver in Windows XP Denial of Service Vulnerability in Cisco Systems VPN Client IPSec Driver Arbitrary SQL Command Execution Vulnerability in FaScript FaPersian Petition's show.php SQL Injection Vulnerability in FaScript FaPersianHack 1.0: Remote Code Execution via id Parameter in show.php SQL Injection Vulnerability in FaScript FaMp3 1.0's show.php Allows Remote Code Execution via id Parameter SQL Injection Vulnerability in FaScript FaName 1.0: Remote Code Execution via id Parameter in page.php Unrestricted Access Vulnerability in LulieBlog 1.0.1 and 1.0.2 Denial of Service Vulnerability in OSC Radiator before 4.0 Denial of Service Vulnerability in Funkwerk System Software Directory Traversal Vulnerability in Aria's help/effect.php Allows Remote File Inclusion Arbitrary File Read Vulnerability in AfterLogic MailBee WebMail Pro 4.1 Arbitrary Web Script Injection in PMachine Pro 2.4.1 Arbitrary Script Injection in BugTracker.NET Custom Text Field CSRF Vulnerabilities in BugTracker.NET 2.7.2 and Earlier Arbitrary Code Execution via Long URI in MiniWeb HTTP Server 0.8.19 Directory Traversal Vulnerability in MiniWeb HTTP Server 0.8.19 DB01: Unspecified Remote Attack Vector in Oracle Database XML DB Component Unspecified Vulnerabilities in Oracle Database Components Unspecified Remote Vulnerability in Oracle Database Advanced Queuing Component (DB03) Unspecified Remote Vulnerability in Oracle Database Upgrade/Downgrade Component (DB05) Unspecified Remote Vulnerability in Oracle Spatial Component (DB06) Unspecified Remote Vulnerability in Oracle Spatial Component (DB07) Unspecified Remote Attack Vulnerability in Oracle Database 11.1.0.6 (DB08) AS01: Unspecified Remote Vulnerability in Oracle Jinitiator Component Unspecified vulnerability in Oracle Ultra Search component with unknown impact and local attack vectors (OCS01) Unspecified Remote Vulnerabilities in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne PSE02: Unspecified Remote Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unauthenticated Remote Code Execution in Evilsentinel 1.0.9 and Earlier Bypassing CAPTCHA in Evilsentinel 1.0.9 and earlier IPv6 Jumbo Payload Option Denial of Service Vulnerability SQL Injection Vulnerability in visualizza_tabelle.php in php-residence 0.7.2 and 1.0 Arbitrary Code Execution via Cross-Site Scripting (XSS) in IBM Lotus Sametime 7.5 and 7.5.1 Chat Client SQL Injection Vulnerability in PHPEcho CMS Forum Module (Version 2.0-rc3 and earlier) Buffer Overflow Vulnerability in Citrix Presentation Server (MetaFrame Presentation Server) and Access Essentials Arbitrary File Inclusion Vulnerability in Galaxyscripts Mini File Host 1.2.1 and Earlier SQL Injection Vulnerability in Pixelpost 1.7 index.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in BLOG:CMS 4.2.1b Multiple SQL Injection Vulnerabilities in BLOG:CMS 4.2.1b Arbitrary File Inclusion Vulnerability in GradMan 0.1.3 and Earlier Arbitrary Web Script Injection in Clever Copy Gallery.php SQL Injection Vulnerabilities in Clever Copy 3.0 and Earlier: Remote Code Execution Buffer Overflow Vulnerability in BitTorrent and uTorrent on Windows Buffer Overflow Vulnerabilities in CORE FORCE Firewall and Registry Modules SSDT Hook Handler Vulnerability in CORE FORCE before 0.95.172 HTTP Basic Authentication Vulnerability in Mozilla Firefox Arbitrary File Creation Vulnerability in IBM Informix Dynamic Server (IDS) 10.x Arbitrary File Creation Vulnerability in IBM Informix Dynamic Server (IDS) 10.x Arbitrary Web Script Injection Vulnerability in cPanel dohtaccess.html Multiple SQL Injection Vulnerabilities in aliTalk 1.9.1.1 Bypassing Restrictions in 8e6 R3000 Internet Filter 2.0.05.33 and Earlier Versions via Fragmented HTTP Request Arbitrary PHP File Execution via Unrestricted File Upload in PHP F1 Max's File Uploader Cleartext Transmission of Printer Configuration Allows Remote Password Retrieval Remote Administrative Access Vulnerability in OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web Page 1.00 Remote File Inclusion Vulnerability in Small Axe Weblog 0.3.1: Arbitrary PHP Code Execution Remote Authentication Bypass Vulnerability in MicroNews Stack-based Buffer Overflow in SocksCap 2.40-051231 and Earlier with Remote Name Resolution Race condition vulnerability in Enterprise Tree ActiveX control in Crystal Reports XI Release 2 allows for remote code execution and denial of service Buffer Overflow in Digital Data Communications RtspVaPgCtrl ActiveX Control Unspecified Cross-Site Scripting (XSS) Vulnerability in Mahara before 0.9.1 Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier Multiple SQL Injection Vulnerabilities in MyBB 1.2.10 and Earlier Denial of Service Vulnerability in OpenBSD 4.2 via SIOCGIFRTLABEL IOCTL SQL Injection Vulnerability in Urulu 2.1 Server Widgetallocator.php Arbitrary Command Execution in Xdg-utils 1.0.2 and Earlier Firebird SQL Integer Overflow Remote Code Execution Vulnerability SQL Injection Vulnerability in WP-Forum 1.7.4 Plugin for WordPress Unspecified Vulnerability in IBM WebSphere Application Server's serveServletsByClassnameEnabled Feature Arbitrary PHP Code Injection in AuraCMS 1.62 via stat.php and Mod Block Statistik Arbitrary User Account Addition Vulnerability in aliTalk 1.9.1.1 Buffer Overflow Vulnerabilities in Microsoft Visual Basic Enterprise Edition 6.0 SP6 Directory Traversal Vulnerability in GradMan 0.1.3 and Earlier: Arbitrary File Inclusion Buffer Overflow in Citadel SMTP Server 7.10 and Earlier Allows Remote Code Execution via Long RCPT TO Command Information Disclosure Vulnerability in Kayako SupportSuite 3.11.01 BitDefender Update Server Directory Traversal Vulnerability Multiple SQL Injection Vulnerabilities in aflog 1.01 and Earlier Versions Cross-Site Scripting (XSS) Vulnerability in aflog 1.01 and Earlier Versions Buffer Overflow Vulnerabilities in Toshiba Surveillance RecordSend ActiveX Control Arbitrary Script Injection in Singapore 0.10.1 Modern Template Buffer Overflow Vulnerability in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) Unspecified Access Restriction Bypass Vulnerability in IBM WebSphere Business Modeler Basic and Advanced 6.0.2.1 Unauthenticated Remote Configuration Modification in Belkin Wireless G Plus MIMO Router F5D9230-4 Arbitrary Script Injection in Mantis' Most Active Bugs Summary Directory Traversal Vulnerabilities in HTTP File Server (HFS) before 2.2c Denial of Service Vulnerability in HTTP File Server (HFS) 2.2c and earlier Username Tagging Vulnerability in HTTP File Server (HFS) Arbitrary Text Appending Vulnerability in HTTP File Server (HFS) Arbitrary Web Script Injection Vulnerability in HTTP File Server (HFS) Information Disclosure in HTTP File Server (HFS) before 2.2c Stack-based Buffer Overflow in Ghostscript's zseticcspace Function Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Multiple Denial of Service Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Focus Spoofing Vulnerability in Mozilla Firefox and SeaMonkey JavaScript Privilege Escalation Bugs in Mozilla Firefox, Thunderbird, and SeaMonkey Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey CRLF Injection Vulnerability in Mozilla Firefox Directory Traversal Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Allows Remote Code Execution Memory Corruption Vulnerability in Mozilla Firefox and SeaMonkey Out-of-bounds Read Vulnerability in BMP Decoder of Mozilla Firefox, Thunderbird, and SeaMonkey Invision Gallery 2.0.7 and Earlier: SQL Injection Vulnerability in Rate Command SQL Injection Vulnerability in mail.php in bMachine 3.1 and Earlier Lama Software Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerability in Mooseguy Blog System (MGBS) 1.0: Remote Code Execution via month Parameter Frimousse 0.0.2 - Absolute Path Traversal Vulnerability in explorerdir.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in PacerCMS before 0.6.1 via submit.php Arbitrary File Read Vulnerability in bloofoxCMS 0.3 SQL Injection Vulnerabilities in bloofoxCMS 0.3 Login Function SQL Injection Vulnerability in AlstraSoft Forum Pay Per Post Exchange 2.0 SQL Injection Vulnerability in 360 Web Manager 3.0 Form.php Arbitrary File Read Vulnerability in IDMOS (aka Phoenix) 1.0 Arbitrary Web Script Injection in phpAutoVideo 2.21 and Earlier Agares phpAutoVideo 2.21 and earlier: PHP Remote File Inclusion Vulnerability in sidebar.php AXIMilter Module Format String Vulnerability in AXIGEN Mail Server 5.0.2 OZJournals 2.1.1 - Directory Traversal Vulnerability in index.php Arbitrary Web Script Injection in PD9 Software MegaBBS 1.5.14b via profile-upload/upload.asp Buffer Overflow Vulnerabilities in HP Virtual Rooms ActiveX Control Arbitrary Script Injection in Novemberborn sIFR 2.0.2 Font Rendering Arbitrary Code Injection via lang_listofmatches Parameter in DeluxeBB 1.1 Cleartext Password Storage Vulnerability in AlstraSoft Forum Pay Per Post Exchange 2.0 Cleartext Password Storage Vulnerability in IBM Tivoli Business Service Manager (TBSM) 4.1.1 PHP Remote File Inclusion Vulnerability in Small Axe Weblog 0.3.1 Heap-based Buffer Overflow in Lycos FileUploader Module's FileUploader.FUploadCtl.1 ActiveX Control Arbitrary Web Script Injection in Electronic Logbook (ELOG) before 2.7.0 Denial of Service Vulnerability in Electronic Logbook (ELOG) 2.7.1 and Earlier SQL Injection Vulnerability in LulieBlog 1.02: Remote Code Execution via voircom.php SQL Injection Vulnerability in Foojan WMS PHP Weblog 1.0 - Remote Code Execution via story parameter in index.php PHP Remote File Inclusion Vulnerability in phpSearch's class_HTTPRetriever.php SQL Injection Vulnerability in VP-ASP Shopping Cart 6.50 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in BLOG:CMS 4.2.1.c Multiple SQL Injection Vulnerabilities in PacerCMS 0.6 Arbitrary File Read Vulnerability in Siteman 1.1.9 SQL Injection Vulnerability in Easysitenetwork Recipe's list.php Allows Remote Code Execution Cross-zone scripting vulnerability in Skype's Internet Explorer web control allows injection of arbitrary web script or HTML via video titles Apache HTTP Server Cross-Site Scripting (XSS) Vulnerability in mod_negotiation CRLF Injection Vulnerability in Apache HTTP Server Unrestricted File Upload Vulnerability in Symantec LiveState Apache Tomcat Server Arbitrary File Inclusion Vulnerability in SLAED CMS 2.5 Lite Arbitrary Local File Inclusion Vulnerability in Liquid-Silver CMS 0.35 MediaWiki Cross-Site Scripting (XSS) Vulnerability in api.php SQL Injection Vulnerability in PHP-Nuke 8.0 FINAL and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in Archive 5.x before 5.x-1.8 Module for Drupal Arbitrary Web Script Injection in Drupal Workflow Module Arbitrary File Read Vulnerability in absofort aconon Mail 2007 Enterprise SQL 11.7.0 and Mail 2004 Enterprise SQL 11.5.1 Seagull 0.6.3 Directory Traversal Vulnerability Unauthenticated Directory Listing and File Reading Vulnerability in Web Wiz RTE_file_browser.asp Firebird Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in Flinx 1.3 and Earlier: Remote Code Execution via category.php SQL Injection Vulnerability in Tiger Php News System (TPNS) 1.0b and Earlier: Remote Code Execution via catid Parameter Arbitrary Command Execution Vulnerability in Comodo AntiVirus 2.0 ActiveX Control CSRF Vulnerability in phpBB 2.0.22 Allows Remote Deletion of Private Messages CSRF vulnerability in Woltlab Burning Board (wBB) 2.3.6 PL2 allows unauthorized thread deletion Arbitrary File Upload Vulnerability in Web Wiz Rich Text Editor 4.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine Applications Manager 8.1 Build 8100 Sensitive Information Disclosure in ManageEngine Applications Manager 8.1 build 8100 Unauthenticated Access and Information Disclosure in ManageEngine Applications Manager 8.1 build 8100 Stack-based Buffer Overflow in QMPUpgrade ActiveX Control Directory Traversal Vulnerability in SetCMS 3.6.5 Allows Remote File Inclusion Arbitrary Directory Listing Vulnerability in Web Wiz NewsPad 1.02 Directory Traversal Vulnerabilities in Web Wiz Forums 9.07 and Earlier Directory Traversal Vulnerability in Web Wiz Rich Text Editor 4.0 Allows Arbitrary Directory Listing Arbitrary Code Execution Vulnerability in MPlayer 1.0 rc2 and Earlier Buffer overflow vulnerability in libmpdemux/demux_audio.c in MPlayer and Xine-lib SQL Injection Vulnerabilities in login.asp in ASPired2Protect Arbitrary File Inclusion Vulnerability in tseekdir.cgi in VB Marketing Clansphere 2007.4.4 - Directory Traversal Vulnerability in install.php Arbitrary SQL Command Execution in WP-Cal 0.3 Plugin SQL Injection Vulnerability in fGallery WordPress Plugin (Version 2.4.1) Stack-based Buffer Overflow in Persits.XUpload.2 ActiveX Control in XUpload.ocx 3.0.0.4 and Earlier Heap Corruption Vulnerability in FlashPix Plugin for IrfanView 4.10 Arbitrary Script Injection in Endian Firewall 2.1.2 via vpnum/userslist.php Unspecified Denial of Service Vulnerability in IBM Hardware Management Console (HMC) 7 R3.2.0 Arbitrary Script Injection in AmpJuke 0.7.0 via XSS Vulnerability Unquoted PATH_INFO in Nucleus CMS 3.31 action.php Allows Cross-Site Scripting (XSS) Arbitrary SQL Command Execution in Bigware Shop 2.0 Arbitrary SQL Command Execution Vulnerability in Mambo LaiThai 4.5.5 Unspecified Vulnerabilities in Mambo LaiThai 4.5.5 with Unknown Impact and Attack Vectors Arbitrary File Inclusion Vulnerability in phpMyClub 0.0.1 Connectix Boards 0.8.2 and Earlier: PHP Remote File Inclusion Vulnerability in part_userprofile.php Arbitrary PHP Code Execution via Eval Injection in Netwerk Smart Publisher 1.0.1 Multiple SQL Injection Vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 Cross-Site Scripting (XSS) Vulnerabilities in Coppermine Photo Gallery (CPG) before 1.4.15 Arbitrary Command Execution in Coppermine Photo Gallery (CPG) before 1.4.15 SQL Injection Vulnerability in AdServe 0.2 Plugin for WordPress Cross-Site Request Forgery (CSRF) Vulnerability in Dean's Permalinks Migration Plugin for WordPress Buffer Overflow Vulnerabilities in IBM AIX 4.3 Arbitrary SQL Command Execution Vulnerability in Newsletter Component for Mambo 4.5 and Joomla! SQL Injection Vulnerability in MaMML Component for Mambo and Joomla! Arbitrary SQL Command Execution Vulnerability in com_fq Component for Mambo and Joomla! Directory Traversal Vulnerability in phpCMS 1.2.2 Arbitrary SQL Command Execution in Glossary Component for Mambo and Joomla! SQL Injection Vulnerability in com_musepoes Component for Mambo and Joomla! PHP Remote File Inclusion Vulnerability in SQLiteManager 1.2.0 SQL Injection Vulnerability in Darko Selesi EstateAgent Component for Mambo and Joomla Arbitrary SQL Command Execution Vulnerability in Recipes Component for Mambo and Joomla! SQL Injection Vulnerability in Atapin Jokes (com_jokes) 1.0 Component for Mambo and Joomla! SQL Injection Vulnerabilities in WassUp Plugin for WordPress Directory Traversal Vulnerabilities in Bubbling Library 1.32 Unspecified Cross-Site Scripting (XSS) Vulnerability in Hal Networks Shopping-Cart Products Multiple Cross-Site Scripting (XSS) Vulnerabilities in SoftCart 5.1.2.2 Yamaha RT Series Routers CSRF Vulnerability Symlink Vulnerabilities in PatchLink Update Client for Unix Denial of Service Vulnerability in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G Denial of Service Vulnerability in Cisco Unified IP Phone 7935 and 7936 Remote Code Execution Vulnerability in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G Buffer Overflow Vulnerability in Cisco Unified IP Phone Telnet Server Remote Code Execution Vulnerability in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G Remote Code Execution Vulnerability in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G Multiple Buffer Overflows in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco Secure Access Control Server (ACS) Denial of Service Vulnerability in Cisco Service Control Engine and Icon Labs Iconfidant SSH Unspecified Denial of Service Vulnerability in SSH Server Denial of Service Vulnerability in SSH Server Unspecified Denial of Service Vulnerability in Cisco Products with MPLS VPN and OSPF Sham-Link Multiple SQL Injection Vulnerabilities in phpIP Management 4.3.2 Arbitrary Web Script Injection Vulnerability in F5 BIG-IP ASM 9.4.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in trixbox 2.4.2.0 Cross-Site Scripting (XSS) Vulnerabilities in Gerd Tentler Simple Forum 3.2 Arbitrary File Read Vulnerability in Gerd Tentler Simple Forum 3.2 SQL Injection Vulnerabilities in Pre Dynamic Institution Heap-based Buffer Overflow in IMG_LoadLBM_RW Function in SDL_image Directory Traversal Vulnerabilities in Bubbling Library 1.32 Multiple SQL Injection Vulnerabilities in CandyPress (CP) 4.1.1.26 and Earlier Versions Arbitrary Web Script Injection in CandyPress (CP) 4.1.1.26 and Earlier Versions Denial of Service Vulnerability in Steamcast 0.9.75 and Earlier Integer Overflow in OggHeaderParse Function in Steamcast 0.9.75 and Earlier Buffer overflow vulnerability in Steamcast 0.9.75 and earlier allows remote code execution Arbitrary Code Execution Vulnerability in Namo Web Editor Arbitrary Web Script Injection Vulnerability in eTicket 1.5.6-RC4 Stack-based Buffer Overflow in Tk's ReadImage Function Buffer Overflow in readImageData Function in netpbm Apache-SSL Vulnerability: Authentication Bypass via Crafted Distinguished Name OpenCA PKI 0.9.2.5 Cross-Site Request Forgery (CSRF) Vulnerability Arbitrary SQL Command Execution Vulnerability in CatalogShop Component for Mambo and Joomla! Uniwin eCart Professional before 2.0.16 Cross-Site Scripting (XSS) Vulnerability Multiple Directory Traversal Vulnerabilities in Nilson's Blogger 0.11 Remote Code Execution in Oliver Seidel cforms Plugin for WordPress Arbitrary SQL Command Execution Vulnerability in Arthur Konze AkoGallery 2.5 Beta Arbitrary SQL Command Execution Vulnerability in Restaurant Component for Mambo and Joomla! CSRF Vulnerability in Liferay Portal 4.3.6 Allows Unauthorized Actions via User-Agent Header Cross-Site Scripting (XSS) Vulnerabilities in Mailman 2.1.10b1 SQL Injection Vulnerability in DeltaScripts PHP Links 1.3 and Earlier: Remote Code Execution via vote.php DeltaScripts PHP Links 1.3 and Earlier: Remote File Inclusion Vulnerability in includes/smarty.php Multiple PHP Remote File Inclusion Vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 Component for Joomla! IP-authentication feature vulnerability in Secure Site module for Drupal Arbitrary File Upload and Code Execution Vulnerability in Comment Upload Module for Drupal OpenID Spoofing Vulnerability in Drupal's OpenID Module Cross-Site Request Forgery (CSRF) Vulnerability in Userpoints Module for Drupal Multiple PHP Remote File Inclusion Vulnerabilities in Mindmeld 1.2.0.10 Privilege Escalation Vulnerability in SafeNET HighAssurance Remote and SoftRemote Arbitrary Script Injection in webSPELL 4.01.02 via XSS Vulnerability CSRF Vulnerability in webSPELL 4.01.02 Allows Unauthorized Superadmin Privilege Assignment Arbitrary web script injection vulnerability in Project Issue Tracking module for Drupal Arbitrary File Upload and Remote Code Execution Vulnerability in Project Issue Tracking Module for Drupal Tripwire Enterprise 7.0 Web Management Login Page Cross-Site Scripting (XSS) Vulnerability Arbitrary SQL Command Execution in Joomla! Buslicense Component Insecure Encryption Key Generation in Geert Moernaut LSrunasE and Supercrypt LSrunasE Privilege Escalation Vulnerability Cross-zone scripting vulnerability in Skype 3.1 through 3.6.0.244 on Windows Cross-zone scripting vulnerability in Skype's Internet Explorer web control Buffer Overflow Vulnerabilities in IBM AIX 5.2 and 5.3: Privilege Escalation via swap, swapoff, and swapon Programs World-writable permissions in sysmgt.websm.webaccess in IBM AIX 5.2 and 5.3 Multiple Buffer Overflow Vulnerabilities in IBM AIX 5.2 and 5.3 Buffer Overflow Vulnerability in uspchrp Program in IBM AIX 5.2 and 5.3 Buffer Overflow Vulnerability in IBM AIX utape Program Allows Privilege Escalation Unspecified Information Disclosure Vulnerability in IBM AIX's ps Program Buffer Overflow Vulnerability in Ipswitch WS_FTP Server with SSH 6.1.0.0 Dialog Refocus Bug in Mozilla Firefox and Thunderbird: Remote Execution Vulnerability Denial of Service Vulnerability in Mozilla Firefox and SeaMonkey 302 Redirect Vulnerability in Gecko-based Browsers Web Forgery Warning Bypass in Mozilla Firefox Bypassing Access Restrictions in D-Bus due to NULL Interface Method Call CUPS Memory Leak Vulnerability CUPS Use-After-Free Vulnerability in IPP Packet Handling Unspecified vulnerability in Linux kernel allows local users to read uninitialized memory Arbitrary Code Execution via Crafted URI in PHP 5.2.6 Privilege Escalation via vmsplice_to_pipe Function in Linux Kernel SQL Injection Vulnerability in All Club CMS (ACCMS) 0.0.1f and Earlier: Remote Code Execution via Name Parameter Arbitrary File Inclusion Vulnerability in All Club CMS (ACCMS) 0.0.1f and Earlier SQL Injection Vulnerability in amazOOP Awesom! Component for Mambo and Joomla! LDAP Authentication Bypass in XLight FTP Server Cross-Site Scripting (XSS) Vulnerabilities in AstroSoft HelpDesk before 1.95.228 Arbitrary SQL Command Execution Vulnerability in Shambo2 Component for Mambo and Joomla! SQL Injection Vulnerability in SOBI2 Component for Joomla! and Mambo Denial of Service Vulnerability in IPSwitch WS_FTP Logging Server Arbitrary File Inclusion Vulnerability in DivideConcept VHD Web Pack 2.0 Stack-based buffer overflow in UltraVNC vncviewer allows remote code execution SQL Injection Vulnerability in RMSoft Gallery System 2.0 Module for XOOPS Arbitrary File Inclusion Vulnerability in XOOPS 2.0.18 XOOPS 2.0.18 Open Redirect Vulnerability in user.php SQL Injection Vulnerability in Photokorn Gallery 1.543: Remote Code Execution via pic Parameter Arbitrary File Read Vulnerability in DMSGuestbook WordPress Plugin SQL Injection Vulnerability in DMSGuestbook 1.7.0 WordPress Plugin Administration Panel Multiple Cross-Site Scripting (XSS) Vulnerabilities in DMSGuestbook 1.7.0 Plugin for WordPress Multiple Cross-Site Scripting (XSS) Vulnerabilities in DMSGuestbook WordPress Plugin Buffer Overflow Vulnerability in Nero Media Player 1.4.0.35 and Earlier Denial of Service Vulnerability in SAPLPD 6.28 and Earlier Buffer Overflow Vulnerability in SAPLPD 6.28 and Earlier Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in RaidenHTTPD 2.0.19 and Earlier Arbitrary Code Execution Vulnerability in Yahoo! Music Jukebox ActiveX Control Buffer Overflow in Yahoo! JukeBox ActiveX Control (datagrid.dll) Allows Remote Code Execution Buffer Overflow in Yahoo! Music Jukebox ActiveX Control (mediagrid.dll) Allows Remote Code Execution XML External Entity (XXE) Vulnerability in Sun Java Runtime Environment JDK and JRE 6 Update 3 and Earlier Buffer Overflow in MPlayer 1.0rc2 and SVN: Remote Code Execution via CDDB Database Entry Buffer Overflow in MPlayer URL Parsing Allows Remote Code Execution Arbitrary File Manipulation Vulnerability in MailBee Objects 5.5 Arbitrary Code Execution via Unrestricted File Upload in LightBlog 9.5 Buffer Overflow Vulnerability in Anon Proxy Server 0.102 and Earlier Buffer Overflow in NamoInstaller.NamoInstall.1 ActiveX Control in NamoInstaller.dll 3.0.0.1 Arbitrary PHP Code Execution Vulnerability in Openads Delivery Engine Information Disclosure Vulnerability in Level Platforms Managed Workplace Service Center Heap-based Buffer Overflow in Veritas Enterprise Administrator (VEA) Service in Symantec Veritas Storage Foundation 5.0 Stack-based Buffer Overflow in EnumPrinters Function in Novell Client 4.91 SP2, SP3, and SP4 for Windows Unauthenticated Remote Command Execution in Symantec Ghost Solution Suite Adobe RoboHelp 6 and 7 Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 Bypassing Cross-Site Scripting (XSS) Protection in Adobe ColdFusion MX 7 and ColdFusion 8 Multiple PHP Remote File Inclusion Vulnerabilities in Portail Web Php 2.5.1.1 Stack Exhaustion Denial of Service Vulnerability in libtorrent Stack-based Buffer Overflow Vulnerabilities in HanGamePluginCn18 ActiveX Control Multiple PHP Remote File Inclusion Vulnerabilities in OpenSiteAdmin 0.9.1.1 and Earlier SQL Injection Vulnerability in Astanda Directory Project (ADP) 1.2 and 1.3 via link_id Parameter SQL Injection Vulnerability in Simple OS CMS 0.1c Beta Login.php SQL Injection Vulnerability in login.php of Pedro Santana Codice CMS Arbitrary SQL Command Execution in Downloads Component (com_downloads) in Mambo and Joomla! Arbitrary SQL Command Execution Vulnerability in Ynews (com_ynews) 1.0.0 Component for Joomla! Directory Traversal Vulnerabilities in Azucar CMS 1.3 Unspecified Vulnerabilities in Adobe Reader and Acrobat with Unknown Impact Arbitrary File Overwrite Vulnerability in EMC Documentum Administrator and Webtop Unspecified Privilege Escalation Vulnerabilities in Java Runtime Environment Denial of Service Vulnerability in OpenLDAP 2.3.39 BDB Backend Stack-based Buffer Overflow in Aurigma Image Uploader ActiveX Control Stack-based buffer overflows in Aurigma Image Uploader ActiveX Control: Arbitrary Code Execution via ExtractExif and ExtractIptc Properties Buffer Overflow in dBpowerAMP Audio Player Release 2 via Long URI in .M3U File Privilege Escalation via Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for Windows Clipboard Data Leakage Vulnerability XML-RPC Remote Post Editing Vulnerability in WordPress Arbitrary File Overwrite Vulnerability in WML Backend Arbitrary File Overwrite Vulnerability in Website META Language (WML) 2.0.11 Arbitrary Silent Printing Vulnerability in Adobe Acrobat and Reader Arbitrary Code Execution via Crafted XLS File in Gnumeric Cross-Site Scripting (XSS) Vulnerability in Sift Unity's search.cgi Arbitrary SQL Command Execution in Noticias (com_noticias) 1.0 Component for Joomla! Stack-based Buffer Overflow in TinTin++ and WinTin++ Allows Remote Code Execution Denial of Service Vulnerability in TinTin++ and WinTin++ via YES Message Arbitrary File Truncation Vulnerability in TinTin++ 1.97.9 and WinTin++ 1.97.9 PCRE Buffer Overflow Vulnerability Arbitrary SQL Command Execution in The Everything Development Engine A-Blog 2 search.php XSS Vulnerability SQL Injection Vulnerability in A-Blog 2: Remote Code Execution via blog.php Arbitrary SQL Command Execution in BlogPHP 2.0 via index.php Arbitrary Script Injection via Search Parameter in BlogPHP 2.0 Denial of Service Vulnerability in MikroTik RouterOS SNMPd SQL Injection Vulnerability in PHPShop 0.8.1: Remote Code Execution via product_id Parameter SQL Injection Vulnerability in Wordspew Plugin for WordPress Arbitrary SQL Command Execution in ShiftThis Newsletter Plugin for WordPress Arbitrary Code Injection through CatID Parameter in iTechClassifieds 3.0 Arbitrary SQL Command Execution in iTechClassifieds 3.0 via ViewCat.php Arbitrary SQL Command Execution in NeoReferences Joomla Component (com_neoreferences) Arbitrary Script Injection Vulnerability in Youtube Clone Script Arbitrary Script Injection in Smartscript Domain Trader 2.0 via catalog.php Arbitrary SQL Command Execution in Marketplace Component for Joomla! Arbitrary SQL Command Execution in Joomla! mosDirectory (com_directory) 2.3.2 Component Cross-Site Scripting (XSS) Vulnerabilities in Simon Elvery WP-Footnotes WordPress Plugin Remote SQL Injection Vulnerability in bidhistory.php in iTechBids 3 Gold and 5.0 Stack-based Buffer Overflow in Print Manager Plus 2008 Client Billing and Authentication 7.0.127.16 Arbitrary Web Script Injection Vulnerability in IBM OS/400 HTTP Server SQL Injection Vulnerability in BookmarkX Script 2007: Remote Code Execution via showtopic Action Authorization Bypass Vulnerability in IBM DB2 UDB before 8.2 Fixpak 16 Unspecified Local Privilege Escalation Vulnerability in IBM DB2 UDB Buffer Overflow Vulnerability in IBM DB2 UDB DAS Server Unspecified Remote Code Execution Vulnerability in IBM DB2 UDB Cross-site scripting (XSS) vulnerability in CruxCMS 3.0 search.php Unauthenticated Remote Code Execution in Magnolia CE 3.5.x Heap-based Buffer Overflow Vulnerabilities in Titan FTP Server 6.03 and 6.0.5.549 Directory Traversal Vulnerabilities in sflog! 0.96: Arbitrary File Read Unspecified Remote Access Vulnerability in HP OpenVMS SSH Server Unspecified Privileged Access Vulnerability in HP Compaq Notebook PC BIOS Privilege Escalation Vulnerability in HP StorageWorks Library and Tape Tools (LTT) Vulnerability: HP USB 2.0 Floppy Drive Key Contains W32.Fakerecy and W32.SillyFDC Worms Unspecified Remote Account Access Vulnerabilities in HP Select Identity Unspecified Denial of Service Vulnerability in HP iLO-2 Management Processors Unspecified Remote Code Execution Vulnerability in HP HPeDiag ActiveX Control Unspecified Denial of Service Vulnerability in HP-UX FTP Server SQL Injection Vulnerability in Mihalism Multi Host's users.php Allows Remote Code Execution Buffer Overflow in ACDSee Photo Manager XBM File Parsing Privilege Escalation Vulnerability in Symantec Altiris Notification Server Agent Arbitrary Web Script Injection Vulnerability in IBM WebSphere Edge Server Denial of Service Vulnerability in Solaris USB Mouse STREAMS Module Arbitrary SQL Command Execution in Customer Testimonials Addon for osCommerce Online Merchant 2.2 Cross-Site Scripting (XSS) Vulnerability in Webmin and Usermin Search Functionality Arbitrary SQL Command Execution Vulnerability in Sermon (com_sermon) 0.2 Component for Mambo Cross-Site Scripting (XSS) Vulnerability in Pagetool 1.0.7 index.php Arbitrary Web Script Injection in MyNews 1.6.4 and Earlier Versions Cleartext Password Storage Vulnerability in The Everything Development Engine Heap-based Buffer Overflow Vulnerabilities in Titan FTP Server 6.0.5.549 Arbitrary Code Execution via Integer Overflow in Adobe Reader and Acrobat Buffer Overflow Vulnerabilities in IBM Informix Dynamic Server (IDS) Allowing Remote Code Execution Heap Corruption Vulnerability in libclamav/mew.c in ClamAV Denial of Service Vulnerability in Mobile Safari on Apple iPhone 1.1.2 and 1.1.3 Weak Permissions in Language Input Methods on Sun Solaris 10: Potential Home Directory Access Vulnerability AppArmor Change_hat System Call Failure Vulnerability Symlink Following Vulnerability in Apache Geronimo init Script on SUSE Linux CS Team Counter Strike Portals index.php SQL Injection Vulnerability SQL Injection Vulnerability in Limbo CMS 1.0.4.2: Remote Code Execution via cuid Cookie Parameter SQL Injection Vulnerability in AuraCMS 2.2 mod/gallery/ajax/gallery_data.php Path Disclosure Vulnerability in CandyPress (CP) 4.1.1.26 and other versions SQL Injection Vulnerability in CandyPress (CP) 4.1.1.26 and Other Versions Multiple SQL Injection Vulnerabilities in CandyPress (CP) 4.1.1.26 and Earlier Versions SQL Injection Vulnerability in CandyPress (CP) 4.1.1.26 and Earlier Versions Cleartext Information Disclosure in IBM WebSphere Application Server (WAS) Unspecified vulnerability in IBM WebSphere Application Server (WAS) PropFilePasswordEncoder utility Multiple Directory Traversal Vulnerabilities in PowerScripts PowerNews 2.5.6 Remote File Inclusion Vulnerability in Joovili 2.1 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in User Login Page of PreProjects.com Pre Hotels & Resorts Management System Directory Traversal Vulnerability in DomPHP 0.82 Allows Remote File Inclusion SQL Injection Vulnerability in Gallery Component for Mambo and Joomla! COWON America jetAudio 7.0.5 Stack-based Buffer Overflow Vulnerability Buffer Overflow in Sony AxRUploadServer ActiveX Control Arbitrary Script Injection in Calimero.CMS 3.3 via XSS Vulnerability SQL Injection Vulnerability in Husrev BlackBoard 2.0.2: Remote Code Execution via philboard_forum.asp Freetag Plugin XSS Vulnerability in S9Y Serendipity Arbitrary SQL Command Execution in Neogallery (com_neogallery) 1.1 Component for Joomla! SQL Injection Vulnerability in VWar 1.5 calendar.php SQL Injection Vulnerabilities in Rapid Recipe Component for Joomla! Format String Vulnerability in cyan soft Opium OPI Server and cyanPrintIP Easy OPI LPD Server Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in MercuryBoard 1.1.5 index.php Directory Traversal Vulnerabilities in ExtremeZ-IP File and Print Server 5.1.2x15 and Earlier Denial of Service Vulnerability in ExtremeZ-IP File and Print Server 5.1.2x15 and Earlier Directory Traversal Vulnerability in SafeNet Sentinel Protection Server and Sentinel Keys Server SQL Injection Vulnerability in Prince Clan Chess Club (com_pcchess) 0.8 and Earlier Component for Joomla! Arbitrary SQL Command Execution in Joomla! com_iomezun Component Remote Code Execution Vulnerability in Larson Network Print Server (LstNPS) 9.4.2 build 105 and earlier Format String Vulnerability in Larson Network Print Server (LstNPS) 9.4.2 Build 105 and Earlier for Windows Multiple Cross-Site Scripting (XSS) Vulnerabilities in Artmedic Webdesign Weblog Remote Code Execution via Stack-based Buffer Overflow in Brooks Remote Print Manager (RPM) 4.5.1.11 and Earlier Denial of Service Vulnerability in ExtremeZ-IP File and Print Server 5.1.2x15 and Earlier Buffer Overflow Vulnerabilities in IBM Informix Storage Manager (ISM) for Windows RPC Components Livelink ECM 9.0.0 - 9.7.0 XSS Vulnerability with UTF-7 Encoding SQL Injection Vulnerability in ibProArcade 3.3.0 and Earlier: Remote Code Execution via g_display_order Cookie Parameter Multiple SQL Injection Vulnerabilities in Site2Nite's default.asp SQL Injection Vulnerability in com_doc Component for Joomla! and Mambo SQL Injection Vulnerability in Phil Taylor Comments Component for Mambo Arbitrary Web Script Injection in Loris Hotel Reservation System 3.01 and Earlier Arbitrary Script Injection via sboxDB.php in Simple Machines Forum (SMF) Shoutbox 1.14 through 1.16b Remote SQL Injection Vulnerability in iTechBids Gold 6.0's detail.php Unrestricted Read Access to Write-Only Files in FreeBSD 5.5 through 7.0 Stack-based buffer overflows in QTPlugin.ocx ActiveX Control in Apple QuickTime 7.4.1 and earlier Fortinet FortiClient Host Security 3.0 MR5 Patch 3 and Earlier Local Privilege Escalation Vulnerability Arbitrary Web Script Injection in MoinMoin Login Action Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin 1.5.8 and Earlier in action/AttachFile.py Directory Traversal Vulnerability in MoinMoin 1.5.8 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cacti 0.8.7 and 0.8.6 Path Disclosure Vulnerability in Cacti graph.php Multiple SQL Injection Vulnerabilities in Cacti 0.8.7 and 0.8.6 CRLF Injection Vulnerability in Cacti 0.8.7 and 0.8.6 SQL Injection Vulnerability in MyBB 1.2.12: Remote Code Execution via options[disablesmilies] Parameter Cross-Site Request Forgery (CSRF) Vulnerabilities in MyBB 1.2.11 and Earlier SQL Injection Vulnerability in countdown.php in LI-Scripts LI-Countdown Allows Remote Code Execution via Years Parameter Arbitrary File Read Vulnerability in Intermate WinIPDS 3.3 G52-33-021 Denial of Service Vulnerability in Intermate WinIPDS 3.3 G52-33-021 F-Secure Anti-Virus Products Vulnerable to Remote Malware Detection Bypass via Crafted CAB Archive Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tendenci CMS Search Functionality Arbitrary File Inclusion Vulnerability in Affiliate Market 0.1 BETA Arbitrary SQL Command Execution Vulnerability in MGFi XfaQ (com_xfaq) 1.2 Component for Mambo and Joomla! SQL Injection Vulnerability in Nuboard 0.5 threads.php (ssid parameter) Arbitrary File Read Vulnerability in iTheora 1.0 rc1 Directory Traversal Vulnerabilities in artmedic webdesign weblog 1.0 Arbitrary SQL Command Execution in Quiz Component for Mambo and Joomla Arbitrary SQL Command Execution Vulnerability in McQuiz Component for Joomla! SQL Injection Vulnerability in PAXXGallery Component for Mambo and Joomla! SQL Injection Vulnerability in MediaSlide Component for Joomla! Multiple PHP Remote File Inclusion Vulnerabilities in LookStrike Lan Manager 0.9 Thecus N5200Pro NAS Server - PHP Remote File Inclusion Vulnerability in usrgetform.html Arbitrary Code Execution via Unrestricted File Upload in PHPizabi 0.848b C1 HFP1 Local Privilege Escalation Vulnerability in Wyrd 1.4.3b via Symlink Attack on Temporary Files Improper Access Rights Check in Turba 2 Contact Manager H3 2.1.x and 2.2.x Arbitrary Web Script Injection via Meta Tags in Ikiwiki Plugin Arbitrary Web Script Injection via Title Contents in Ikiwiki Arbitrary SQL Command Execution Vulnerability in com_scheduling Module for Joomla! and Mambo Multiple SQL Injection Vulnerabilities in AuraCMS 1.62 Arbitrary File Inclusion Vulnerability in BanPro DMS 1.0 Directory Traversal Vulnerability in XPWeb 3.0.1 and 3.3.2 Directory Traversal Vulnerability in TRUC 0.11.0's download.php Arbitrary SQL Command Execution in com_mezun Component for Joomla! SQL Injection Vulnerability in com_sg Component for Joomla! and Mambo SQL Injection Vulnerability in com_filebase Component for Joomla! and Mambo Arbitrary File Inclusion Vulnerabilities in freePHPgallery 0.6 PlutoStatus Locator 1.0 pre alpha - Directory Traversal Vulnerability Cross-site scripting (XSS) vulnerability in Etomite 0.6.1.4 Final via $_SERVER['PHP_INFO'] Arbitrary SQL Command Execution in OSI Codes Inc. PHP Live! 3.2.2 Arbitrary File Read Vulnerability in Scribe 0.2 Unspecified Remote Administration Access Vulnerability in Drupal Header Image Module Unspecified Vulnerability in Claroline's php2phps Function SQL Injection Vulnerability in Claroline 1.8.9 and Earlier Versions Unspecified Cross-Site Scripting (XSS) Vulnerability in Claroline before 1.8.9 SQL Injection Vulnerability in PHP-Nuke Books Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in ATutor 1.5.5 and Earlier Arbitrary SQL Command Execution in Joomlapixel Jooget! (com_jooget) 2.6.8 Component Denial of Service Vulnerability in iPhoto 4.0.3 DPAP Server SQL Injection Vulnerabilities in Rapid Recipe Component for Joomla! (com_rapidrecipe) 1.6.5 and Earlier SQL Injection Vulnerability in com_quran 1.1 and earlier component for Mambo and Joomla! Arbitrary SQL Command Execution in Joomla! com_galeria Component Lotus Quickr for i5/OS XSS Vulnerability SQL Injection Vulnerability in Simple CMS 1.0.3 and Earlier: Remote Code Execution via indexen.php Unspecified Denial of Service Vulnerability in vuidmice STREAMS Modules in Sun Solaris 9 and 10 on x86 Architectures Cross-Site Scripting (XSS) Vulnerability in John Godley Search Unleashed 0.2.10 WordPress Plugin Cross-Site Scripting (XSS) Vulnerabilities in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 Login Page SQL Injection Vulnerability in astatsPRO Component for Joomla! Arbitrary File Inclusion Vulnerability in Public Warehouse LightBlog 9.6 Arbitrary SQL Command Execution Vulnerability in Giorgio Nordo Ricette (com_ricette) 1.0 Component for Joomla! and Mambo Arbitrary SQL Command Execution in Classifier Component for Joomla! Remote Information Disclosure and Configuration Script Manipulation in StatCounteX 3.0 and 3.1 Arbitrary SQL Command Execution in PccookBook Component for Joomla! Arbitrary SQL Command Execution in Dean Logan WP-People Plugin 1.6.1 Arbitrary SQL Command Execution in Joomla! com_profile Component SQL Injection Vulnerability in myTopics Module for XOOPS Crafty Syntax Live Help (CSLH) before 2.14.16 Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Downloads Component for Mambo and Joomla! Multiple SQL Injection Vulnerabilities in Dokeos 1.8.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dokeos 1.8.4 Denial of Service Vulnerability in freeSSHd 1.2 and Earlier SQL Injection Vulnerability in com_detail Component for Joomla! and Mambo SQL Injection Vulnerability in com_salesrep Component for Joomla! and Mambo SQL Injection Vulnerability in Facile Forms Component for Joomla! and Mambo SQL Injection Vulnerabilities in e-Vision CMS 2.02 SQL Injection Vulnerability in WoltLab Burning Board 3.0.3 PL 1 - Remote Code Execution via sortOrder Parameter Buffer Overflow Vulnerability in Visnetic Anti-Virus Plugin in Kerio MailServer Memory Corruption Vulnerability in Kerio MailServer before 6.5.0 Unspecified vulnerability in AVG plugin in Kerio MailServer before 6.5.0 with null DACLs Arbitrary Script Injection in IBM Lotus Quickplace 7.0 Unsigned Applet Bypasses ECL Protection in IBM Lotus Notes Exposure of Sensitive Information in BEA WebLogic Server and WebLogic Express 9.0 and 9.1 Inadvertent Removal of Entitlements in BEA WebLogic Portal 8.1 SP3 through SP6 Bypassing Entitlements in BEA WebLogic Portal 8.1 through SP6 Cross-Site Scripting (XSS) Vulnerabilities in BEA WebLogic Workshop Arbitrary Web Script Injection Vulnerability in BEA AquaLogic Interaction and Plumtree Foundation Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 Arbitrary Web Script Injection Vulnerability in BEA WebLogic Workshop and Apache Beehive NetUI Framework HTTP to HTTPS Redirection Vulnerability in BEA WebLogic Portal Multiple Stack-Based Buffer Overflows in Now SMS/MMS Gateway 2007.06.27 and Earlier SmarterTools SmarterMail Enterprise 4.3 XSS Vulnerability in Subject Field SQL Injection Vulnerability in jlmZone Classifieds Module for XOOPS SQL Injection Vulnerability in eEmpregos Module for XOOPS Denial of Service Vulnerability in Hitachi EUR Print Manager SEWB3 Messaging Service Denial of Service Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jinzora Media Jukebox 2.7.5 SQL Injection Vulnerability in MyAnnonces 1.7 and Earlier Module for RunCMS SQL Injection Vulnerability in Web_Links Module for PHP-Nuke SQL Injection Vulnerability in EasyContent Module for PHP-Nuke: Remote Code Execution via page_id Parameter SQL Injection Vulnerability in Okul 1.0 Module for PHP-Nuke Double Free Vulnerability in CUPS 1.3.5 Allows Remote Code Execution Symlink Attack Vulnerability in Adobe Acrobat Reader 8.1.2 World-writable permissions vulnerability in capp-lspp-config script in RHEL 5 Remote Authentication Bypass Vulnerability in gnome-screensaver Remote Code Execution Vulnerability in unzip's inflate_dynamic Function Insecure Permissions in Red Hat Directory Server 8.0 Allows Arbitrary Code Execution Insecure Permissions in Red Hat Directory Server 7.1 before SP4 Double Free Vulnerability in OpenSSL with TLS Server Name Extensions Arbitrary Command Execution in Red Hat Directory Server 8.0 EL4 and EL5 Remote Code Execution in Red Hat Administration Server Remote Memory Disclosure and Denial of Service Vulnerability in Apple Safari Authentication Bypass Vulnerability in BEA WebLogic Server and WebLogic Express Content Portlet Access Restriction Bypass Vulnerability Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows unauthorized access to JMS Topics Bypassing Access Restrictions in Distributed Queues in BEA WebLogic Server Arbitrary Script Injection in BEA WebLogic Server and Express Administration Console Session Fixation Vulnerability in BEA WebLogic Server and Express Brute Force Password Guessing Vulnerability in BEA WebLogic Server and Express 7.0 through 10.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 Denial of Service Vulnerability in BEA WebLogic Server and Express Proxy Plugin Arbitrary File Read Vulnerability in BEA Plumtree Collaboration and AquaLogic Interaction Arbitrary File Read Vulnerability in Globsy 1.0 SQL Injection Vulnerability in PHP-Nuke Docum Module SQL Injection Vulnerability in PHP-Nuke Inhalt Module SQL Injection Vulnerability in Schoolwires Academic Portal's browse.asp Cross-Site Scripting (XSS) Vulnerability in Schoolwires Academic Portal browse.asp F-Secure Anti-Virus Products Remote Malware Detection Bypass Vulnerability Arbitrary SQL Command Execution in iScripts MultiCart 2.0 via productid Parameter Heap-based Buffer Overflow Vulnerabilities in Sybase MobiLink 10.0.1.3629 and Earlier Invision Power Board (IPB) 2.3.4 Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in IPdiva SSL VPN Server Brute Force Vulnerability in IPdiva SSL VPN Server's Mediation Server SQL Injection Vulnerability in Highwood Design hwdVideoShare (com_hwdvideoshare) 1.1.3 Alpha Component for Joomla! Arbitrary web script injection vulnerability in multiple Tor applications SQL Injection Vulnerability in astatsPRO Component for Joomla! Arbitrary Web Script Injection Vulnerability in OSSIM 0.9.9 rc5 and Earlier SQL Injection Vulnerability in OSSIM 0.9.9 rc5: Remote Code Execution via portname Parameter SQL Injection Vulnerability in beContent 0.3.1: Remote Code Execution via id Parameter in news.php SQL Injection Vulnerability in Manuales 0.1 Module for PHP-Nuke Directory Traversal Vulnerability in VMWare ACE, Player, and Workstation Stack-based Buffer Overflow in DoLBURPRequest Function in libnldap in Novell eDirectory Arbitrary Web Script Injection in Novell eDirectory iMonitor Interface Authentication Bypass and Denial of Service Vulnerability in Novell eDirectory Denial of Service Vulnerability in Novell eDirectory 8.7.3 and 8.8.2 Arbitrary Memory Access Vulnerability in Qemu 0.9.1 and Earlier Arbitrary File Overwrite Vulnerability in XWine 1.0.1 for Debian GNU/Linux Insecure Permissions in XWine 1.0.1 on Debian GNU/Linux Arbitrary Command Execution in Diatheke 1.5.9 and Earlier Race conditions in CPU Performance Counters subsystem in Solaris 10 leading to denial of service SQL Injection Vulnerability in NukeC 2.1 Module for PHP-Nuke Stack-based Buffer Overflow in Novell iPrint Control ActiveX Control Arbitrary SQL Command Execution in Prayer List (prayerlist) 1.04 Module for XOOPS SQL Injection Vulnerability in Tiny Event 1.01 Module for XOOPS Unspecified Local Privilege Escalation Vulnerability in Solaris 10 DTrace Framework SQL Injection Vulnerabilities in WP Photo Album Plugin for WordPress Arbitrary Script Injection in Plain Black WebGUI (CVE-2007-0407) Arbitrary Web Script Injection Vulnerability in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 Arbitrary SQL Command Execution in GradebookStuScores.asp in Eagle Software Aeries Browser Interface (ABI) 3.8.2.8 Multiple SQL Injection Vulnerabilities in Eagle Software Aeries Browser Interface (ABI) 3.7.2.2 Denial of Service Vulnerability in Ipswitch Instant Messaging (IM) 2.0.8.1 and Earlier Format String Vulnerability in Logging Function of IM Server Arbitrary File Creation Vulnerability in Ipswitch Instant Messaging Server Buffer Overflow in MIT Kerberos 5 (krb5) RPC Library Allows Remote Code Execution Buffer Overflow in RPC Library Allows Remote Code Execution Privilege Escalation Vulnerability in IBM Informix Dynamic Server (IDS) Windows Vista AutoRun Vulnerability Arbitrary File Creation Vulnerability in HP Instant Support Arbitrary Program Execution Vulnerability in HP Instant Support ActiveX Control Stack-based Buffer Overflow in Creative Software AutoUpdate Engine ActiveX Control Stack-based Buffer Overflow in BackWeb Lite Install Runner ActiveX Control Stack-based Buffer Overflow in PhotoStockPlus Uploader Tool ActiveX Control (PSPUploader.ocx) Stack-based Buffer Overflow in NCTAudioGrabber2 ActiveX Control Stack-based buffer overflow vulnerability in NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll Vulnerability: SNMPv3 HMAC Verification Bypass Hard-coded Login and Password Vulnerability in EMV DiskXtender 6.20.060 Remote Code Execution Vulnerability in EMC DiskXtender 6.20.060 File System Manager Remote Code Execution Vulnerability in EMC DiskXtender MediaStor 6.20.060 Stack-based Buffer Overflow in snoop on Solaris and OpenSolaris Format String Vulnerabilities in snoop on Sun Solaris and OpenSolaris Untrusted Search Path Vulnerability in VMware Products Multiple Cross-Site Scripting (XSS) Vulnerabilities in Barracuda Spam Firewall, Message Archiver, Web Filter, IM Firewall, and Load Balancer Buffer Overflow Vulnerability in Double-Take 4.5.0.x Denial of Service Vulnerability in Double-Take 5.0.0.2865 and Earlier Denial of Service Vulnerability in Double-Take 5.0.0.2865 and Earlier Remote Denial of Service in Double-Take 5.0.0.2865 and Earlier Denial of Service Vulnerability in Double-Take 5.0.0.2865 and Earlier Information Disclosure Vulnerability in Double-Take 5.0.0.2865 and earlier Double-Take 5.0.0.2865 and earlier Stack Consumption Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Spyce - Python Server Pages (PSP) 2.1.3 Open Redirect Vulnerability in Spyce Server Pages (PSP) 2.1.3 Information Disclosure Vulnerability in Spyce - Python Server Pages (PSP) 2.1.3 Denial of Service Vulnerability in lighttpd 1.4.18 and Earlier Versions Arbitrary Code Execution Vulnerability in VLC Media Player and Miro Player Heap-based Buffer Overflow in WebKit GIF Library in Android SDK Integer Overflow in BMP::readFromStream Method in libsgl.so Library in Google Android SDK Remote Code Execution Vulnerability in Apple Mac OS X and Digital Camera RAW Compatibility Buffer over-read vulnerability in Libsystem strnstr API in Apple Mac OS X 10.4.11 Format String Vulnerability in mDNSResponderHelper Allows Arbitrary Code Execution Denial of Service Vulnerability in Apple Mac OS X 10.4.11's notifyd Array Index Error in pax: Arbitrary Code Execution Vulnerability Password Exposure in Podcast Capture for Apple Mac OS X 10.5.2 Weak Encryption Algorithm Used in Preview PDF Saving in Apple Mac OS X 10.5.2 Weak Encryption in Apple Mac OS X 10.5.2 Printing Component Authentication Credentials Disclosure in Apple Mac OS X 10.5.2 Printing Component Stack-based Buffer Overflow in AppKit in Mac OS X 10.4.11 via Crafted PPD File Bypassing Authorization Vulnerability in NetCfgTool in Apple Mac OS X 10.4.11 and 10.5.2 Denial of Service Vulnerability in Apple Mac OS X 10.5.2 via Crafted UDF Disk Image Directory Traversal Vulnerability in Apple Mac OS X 10.5.2 Wiki Server Cross-Site Scripting (XSS) Vulnerability in Pro2col Stingray FTS (Unsupported Versions) Cross-Site Scripting (XSS) Vulnerability in cfire24 ajaxlife up to 0.3.2 Critical SQL Injection Vulnerability in iGamingModules Flashgames 1.1.0 (VDB-222288) Critical SQL Injection Vulnerability in Email Registration 5.x-2.1 on Drupal Cross-site scripting (XSS) vulnerability in Apple Safari on Windows XP and Vista before version 3.1 Arbitrary Script Injection Vulnerability in Apple Safari Cross-site scripting (XSS) vulnerability in WebCore in Apple Safari before 3.1 Cross-site scripting (XSS) vulnerability in Apple Safari WebCore before 3.1 via Web Inspector. Password Disclosure Vulnerability in Apple Safari Arbitrary Script Injection through Window.Open in Apple Safari Cross-Site Scripting (XSS) Vulnerability in Apple Safari Arbitrary Script Injection via document.domain Property in Apple Safari Arbitrary JavaScript Injection via History Object in Apple Safari Arbitrary Code Execution Vulnerability in WebKit Webkit Cross-Site Scripting (XSS) Vulnerability in Apple Safari Denial of Service Vulnerability in Apple AirPort Extreme Base Station Firmware 7.3.1 Arbitrary Code Execution Vulnerability in Apple QuickTime QuickTime External URL Handling Vulnerability Buffer Overflow in Apple QuickTime Data Reference Atom Handling Memory Corruption Vulnerability in Apple QuickTime Heap-based Buffer Overflow in QuickTime's Clipping Region Atom Handling Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution via Malformed MP4A Movie Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted PICT Image Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted PICT Image Heap-based Buffer Overflow in QuickTime Animation Codec Handling Stack-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution Heap-based Buffer Overflow in QuickTime Clip Opcode Parsing Memory Corruption Vulnerability in Apple Safari on Windows XP and Vista Arbitrary Script Injection Vulnerability in Apple WebKit Arbitrary Code Execution via Integer Overflow in Apple WebKit Safari Arbitrary File Read Vulnerability in Apple Filing Protocol (AFP) Server User-assisted remote code execution vulnerability in AppKit in Apple Mac OS X before 10.5 Heap-based buffer overflow in CFDataReplaceBytes function in CoreFoundation API in Apple Mac OS X before 10.5.3 Uninitialized Variable Vulnerability in CoreGraphics on Apple Mac OS X Incomplete Blacklist Vulnerability in CoreTypes in Apple Mac OS X CUPS Scheduler Debug Logging Vulnerability in Mac OS X 10.5 Help Viewer Integer Underflow Vulnerability Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X ICU Library Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection via File Listing Function in PacketShaper and PolicyCenter 8.2.2 Remote File Inclusion Vulnerability in DBHcms mod.extmanager.php SQL Injection Vulnerability in PORAR WEBBOARD's question.asp Allows Remote Code Execution via QID Parameter Buffer Overflow Vulnerability in Fujitsu Interstage Application Server and Interstage Studio Arbitrary Web Script Injection Vulnerability in MWhois Directory Traversal Vulnerability in Linux Web Shop (LWS) php Download Manager 1.0 and 1.1 Remote File Inclusion Vulnerability in Linux Web Shop (LWS) php User Base 1.3 BETA Stack-based Buffer Overflow in Quantum Streaming Player ActiveX Control Arbitrary Code Injection through Cross-Site Scripting (XSS) in Alkacon OpenCMS 7.0.3 Remote File Inclusion Vulnerability in Quinsonnas Mail Checker 1.55 footer.php Arbitrary Web Script Injection Vulnerability in TikiWiki before 1.9.10.1 Arbitrary Script Injection in Plume CMS 1.2.2 via manager/xmedia.php Unspecified Vulnerability in Parallels SiteStudio with Unknown Impact and Attack Vectors Arbitrary SQL Command Execution in Softbiz Jokes & Funny Pics Script Arbitrary PHP Code Execution via Remote File Inclusion in phpProfiles 4.5.2 BETA Denial of Service Vulnerability in NetWin SurgeFTP 2.3a2 and Earlier SQL Injection Vulnerabilities in Kose_Yazilari Module for PHP-Nuke Stack-based Buffer Overflow in NetWin SurgeMail Allows Remote Code Execution Format String Vulnerability in NetWin SurgeMail and WebMail Stack-based Buffer Overflow Vulnerabilities in Symark PowerBroker IPv6 Routing Header Denial of Service Vulnerability Denial of Service Vulnerability in OpenBSD TCP Respond Function Remote File Inclusion Vulnerability in Sniplets WordPress Plugin Eval Injection Vulnerability in Sniplets WordPress Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sniplets WordPress Plugin Denial of Service Vulnerability in InterVideo WinDVD Media Center 2.11.15.0 Arbitrary Web Script Injection Vulnerability in XM-Memberstats Module for XOOPS Arbitrary Web Script Injection Vulnerability in Red Mexico RMSOFT Gallery System (GS) 2.0 Module Multiple SQL Injection Vulnerabilities in XM-Memberstats 2.0e Module for XOOPS Arbitrary PHP Function Call Vulnerability in Smarty Modifier Plugin PHP Remote File Inclusion Vulnerabilities in phpQLAdmin 2.2.7 Multiple PHP Remote File Inclusion Vulnerabilities in Portail Web Php 2.5.1.1 and Earlier PHP Remote File Inclusion Vulnerabilities in Quantum Game Library 0.7.2c Denial of Service Vulnerability in Wireshark SCTP Dissector Denial of Service Vulnerability in Wireshark SNMP Dissector Denial of Service Vulnerability in Wireshark TFTP Dissector Arbitrary Web Script Injection Vulnerability in Internet Security Systems (ISS) Internet Scanner 7.0 SP2 Remote Code Execution in GROUP-E 1.6.41 via PHP Remote File Inclusion in lib/head_auth.php Cross-Site Scripting (XSS) Vulnerability in Maian Cart 1.1 index.php Cross-Site Scripting (XSS) Vulnerability in Interspire Shopping Cart 1.x search.php Arbitrary SQL Command Execution in Simpleboard 1.0.3 Stable Component for Mambo and Joomla! Local Privilege Escalation via Symlink Attack in am-utils and net-fs Packages Hard-coded FTP Credentials Vulnerability in SendFile.NET Arbitrary File Reading Vulnerability in Opera (Versions before 9.26) Arbitrary Script Execution via Custom Comments in Opera (CVE-2007-3670) Cross-Site Scripting (XSS) Vulnerability in Opera before 9.26 GDI Heap Overflow Vulnerability in CreateDIBPatternBrushPt Function Unspecified Arbitrary Code Execution Vulnerability in Microsoft Windows Kernel Remote Code Execution Vulnerability in Microsoft Internet Explorer Arbitrary Code Execution via Malformed Arguments in HxTocCtrl ActiveX Control GDI Stack Overflow Vulnerability in Microsoft Windows Arbitrary Code Execution Vulnerability in Microsoft Project 2000, 2002, and 2003 Visio Object Header Vulnerability Visio Memory Validation Vulnerability Object Parsing Vulnerability in Microsoft Word Buffer Overflow in Microsoft Jet Database Engine (msjet40.dll) Allows Remote Code Execution via Crafted Word File Remote Code Execution Vulnerability in Acresso InstallShield Update Agent SQL Injection Vulnerability in Barracuda Spam Firewall (BSF) Account View Page Unspecified vulnerability in Sun Solaris IP implementation allows remote bypass of firewall policies or denial of service Heap Write Vulnerability in XCF Coder of ImageMagick and GraphicsMagick Heap-based Buffer Overflow in PCX Coder in ImageMagick and GraphicsMagick Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin 1.5.8 and Earlier Improper ACL Enforcement in MoinMoin 1.5.8 and Earlier Allows Remote Reading of Protected Pages Buffer Overflow in ClamAV's cli_scanpe Function Allows Remote Code Execution via Crafted Upack PE File Buffer Overflow in kvdocve.dll in Autonomy KeyView Engine Blender 2.45 Stack-based Buffer Overflow Vulnerability Unspecified Temporary File Vulnerabilities in Blender Foxit Reader Stack-based Buffer Overflow Vulnerability Samba Heap-Based Buffer Overflow in receive_smb_raw Function Cross-Site Request Forgery (CSRF) Vulnerability in Akamai Client (formerly Red Swoosh) 3322 and earlier Stack-based buffer overflows in Danske Bank e-Sec Control Module ActiveX Control Buffer Overflow Vulnerability in Evolution 2.22.1 with Disabled ITip Formatter Plugin Evolution 2.22.1 Heap-Based Buffer Overflow in iCalendar Attachment Handling Buffer Overflow in xine-lib's ASF Demuxer Plugin (demux_asf.c) Allows Remote Code Execution or Denial of Service Information Disclosure Vulnerability in mod_cgi of Lighttpd 1.4.18 Vulnerability: Lack of Server Certificate Validation in Cisco Unified Wireless IP Phone 7921 Unvalidated Server Certificates in Vocera Communications Wireless Handsets Enable MITM Attacks Unspecified Denial of Service Vulnerability in Sun Solaris 8 Directory Functions Arbitrary Code Execution Vulnerability in Rising Antivirus Online Scanner Directory Traversal Vulnerability in Timbuktu Pro 8.6.5 and 8.7 Input Validation Bypass in Timbuktu Pro 8.6.5 and 8.7 Arbitrary File Read Vulnerability in Centreon 1.4.2.3 and Earlier Format String Vulnerability in Mirabilis ICQ 6 Build 6043's Embedded Internet Explorer Component SQL Injection Vulnerability in eazyPortal 1.0 and Earlier via session_vars Cookie SQL Injection Vulnerability in Koobi Pro and Koobi CMS PHP Remote File Inclusion Vulnerabilities in SiteBuilder Elite 1.2 Multiple PHP Remote File Inclusion Vulnerabilities in Podcast Generator 1.0 BETA 2 and Earlier Directory Traversal Vulnerabilities in Podcast Generator 1.0 BETA 2 and Earlier Remote File Inclusion Vulnerability in Barryvan Compo Manager 0.3 Crysis 1.1.1.5879 Format String Vulnerability in Cryactio Function Arbitrary PHP Code Execution via Remote File Inclusion in phpMyTourney 2 Cross-Site Scripting (XSS) Vulnerability in XRMS CRM's admin/users/self.php Bypassing Access Restrictions in IBM WebSphere MQ 6.0.x and 5.3 Arbitrary Script Injection via Drupal 6.0 Content Edit Form Titles Untrusted Search Path Vulnerability in Net Activity Viewer 0.2.1 Allows Arbitrary Code Execution Drupal 6.0 Cross-Site Scripting (XSS) Vulnerability in checkPlain Function Cookie Authentication Bypass in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 Username Enumeration Vulnerability in OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 Arbitrary Command Execution in SynCE-dccm's Utils::runScripts Function SQL Injection Vulnerability in Garys Cookbook Component for Mambo and Joomla! Ring0 Link List Zero Vulnerability in DESlock+ 3.2.6 and Earlier Ring0 Link List Zero SYSTEM Privilege Escalation Vulnerability in DESlock+ 3.2.6 and Earlier Ring0 SYSTEM Privilege Escalation Vulnerability in DESlock+ 3.2.6 and Earlier Memory Leak Vulnerability in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and Earlier Vulnerability: Unset DISPLAY Environment Variable Allows X11 Connection Hijacking Vulnerability: Denial of Service and Remote Code Execution in Netgear WN802T Wi-Fi Access Point WEBrick Directory Traversal Vulnerability Vulnerability: Algorithm X3 PRNG Allows Guessing of Sensitive Values in OpenBSD Algorithm X2 Vulnerability: Guessing Sensitive Values and Exploiting IP Fragmentation IDs Vulnerability: Predictable Values in Pseudo-Random Number Generator (PRNG) Algorithm A0 Vulnerability: SQL Injection and CSRF Attacks in phpMyAdmin before 2.11.5 Cisco IOS VPDN Component Denial of Service Vulnerability Cisco IOS VPDN Component Memory Leak Vulnerability Cisco IOS DLSw Denial of Service Vulnerability IPv6 Denial of Service Vulnerability in Cisco IOS 12.1-12.4 Unauthenticated Remote Code Execution in Cisco Unified Communications Products Information Disclosure Vulnerability in Cisco Network Admission Control (NAC) Appliance Unspecified vulnerability in Cisco IOS Multicast Virtual Private Network (MVPN) implementation allows remote attackers to create extra multicast states on core routers Arbitrary Command Execution Vulnerability in CiscoWorks IPM 2.6 Denial of Service Vulnerability in Cisco Unified Presence Service Unspecified Denial of Service Vulnerabilities in Cisco IOS 12.4 SSH Server Hard-coded Password Vulnerability in ZyXEL ZyWALL 1050 Buffer Overflow in Matroska Demuxer in xine-lib SQL Injection Vulnerability in Dynamic Photo Gallery 1.02: Remote Code Execution via albumID Parameter SQL Injection Vulnerability in phpArcadeScript 1.0 through 3.0 RC2: Remote Code Execution via userid Parameter SQL Injection Vulnerability in phpComasy 0.8 - Remote Code Execution via mod_project_id Parameter Cross-Site Scripting (XSS) Vulnerabilities in Flyspray 0.9.9 through 0.9.9.4 Username Enumeration Vulnerability in Flyspray 0.9.9.4 Arbitrary Code Execution via Stack-based Buffer Overflow in Sarg 2.2.3.1 Arbitrary Script Injection in Squid Analysis Report Generator (Sarg) 2.2.3.1 via User-Agent Header Directory Traversal Vulnerability in SCI Photo Chat Server 3.4.9 and Earlier PHP Remote File Inclusion Vulnerabilities in KCWiki 1.0 PHP Remote File Inclusion Vulnerabilities in 123 Flash Chat Module for phpBB CSRF Vulnerability in TorrentTrader Classic 1.08 Allows Unauthorized Actions Arbitrary Web Script Injection in TorrentTrader Classic 1.08 account-inbox.php AuthentiX 6.3b1 Trial editUser.asp Cross-Site Scripting (XSS) Vulnerability Cross-site scripting (XSS) vulnerability in AuthentiX 6.3b1 Trial via username parameter in aspAdmin/deleteUser.asp Cross-Site Scripting (XSS) Vulnerability in Affiliate Market (affmarket) 0.1 BETA via sideblock4 Parameter SQL Injection Vulnerability in Affiliate Market (affmarket) 0.1 BETA: Remote Code Execution via id Parameter in shop/detail.php Centreon 1.4.2.3 Directory Traversal Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Centreon 1.4.2.3 and Earlier Arbitrary Web Script Injection Vulnerability in Juniper Networks Secure Access 2000 5.5 R1 Information Disclosure Vulnerability in Juniper Networks Secure Access 2000 5.5 R1 (build 11711) Unspecified Cross-Site Scripting (XSS) Vulnerability in BSD Perimeter pfSense before 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Crafty Syntax Live Help (CSLH) before 2.14.6 Improper Validation of DNSSEC Signing Key in libval Library Unspecified privilege escalation vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.2_16 and earlier Unspecified privilege escalation vulnerability in Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier Unspecified Remote Code Execution Vulnerability in Sun Java Runtime Environment (JRE) and JDK Multiple buffer overflows in useEncodingDecl function in Java Web Start Buffer Overflow Vulnerability in Java Web Start in Sun JDK and JRE Unspecified privilege escalation vulnerability in Java Web Start in Sun JDK and JRE Arbitrary File Creation Vulnerability in Java Web Start Unspecified Remote Code Execution Vulnerability in Java Plug-in Privilege Escalation Vulnerability in Java Runtime Environment Image Parsing Library Unspecified Denial of Service Vulnerabilities in Sun JDK and JRE Color Management Library Arbitrary Network Service Access Vulnerability in Sun JDK and JRE Java Web Start Remote Code Execution Vulnerability Vulnerability: Denial of Service and Arbitrary Code Execution in Netgear WN802T Wi-Fi Access Point Default IPSec ifup script in Red Hat Enterprise Linux enables brute force attacks through unencrypted PSK hash Symlink Attack Vulnerability in Dovecot before 1.0.11 Remote Code Execution Vulnerability in Microsoft Access via Crafted .MDB File Arbitrary Code Execution Vulnerabilities in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 Arbitrary Web Script Injection in Adobe LiveCycle Workflow 6.2 Unlogged Failed Authentication Attempts in Adobe ColdFusion 8 and ColdFusion MX7 Administrator Interface Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Access Manager Administration Console Denial of Service Vulnerability in Sun Solaris 10 IPsec Key Management Daemon Format String Vulnerability in log_message Function in Linux Kiss Server 1.2 Unspecified Denial of Service Vulnerabilities in Fujitsu Interstage Smart Repository Arbitrary Script Injection in Check Point VPN-1 UTM Edge W Embedded NGX 7.0.48x Login Page Xitex WebContent M1 Redirect.do Cross-Site Scripting (XSS) Vulnerability Stack-based Buffer Overflow in Programmer's Notepad Allows Remote Code Execution BosDates Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection in Podcast Generator 0.96.2 via set_permissions.php Cross-site scripting (XSS) vulnerability in Numara FootPrints for Linux 8.1 via Title form field in appointment setting Arbitrary Code Execution in Numara FootPrints 8.1 on Linux Stack-based Buffer Overflow in ppp Command_Expand_Interpret Function Cross-Site Scripting (XSS) Vulnerability in IBM Lotus Quickr 8.0 Server Arbitrary Code Execution Vulnerability in IBM Lotus Notes Argument Injection Vulnerability in Dovecot 1.0.x and 1.1.x Arbitrary SQL Command Execution in Kutub-i Sitte (KutubiSitte) 1.1 Module for PHP-Nuke SQL Injection Vulnerability in 4nChat 0.91 Module for PHP-Nuke Absolute Path Traversal Vulnerability in MicroWorld eScan Corporate Edition and eScan Management Console Dokeos 1.8.4 XSS Vulnerability Arbitrary Code Execution Vulnerability in Dokeos 1.8.4 before SP3 BosClassifieds Classified Ads System 3.0 Account.php Cross-Site Scripting (XSS) Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in WebCT Campus Edition 4.1.5.8 with Don't Wrap Text Enabled Cross-Site Scripting (XSS) Vulnerabilities in Zimbra Collaboration Suite (ZCS) Stack-based Buffer Overflow in SILC Toolkit 1.1.5 Allows Remote Code Execution Arbitrary Script Injection in MG2 Admin Panel via list Parameter Arbitrary Web Script Injection in JSPWiki Edit.jsp (CVE-2007-5120.b) Unrestricted File Upload Vulnerability in JSPWiki 2.4.104 and 2.5.139 Arbitrary Local File Inclusion Vulnerability in JSPWiki Edit.jsp Apache Tomcat Cross-Site Scripting (XSS) Vulnerability in HttpServletResponse.sendError Method Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Universal XSS vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey before 2.0.0.13 allows remote attackers to inject arbitrary web script or HTML via event handlers Privilege Escalation via Incorrect Principals in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified JavaScript Engine Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Incomplete URL Listing in HTTP Referer Header in Mozilla Firefox and SeaMonkey Arbitrary Port Access Vulnerability in LiveConnect Form Spoofing and Input Redirection Vulnerability in Mozilla Firefox and SeaMonkey Authentication Bypass Vulnerability in Belkin F5D7230-4 Router Firmware 9.01.10 Cross-site scripting (XSS) vulnerability in Linksys WRT300N router firmware 2.00.20 with Mozilla Firefox and Apple Safari Unauthenticated Remote Administrative Access Vulnerability in Belkin F5D7230-4 Router Denial of Service Vulnerability in Belkin F5D7230-4 Router Firmware 9.01.10 Privilege Escalation Vulnerability in Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 Unauthenticated Remote Administrative Access in Linksys WRT54g Router Firmware 1.00.9 Arbitrary Phone Call Vulnerability in Snom 320 SIP Phone Web Interface Remote Code Execution Vulnerability in Snom 320 SIP Phone's snomControl.swf Cross-Site Request Forgery (CSRF) Vulnerabilities in Snom 320 SIP Phone Web Interface Arbitrary Web Script Injection Vulnerability in Snom 320 SIP Phone Web Interface Remote Password Disclosure Vulnerability in Deutsche Telekom Speedport W500 DSL Router D-Link DSL-G604T Router Cross-Site Scripting (XSS) Vulnerability in cgi-bin/webcm CSRF Vulnerabilities in ZyXEL P-660HW Series Router: DNS Server Manipulation and Bannedlist Keyword Addition Authentication Bypass Vulnerability in ZyXEL P-660HW Series Router Default admin Password Vulnerability in ZyXEL P-660HW Series Router ZyXEL P-660HW Router XSS Vulnerability in Forms/DiagGeneral_2 D-Link DI-604 Router Cross-Site Scripting (XSS) Vulnerability in prim.htm Authentication Bypass Vulnerability in Zyxel P-2602HW-D1A Router Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Zyxel P-2602HW-D1A Router Firmware 3.40(AJZ.1) Zyxel P-2602HW-D1A Router Firmware Information Disclosure Vulnerability Authentication Bypass and Remote Control Vulnerability in Airspan WiMax ProST 4.1 Antenna Cleartext Password and Key Storage Vulnerability in Linksys WRT54G Router Default FTP Password Vulnerability in Linksys WRT54G Router Denial of Service Vulnerability in Linksys WRT54G Router's FTP Interface Buffer Overflow Vulnerabilities in D-Link DI-524 Router Web Interface Denial of Service Vulnerability in Siemens SpeedStream 6520 Router Authentication Bypass Vulnerability in Linksys WRT54G 7 Router FTP Server Authentication Bypass Vulnerability in Alice Gate 2 Plus Wi-Fi Router Arbitrary File Read Vulnerability in mod_userdir of Lighttpd 1.4.18 and Earlier SQL Injection Vulnerabilities in BM Classifieds 20080309 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in imageVue 1.7 Untrusted Search Path Vulnerability in IBM AIX 6.1.0 Man-in-the-Middle Attack SMTP Service Denial of Service Vulnerabilities in MailEnable Buffer Overflow Vulnerabilities in MailEnable IMAP Service Denial of Service Vulnerability in MailEnable IMAP Service Denial of Service Vulnerability in RemotelyAnywhere Server and Workstation 8.0.668 and Earlier Denial of Service Vulnerability in Acronis True Image Group Server Denial of Service Vulnerability in Acronis True Image Windows Agent Arbitrary File Read Vulnerability in Argon Technology CMS 1.31 and Earlier Arbitrary Code Execution Vulnerability in BFup ActiveX Control Neptune Web Server 3.0 Cross-Site Scripting (XSS) Vulnerability in 404 Error Page Arbitrary File Read and Execution Vulnerability in Horde Groupware Arbitrary Web Script Injection Vulnerability in Sun Java Server Faces (JSF) 1.2 Unspecified File and Directory Disclosure Vulnerability in Sun Java Web Console Username Enumeration Vulnerability in IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 Information Disclosure Vulnerability in IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 Multiple Buffer Overflow Vulnerabilities in Asterisk Open Source and Related Products Sensitive Information Disclosure in ViewVC before 1.0.5 Insufficient Access Control in ViewVC Allows Remote File Disclosure Information Disclosure in ViewVC Remote Connection Vulnerability in LTSP 0.99 and 2 via TCP Port 6006 Bypassing Resource Limits in Linux Kernel 2.6.17 SQL Injection Vulnerability in phpMyNewsletter 0.8 beta 5 and earlier: Remote Code Execution via archives.php Cross-Site Scripting (XSS) Vulnerabilities in EncapsGallery 1.11.2 SQL Injection Vulnerability in eWriting Module for Mambo and Joomla! SQL Injection Vulnerability in Hadith Module for PHP-Nuke Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows Arbitrary Web Script Injection in Alkacon OpenCms Logfile Viewer Settings Absolute Path Traversal Vulnerability in Alkacon OpenCms 7.0.3 and 7.0.4 Remote Denial of Service Vulnerability in Perforce Server 2007.3/143793 and Earlier Remote Denial of Service Vulnerability in Perforce Server 2007.3/143793 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in WordPress 2.3.2 SQL Injection Vulnerability in Filebase.php in Filebase Mod for phpBB Multiple Cross-Site Scripting (XSS) Vulnerabilities in Savvy Content Manager (CM) Heap-based Buffer Overflow in KingSoft Antivirus Online Update Module 2007.12.29.29 SQL Injection Vulnerability in Sudirman Angriawan NukeC30 3.0 Module for PHP-Nuke Heap Memory Overwrite Vulnerability in RealPlayer ActiveX Control Directory Traversal Vulnerability in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0 and Earlier Versions Denial of Service Vulnerability in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and Earlier Denial of Service Vulnerability in PacketTrap Networks pt360 Tool Suite TFTP Server Multiple SQL Injection Vulnerabilities in Bloo 1.00 and Earlier SQL Injection Vulnerability in Johannes Hass Gästebuch 2.2 Module for PHP-Nuke ZClassifieds Module for PHP-Nuke SQL Injection Vulnerability Arbitrary SQL Command Execution in QT-cute QuickTalk Forum 1.6 and Earlier Denial of Service Vulnerability in Solaris 10 IPC Message Queue Subsystem Unspecified Cross-Site Information Disclosure Vulnerability in MediaWiki 1.11 before 1.11.2 Untrusted Search Path and Argument Injection Vulnerability in VersantD Service Buffer Overflow Vulnerabilities in ASG-Sentry Network Manager 7.0.0 and Earlier Unauthenticated Remote Denial of Service in ASG-Sentry Network Manager 7.0.0 and Earlier Denial of Service and Arbitrary File Overwrite Vulnerability in ASG-Sentry Network Manager CSRF Vulnerability in WoltLab Burning Board Lite (wBB) 2 Beta 1 Allows Unauthorized Thread Deletion Directory Traversal Vulnerabilities in Travelsized CMS 0.4.1 Directory Traversal Vulnerabilities in Uberghey CMS 0.3.1 Gallarific search.php Cross-site Scripting (XSS) Vulnerability Unauthenticated Remote Task Manipulation in Gallarific Remote Code Execution Vulnerability in CA ARCserve Backup for Laptops and Desktops Remote Code Execution Vulnerability in CA ARCserve Backup for Laptops and Desktops Access to Non-Shared Stored E-mail Messages in Novell GroupWise Client API Arbitrary Command Execution and Resource Disclosure in OmniPCX Office with Internet Access Services Unspecified remote access vulnerability in Asterisk Open Source and related products Format String Vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 BT Home Hub Router Authentication Bypass Vulnerability IPsec Policy Bypass Vulnerability SQL Injection Vulnerability in Koobi CMS 4.2.3 through 4.3.0 via categ Parameter in Links Action Denial of Service Vulnerabilities in Timbuktu Pro 8.6.5 RC 229 and Earlier for Windows Denial of Service Vulnerability in Perforce Server 2007.3/143793 and Earlier Denial of Service Vulnerability in VMware Workstation, Player, and ACE SQL Injection Vulnerability in LaGarde StoreFront 6 before SP8 Cross-Site Scripting (XSS) Vulnerabilities in Polymita BPM-Suite and CollagePortal Search Feature Directory Traversal Vulnerability in pkgadd and pkgrm in SCO UnixWare 7.1.4 SQL Injection Vulnerabilities in MyioSoft EasyCalendar 4.0tr and Earlier Arbitrary Web Script Injection in MyioSoft EasyCalendar 4.0tr and Earlier SQL Injection Vulnerability in MyioSoft EasyGallery 5.0tr and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyioSoft EasyGallery 5.0tr and Earlier Arbitrary Web Script Injection in eWeather Module for PHP-Nuke SQL Injection Vulnerability in Bama Galerie 3.03 and 3.041 Module for eXV2 2.0.6 Arbitrary SQL Command Execution Vulnerability in Fully Modded phpBB (phpbbfm) 80220 SQL Injection Vulnerability in Tutorials 2.1b Module for XOOPS Arbitrary File Read Vulnerability in EdiorCMS (ecms) 3.0 via Directory Traversal in Title Search Denial of Service Vulnerability in ZABBIX 1.4.4 via vfs.file.cksum Command SQL Injection Vulnerability in MyIssuesView.asp in Advanced Data Solutions Virtual Support Office-XP (VSO-XP) Arbitrary Script Injection in Jeebles Directory 2.9.60 Authentication Bypass Vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS) with GNOME On-Screen Keyboard (GOK) Format String Vulnerability in McAfee Common Management Agent (CMA) Allows Remote Code Execution Stack-based Buffer Overflow in MDaemon IMAP Server Allows Remote Code Execution Invision Power Board (IPB) 2.3.4 XSS Vulnerability Unspecified Cross-Site Scripting (XSS) Vulnerability in Nagios before 2.11 Privilege escalation vulnerability in VMware Workstation, Player, ACE, and Server on Windows Insecure Named Pipe Vulnerability in VMware Workstation, Player, ACE, and Server on Windows Privilege escalation via config.ini file manipulation in VMware products Denial of Service Vulnerability in VMware DHCP Service Stack-based Buffer Overflow in Trend Micro OfficeScan Corporate Edition Denial of Service Vulnerability in Trend Micro OfficeScan Corporate Edition Vulnerability: Missing cld Instruction in GCC 4.3.x for String Manipulation Functions on x86 and i386 CRLF Injection Vulnerability in Microsoft Internet Explorer 5 and 6 Unintended Root Login Configuration Vulnerability in Sun Solaris 10 Image on SPARC Enterprise T5120 and T5220 Servers Remote File Inclusion Vulnerability in wildmary Yap Blog 1.1 Absolute Path Traversal Vulnerability in Drake CMS 0.4.11 RC8 Buffer over-read vulnerability in bzlib.c in bzip2 before 1.0.5 Buffer Overflow in gif_read_lzw Function in CUPS 1.3.6 Integer Overflow in pdftops Filter in CUPS Allows Remote Code Execution Race condition vulnerability in Linux kernel 2.6.x before 2.6.24.6 and 2.6.25 before 2.6.25.1 in dnotify subsystem Missing TCP Wrappers Support in Red Hat nfs-utils Build Script Heap Corruption Vulnerability in X.Org X11R7.3 Arbitrary Memory Read Vulnerability in X.Org X11R7.3 Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Command Execution Vulnerability in ZoneMinder before 1.23.3 Uninitialized Memory Access Vulnerability in libpng SSL Key Leakage in Gentoo Linux's ssl-cert.eclass Integer Overflow in PHP printf Format Parameter Arbitrary Script Injection via Top Referrers Plugin in Serendipity (S9Y) Cross-Site Scripting (XSS) Vulnerabilities in Serendipity (S9Y) 1.3 Installer Denial of Service Vulnerability in ClamAV 0.93 Denial of Service Vulnerability in ClamAV CHM Parser Insufficiently Random Manager ID Generation Vulnerability in AsteriskGUI HTTP Server Integer Overflow Vulnerabilities in libc on BSD and Mac OS Platforms Anonymous VIX API Access Vulnerability in VMware Workstation, Player, and ACE Base64 Encoding of Admin Credentials in Plone CMS 3.x __ac Cookie Vulnerability Base64 Encoding of User Credentials in Plone CMS __ac Cookie Vulnerability Insecure Session Management in Plone CMS Insecure Authentication Cookie Generation in Plone CMS 3.x VPN-1 Power/UTM Denial of Service and Traffic Interception Vulnerability SQL Injection Vulnerability in AuraCMS 2.0 through 2.2.1 via X-Forwarded-For Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in Clansphere 2008 index.php Net Inspector HTTP Server Directory Traversal Vulnerability Net Inspector HTTP Server Format String Vulnerability Denial of Service Vulnerabilities in MG-SOFT Net Inspector 6.5.0.828 and Earlier for Windows Stack-based Buffer Overflow in BootManage TFTPD TFTP Server SQL Injection Vulnerability in Viso (Industry Book) Module for eXV2 Arbitrary PHP Code Execution via Remote File Inclusion in fuzzylime (cms) 3.01 SQL Injection Vulnerability in MyAnnonces 1.8 Module for eXV2 SQL Injection Vulnerability in WebChat 1.60 Module for eXV2: Remote Code Execution via roomid Parameter Arbitrary SQL Command Execution in phpBP 2 RC3 (2.204) FIX 4 via SQL Injection in banners-external.php Multiple Directory Traversal Vulnerabilities in Exero CMS 1.0.1 Default Theme Directory Traversal Vulnerability in Acronis Snap Deploy PXE Server Denial of Service Vulnerability in Acronis Snap Deploy PXE Server Unspecified vulnerability in F-Secure anti-virus products allows remote code execution or denial of service via malformed archive Arbitrary Script Injection in SNewsCMS Rus 2.1-2.4 via search.php Arbitrary Web Script Injection in Multiple Time Sheets (MTS) 5.0 and Earlier Arbitrary File Read Vulnerability in Multiple Time Sheets (MTS) 5.0 and Earlier PHPauction GPL 2.51 Multiple Remote File Inclusion Vulnerabilities Local Privilege Escalation via Symlink Attack in axyl 2.1.7 Integer Overflow Vulnerability in Xiph.org libvorbis 1.2.0 and Earlier Heap overflow vulnerability in Xiph.org libvorbis 1.2.0 and earlier through crafted OGG file Integer Overflow in libvorbis 1.2.0 and Earlier Allows Remote Code Execution via Crafted OGG File SQL Injection Vulnerability in Easy-Clanpage 2.2 Gallery Module SQL Injection Vulnerability in album.asp in KAPhotoservice: Remote Code Execution SQL Injection Vulnerability in Joobi Acajoom Component for Joomla! Arbitrary Script Injection in Ubercart 5.x Module for Drupal Denial of Service Vulnerability in SILC Server before 1.1.1 SQL Injection Vulnerability in links.asp in ASPapp Insecure Storage of Encryption Key in RaidSonic NAS-4220-B Firmware Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 Microsoft Word Use-After-Free Vulnerability Allows Remote Code Execution Windows Saved Search Code Execution Vulnerability Token Kidnapping Vulnerability in Microsoft Windows XP, Vista, Server 2003, and Server 2008 Denial of Service Vulnerability in Microsoft Malware Protection Engine Denial of Service Vulnerability in Microsoft Malware Protection Engine PGM Invalid Length Vulnerability PGM Malformed Fragment Denial of Service Vulnerability HTML Objects Memory Corruption Vulnerability SAMI Format Parsing Vulnerability in Microsoft DirectX 7.0 and 8.1 Denial of Service Vulnerability in Active Directory on Windows Servers IPP ISAPI Extension Integer Overflow Vulnerability The Kaminsky Bug: DNS Insufficient Socket Entropy Vulnerability URL Parsing Cross-Domain Information Disclosure Vulnerability Memory Overwrite Vulnerability in WINS Service on Microsoft Windows 2000 and Server 2003 Bluetooth Stack Remote Code Execution Vulnerability DNS Cache Poisoning Vulnerability in Microsoft DNS Memory Corruption Vulnerability in Microsoft Office PowerPoint Array Index Vulnerability in Microsoft Windows Event System Arbitrary Code Execution Vulnerability in Microsoft Windows Event System CS-Cart 1.3.2 and 1.3.5-SP2 Trial Edition Cross-Site Scripting (XSS) Vulnerability in index.php SQL Injection Vulnerability in Alberghi (com_alberghi) Component for Mambo and Joomla! SQL Injection Vulnerability in Joovideo Component for Mambo and Joomla! Buffer Overflow in XnView 1.92.1 via Long Filename Argument SQL Injection Vulnerability in RunCMS Section Module Cross-Site Scripting (XSS) Vulnerability in Imperva SecureSphere MX Management Server 5.0 Multiple SQL Injection Vulnerabilities in Gallarific Free Edition 1.1 Detodas Restaurante (com_restaurante) 1.0 SQL Injection Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in W-Agora 4.0 Arbitrary Command Execution via URI in CenterIM 4.22.3 and Earlier Namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input Unauthenticated Object Editing Vulnerability in Gallarific Free Edition 1.1 Incomplete Blacklist Vulnerability in IISWebAgentIF.dll Allows for Cross-Site Scripting (XSS) Attacks Out-of-Bounds Write Vulnerability in Panda Internet Security 2008 and Antivirus+ Firewall 2008 Stack-based Buffer Overflow in ListCtrl ActiveX Control (ListCtrl.ocx) Allows Remote Code Execution Privilege Escalation Vulnerability in Symantec Altiris Deployment Solution 6.8.x Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Roundup before 1.4.4 XML-RPC Server Property Permissions Bypass in Roundup 1.4.4 Unspecified Cross-Site Scripting (XSS) Vulnerability in Serendipity (S9Y) before 1.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in eForum 0.4's busca.php Denial of Service Vulnerability in Home FTP Server 1.4.5.89 Arbitrary Web Script Injection Vulnerability in index.php of cyberfrogs.net cfnetgs 0.24 Denial of Service Vulnerability in Sun Solaris 10 RPC.metad Cross-Site Scripting (XSS) Vulnerability in webSPELL 4.1.2 index.php Multiple Integer Overflows in xine-lib 1.1.11 and Earlier Leading to Heap-Based Buffer Overflows and Possible Code Execution Local User Hijacking of Forwarded X Connections in OpenSSH 4.3p2 and Other Versions Predictable Random Number Generation in PunBB Password Reset Arbitrary Web Script Injection in PunBB 1.2.16 and Earlier via get_host Parameter in moderate.php SQL Injection Vulnerability in Phorum before 5.2.6 Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in LinPHA before 1.3.3 Remote Code Execution Vulnerability in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 Integer Overflow and Heap-Based Buffer Overflow in VLC 0.8.6e MP4_ReadBox_rdrf Function Buffer Overflow Vulnerability in Aurigma ActiveX Control ImageUploader4.ocx 4.1.36.0 Remote Code Execution Vulnerability in ASUS Remote Console (ARC) 2.0.0.19 and 2.0.0.24 Directory Traversal Vulnerabilities in CoronaMatrix phpAddressBook 2.11 Arbitrary File Inclusion Vulnerability in Cuteflow Bin 1.5.0 SQL Injection Vulnerability in Easy-Clanpage 2.2: Remote Code Execution via inc/module/online.php Unrestricted File Upload Vulnerability in PEEL Administrer/Produits.php Multiple SQL Injection Vulnerabilities in PEEL Stack-based Buffer Overflow in NetWin SurgeMail IMAP Service Stack-based Buffer Overflow in NetWin Surgemail IMAP Service Arbitrary Web Script Injection Vulnerability in cPanel 11.18.3 and 11.21.0-BETA Arbitrary Script Injection via PHPSESSID Parameter in TinyPortal 0.8.6 and 1.0.3 Denial of Service Vulnerability in IRCU-based Servers Cross-Site Scripting (XSS) Vulnerability in KSES HTML Filtering Cross-Site Scripting (XSS) Vulnerability in F5 BIG-IP 9.4.3 Web Management Interface Arbitrary Code Injection via Lang Parameter in phpHeaven phpMyChat 0.14.5 Remote File Inclusion Vulnerability in SSTREAMTV Custompages Component for Joomla! Information Disclosure Vulnerability in PEEL (possibly 3.x and earlier) via phpinfo.php Default Account Vulnerability in PEEL Software Allows Remote Administrative Access SQL Injection Vulnerability in EfesTech E-Kontör Allows Remote Code Execution SQL Injection Vulnerability in XLPortal 2.2.4 and Earlier: Remote Code Execution via index.php Arbitrary Web Script Injection in Alkacon OpenCMS 7.0.3 Multiple PHP Remote File Inclusion Vulnerabilities in ooComments 1.0 Directory Traversal Vulnerability in eXtreme Styles Module (XS-Mod) for phpBB SQL Injection Vulnerability in Danneo CMS 0.5.1 and Earlier: Remote Code Execution via HTTP Referer Header Denial of Service Vulnerability in Linux Kernel 2.6.9 and Earlier on s390 Platforms Remote Code Execution Vulnerability in OTRS SOAP Interface Array Index Error in xnu Kernel Allows Privilege Escalation and Denial of Service in Mac OS X 10.5 Kaspersky Anti-Virus and Internet Security Privilege Escalation Vulnerability Remote Privilege Escalation in ZyXEL Prestige Routers Default Password Vulnerability in ZyXEL Prestige Routers Information Disclosure Vulnerability in ZyXEL Prestige Routers Default public SNMP Community on ZyXEL Prestige Routers Allows Remote Administrative Actions Default SNMP Configuration Vulnerability on ZyXEL Prestige Routers Lack of Salt in Password Hashing in ZyXEL Prestige Routers Authentication Bypass Vulnerability in ZyXEL Prestige Routers Information Disclosure Vulnerability in ZyXEL Prestige Routers Weak Password Policy in ZyXEL Prestige Routers Memory Corruption Vulnerability in GnuPG (gpg) 1.4.8 and 2.0.8 Denial of Service Vulnerability in lighttpd's connection_state_machine Function Denial of Service Vulnerability in Perlbal before 1.70 with Buffered Upload Unspecified Remote Article Operations Vulnerability in Joomla! 1.5 XML-RPC Blogger API Plugin Directory Traversal Vulnerabilities in PowerPHPBoard 1.00b Arbitrary SQL Command Execution in Matti Kiviharju rekry Component for Joomla! Cross-Site Scripting (XSS) Vulnerability in Pictures Pro Photo Cart 4.1 PowerScripts PowerBook 1.21 Directory Traversal Vulnerability Cross-site scripting (XSS) vulnerability in ManageEngine EventLog Analyzer 5.0 allows remote code injection via searchText parameter in searchAction.do Arbitrary SQL Command Execution in PHP-Nuke Platinum 7.6.b.5 Forums Module SQL Injection Vulnerability in Datsogallery (com_datsogallery) 1.3.1 Module for Joomla! and Mambo Arbitrary File Read Vulnerability in HIS Webshop 2.50 Insecure Default Password Vulnerability in Airspan Base Station Distribution Unit (BSDU) Default User ID and Password Vulnerability in Airspan WiMAX ProST Web Management Component Vulnerability in setRequestHeader Method of XMLHttpRequest in Microsoft Internet Explorer 5.01, 6, and 7 HTTP Request Smuggling Vulnerability in Internet Explorer 7 Remote Denial of Service Vulnerability in Mitsubishi Electric GB-50 and GB-50A Air-Conditioning Control Systems Open Redirect Vulnerability in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 Multiple SQL Injection Vulnerabilities in Aeries Browser Interface (ABI) 3.8.3.14 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CubeCart 4.2.1 index.php SQL Injection Vulnerability in Photo 3.02 Module for RunCMS (viewcat.php) Buffer overflow vulnerability in silc_pkcs1_decode function in silcpkcs1.c in SILC Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 Arbitrary File Inclusion Vulnerability in TopperMod 1.0 mod.php SQL Injection Vulnerability in TopperMod 2.0 Allows Remote Code Execution Arbitrary File Inclusion Vulnerability in BolinOS 4.6.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in BolinOS 4.6.1 Information Disclosure Vulnerability in BolinOS 4.6.1 Uncontrolled Array Index Vulnerability in MPlayer 1.0 rc2 SQL Injection Vulnerability in Bernard Gilly AlphaContent (com_alphacontent) 2.5.8 Component for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in Digiappz DigiDomain 2.2 Denial of Service Vulnerabilities in Wireshark 0.99.5 through 0.99.8 Denial of Service Vulnerability in Wireshark LDAP Dissector Denial of Service Vulnerability in Wireshark's SCCP Dissector Directory Traversal Vulnerability in Dan Costin File Transfer before 1.2f Arbitrary File Inclusion Vulnerability in PJIRC 0.5 Module for phpBB Cross-Site Scripting (XSS) Vulnerability in ManageEngine Applications Manager 8.x Cleartext Storage of Sensitive Information in phpMyAdmin Session Files Arbitrary Command Execution Vulnerability in Comix 3.6.4 Local Privilege Escalation via Symlink Attack in policyd-weight 0.1.14 beta-16 and Earlier Incomplete Fix for Race Condition in create_lockpath Function in policyd-weight 0.1.14 beta-16 Allows Arbitrary File Modification or Deletion Directory Traversal Vulnerability in Apple Mac OS X Image Capture Web Server Arbitrary File Overwrite and Image Display Vulnerability in Apple Mac OS X Image Capture Out-of-Bounds Read Vulnerability in ImageIO Engine Integer Overflow in ImageIO: Remote Code Execution and Denial of Service Vulnerability in Apple Mac OS X Arbitrary Code Execution via Crafted Embedded Font in Apple Type Services (ATS) Server Memory Initialization Vulnerability in Apple Mac OS X SMTP Server Unspecified vulnerability in Apple Pixlet Video codec allows remote code execution or denial of service Sensitive Information Exposure in Single Sign-On Program Information Disclosure Vulnerability in Apple Mac OS X 10.5 Wiki Server Automatic SSL Client Certificate Sending Vulnerability in Safari Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution Unspecified vulnerability in Apple QuickTime before 7.5 allows remote code execution via crafted AAC-encoded file Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution via Crafted PICT Image Stack-based Buffer Overflow in Apple QuickTime Indeo.qtx Codec Arbitrary Program Execution via Unrecognized URIs in Apple QuickTime Denial of Service Vulnerability in ImageIO on Apple iPhone OS and iPod touch Address Bar Spoofing Vulnerability in Safari on Apple iPhone and iPod Touch Vulnerability: Safari on Apple iPhone and iPod touch Misinterprets Menu Button Press for Web Site Confirmation Memory Corruption Vulnerability in JavaScriptCore in WebKit on Apple iPhone and iPod Touch SQL Injection Vulnerability in PostNuke 0.764 and Earlier Bypassing Access Restrictions in MQSeries 5.1 on HP NonStop and Tandem NSK Platforms Kernel Memory Vulnerability in IBM AIX 5.2, 5.3, and 6.1 Denial of Service Vulnerability in IBM AIX 5.2 and 5.3 Inadequate Directory Permission Enforcement in IBM AIX 5.2 and 5.3 Incorrect Pathname Argument in Trusted Execution in IBM AIX 6.1 Allows Local Users to Modify Trusted Files Denial of Service Vulnerability in IBM AIX 6.1 WPAR System Call Implementation Arbitrary Kernel Memory Read Vulnerability in IBM AIX 6.1 Privilege Escalation via nddstat Programs on IBM AIX 5.2, 5.3, and 6.1 Privilege Escalation Vulnerability in lsmcode Program on IBM AIX 5.2, 5.3, and 6.1 Privilege Escalation via Stack-based Buffer Overflow in IBM AIX Reboot Program Stack-based Buffer Overflow in Orbit Downloader 2.6.3 and 2.6.4 GNB DesignForm 3.9 Cross-Site Scripting (XSS) Vulnerability Unspecified Cross-Site Scripting (XSS) Vulnerability in PerlMailer before 3.02 Arbitrary File Overwrite Vulnerability in LEADTOOLS Multimedia Toolkit 15 Multiple Directory Traversal Vulnerabilities in Elastic Path (EP) 4.1 and 4.1.1 SQL Injection Vulnerability in haberoku.php in Serbay Arslanhan Bomba Haber 2.0 Clever Copy 3.0 postview.php SQL Injection Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Just Another Flat File (JAF) CMS 4.0 RC2 Stack-based Buffer Overflow in TallSoft Quick TFTP Server Pro 2.1 Stack-based Buffer Overflow in TFTP Server SP 1.4 for Windows Denial of Service Vulnerability in Squid 2.6.STABLE17 via Array Shrink SQL Injection Vulnerability in ioRD.asp in RedDot CMS 7.5 Build 7.5.0.48 and Earlier Versions Privilege Escalation via Symlink Vulnerability in suPHP Denial of Service Vulnerability in Linux Kernel 2.6.18 on AMD64 Architectures Double Free Vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab) Allows Remote Code Execution Username Enumeration Vulnerability in Watchguard Firebox PPTP VPN Service Denial of Service Vulnerability in Xen 5.1 on IA64 Architectures 2X TFTP Service Directory Traversal Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in GeeCarts Multiple PHP Remote File Inclusion Vulnerabilities in GeeCarts SQL Injection Vulnerability in admin_view_image.php in Smoothflash Directory Traversal Vulnerability in Jshop Server 1.x through 2.x Privilege Escalation Vulnerability in avast! Home and Professional 4.7 for Windows SQL Injection Vulnerability in eggBlog before 4.0.1 via Unspecified Cookie Arbitrary Deletion of Email Notification Alerts in CDS Invenio 0.92.1 and Earlier Stack-based Buffer Overflow in Linux Audit Logging Library Arbitrary Web Script Injection Vulnerability in PHPkrm before 1.5.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CuteFlow 1.5.0 and 2.10.0 SQL Injection Vulnerability in CuteFlow Login Form Multiple SQL Injection Vulnerabilities in CuteFlow 2.10.0 Unspecified Vulnerability in Mondo Rescue: Unknown Impact and Attack Vectors JV2 Folder Gallery 3.1 index.php Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in Keep It Simple Guest Book (KISGB) Allows Remote File Inclusion JV2 Quick Gallery 1.1 index.php Cross-Site Scripting (XSS) Vulnerability Insufficient Randomness in PowerDNS Recursor: DNS Cache Poisoning Vulnerability World-writable permissions in Nik Sharpener Pro plug-in files allow privilege escalation through Trojan horse replacement SQL Injection Vulnerability in Neat Weblog 0.2 - Remote Code Execution via articleId Parameter SQL Injection Vulnerability in JGS-Treffen Addon for Woltlab Burning Board (wBB) SQL Injection Vulnerability in EfesTECH Video 5.0 Default.asp Directory Traversal Vulnerability in Sava's GuestBook 2.0 Directory Traversal Vulnerability in LANDesk Management Suite (LDMS) PXE TFTP Service (PXEMTFTP.exe) SQL Injection Vulnerability in Sava's Link Manager 2.0 (viewlinks.php) Arbitrary File Read Vulnerability in phpSpamManager (phpSM) 0.53 beta Arbitrary SQL Command Execution in WP-Download 1.2 Plugin for WordPress Arbitrary File Overwrite Vulnerability in ChilkatHttp ActiveX Controls Denial of Service Vulnerability in Sympa before 5.4 Arbitrary Web Script Injection in EasyNews 4.0 via XSS Vulnerability SQL Injection Vulnerability in EasyNews 4.0: Remote Code Execution via read Parameter in edp_Help_Internal_News Action Arbitrary File Inclusion Vulnerability in EasyNews 4.0 Directory Traversal Vulnerability in Perlbal's _serve_request_multiple Function Directory Traversal Vulnerability in Sava's Link Manager 2.0 Adobe Flash and Multiple UPnP Services Interaction Vulnerability Unspecified DNS Rebinding Vulnerability in Adobe Flash Player Adobe ColdFusion 8 and 8.0.1 CFC Method Invocation Vulnerability Bypassing ForceCommand Directive in OpenSSH 4.4 - 4.9 Format String Vulnerability in PolicyKit's Grant Helper Privilege Escalation Vulnerability in HP LDAP-UX vB.04.10 through vB.04.15 Unspecified Local File and Directory Access Vulnerability in useradd on HP-UX Remote Code Execution Vulnerability in HP StorageWorks Storage Mirroring (SWSM) Unspecified vulnerability in HP System Administration Manager (SAM) allows remote attackers to read or modify arbitrary files Arbitrary Web Script Injection Vulnerability in HP System Management Homepage (SMH) 2.1.10 and 2.1.11 Unspecified Remote Denial of Service Vulnerability in HP-UX libc Unspecified Remote Code Execution Vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDAP Connector Unspecified Vulnerability in HP Oracle for OpenView (OfO) with Unknown Impact and Attack Vectors Arbitrary Process Termination Vulnerability in European Performance Systems (EPS) Probe Builder 2.2 Privilege Escalation via Misconfigured PAM Authentication in FTP Server Race condition vulnerability in Linux kernel before 2.6.25.2 allows local users to execute code in parallel or obtain re-ordered access to the descriptor table in fcntl functionality Progressive PNG Image Loader Heap-Based Buffer Overflow in KDE 4.0.x up to 4.0.3 Denial of Service and Arbitrary Code Execution Vulnerability in start_kdeinit Denial of Service Vulnerability in OpenSSL 0.9.8f and 0.9.8g ASN.1 BER Length Validation Vulnerability Unspecified Local Attack Vector in tehuti.c Driver in Linux Kernel 2.6.x Bypassing Certificate Authority Profile Constraints in Red Hat PKI Common Framework Buffer Overflow in Regular Expression Handler in Red Hat Directory Server 8.0 and 7.1 Memory Leak in OpenSSL's zlib_stateful_init Function Allows Remote DoS Heap-based Buffer Overflow in Python's imageop.c Information Disclosure Vulnerability in PHP-Nuke Platinum 7.6.b.5 Unspecified Vulnerability in IBM DB2 Content Manager: AllowedTrustedLogin Privilege Remote File Inclusion Vulnerability in Online FlashQuiz Component for Joomla! Symlink Attack Vulnerability in inetd Debug Logging on Sun Solaris 10 Pointer Arithmetic Vulnerability in GCC 4.2.0 through 4.3.0 Array Index Vulnerability in Speex 1.1.12 and Earlier: Remote Code Execution Unquoted Output Vulnerability in GNU m4 before 1.4.11 Arbitrary Code Execution Vulnerability in GNU m4 before 1.4.11 Stack Consumption Vulnerability in WebContainer.exe 1.0.0.336 and Earlier in SLMail Pro 6.3.1.0 and Earlier Remote Code Execution and Denial of Service Vulnerability in WebContainer.exe Denial of Service Vulnerability in SLMail Pro 6.3.1.0 and Earlier Eterm 0.9.4 Local X11 Connection Hijacking Vulnerability Arbitrary Code Execution via Crafted Font Object in Poppler Arbitrary File Overwrite Vulnerability in vcdiff of Emacs 20.7 to 22.1.50 Arbitrary File Inclusion Vulnerability in DaZPHPNews 0.1-1 Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) Allows Remote Code Execution Arbitrary Script Injection in Simple Gallery 2.2 via gallery.php Arbitrary SQL Command Execution in Desi Quintans Writer's Block CMS 3.8a via Permalink.php Denial of Service Vulnerability in WorkSite Web 8.2 Denial of Service Vulnerability in Novell NetWare 6.5 via Crafted Macintosh iPrint Client Request Absolute Path Traversal Vulnerability in my_gallery 2.3 Plugin for e107 Multiple Buffer Overflows in TIBCO Software Rendezvous: Remote Code Execution Vulnerability Arbitrary Code Execution Vulnerability in TIBCO Software Enterprise Message Service (EMS) and iProcess Engine Format String Vulnerability in IBM solidDB 06.00.1018 and Earlier: Remote Code Execution Uncontrolled Array Index Vulnerability in IBM solidDB 06.00.1018 and Earlier Denial of Service Vulnerability in IBM solidDB 06.00.1018 and Earlier Memory Allocation Vulnerability in IBM solidDB 06.00.1018 and Earlier Buffer Overflow in Microsoft Visual InterDev 6.0 (SP6) via Malformed Project Line in Studio Solution File Privilege Escalation via Untrusted Search Path in IBM AIX 6.1 Cleartext Password Storage Vulnerability in Terong PHP Photo Gallery 1.0 PHP Remote File Inclusion Vulnerability in mxBB mx_blogs 2.0.0 beta Denial of Service Vulnerability in NoticeWare Email Server 4.6.1.0 Arbitrary SQL Command Execution in FaScript FaPhoto 1.0 via show.php SQL Injection Vulnerability SQL Injection Vulnerability in AuraCMS 2.2.1 and Earlier: Remote Code Execution via country Parameter Arbitrary Script Injection Vulnerability in WoltLab Community Framework (WCF) 1.0.6 Path Disclosure Vulnerability in WoltLab Community Framework (WCF) 1.0.6 Buffer Overflow Vulnerability in Autonomy KeyView Allows Remote Code Execution via Crafted MIME Attachment CSRF Vulnerabilities in Nuke ET 3.2 and 3.4 Allow Remote Administrative Actions Buffer Overflow Vulnerability in Rsync 2.6.9 to 3.0.1 with Extended Attribute Support Arbitrary Code Execution via Integer Signedness Error in Python zlib Extension Module Integer overflows in CUPS 1.3 allow for denial of service and memory corruption via crafted PNG image Stack-based Buffer Overflow in SecureTransport FileTransfer ActiveX Control Arbitrary File Overwrite Vulnerability in IBiz E-Banking Integrator 2.0.2932 Multiple SQL Injection Vulnerabilities in KnowledgeQuest 2.6 Unauthenticated Access to admincheck.php Allows Creation of Arbitrary Admin Accounts in KnowledgeQuest 2.5 and 2.6 Denial of Service Vulnerability in Ignite Realtime Openfire 3.4.5 Vulnerability: Incorrect Menu Settings in Drupal 6 before 6.2 ARWScripts Gallery Script Lite Directory Traversal Vulnerability Privacy Information Disclosure Vulnerability in Simple Access Module for Drupal SQL Injection Vulnerability in showpredictionsformatch.php in Prediction Football 1.x SQL Injection Vulnerability in Pragmatic Utopia PU Arcade Component for Joomla! Interpretation Conflict Vulnerability in PHP Toolkit on Gentoo Linux Denial of Service Vulnerability in BitDefender Antivirus 2008 Improper Parameter Validation in Comodo Firewall Pro before 3.0 Denial of Service and Privilege Escalation Vulnerability in Sophos Anti-Virus 7.x Denial of Service Vulnerability in Rising Antivirus 2008 Memory Corruption Vulnerability in Apple QuickTime Denial of Service Vulnerability in Cisco Unified Presence Service Denial of Service Vulnerability in Cisco Unified Presence SIP Proxy Service Memory Leak Vulnerability in Cisco Unified Communications Manager (CUCM) CTL Provider Service Memory Leak Vulnerability in Cisco Unified Communications Manager (CUCM) Allows Remote DoS Attacks Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) CAPF Service (CSCsk46770) Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) SNMP Trap Agent Service Unspecified Denial of Service Vulnerability in Cisco Unified Communications Manager Improper Validation of SIP URLs in Cisco Unified Communications Manager Memory Leak Vulnerability in Cisco Content Switching Module (CSM) and CSM-S SQL Injection Vulnerability in Integry Systems LiveCart 1.1.1 and Earlier: Remote Code Execution via /category URI Directory Traversal Vulnerabilities in Ksemail's index.php Sensitive Information Exposure in ezRADIUS 0.1 Cross-site scripting (XSS) vulnerability in Alkacon OpenCMS 7.0.3 via searchfilter parameter in sessions.jsp Clear-text storage of Deployment Solution Agent password in Symantec Altiris Deployment Solution before 6.9.164 Arbitrary File Read Vulnerability in World of Phaos 4.0.1 Unspecified Denial of Service Vulnerability in Sun N1 Grid Engine 6.1 Qmaster Daemon ConcoursPhoto Module for KwsPHP 1.0 - Cross-Site Scripting (XSS) Vulnerability in index.php ConcoursPhoto Module for KwsPHP: Remote SQL Injection Vulnerability SQL Injection Vulnerability in Jeuxflash Module for KwsPHP: Remote Code Execution via cat Parameter Multiple PHP Remote File Inclusion Vulnerabilities in Blogator-Script before 1.01 Denial of Service and Arbitrary Code Execution Vulnerability in Opera (Versions before 9.27) Memory Corruption Vulnerability in Opera HTML CANVAS Element Arbitrary SQL Command Execution in Blogator-script 0.95 via id_art Parameter Unspecified Vulnerability in Opera Before 9.27: Keyboard Handling of Password Inputs Buffer Overflow in Adobe Photoshop Album Starter Edition 3.2 and After Effects CS3 via Invalid BMP Image Header Unspecified Vulnerabilities in phpBB Before 3.0.1 with Unknown Impact and Attack Vectors Buffer Overflow in libxslt: Denial of Service and Possible Code Execution Integer overflows in VLC leading to denial of service and buffer overflow vulnerabilities Out-of-Bounds Array Access and Memory Corruption Vulnerability in VLC CRLF Injection Vulnerability in Akamai Download Manager ActiveX Control Integer Overflow in ws_getpostvars Function in Firefly Media Server Cleartext Password Storage Vulnerability in iScripts SocialWare Remote File Inclusion Vulnerability in Dragoon 0.1 via root Parameter in includes/header.inc.php Pligg 9.9.0 editlink.php SQL Injection Vulnerability Arbitrary Script Injection in ManageEngine Firewall Analyzer 4.0.3 Remote Code Execution Vulnerability in PhpBlock A8.4 via PATH_TO_CODE Parameter in basicfogfactory.class.php Denial of Service Vulnerability in Novell eDirectory 8.8.2 Unspecified vulnerability in floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms Denial of Service Vulnerability in Sun Solaris 8, 9, and 10 Unspecified Vulnerability in Solaris 10 Trusted Extensions Labeled Networking Functionality Sensitive File Disclosure in Advanced Software Engineering ChartDirector 4.1 via viewsource.php Arbitrary User Deletion Vulnerability in Prozilla Reviews 1.0 Remote Administrative Actions Vulnerability in Prozilla Topsites 1.0 Arbitrary User Account Deletion Vulnerability in Prozilla Top 100 1.2 Arbitrary Code Execution Vulnerability in DSM gui_cm_ctrls ActiveX Control Multiple Cross-Site Scripting (XSS) Vulnerabilities in Poplar Gedcom Viewer 2.0 SQL Injection Vulnerability in Prozilla Entertainers 1.1 and Earlier via cat Parameter in directory.php SQL Injection Vulnerability in Prozilla Forum's forum.php Allows Remote Code Execution Unrestricted File Upload Vulnerability in iScripts SocialWare: Remote Arbitrary File Upload via Crafted Logo File Arbitrary SQL Command Execution in My Gaming Ladder 7.5 and Earlier Arbitrary Web Script Injection Vulnerability in Flickr Drupal Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Smart Classified ADS Professional, Smart Photo ADS, and Smart Photo ADS Gold Cross-Site Scripting (XSS) Vulnerabilities in Webform Drupal Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Blackboard Academic Suite Predictable Temporary Directory Names in Comix 3.6.4: Local Denial of Service Vulnerability Denial of Service Vulnerability in Secure Computing Webwasher Arbitrary File Inclusion Vulnerability in Dragoon 0.1 Arbitrary File Read Vulnerability in sabros.us 1.75 thumbnails.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in DivXDB 0.94b Integer Underflow Vulnerability in rdesktop 1.5.0's iso_recv_msg Function Buffer Overflow in rdesktop 1.5.0's process_redirect_pdu Function Allows Remote Code Execution Heap-based Overflow in xrealloc function in RDesktop 1.5.0 Fragmented Packets TTL Bypass Vulnerability Skype Incomplete Blacklist Vulnerability Arbitrary Code Execution via Integer Overflow in FreeType2 Arbitrary Code Execution via Invalid Number of Axes Field in FreeType2 Off-by-one errors leading to arbitrary code execution in FreeType2 Heap-based Buffer Overflow in Novell eDirectory LDAP Search Request Untrusted Search Path Vulnerability in SAP MaxDB 7.6.03.15 on Linux Insufficient Authorization Checks in Oracle Application Express 3.0.1 (APEX01) EM01: Unspecified Vulnerability in Oracle Enterprise Manager with Unknown Impact and Local Attack Vectors Multiple Unspecified Vulnerabilities in Oracle Database Components Unspecified Remote Vulnerability in Oracle Secure Enterprise Search or Ultrasearch Component (DB04) Unspecified vulnerability in Oracle Database Change Data Capture Component (DB02) Unspecified Vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 with Remote Authenticated Attack Vectors Unspecified vulnerabilities in Oracle Database versions 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 with remote attack vectors and unknown impact Unspecified Remote Authentication Vulnerability in Oracle Database 11.1.0.6 (DB08) Unspecified Local Attack Vector Vulnerability in Oracle Net Services (DB09) Unspecified vulnerability in Oracle Database Data Pump component (versions 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6) with remote attack vectors and unknown impact related to KUPF$FILE_INT (aka DB11) Unspecified vulnerability in Oracle Database Advanced Queuing component (DB15) APEX02: Unspecified Remote Vulnerability in Oracle Application Express 3.0.1 Unspecified Remote Code Execution Vulnerability in Oracle Jinitiator Component Unspecified Remote Code Execution Vulnerability in Oracle Dynamic Monitoring Service (AS02) AS03: Unspecified Remote Vulnerability in Oracle Portal Component Unspecified Vulnerabilities in Oracle E-Business Suite 11.5.10.2 with Unknown Impact and Attack Vectors Unspecified Vulnerabilities in Oracle E-Business Suite Components Unspecified Remote Authenticated Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne (PSE01) Unspecified Remote Code Execution Vulnerability in PeopleSoft HCM Recruiting Component Unspecified Remote Code Execution Vulnerability in PeopleSoft HCM ePerformance Component Unspecified Vulnerabilities in Oracle Siebel SimBuilder Component Arbitrary File Overwrite Vulnerability in Cecilia 2.0.5 Remote Code Execution Vulnerability in ClamAV 0.92.1 via Crafted WWPack Compressed PE Binary Arbitrary File Read Vulnerability in Swfdec before 0.6.4 Bypassing ClamAV Scanning Engine via Invalid RAR Version Number Buffer Over-read Vulnerability in ClamAV's rfc2231 Function Denial of Service Vulnerability in libclamunrar in ClamAV SQL Injection Vulnerability in BosClassifieds Classified Ads System 3.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in WORK System E-Commerce 4.0.9 SQL Injection Vulnerability in Coppermine Photo Gallery (CPG) 1.4.16 and Earlier via Content-Type Header in upload.php SQL Injection Vulnerability in Coppermine Photo Gallery (CPG) 1.4.17 and Earlier Integer Signedness Error in HP OpenView Network Node Manager (OV NNM) Allows Remote Code Execution SQL Injection Vulnerability in browse.php in W2B DatingClub: Remote Code Execution via age_to Parameter SQL Injection Vulnerability in cat.php in W2B phpHotResources: Remote Code Execution via kind Parameter Privilege Escalation Vulnerability in Korn Shell (mksh) on MirOS Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver before 7.0 SP15 SQL Injection Vulnerability in CoronaMatrix phpAddressBook 2.11: Remote Code Execution via id Parameter in view.php Arbitrary Web Script Injection Vulnerability in JoomlaXplorer Component Directory Traversal Vulnerability in JoomlaXplorer Component 1.6.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Omnistar Interactive OSI Affiliate Login Page Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) Denial of Service Vulnerability in SmarterMail Web Server Remote Memory Corruption Vulnerability in McAfee Common Management Agent (CMA) Unauthenticated Directory Traversal and Local File Inclusion in LinPHA 1.3.3 and Earlier Directory Traversal Vulnerabilities in Make our Life Easy (Mole) 2.1.0's viewsource.php SQL Injection Vulnerability in 724Networks 724CMS 4.01 and Earlier: Remote Code Execution via ID Parameter Arbitrary SQL Command Execution in events.php of iScripts SocialWare Static Code Injection Vulnerability in LokiCMS 0.3.3 and Earlier: Remote PHP Code Injection via admin.php Arbitrary File Inclusion Vulnerability in ExBB Italia 0.22 and Earlier ExBB Italia 0.22 and earlier Remote File Inclusion Vulnerability SQL Injection Vulnerability in Prozilla Cheat Script 2.0: Remote Code Execution via view_reviews.php SQL Injection Vulnerability in Prozilla Freelancers' project.php Allows Remote Code Execution Stack-based Buffer Overflow in msx_readnode Function in openMosix Arbitrary PHP Script Upload and Execution in Blog Pixel Motion SQL Injection Vulnerability in Blog Pixel Motion Unauthenticated Remote Database Backup Dump in Blog Pixel Motion SQL Injection Vulnerability in Site Sift Listings: Remote Code Execution via id Parameter SQL Injection Vulnerability in PIGMy-SQL 1.4.1 and Earlier via id Parameter in getdata.php SQL Injection Vulnerability in Scriptsagent.com Links Directory 1.1 - Remote Code Execution via cat_id Parameter SQL Injection Vulnerability in Comdev News Publisher 4.1.2 via arcmonth Parameter XSS Vulnerability in Nuke ET Private Message Feature SQL Injection Vulnerability in Xpoze Pro 3.05 and Earlier: Arbitrary SQL Command Execution in account/user/mail.html Terong PHP Photo Gallery 1.0 - SQL Injection Vulnerability in index.php VisualPic 0.3.1 - PHP Remote File Inclusion Vulnerability in index.php Arbitrary File Read Vulnerability in tss 0.8.1 Stack-based Buffer Overflow in demux_nsf_send_chunk Function in xine-lib Bypassing SYSDBA Authentication in Firebird on Gentoo Linux Stack-based Buffer Overflow in ParseSSA Function in VLC 0.8.6e Allows Remote Code Execution Insecure Password Storage in Blackboard Academic Suite 7.x Directory Traversal Vulnerability in Wikepage Opus 13 2007.2 index.php Arbitrary Code Execution via Directory Traversal in NeffyLauncher 1.0.5 ActiveX Control Weak Cryptography in NeffyLauncher ActiveX Control Allows Bypass of KeyCode Protection Buffer Overflow Vulnerability in PyString_FromStringAndSize Function in Python 2.5.2 and Earlier Arbitrary Script Injection in Microsoft Windows SharePoint Services 2.0 SQL Injection Vulnerability in XplodPHP AutoTutorials 2.1 and Earlier Jom Comment 2.0 build 345 Component SQL Injection Vulnerability WEBrick Directory Traversal Vulnerability Cross-site scripting (XSS) vulnerability in bs_auth.php in Blogator-script 0.95 and 1.01 W2B Online Banking - PHP Remote File Inclusion Vulnerability in index.php Arbitrary Web Script Injection Vulnerability in BusinessObjects InfoView XI R2 SP1, SP2, and SP3 Multiple SQL Injection Vulnerabilities in Carbon Communities 2.4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Carbon Communities 2.4 and Earlier Unauthenticated Call Spoofing Vulnerability in Asterisk Open Source Arbitrary Code Execution and Denial of Service Vulnerability in WkImgSrv.dll Arbitrary Member Information Editing Vulnerability in Carbon Communities 2.4 and Earlier Symlink Attack Vulnerability in aptlinex before 0.91 Inadequate Warning in aptlinex GUI Allows Remote Package Manipulation Remote File Inclusion Vulnerability in Newanz NewsOffice 1.0 and 1.1 Authentication Bypass in Cicoandcico CcMail 1.0.1 and Earlier Denial of Service Vulnerability in Nero MediaHome 3.3.3.0 and Earlier Arbitrary Script Injection in cpCommerce 1.1.0 calendar.php Multiple SQL Injection Vulnerabilities in cpCommerce 1.1.0 Multiple Directory Traversal Vulnerabilities in cpCommerce 1.1.0 Arbitrary SQL Command Execution Vulnerability in PHPKB Comment.php Remote Code Execution Vulnerability in Borland InterBase 2007 SP2 SQL Injection Vulnerability in 1024 CMS 1.4.2 beta and Earlier DivX Player 6.7 Buffer Overflow Vulnerability SQL Injection Vulnerability in Lasernet CMS 1.5 and 1.11 Stack-based Buffer Overflow in BigAnt IM Server's AntServer Module SQL Injection Vulnerability in DevWorx BlogWorx 1.0 view.asp Cross-Site Scripting (XSS) Vulnerabilities in Ubercart 5.x Module for Drupal Multiple Cross-Site Scripting (XSS) Vulnerabilities in AMFPHP 1.2 SQL Injection Vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307 (and 7.00.2) SQL Injection Vulnerability in YourFreeWorld Apartment Search Script ICQ 6.0 Build 6043 Personal Status Manager Heap-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in 5th Avenue Shopping Cart 1.2 Trial Edition Stack-based Buffer Overflows in Sarg: Arbitrary Code Execution via Crafted Squid Log File Denial of Service Vulnerability in Asterisk IAX2 Channel Driver Arbitrary File Read Vulnerability in phpMyAdmin Buffer Overflow Vulnerability in InspIRCd 1.1.18: Denial of Service via Crafted Nicknames Audit Log Injection Vulnerability in Login Utility Double Free Vulnerability in Perl 5.8.8 Allows Denial of Service via Crafted Regular Expression with UTF8 Characters Buffer Overflow Vulnerability in Imager 0.42 through 0.63 Cryptographic Splicing Vulnerability in WordPress 2.5 Cookie Authentication Local Privilege Escalation via Crafted IOCTL Request in Realtek HD Audio Codec Drivers Arbitrary Code Execution via Crafted IOCTL Request in Realtek HD Audio Codec Drivers ActiveX Control Absolute Path Traversal Vulnerability in Zune's SaveToFile Method SQL Injection Vulnerability in commentaires.php in Crazy Goomba 1.2.1 SQL Injection Vulnerability in Filiale 1.0.4 Component for Joomla! SQL Injection Vulnerability in Classifieds Caffe's index.php Allows Remote Code Execution User Form Processing Privilege Escalation Vulnerability Sony Mylo COM-2 Japanese Model Firmware SSL Certificate Verification Vulnerability Multiple SQL Injection Vulnerabilities in W1L3D4 Philboard 1.0 Bypassing RBAC Restrictions in grsecurity's sys_setfsuid and sys_setfsgid Calls Akiva WebBoard 8.0 Profile Update Cross-Site Scripting (XSS) Vulnerability Remote Code Execution and Denial of Service Vulnerability in Foxit Reader 2.2 Buffer Overflow Vulnerability in XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 Buffer Overflow in XenSource Xen PVFB Message 3.0 through 3.0.3 Arbitrary File Read Vulnerability in QEMU 0.9.0 Privilege Escalation via Default Configuration of su in GNU coreutils 5.2.1 Apache Tomcat Cross-Site Scripting (XSS) Vulnerability in host-manager/html/add Buffer Overflow Vulnerability in libgnutls Multiple Client Hello Messages Denial of Service Vulnerability in GnuTLS Integer Signedness Error in GnuTLS Ciphertext2Compressed Function Untrusted search path vulnerability in Red Hat build script for sblim libraries Denial of Service Vulnerability in XenSource Xen Para Virtualized Frame Buffer (PVFB) Cross-site scripting (XSS) vulnerability in Magnolia Sitedesigner search template (before 1.1.5) allows remote code injection via query parameter SQL Injection Vulnerability in Web Calendar Pro 4.1 and Earlier: Remote Code Execution via user_id Parameter in one_day.php Arbitrary Web Script Injection Vulnerability in Martin BOUCHER MyBoard 1.0.12 Arbitrary Web Script Injection Vulnerability in Wikepage Opus 13 2007.2 SQL Injection Vulnerability in News.php in TR Script News 2.1 Arbitrary Code Execution via Unrestricted File Upload in Tr Script News 2.1 Stack-based Buffer Overflow in SIPp 3.0's get_remote_video_port_media Function ContRay 3.x Cross-Site Scripting (XSS) Vulnerability in search.cgi SQL Injection Vulnerability in Voice Of Web AllMyGuests 0.4.1 Directory Traversal Vulnerabilities in Aterr 0.9.1 Remote File Inclusion Vulnerability in Quate Grape Web Statistics 0.2a Stack-based Buffer Overflow in demux_nsf_send_headers Function in xine-lib Argument Injection Vulnerability in IBM Lotus Expeditor Client for Desktop Buffer Overflow Vulnerabilities in IBM DB2 JAR File Administration Routines Arbitrary Web Script Injection Vulnerability in Cezanne CFLogon/CFLogon.asp SQL Injection Vulnerabilities in Cezanne 7: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cezanne 6.5.1 and 7 Insecure Permissions in muCommander before 0.8.2 Allow Local Credential Theft Insecure Password Checking in phShoutBox Allows Privilege Escalation Multiple Cross-Site Scripting (XSS) Vulnerabilities in Exponent CMS User Account Creation Feature Heap-based Buffer Overflow in SubEdit Player Build 4056 and 4066: Remote Code Execution Vulnerability Arbitrary Web Script Injection Vulnerability in Horde Kronolith 2.1.7, Groupware Webmail Edition 1.0.6, and Groupware 1.0.5 SQL Injection Vulnerability in E-RESERV 2.1 - Remote Code Execution via ID_loc Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Drupal Internationalization (i18n) and Localizer Modules Cross-Site Request Forgery (CSRF) Vulnerability in Internationalization (i18n) Drupal Module Arbitrary Script Injection in Ubercart 5.x Module for Drupal CA ARCserve Backup 12.0.5454.0 and Earlier Discovery Service Denial of Service Vulnerability Arbitrary Web Script Injection in E-Publish Drupal Module CSRF Vulnerability in E-Publish Drupal Module Arbitrary SQL Command Execution in Spreadsheet (wpSS) Plugin for WordPress Arbitrary Web Script Injection in Advanced Electron Forum (AEF) 1.0.6 Denial of Service Vulnerability in CA Secure Content Manager 8.0.28000.511 and Earlier Arbitrary Web Script Injection Vulnerability in DigitalHive 2.0 RC2 Arbitrary Web Script Injection Vulnerability in Blog Pixel Motion EncapsGallery 2.0.2 Search Parameter Cross-Site Scripting (XSS) Vulnerability Unrestricted File Upload Vulnerability in EncapsGallery 2.0.2 Remote File Inclusion Vulnerability in 123 Flash Chat 6.8.0 Module for e107 SQL Injection Vulnerabilities in Acidcat CMS 3.4.1: Remote Code Execution Arbitrary Web Script Injection in Acidcat CMS 3.4.1 admin_colors_swatch.asp Vulnerability in Acidcat CMS 3.4.1 allows for unauthorized email relaying Unrestricted File Upload Vulnerability in Acidcat CMS 3.4.1 Multiple stack-based buffer overflows in Acon 1.0.5-5 through 1.0.5-7 Incorrect Classification of Connections in Sun Java System Directory Proxy Server Denial of Service Vulnerability in licq before 1.3.6 Unspecified Remote Code Execution Vulnerability in IBM DB2 8, 9.1, and 9.5 Arbitrary File Overwrite Vulnerability in IBM DB2 NNSTAT Procedure Address Bar Spoofing Vulnerability in Apple Safari 3.1.1 Denial of Service Vulnerability in Apple Safari 3.1.1 via Infinite Loop in JavaScript Denial of Service Vulnerability in Apple Safari 3.1.1 via File URI Multiple CSRF Vulnerabilities on Motorola Surfboard SB5100-2.3.3.0-SCM00-NOSH: Remote DoS and Device Reboot Insufficient Access Control in BadBlue 2.72 Personal Edition Allows Remote Code Execution Arbitrary File Read Vulnerability in QEMU 0.9.1 Denial of Service and Remote Code Execution Vulnerability in WonderWare SuiteLink Remote Code Execution and Denial of Service Vulnerability in Apple iCal 3.0.1 Buffer Overflow in Trillian Basic and Pro 3.1.9.0: Remote Code Execution via Display Names in MSN Protocol Denial of Service Vulnerability in Xiph.org libvorbis before 1.0 Unspecified Remote Code Execution Vulnerability in Apple QuickTime Player Arbitrary Code Execution via Cross-Site Scripting (XSS) in National Rail Enquiries Live Departure Boards Gadget SQL Injection Vulnerability in PostSchedule 1.0 Module for PostNuke SQL Injection Vulnerability in pnFlashGames Module for PostNuke Denial of Service Vulnerability in Mozilla Firefox 3.0 beta 5 Arbitrary File Creation and Overwrite Vulnerabilities in WatchFire AppScan 7.0 ActiveX Controls Remote File Inclusion Vulnerability in ChiCoMaS 2.0.4 Allows Arbitrary Code Execution Chilek Content Management System (ChiCoMaS) 2.0.4 Directory Traversal Vulnerability Unsafe Macro Expansions in AssignUser Function of PHPizabi 0.848b C1 HFP3 Insufficient Fix for CAPTCHA Brute-Force Attack in Simple Machines Forum (SMF) Insufficient Image Variation in CAPTCHA Implementation Lhaplus Heap-Based Buffer Overflow in ZOO Archive Comment Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in PD9 Software MegaBBS 2.2 SQL Injection Vulnerabilities in PD9 Software MegaBBS 2.2 Arbitrary Web Script Injection in miniBB 2.2 index.php Apache Struts Cross-site scripting (XSS) vulnerability on SUSE Linux Enterprise (SLE) and openSUSE versions RSA Authentication Agent 5.3.0.258 XSS Vulnerability in WebID/IISWebAgentIF.dll Open Redirect Vulnerability in RSA Authentication Agent 5.3.0.258 for Web for IIS Path Disclosure Vulnerability in miniBB 2.2 and Earlier Versions Multiple SQL Injection Vulnerabilities in miniBB 2.2 and Earlier Versions Arbitrary Web Script Injection in F5 FirePass 4100 SSL VPN Remote Denial of Service Vulnerability in VicFTPS 5.0 via Crafted LIST Command FTP Service Denial of Service Vulnerability in Acritum Femitter Server 1.03 SQL Injection Vulnerability in Download Monitor WordPress Plugin (Version 2.0.6) Arbitrary web script injection vulnerability in multiple modules for XOOPS, XOOPS Cube, and ImpressCMS SQL Injection Vulnerability in Koobi Pro 6.25: Remote Code Execution via poll_id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in EditeurScripts EsContacts 1.0 Multiple SQL Injection Vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.1.0 Stack-based Buffer Overflow in HTTP::getAuthUserPass Function in Peercast and Gnome-Peercast Unspecified Vulnerabilities with Grave Impact in eGroupWare 1.4.004 Remote Code Execution Vulnerability in Adobe Acrobat Professional 7.0.9 and 8.1.1 CSRF Vulnerabilities in cPanel Allowing Remote Code Execution and Administrative Actions Authentication Bypass and Remote Code Execution in netOffice Dwins 1.3 p2 Absolute Path Traversal Vulnerability in SugarCRM Sugar Community Edition 4.5.1 and 5.0.0 Arbitrary Script Injection Vulnerability in Softpedia SiteXS CMS 0.1.1 Pre-Alpha SQL Injection Vulnerabilities in Angelo-Emlak 1.0: Remote Code Execution Arbitrary Web Script Injection Vulnerability in Angelo-Emlak 1.0 Sensitive Information Disclosure in E-Post Mail Server 4.10 POP3 Server Stack-based Buffer Overflow in FastCGI SAPI in PHP Incomplete Multibyte Chars Vulnerability in escapeshellcmd API Function in PHP Open Redirect Vulnerability in Bitrix Site Manager 6.5's redirect.php Allows for Phishing Attacks Privilege Escalation Vulnerability in Cisco Unified Customer Voice Portal Unspecified Remote Code Execution Vulnerability in CiscoWorks Common Services Denial of Service Vulnerability in Cisco ASA and PIX Security Appliances Denial of Service Vulnerability in Cisco ASA and PIX Security Appliances Denial of Service Vulnerability in Cisco Adaptive Security Appliance (ASA) and Cisco PIX Security Appliance Denial of Service Vulnerability in Cisco ASA and PIX Security Appliances Bypassing Control-Plane ACLs in Cisco ASA and PIX Security Appliances Denial of Service and Traffic Bypass Vulnerability in Cisco IPS Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) CTI Manager Service Authentication Bypass Vulnerability in Cisco Unified Communications Manager SQL Injection Vulnerability in Joovili 3.1 browse.videos.php Unspecified Vulnerabilities in PhpGedView Before 4.1.5: Critical API Design Flaw SQL Injection Vulnerability in Jokes.php Allows Remote Code Execution Cross-site scripting (XSS) vulnerability in miniBB 2.2a and earlier versions allows remote attackers to inject arbitrary web script or HTML via the whatus parameter in bb_admin.php. SQL Injection Vulnerability in miniBB 2.2a and Earlier Versions WordPress 2.5 Cross-Site Scripting (XSS) Vulnerability Buffer Overflow in Novell GroupWise 7 via Long Argument in mailto: URI Remote Code Injection Vulnerability in WHM Interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 CSRF Vulnerabilities in WHM Interface 11.15.0 for cPanel 11.18 and 11.22 Cross-site scripting (XSS) vulnerability in Virtual Design Studio vlbook 1.21 index.php Virtual Design Studio vlbook 1.21 - Directory Traversal Vulnerability in include/global.inc.php Multiple PHP Remote File Inclusion Vulnerabilities in Harris Wap Chat 1.0 Arbitrary Web Script Injection in AstroCam pic.php Arbitrary File Inclusion Vulnerability in ActualAnalyzer Lite 2.78 Unspecified Vulnerability in Plain Black WebGUI 7.4.34: Data Form List View Vulnerability User-Assisted Remote Code Execution in Robocode before 1.6.0 via AWT Event Queue Vulnerability Privilege Bypass Vulnerability in MySQL Stack-based Buffer Overflow in NASA CDF Library Allows Arbitrary Code Execution Arbitrary File Inclusion Vulnerability in Siteman 2.0.x2 index.php Arbitrary Script Injection via module Parameter in Siteman 2.0.x2 Arbitrary SQL Command Execution in Prozilla Hosting Index's directory.php SQL Injection Vulnerability in MyArticles 0.6 beta-1 Module for RunCMS Stack-based buffer overflows in SIPp 3.1: Remote Code Execution and Denial of Service Vulnerability Java Web Start File Inclusion Vulnerability SQL Injection Vulnerability in Softbiz Web Host Directory Script SQL Injection Vulnerability in PHP Forge 3.0 Beta 2: Remote Code Execution via admin/news.php SCTP Protocol Implementation Denial of Service Vulnerability in Sun Solaris 10 SCTP Protocol Implementation Vulnerability in Sun Solaris 10 Arbitrary File Inclusion Vulnerability in Kubelance 1.6.4 Denial of Service Vulnerability in Linksys SPA-2102 Phone Adapter 3.3.6 SQL Injection Vulnerability in Community Builder Profiler Component SQL Injection Vulnerability in Article.php in XOOPS Article Module Arbitrary SQL Command Execution Vulnerability in FlippingBook Component for Joomla! SQL Injection Vulnerability in BackLinkSpider: Remote Code Execution via cat_id Parameter Buffer Overflow in openwsman Management Service in VMware ESXi and ESX Arbitrary Code Execution Vulnerability in VMware Host Guest File System (HGFS) Arbitrary Code Execution Vulnerability in VMware Workstation, Player, and ACE Buffer Overflow Vulnerabilities in VIX API 1.1.x VMware Consolidated Backup (VCB) Command-Line Password Exposure Vulnerability Bugzilla 2.17.2 and Later Cross-Site Scripting (XSS) Vulnerability Bypassing Canconfirm Check in Bugzilla 3.1.3 WebService Email Spoofing Vulnerability in Bugzilla 2.23.4, 3.0.x, and 3.1.x Remote Denial of Service Vulnerability in Call of Duty 4 (CoD4) 1.5 and Earlier Predictable Seed Generation Vulnerability in PHP 4.x and 5.x Insufficient Precision in GENERATE_SEED Macro: Weakening Brute Force Attacks on PHP 4.x and 5.x Denial of Service (CPU Consumption) Vulnerability in libid3tag 0.15.0b Arbitrary PHP Code Execution via Unrestricted File Upload in QTOFileManager 1.0 Arbitrary Code Execution Vulnerability in Yahoo! Assistant 3.6 and Earlier Root Privilege Escalation Vulnerability in Sun Ray Kiosk Mode 4.0 SQL Injection Vulnerability in PHPEasyData 1.5.4: Remote Code Execution via annuaire.php Arbitrary SQL Command Execution in Pre Shopping Mall 1.1 via search parameter in emall/search.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in ScriptsEZ.net Power Editor 2.0 Arbitrary File Read Vulnerabilities in ScriptsEZ.net Power Editor 2.0 Cross-site scripting (XSS) vulnerability in Project Alumni 1.0.9 allows remote attackers to inject arbitrary web script or HTML via the year parameter in news.page.inc. SQL Injection Vulnerability in Project Alumni 1.0.9: Remote Code Execution via info.php Denial of Service Vulnerability in Asterisk Open Source and Business Edition Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain JSP source code. TCP SYN Flood Vulnerability in Sun Solaris 8, 9, and 10 Denial of Service Vulnerability in IBM Rational Build Forge 7.0.2 Arbitrary Web Script Injection in SAP Internet Transaction Server (ITS) 6.20 Arbitrary SQL Command Execution in fipsASP fipsCMS via modules/print.asp SQL Injection Vulnerability in Musicbox 2.3.6 and 2.3.7: Remote Code Execution via artistId Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tux CMS 0.1 Arbitrary Script Injection in CMS Faethon 2.2 Ultimate search.php Remote File Inclusion Vulnerability in CMS Faethon 2.2 Ultimate SQL Injection Vulnerability in Galleristic 1.0 Allows Remote Code Execution via cat Parameter Remote SQL Injection Vulnerability in iGaming CMS 1.5 poll_vote.php Cross-site scripting (XSS) vulnerability in mvnForum 1.1 GA through quick reply button SQL Injection Vulnerability in Systementor PostcardMentor's step1.asp Allows Remote Code Execution via cat_fldAuto Parameter Cross-site scripting (XSS) vulnerability in Tru-Zone Nuke ET 3.x Journal Module Arbitrary User Account Access and Data Manipulation Vulnerability in Tru-Zone Nuke ET 3.x Journal Module SQL Injection Vulnerabilities in VisualShapers ezContents 2.0.0 Memory Leak Vulnerability in Linux Kernel's ipip6_rcv Function Denial of Service Vulnerability in Linux Kernel's sparc_mmap_check and sparc64_mmap_check Functions Remote Access Bypass Vulnerability in Oracle Application Server Portal 10g Privilege Escalation Vulnerability in rPath Appliance Platform Agent 2 and 3 CSRF Vulnerability in rPath Appliance Platform Agent Allows Remote Root Password Reset Automatic Execution of .flc Files in Emacs 21 and XEmacs Allows Arbitrary Code Execution Cache-Control: no-cache directive in Microsoft Outlook Web Access (OWA) may lead to sensitive information caching Unspecified Remote Code Execution Vulnerabilities in Solaris Print Service Stack-based Buffer Overflow in Novell Client: Denial of Service and Arbitrary Code Execution Path Traversal Vulnerability in WordPress before 2.2.3 Untrusted Search Path Vulnerability in VideoLAN VLC Vulnerability: File Time Modification Denial of Service in Linux Kernel Stack-based Buffer Overflow in Wordnet's searchwn Function Heap-based buffer overflow in OpenOffice.org (OOo) allows remote code execution Arbitrary File Creation Vulnerability in IBM DB2 Arbitrary Command Execution Vulnerability in EMC AlphaStor 3.1 SP1 for Windows Stack-based Buffer Overflow Vulnerabilities in EMC AlphaStor Server Agent Cache Bypass Vulnerability in Microsoft Internet Explorer 7 Arbitrary Code Execution Vulnerabilities in Windows CE 5.0 Image Processing Buffer Overflow Vulnerability in TFTP Server SP 1.4 and 1.5 on Windows SonicWall Email Security 6.1.1 XSS Vulnerability in Error Page Arbitrary Web Script Injection Vulnerability in IBM Lotus Quickr 8.1 Arbitrary Web Script Injection in Cisco BBSM Captive Portal 5.3 Arbitrary Web Script Injection Vulnerability in Sun Java System Web Server ZyXEL ZyWALL 100 XSS Vulnerability in 404 Error Page Apache 2.2.6 XSS Vulnerability in UTF-7 Encoded URLs Avici Router Denial of Service Vulnerability via Crafted BGP UPDATE Messages Denial of Service Vulnerability in Century Routers via Crafted BGP UPDATE Messages Unspecified Denial of Service Vulnerability in AlaxalA AX Routers via Crafted BGP UPDATE Messages Denial of Service Vulnerability in Hitachi GR Routers via Crafted BGP UPDATE Messages Yamaha Router Denial of Service Vulnerability via Crafted BGP UPDATE Messages Unspecified Vulnerabilities in Robin Rawson-Tetley Animal Shelter Manager (ASM) Before 2.2.2 SQL Injection Vulnerability in Gamma Scripts BlogMe PHP 1.1: Remote Code Execution via comments.php Arbitrary Script Injection in Zomplog 3.8.2 via catname Parameter Multiple SQL Injection Vulnerabilities in phpDirectorySource 1.1.06 Arbitrary Script Injection in LifeType 1.2.7 admin.php via searchTerms Parameter SysAid 5.1.08 SystemList.jsp Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in cpLinks 1.03 Multiple Cross-Site Scripting (XSS) Vulnerabilities in cpLinks 1.03 via search.php Arbitrary Web Script Injection in TYPO3 Powermail Extension SQL Injection Vulnerability in SMartBlog 1.3: Remote Code Execution via idt Parameter Multiple SQL Injection Vulnerabilities in SMartBlog 1.3 Directory Traversal Vulnerability in SMartBlog (SMBlog) 1.3 Allows Remote File Inclusion Chilek Content Management System (ChiCoMaS) 2.0.4 - Cross-Site Scripting (XSS) Vulnerability in index.php Arbitrary Web Script Injection in Mjguest 6.7 GT Rev.01 via mjguest.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in EJ3 BlackBook 1.0 SQL Injection Vulnerability in viewfaqs.php in AnServ Auction XL SQL Injection Vulnerability in Online Rent 4.5 and Earlier: Remote Code Execution via pid Parameter SQL Injection Vulnerability in pnEncyclopedia Module 0.2.0 and Earlier for PostNuke Arbitrary PHP Code Injection Vulnerability in IT!CMS 1.9 Remote File Inclusion Vulnerability in Thomas Gossmann ScorpNews 2.0: Arbitrary PHP Code Execution Arbitrary SQL Command Execution in DeluxeBB 1.2 and Earlier via forums.php Static Code Injection Vulnerability in DeluxeBB 1.2 and Earlier: Remote Admin Code Injection via admincp.php Arbitrary Script Injection in LifeType 1.2.8 admin.php SQL Injection Vulnerability in BlogWriter Module 2.0 for Miniweb Remote File Inclusion Vulnerability in Kmita Tellfriend 2.0 and Earlier Remote File Inclusion Vulnerability in Kmita Mail 3.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Weblog 4.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Recipe 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Uploader 4.0 Maian Search 1.1 SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Search 1.1 Maian Music 1.1 - SQL Injection Vulnerability in index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Music 1.1 Maian Gallery 2.0 Cross-Site Scripting (XSS) Vulnerability in admin/index.php SQL Injection Vulnerability in Maian Greeting 2.1: Remote Code Execution via Search Action Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Greeting 2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Support 1.3 Maian Guestbook 3.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in admin/inc/footer.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Cart 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Maian Links 3.1 Stack-based Buffer Overflow in Castle Rock Computing SNMPc 7.1 and Earlier: Remote Code Execution Vulnerability Directory Traversal Vulnerabilities in Project-Based Calendaring System (PBCS) 0.7.1-1 Unrestricted File Upload Vulnerability in Project-Based Calendaring System (PBCS) 0.7.1 Arbitrary File Inclusion Vulnerability in Content Management System 0.6.1 for Phprojekt Buffer Overflow Vulnerability in Nortel Multimedia Communication Server (MCS) Arbitrary Web Script Injection Vulnerability in C-News.fr C-News 1.0.1 install.php PHP Remote File Inclusion Vulnerabilities in Interact Learning Community Environment Interact 2.4.1 Unspecified Privilege Escalation Vulnerability in IBM WebSphere Application Server 5.0.2 Java Plugin SQL Injection Vulnerability in EQdkp 1.3.2f Login.php Allows Authentication Bypass SQL Injection Vulnerability in vShare YouTube Clone 2.6: Remote Code Execution via tid Parameter PHP Remote File Inclusion Vulnerabilities in SazCart 1.5.1 with Enabled Register Globals SQL Injection Vulnerability in gameCMS Lite 1.0 - Remote Code Execution via systemId Parameter Arbitrary Document Export Vulnerability in OpenKM Arbitrary File Inclusion Vulnerabilities in PHP-Fusion Forum Rank System 6 Arbitrary PHP Code Execution via Remote File Inclusion in Cyberfolio 7.12 Untrusted Search Path Vulnerability in reportbug and reportbug-ng SQL Injection Vulnerability in Slashcode R_2_5_0_94 and Earlier Privilege Escalation via Shell Metacharacters in afuse 0.2 Openwsman SSL Session Replay Vulnerability Buffer Overflow Vulnerabilities in Openwsman 1.2.0 and 2.0.0 via Crafted Authorization: Basic HTTP Header Weak Permissions on OpenSC Smart Cards and USB Crypto Tokens Allow PIN Change Arbitrary Script Injection in Blosxom.cgi via flav Parameter Heap-based Buffer Overflow in OpenOffice.org (OOo) 2.x Allows Remote Code Execution via Crafted WMF File Heap-based Buffer Overflow in OpenOffice.org (OOo) 2.x Stack-based Buffer Overflow in IBM Lotus Domino Web Server Service Directory Traversal Vulnerability in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 Buffer Overflow Vulnerabilities in CA BrightStor ARCServe Backup Server Remote Code Execution Vulnerability in Microsoft Office Word 2002 SP3 Heap-based Buffer Overflow in Microsoft Windows Image Color Management System (MSCMS) Allows Remote Code Execution IPsec Policy Import Vulnerability in Windows Vista and Server 2008 Arbitrary Script Injection Vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 Arbitrary Script Injection Vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 GDI Integer Overflow Vulnerability in Microsoft Windows Windows Kernel Window Creation Vulnerability Windows Kernel Double Free Vulnerability Windows Kernel Memory Corruption Vulnerability Windows Media Player SSPL Remote Code Execution Vulnerability HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6 and 7 Uninitialized Memory Access Vulnerability in Microsoft Internet Explorer 5.01, 6, and 7 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01, 6, and 7 HTML Objects Memory Corruption Vulnerability HTML Objects Memory Corruption Vulnerability HTML Component Handling Vulnerability in Microsoft Internet Explorer 6 and 7 SQL Injection Vulnerability in linking.page.php in Automated Link Exchange Portal Cross-site scripting (XSS) vulnerability in index.php in CyrixMED 1.4 SQL Injection Vulnerability in EMO Realty Manager's news.php Allows Remote Code Execution Arbitrary File Overwrite Vulnerability in UUDeview 0.5.20 Arbitrary Code Execution via Incomplete Blacklist Vulnerability in CMS Made Simple FileManager Module Open Redirect Vulnerability in Mjguest 6.7 GT Rev.01 Allows User-Assisted Phishing Attacks AS-GasTracker 1.0.0 Authentication Bypass Vulnerability PHP Remote File Inclusion Vulnerabilities in PHPWAY Kostenloses Linkmanagementscript Privilege Escalation Vulnerability in Site Documentation Drupal Module Aruba Mobility Controller Multiple Cross-Site Scripting (XSS) Vulnerabilities Unspecified Privilege Escalation Vulnerability in Aruba Mobility Controller Unspecified Cross-Site Scripting (XSS) Vulnerability in TYPO3 sr_feuser_register Extension Arbitrary Code Execution and File Deletion Vulnerability in sr_feuser_register Extension for TYPO3 CSRF Vulnerability in Mantis 1.1.1 Allows Creation of Administrative Users Arbitrary SQL Command Execution in Feedback and Rating Script 1.0 via listingid Parameter SQL Injection Vulnerability in Freelance Auction Script 1.0: Remote Code Execution via browseproject.php Plaintext Password Storage in Freelance Auction Script 1.0 Cross-Site Scripting (XSS) Vulnerability in Script PHP PicEngine 1.0 Cross-zone scripting vulnerability in Print Table of Links feature in Internet Explorer 6.0, 7.0, and 8.0b Authentication Bypass in Internet Photoshow and Internet Photoshow Special Edition (SE) via login_admin Cookie Arbitrary File Overwrite Vulnerability in IDAutomation ActiveX Controls Remote File Inclusion Vulnerability in Fusebox 5.5.1 Inadequate Recognition of Authorized Keys with Options in ssh-vulnkey Tool SQL Injection Vulnerability in Symantec Altiris Deployment Solution 6.8.x and 6.9.x Insecure Install Directory Protection in Symantec Altiris Deployment Solution Insufficient Access Control in Symantec Altiris Deployment Solution Allows for Denial of Service and Information Disclosure Unspecified Privilege Escalation Vulnerability in Symantec Altiris Deployment Solution Unspecified Privilege Escalation Vulnerability in Symantec Altiris Deployment Solution Insecure Credential Generation in Symantec Altiris Deployment Solution Buffer Overflow Vulnerability in Net-SNMP's __snprint_value Function Authentication Bypass and Privilege Escalation in Multi-Page Comment System (MPCS) 1.0 and 1.1 Remote Privilege Escalation in Pet Grooming Management System 2.0 via Useradded.php Cross-Site Scripting (XSS) Vulnerability in Rgboard 3.0.12 Rgboard 3.0.12 PHP Remote File Inclusion Vulnerability Authentication Bypass Vulnerability in Rantx's admin.php File Authentication Bypass Vulnerability in Web Slider 0.6 Insecure Encryption Settings Vulnerability in Citrix Presentation Server and Access Essentials Unspecified Remote Desktop Access Vulnerability in Citrix Presentation Server and Access Essentials SQL Injection Vulnerability in Kostenloses Linkmanagementscript Cross-site scripting (XSS) vulnerability in Django administration login form Integer Signedness Error in Safari on Apple iPhone and iPod Touch Buffer Overflow in Apple Core Image Fun House 2.0 and Earlier: Arbitrary Code Execution and Denial of Service Vulnerability Heap-based Buffer Overflow in Apple Type Services (ATS) Allows Remote Code Execution Arbitrary File Execution Vulnerability in Apple Safari on Windows Memory Corruption Vulnerability in Apple Safari WebKit Alias Manager Privilege Escalation and Denial of Service Vulnerability Incomplete Blacklist Vulnerability in CoreTypes in Apple Mac OS X Format String Vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 Symlink Attack Vulnerability in Launch Services on Apple Mac OS X Cleartext Storage of PPP Passwords in Network Preferences in Apple Mac OS X 10.4.11 Weak Permissions in Apple Mac OS X User Template Directory Vulnerability Exposé Hot Corners Vulnerability in Apple Mac OS X 10.5 Multiple integer overflows in Python 2.5.2 and earlier Integer Overflow in hashlib Module in Python 2.5.2 and Earlier Allows Cryptographic Digest Defeat Garbage Collection Vulnerability in Apple Safari's WebCore Session ID Leakage in WOHyperlink Implementation in Apple Xcode Tools Stack-based Buffer Overflow in CarbonCore API Unspecified Remote Code Execution Vulnerability in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.4 CoreGraphics Integer Overflow Vulnerability in Mac OS X Denial of Service Vulnerability in Apple Mac OS X 10.5.4 Data Detectors Engine Privilege Escalation via Repair Permissions Tool in Mac OS X 10.4.11 Disk Utility Arbitrary Code Execution and Denial of Service Vulnerability in QuickLook Denial of Service Vulnerability in Apple Bonjour for Windows Buffer underflows in LZWDecode functions in LibTIFF User Enumeration Vulnerability in Apple Mac OS X 10.5 through 10.5.4 with Active Directory Integration Insecure File Operation Issue in slapconfig of Apple Mac OS X 10.5 through 10.5.4 Weak Permissions Vulnerability in Finder on Apple Mac OS X 10.5 through 10.5.4 Memory Corruption and Arbitrary Code Execution Vulnerability in ImageIO on Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 Arbitrary Web Script Injection in Barracuda Spam Firewall (BSF) ldap_test.cgi Multiple SQL Injection Vulnerabilities in W1L3D4 Philboard 0.5 Cross-site scripting (XSS) vulnerability in search_results.php in Vastal I-Tech phpVID 1.1 and 1.2 SQL Injection Vulnerability in category.php in 68 Classifieds 4.0.1 Multiple SQL Injection Vulnerabilities in IMGallery 2.5 with Disabled Magic Quotes GPC Privilege Escalation in Interspire ActiveKB 1.5 and Earlier SQL Injection Vulnerability in Turnkey Web Tools SunShop Shopping Cart 3.5.1 (index.php) Multiple SQL Injection Vulnerabilities in News Manager 2.0 Remote Code Execution in News Manager 2.0 via ch_readalso.php Arbitrary File Read Vulnerability in News Manager 2.0 Remote Code Execution Vulnerability in News Manager 2.0 Arbitrary Code Injection through XSS in air_filemanager TYPO3 Extension Arbitrary PHP Code Execution Vulnerability in air_filemanager Extension for TYPO3 Authentication Bypass Vulnerability in AlkalinePHP 0.77.35 and Earlier Authentication Bypass Vulnerability in MyPicGallery 1.0 Vulnerability: Authentication Bypass and User Account Creation in MeltingIce File System 1.0 Remote Code Execution Vulnerability in Zomplog 3.8.2 and Earlier Arbitrary File Read Vulnerability in bcoos 1.0.9 through 1.0.13 SQL Injection Vulnerabilities in CMS WebManager-Pro: Arbitrary SQL Command Execution Arbitrary File Inclusion Vulnerability in Smeego 1.0 Arbitrary File Inclusion Vulnerability in GNU/Gallery 1.1.1.0 and Earlier Unspecified Data Export Vulnerability in testMaker before 3.0p10 Directory Traversal Vulnerability in WR-Meeting 1.0 Allows Remote File Inclusion SQL Injection Vulnerability in Archangel Weblog 0.90.02 and Earlier: Remote Code Execution via post_id Parameter Stack-based Buffer Overflow in split_redraw function in mtr before 0.73 Integer Overflow Vulnerability in Linux Kernel's DCCP Subsystem Privilege Escalation Vulnerability in system-config-network on Fedora 8 Heap-based Buffer Overflow in X.Org X11R7.3 X Server's AllocateGlyph Function Integer Overflow in ProcRenderCreateCursor Function in X.Org X11R7.3 Heap memory corruption vulnerability in X.Org X11R7.3's Render extension Heap-based Buffer Overflow in PartsBatch Class of Pan 0.132 and Earlier Unlimited Interim Responses Denial of Service Vulnerability in Apache HTTP Server Race condition vulnerability in ptrace and utrace support in Linux kernel 2.6.9 through 2.6.25 Untrusted Search Path Vulnerability in Red Hat OpenOffice.org Build Script World-readable permissions on sensitive configuration files in Red Hat Certificate System 7.2 allow local users to discover passwords. Cleartext Password Storage Vulnerability in Red Hat Certificate System 7.2 Hard-coded Authentication Key Vulnerability in Red Hat Network Satellite Server Directory Traversal Vulnerability in Apache Tomcat Heap-based Buffer Overflow in PCRE Library 7.7 Allows for Denial of Service or Arbitrary Code Execution Denial of Service Vulnerability in Linux Kernel 2.6.24 and 2.6.25 Denial of Service and Memory Allocation Vulnerability in BlueZ Memory Leak Vulnerability in vsftpd on Red Hat Enterprise Linux (RHEL) 3 and 4 Integer Overflow in Array#fill Method in Ruby GnuTLS Use-After-Free Vulnerability in _gnutls_handshake_hash_buffers_clear Function Untrusted Search Path Vulnerability in hfkernel in hf 0.7.3 and 0.8 Arbitrary Script Injection via Crafted Hyperlink in SquirrelMail (XSS) Vulnerability SQL Injection Vulnerability in Courier-Authlib: Remote Code Execution via Apostrophes SQL Injection Vulnerability in GForge GroupJoinRequest.create() Function Denial of Service Vulnerability in VNC Server CRLF Injection Vulnerability in xterm Allows Arbitrary Command Execution SQL Injection Vulnerability in mod-auth-mysql Allows Remote Code Execution Multiple Off-by-One Errors in openSUSE-Updater in openSUSE 10.2 with Unspecified Impact and Attack Vectors Local File Access Vulnerability in openSUSE 10.2's opensuse-updater Arbitrary Code Execution Vulnerability in Hpufunction.dll 4.0.0.1 SubSonic Vulnerability: Remote Denial of Service via Negative Page Index Arbitrary PHP File Execution via Unrestricted File Upload in WordPress 2.5.1 and Earlier SQL Injection Vulnerability in play.php in EntertainmentScript 1.4.0 SQL Injection Vulnerabilities in TAGWORX.CMS 3.00.02: Remote Code Execution SQL Injection Vulnerability in AlkalinePHP 0.80.00 beta and Earlier: Remote Code Execution via thread.php Remote File Inclusion Vulnerability in Wajox Software microSSys CMS 1.5 and Earlier Cross-Site Scripting (XSS) Vulnerability in dotCMS 1.x search-results.dot Arbitrary Web Script Injection Vulnerability in AppServ Open Project 2.5.10 and Earlier FireFTP Add-On Directory Traversal Vulnerability Unspecified Privilege Escalation Vulnerability in stunnel on Windows Arbitrary File Modification Vulnerability in Sun Java Active Server Pages (ASP) Server Sensitive Information Exposure in Sun Java Active Server Pages (ASP) Server Directory Traversal Vulnerabilities in Sun Java Active Server Pages (ASP) Server before 4.0.3 Stack-based Buffer Overflow in Sun Java ASP Server 4.0.3 Arbitrary Command Execution in Sun Java ASP Server 4.0.3 and Earlier Authentication Bypass Vulnerability in Sun Java Active Server Pages (ASP) Server Arbitrary Code Execution via Stack-based Buffer Overflow in Trillian AIM.DLL Remote Code Execution Vulnerability in Trillian Pro XML Parsing Remote Code Execution Vulnerability in Trillian Messenger Arbitrary Web Script Injection Vulnerability in IBM Lotus Domino Web Server Service Arbitrary SQL Command Execution in SazCart 1.5.1 and Earlier SQL Injection Vulnerability in glossaire.php in ACGV News 0.9.1 Arbitrary Web Script Injection Vulnerability in ACGV News 0.9.1 Arbitrary Web Script Injection Vulnerability in AN Guestbook (ANG) 0.4 Arbitrary File Inclusion Vulnerability in DigitalHive 2.0 RC2 SQL Injection Vulnerability in FicHive 1.0: Remote Code Execution via category parameter SQL Injection Vulnerability in How2ASP.net Webboard 4.1: Remote Code Execution via showQAnswer.asp Race condition vulnerability in STREAMS Administrative Driver (sad) in Sun Solaris 10 Remote Code Execution and Denial of Service Vulnerability in Mozilla Firefox 2.0.0.14 OCSP Functionality in stunnel before 4.24 Allows Bypass of Access Restrictions via Revoked Certificates Cross-site scripting (XSS) vulnerability in SAP Web Application Server (WAS) 7.0, Web Dynpro for ABAP, and Web Dynpro for BSP SQL Injection Vulnerability in Web Slider 0.6 Denial of Service Vulnerability in Interchange before 5.6.0 and 5.5.2 Unspecified Vulnerability in Interchange Standard Demo 404 Error Page SQL Injection Vulnerability in FicHive 1.0 index.php Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 Stack-based Buffer Overflow in NConvert, GFL SDK, and XnView: Remote Code Execution Vulnerability Multiple SQL Injection Vulnerabilities in TorrentTrader 1.08 Classic Multiple SQL Injection Vulnerabilities in Calendarix Basic 0.8.20071118 Arbitrary Code Execution Vulnerability in VLC Media Player 0.8.6h Multiple Buffer Overflows in Novell iPrint Client Insecure Directory Listing Vulnerability in Novell iPrint Client Session Hijacking Vulnerability in Trend Micro OfficeScan, Worry-Free Business Security, and Client/Server/Messaging Suite Arbitrary Library File Download and Code Execution Vulnerability in Trend Micro HouseCall ActiveX Control Trend Micro HouseCall ActiveX Control Use-After-Free Vulnerability Heap-based Buffer Overflow in Novell iPrint Client ActiveX Control Remote Code Execution Vulnerability in Trend Micro OfficeScan and Client Server Messaging Security Heap-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Directory Traversal Vulnerability in Trend Micro OfficeScan and Worry-Free Business Security Vulnerability: Cisco Secure ACS EAP Response Packet Length Handling Overflow Arbitrary SQL Command Execution in The Real Estate Script via dpage.php SQL Injection Vulnerability in CaLogic Calendars 1.2.2: Remote Code Execution via langsel Parameter Arbitrary Web Script Injection in WGCC 1.0.3 PreRelease 1 and Earlier Multiple SQL Injection Vulnerabilities in Web Group Communication Center (WGCC) 1.0.3 PreRelease 1 and Earlier SQL Injection Vulnerability in Mytipper ZoGo-shop Plugin 1.15.5 and 1.16 Beta 13 for e107 Multiple SQL Injection Vulnerabilities in Meto Forum 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpInstantGallery 2.0 Arbitrary Web Script Injection in TYPO3 Statistics Extension Arbitrary SQL Command Execution in TYPO3 Statistics Extension Arbitrary Web Script Injection in TYPO3 Questionaire Extension SQL Injection Vulnerabilities in PHP Classifieds Script Arbitrary SQL Command Execution Vulnerability in xsstream-dm Component for Joomla! SQL Injection Vulnerability in MacGuru BLOG Engine Plugin 2.2 for e107 Arbitrary SQL Command Execution in ComicShout 2.5 and Earlier Arbitrary SQL Command Execution in jokes_category.php in PHP-Jokesite 2.0 Arbitrary Web Script Injection Vulnerability in Starsgames Control Panel 4.6.2 and Earlier Arbitrary File Inclusion Vulnerability in EntertainmentScript 1.4.0 SQL Injection Vulnerability in vBulletin 3.7.0 Gold faq.php Netious CMS 0.4 index.php SQL Injection Vulnerability Caucho Resin XSS Vulnerability in viewfile Documentation Command Arbitrary File Download and Code Execution in Microsoft Office Snapshot Viewer ActiveX Control Denial of Service Vulnerability in MLD6 Query Handling Buffer Overflow Vulnerabilities in QIP Server Service in LANDesk Management Suite Heap-based Buffer Overflow in SPF_dns_resolv_lookup Function in libspf2 Remote Code Execution and Denial of Service Vulnerability in InstallShield Update Service Agent ActiveX Control Remote Code Execution Vulnerability in ABB Process Communication Unit 400 (PCU400) 4.4 through 4.6 via Crafted Packet in X87 Web Interface Arbitrary Command Execution in eBay Enhanced Picture Uploader ActiveX Control IPv6 Neighbor Discovery Protocol (NDP) Implementation Vulnerability: Spoofed Messages Exploit FIB to Cause DoS and Network Traffic Disclosure Arbitrary SQL Command Execution in MxBB Portal 2.7.3 via index.php Arbitrary Code Execution Vulnerability in cPanel's wwwacct Script Multiple SQL Injection Vulnerabilities in phpFix 2.0 Remote File Inclusion Vulnerability in plusPHP Short URL Multi-User Script 1.6 PHP Remote File Inclusion Vulnerability in phpRaider 1.0.7 and 1.0.7a Arbitrary File Inclusion Vulnerability in OneCMS 2.5 Directory Traversal Vulnerability in Xomol CMS 1.20071213 SQL Injection Vulnerability in Xomol CMS 1.20071213: Remote Code Execution via email Parameter Arbitrary Web Script Injection Vulnerability in PCPIN Chat URL Redirection Script Unspecified vulnerability in eMule Plus before 1.2d related to staticservers.dat processing SQL Injection Vulnerability in MAXSITE 1.10 and Earlier: Remote Code Execution via Webboard Action Unauthenticated User Account Creation in RoomPHPlanning 1.5 Arbitrary SQL Command Execution in TYPO3 Library for Frontend Plugins Extension Arbitrary Code Injection through KJ Image Lightbox 2 Extension in TYPO3 AbleSpace 1.0 adv_cat.php SQL Injection Vulnerability Multiple SQL Injection Vulnerabilities in Campus Bulletin Board 3.4 Arbitrary Web Script Injection Vulnerability in Campus Bulletin Board 3.4 Zina 1.0 RC3 index.php Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in Zina 1.0 RC3 index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Quate CMS 0.3.4 CRLF Injection Vulnerability in Mambo before 4.6.4 SQL Injection Vulnerabilities in Mambo index.php Arbitrary Code Execution via Crafted URL in IBM Lotus Sametime Community Services Multiplexer Arbitrary Code Injection through MOStlyContent Editor (MOStlyCE) Component in Mambo SQL Injection Vulnerabilities in PHPhotoalbum 0.5: Remote Code Execution Unspecified Remote Memory Corruption Vulnerability in eMule X-Ray Web Server Buffer Overflow Vulnerability in eMule X-Ray Uploadlist: Unknown Impact and Remote Attack Vectors Multiple SQL Injection Vulnerabilities in Simpel Side Netbutik 1-4: Remote Code Execution Arbitrary Web Script Injection Vulnerability in Simpel Side Weblosning's result.php SQL Injection Vulnerabilities in Simpel Side Weblosning 1-4: Remote Code Execution Arbitrary Web Script Injection in Calcium40.pl Arbitrary Web Script Injection Vulnerability in Tr Script News 2.1 SQL Injection Vulnerability in pwd.asp in Excuse Online Arbitrary SQL Command Execution in Upload File Plugin for WordPress Directory Traversal Vulnerability in UmxEventCli.CachedAuditDataList.1 ActiveX Control Arbitrary File Read Vulnerability in Symantec Backup Exec System Recovery Manager Kernel Buffer Overflow Vulnerability in IBM AIX 5.2, 5.3, and 6.1 Privilege Escalation via Buffer Overflow in IBM AIX errpt Privilege Escalation Vulnerability in iostat in IBM AIX 5.2, 5.3, and 6.1 Operator Precedence Vulnerability in libpam-pgsql 0.6.3 Command Line Exposure Vulnerability in SaraB Script Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 and 7.0 before Update 3 in advanced search mechanism Directory Traversal Vulnerability in Core FTP Client 2.1 Build 1565 Multiple PHP Remote File Inclusion Vulnerabilities in BigACE 2.4 Arbitrary SQL Command Execution Vulnerability in YABSoft Mega File Hosting Script (MFH or MFHS) 1.2 SQL Injection Vulnerability in Battle.net Clan Script for PHP 1.5.3 and Earlier SQL Injection Vulnerability in Autopatcher Server Plugin in RakNet Arbitrary User Post and Comment Vulnerability in BlogPHP 2.0 Arbitrary Web Script Injection in TYPO3 Event Database Extension Arbitrary Code Injection through Cross-Site Scripting (XSS) in WT Gallery Extension for TYPO3 Arbitrary Web Script Injection in ActualAnalyzer Server, Gold, Pro, and Lite Authentication Bypass Vulnerability in Citrix Access Gateway SQL Injection Vulnerability in Advanced Links Management (ALM) 1.5.2: Remote Code Execution via catId Parameter in read.php Multiple SQL Injection Vulnerabilities in Concepts & Solutions QuickUpCMS Arbitrary Script Injection in Build A Niche Store (BANS) 3.0 Search Script SQL Injection Vulnerability in AJ Square aj-hyip: Remote Code Execution via id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phoenix View CMS Pre Alpha2 and Earlier Directory Traversal Vulnerability in Phoenix View CMS Pre Alpha2 and Earlier Multiple SQL Injection Vulnerabilities in Phoenix View CMS Pre Alpha2 and Earlier SQL Injection Vulnerability in YABSoft Advanced Image Hosting (AIH) Script 2.1 and Earlier SQL Injection Vulnerability in cat.php in HispaH Model Search Crontab File Manipulation Vulnerability on Sun Solaris and OpenSolaris Vulnerability: Arbitrary Data Access and File Corruption in Sun Cluster Global File System Unprompted Download Vulnerability in Apple Safari Multiple stack-based buffer overflows in CA eTrust Secure Content Manager 8.0 HTTP Gateway Service (icihttp.exe) Stack-based Buffer Overflow in getline function in BigView 1.8 Allows Arbitrary Code Execution via Crafted PNM File Remote Denial of Service Vulnerability in Asterisk Addons Silent Mounting of /proc Filesystem in Chroot Environment Allows Unauthorized Write Access Case-Sensitive Comparison Vulnerability in Skype Versions before 3.8.0.139 Stack-based Buffer Overflow in msiexec.exe Allows Arbitrary Code Execution JPEG Thumbprint Component Buffer Overflow Vulnerability Remote Code Execution Vulnerability in Adobe Acrobat Reader 8.1.2 and Earlier Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.17 in Web Services Security component Arbitrary File Download and Execution Vulnerability in Icona SpA C6 Messenger 1.0.0.1 Denial of Service Vulnerability in Sun Solaris 10 Service Tag Registry Arbitrary Web Script Injection in Slashcode Userfield Parameter SQL Injection Vulnerabilities in BP Blog 6.0: Remote Code Execution SQL Injection Vulnerability in EasyWay CMS index.php Arbitrary SQL Command Execution in PHP Visit Counter 0.4 and Earlier Arbitrary Web Script Injection in CRE Loaded 6.2.13.1 and Earlier Insecure Cookie Handling in CRE Loaded 6.2.13.1 and Earlier Stack-based Buffer Overflow in Borland Interbase 2007 SP2 (8.1.0.256) via Malformed Packet SQL Injection Vulnerability in showpost.php in 427BB 2.3.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in 427BB 2.3.1 SQL Injection Vulnerability in PowerPhlogger 2.2.5 and Earlier: Arbitrary SQL Command Execution via edCss.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in SamTodo 1.1 SQL Injection Vulnerability in JotLoader Component for Joomla! (com_jotloader) 1.2.1.a and Earlier SQL Injection Vulnerabilities in PHP Address Book 3.1.5 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP Address Book 3.1.5 and Earlier Arbitrary Web Script Injection in Fenriru Sleipnir and Grani SQL Injection Vulnerability in Simple Shop Galore Component for Joomla! SQL Injection Vulnerability in EasyBook Component 1.1 for Joomla! Unspecified Vulnerabilities in LimeSurvey (PHPSurveyor) before 1.71 CSRF Vulnerability in LimeSurvey Allows Arbitrary Quota Modification SQL Injection Vulnerability in FlashBlog's leer_comentarios.php Allows Remote Code Execution Arbitrary Code Execution via Stack-Based Buffer Overflow in freeSSHd 1.2.1 SFTP Unrestricted File Upload Vulnerability in FlashBlog 0.31 Beta Arbitrary Command Execution in cbrPager before 0.9.17 Unspecified Local Attack Vector Vulnerability in Oracle BEA WebLogic Server Unspecified Remote Authenticated Vulnerability in Oracle BEA WebLogic Server 9.2 MP1 Unspecified Local Attack Vulnerability in Oracle BEA WebLogic Server Unspecified Remote Vulnerability in Oracle BEA WebLogic Server Plugins Unspecified Remote Code Execution Vulnerability in Oracle WebLogic Server Unspecified Remote Code Execution Vulnerability in Oracle WebLogic Server UDDI Explorer Unspecified Remote Code Execution Vulnerability in Oracle WebLogic Server Unspecified Remote Attack Vulnerability in Oracle Portal Component Unspecified Remote Authenticated Vulnerability in Oracle Report Manager Component Unspecified Remote Authenticated Vulnerability in Oracle E-Business Suite 12.0.4 Unspecified Vulnerability in Oracle Database Advanced Replication Component Unspecified Local Confidentiality Vulnerability in Oracle JDeveloper Component Unspecified SQL Injection Vulnerability in Oracle Portal Component Unspecified Vulnerability in Oracle Database and Enterprise Manager with Remote Authenticated Attack Vectors Unspecified Remote Authenticated Vulnerability in Oracle Database Vault Unspecified SQL Injection Vulnerability in Oracle Database Advanced Replication Component Unspecified Remote Code Execution Vulnerability in Oracle Portal Component Unspecified Remote Code Execution Vulnerability in Oracle Portal Component Unspecified Denial of Service Vulnerability in Oracle Internet Directory Unspecified Remote Authenticated Vulnerability in Oracle E-Business Suite 12.0.3 Mobile Application Server Unspecified Remote Vulnerability in Oracle TimesTen In-Memory Database Client/Server Component Unspecified Remote Vulnerability in Oracle TimesTen In-Memory Database 7.0.3.0.0 Unspecified Remote Vulnerability in Oracle TimesTen In-Memory Database Client/Server Component Unspecified Remote Authenticated Vulnerability in Oracle Spatial Component Unspecified Remote Authenticated Vulnerability in Oracle iStore Component Unspecified vulnerability in Oracle Database Data Pump component with remote authenticated attack vectors and unknown impact Unspecified vulnerability in Oracle Database Resource Manager component with remote authenticated attack vectors Unspecified Remote Authenticated Vulnerability in Oracle Database 11.1.0.6 Unspecified Remote Authenticated Vulnerability in Oracle Database 11.1.0.6 Unspecified Remote Authenticated Vulnerability in Oracle E-Business Suite 12.0.4 Unspecified Buffer Overflow Vulnerability in Oracle Database Advanced Queuing Component Unspecified Remote Authenticated Attack Vector in Oracle Database Data Pump Component Unspecified Remote Vulnerability in Oracle Portal Component Unspecified Remote Authenticated Vulnerability in Oracle E-Business Suite 12.0.4 Unspecified Remote Authenticated Vulnerability in Oracle Database Core RDBMS Component Unspecified Remote Vulnerability in Hyperion BI Plus Component Unspecified vulnerability in Oracle Database Scheduler component allows local privilege escalation Unspecified Remote Vulnerability in Oracle HTTP Server Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Remote Code Execution Vulnerability in Oracle Reports Developer Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Remote Authenticated Vulnerability in PeopleSoft PeopleTools Unspecified Local Confidentiality Vulnerability in Oracle JDeveloper Component Unspecified Remote Code Execution Vulnerability in Oracle OLAP Component Unspecified vulnerability in Oracle Database Core RDBMS component allows remote attackers to affect confidentiality and integrity SQL Injection Vulnerability in Battle Blog 1.25 and Earlier: Remote Code Execution via comment.asp SQL Injection Vulnerability in IDoBlog Component for Joomla! Arbitrary SQL Command Execution in eQuotes Component 0.9.4 for Joomla! SQL Injection Vulnerability in LifeType Drupal Module JooBlog (com_jb2) Component 0.1.1 SQL Injection Vulnerability Remote Denial of Service Vulnerability in Alt-N Technologies MDaemon 9.6.5 SQL Injection Vulnerability in Acctexp Component for Joomla! SQL Injection Vulnerabilities in EXP JoomRadio Component 1.0 for Joomla! SQL Injection Vulnerability in I-Pos Internet Pay Online Store 1.3 Beta and Earlier: Remote Code Execution via item Parameter Arbitrary File Creation and Overwrite Vulnerabilities in BitKinex 2.9.3 Denial of Service and Remote Code Execution Vulnerability in Cisco Linksys WRH54G Firmware 1.01.03 Cross-Site Scripting (XSS) Vulnerabilities in F5 FirePass SSL VPN 6.0.2 Hotfix 3 Arbitrary PHP Code Upload Vulnerability in 1Book 1.0.1 and Earlier CitectSCADA and CitectFacilities Stack-based Buffer Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Adobe Flex 3 History Management Feature Unspecified JavaScript Input Validation Vulnerability in Adobe Reader and Acrobat SQL Injection Vulnerability in OtomiGenX 2.2 Login Page Arbitrary SQL Command Execution in Bible Study Component for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in SMEWeb 1.4b and 1.4f PHP Remote File Inclusion Vulnerabilities in Brim 1.0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in meBiblio 0.4.7 SQL Injection Vulnerability in meBiblio 0.4.7: Remote Code Execution via JID Parameter Arbitrary Code Execution via Unrestricted File Upload in meBiblio 0.4.7 DesktopOnNet 3 Beta Multiple PHP Remote File Inclusion Vulnerabilities Directory Traversal Vulnerability in CMSimple 3.1 Allows Remote File Inclusion and Execution Arbitrary SQL Command Execution in Joomla! Bulletin Board Component (com_joobb) 0.5.9 SQL Injection Vulnerabilities in catalog.php in SMEWeb 1.4b and 1.4f Stack-based buffer overflow in Motion 3.2.10 and earlier allows remote code execution via long request to Motion HTTP Control interface Multiple Integer Overflows in rb_str_buf_append Function in Ruby Multiple Integer Overflows in rb_ary_store Function in Ruby 1.8.x Memory corruption vulnerability in rb_str_format function in Ruby 1.8.x and 1.9.0 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. Directory Traversal Vulnerability in PHP's posix_access Function Directory Traversal Vulnerabilities in PHP 5.2.6 and Earlier: Bypassing Safe_Mode Restrictions SQL Injection Vulnerability in Courier-Authlib Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in yBlog 0.2.2.2 Multiple SQL Injection Vulnerabilities in yBlog 0.2.2.2 Multiple SQL Injection Vulnerabilities in Insanely Simple Blog 0.5 SQL Injection Vulnerability in DCFM Blog 0.9.4 comments.php Directory Traversal Vulnerabilities in ErfurtWiki R1.02b and Earlier Arbitrary SQL Command Execution in Powie pNews 2.08 and 2.10 via Shownews Parameter Arbitrary File Read/Delete Vulnerability in Fujitsu Interstage Management Console Arbitrary Script Injection in PHP Image Gallery's index.php Arbitrary SQL Command Execution Vulnerability in iJoomla News Portal Component for Joomla! Arbitrary Web Script Injection Vulnerability in Telephone Directory 2008 Multiple SQL Injection Vulnerabilities in Telephone Directory 2008 SQL Injection Vulnerability in Realm CMS 2.3 and Earlier: Arbitrary SQL Command Execution Cross-Site Scripting (XSS) Vulnerabilities in Realm CMS 2.3 and Earlier Information Disclosure Vulnerability in Realm CMS 2.3 and Earlier Authentication Bypass Vulnerability in Realm CMS 2.3 and Earlier Arbitrary File Download Vulnerability in BIDIB.ocx 10.9.3.0 Arbitrary Code Execution via DownloadImageFileURL Method in BIDIB.ocx SQL Injection Vulnerability in article.asp in Battle Blog 1.25 Build 4 and Earlier Arbitrary Code Execution via File Overwrite in Flux CMS 1.5.0 and Earlier Arbitrary File Inclusion Vulnerability in ProManager 0.73 Arbitrary SQL Command Execution in ASPilot Pilot Cart 7.3 via pilot.asp Remote File Inclusion Vulnerability in BrowserCRM 5.002.00: Arbitrary PHP Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in BrowserCRM 5.002.00 SQL Injection Vulnerability in JiRo's FAQ Manager eXperience 1.0 SQL Injection Vulnerability in yvComment Component for Joomla! Arbitrary Code Execution Vulnerability in BITiff.ocx 10.9.3.0 Arbitrary Web Script Injection Vulnerability in phpInv 0.8.0 Arbitrary File Inclusion Vulnerability in phpInv 0.8.0 Denial of Service Vulnerability in Exiv2 0.16 via Zero Value in Nikon Lens Information SQL Injection Vulnerability in Rapid Recipe Component 1.6.6 and 1.6.7 for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in WEBalbum 2.0 and Earlier Directory Traversal Vulnerabilities in Galatolo WebManager (GWM) 1.0 SQL Injection Vulnerability in Galatolo WebManager 1.0 and Earlier: Remote Code Execution via view.php SQL Injection Vulnerability in GameQ Component for Joomla! ALFTP 4.1 beta 2 and 5.0 Directory Traversal Vulnerability Stack-based buffer overflows in Novell GroupWise Messenger Client before 2.0.3 HP1 for Windows Denial of Service Vulnerability in Novell GroupWise Messenger (GWIM) Authentication Bypass Vulnerability in Sun Java System Access Manager (AM) 7.1 Denial of Service Vulnerability in Solaris 10 Event Port Implementation Unspecified Denial of Service Vulnerability in e1000g Driver in Sun Solaris 10 and OpenSolaris Unspecified Denial of Service Vulnerability in Sun Solaris and OpenSolaris Buffer Overflow Vulnerability in BrSmRcvAndCheck Function on IBM OS/400 V5R4M0, V5R4M5, and V6R1M0 Integer Signedness Error in IP Multicast Filter in Solaris and OpenSolaris Denial of Service Vulnerability in fetchmail 6.3.8 and Earlier Arbitrary Command Execution in Vim 7.1.314 and Earlier Versions Denial of Service Vulnerability in ClamAV Petite File Parsing Address Misplacement Vulnerability in Opera Browser Cross-Domain Image Reading Vulnerability in Opera before 9.5 Frame Spoofing Vulnerability in Opera 9.5 and Earlier Versions Insufficiently Restrictive Default FileDenyPattern in TYPO3 Arbitrary web script injection vulnerability in TYPO3 extensions Stack-based buffer overflow vulnerability in ppscan function in Netwide Assembler (NASM) 2.02 allows for denial of service and potential code execution Arbitrary Script Injection in Menalto Gallery before 2.2.5 Title: Unspecified Vulnerability in Menalto Gallery Allows Unauthorized Access to Hidden Album Titles Bypassing Sub-Album Permissions in Menalto Gallery before 2.2.5 via ZIP Archive Path Disclosure Vulnerability in Menalto Gallery before 2.2.5 via Remote Address Spoofing Password Bypass Vulnerability in Menalto Gallery before 2.2.5 Integer Overflow Vulnerability in Ruby's Array Functions Integer Overflow Vulnerability in Ruby's Array Functions Uninitialized Memory Disclosure Vulnerability in Linux Kernel Authentication Bypass Vulnerability in Cisco Unified Communications Manager (CUCM) RIS Data Collector Service Unspecified Denial of Service Vulnerabilities in Cisco PIX and ASA Devices Denial of Service Vulnerability in Cisco PIX and ASA 5500 Devices Memory Leak Vulnerability in Cisco ASA 5500 Devices Denial of Service Vulnerability in Cisco ASA 5500 Devices (Bug ID CSCsq19369) Unspecified Remote Authentication Bypass Vulnerability in Cisco ASA 5500 Devices Denial of Service Vulnerability in Cisco IOS 12.3 and 12.4 IPS Arbitrary Code Execution via Unrestricted File Upload in Achievo MCPUK File Editor XSS Vulnerability in Xerox 4110, 4590, and 4595 Copier/Printers' Embedded Web Server Arbitrary Web Script Injection via Obscure Method in vBulletin 3.6.10 and 3.7.1 BiAnno ActiveX Control Buffer Overflow Vulnerability SQL Injection Vulnerability in Gryphon gllcTS2 4.2.4 Login Page Weak Permissions on No-IP Dynamic Update Client (DUC) Registry Key Allow Local Users to Obtain Sensitive Information Denial of Service Vulnerability in Skulltag 0.97d2-RC2 and Earlier Denial of Service Vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0 Kernel Heap Memory Corruption and Denial of Service Vulnerability in Linux Kernel 2.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Glassfish Webadmin Interface Microsoft Word Unordered Lists Memory Corruption Vulnerability Multiple SQL Injection Vulnerabilities in Pooya Site Builder (PSB) 6.0 Arbitrary SQL Command Execution in eFiction 3.0 and 3.4.3 Arbitrary SQL Command Execution in JAMM CMS via index.php Xigla Absolute Control Panel XE 1.0 admin/users.asp Cross-Site Scripting (XSS) Vulnerability Arbitrary SQL Command Execution Vulnerability in Xigla Absolute News Manager XE 3.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xigla Absolute News Manager XE 3.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xigla Absolute Form Processor XE 4.0 Arbitrary SQL Command Execution Vulnerability in Xigla Absolute Banner Manager XE 2.0 Cross-Site Scripting (XSS) Vulnerabilities in Xigla Absolute Banner Manager XE 2.0 SQL Injection Vulnerability in Xigla Absolute Form Processor XE 4.0: Remote Admin SQL Command Execution Arbitrary SQL Command Execution Vulnerability in Xigla Absolute Live Support XE 5.1 Arbitrary Web Script Injection Vulnerability in Xigla Absolute Live Support XE 5.1 SQL Injection Vulnerability in Xigla Absolute Image Gallery XE Xigla Absolute Image Gallery XE Cross-Site Scripting (XSS) Vulnerability Arbitrary SQL Command Execution Vulnerability in Xigla Poll Manager XE Arbitrary Web Script Injection Vulnerability in Xigla Poll Manager XE Remote File Inclusion Vulnerability in Simple Machines phpRaider 1.0.6 and 1.0.7 Arbitrary SQL Command Execution in MycroCMS 0.5 via index.php Node Hierarchy Module Access Bypass Vulnerability Arbitrary PHP Code Execution Vulnerability in Magic Tabs Module for Drupal Arbitrary Code Injection Vulnerability in Taxonomy Image Module for Drupal SQL Injection Vulnerability in CartKeeper CKGold Shopping Cart 2.5 and 2.7 via category_id Parameter in item.php SQL Injection Vulnerability in DT Centrepiece 4.0 search.asp DT Centrepiece 4.0 search.asp Cross-site Scripting (XSS) Vulnerability Ortro 1.3.1 Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in RevokeBB 1.0 RC11 Search System Directory Traversal Vulnerability in GlobalSCAPE CuteFTP Home and Pro 8.2.0 Unencrypted File Size Disclosure Vulnerability in Anubis Encryption Plugin Arbitrary SQL Command Execution in DZOIC Handshakes 3.5 via fname Parameter Directory Traversal Vulnerabilities in OtomiGenX 2.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde Groupware, Groupware Webmail Edition, and Kronolith SMTP Filter Bypass Vulnerability in spamdyke Integer Overflow Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey (ZDI-CAN-349) Buffer Overflow Vulnerability in Firefox 3.0 and 2.0.x OpenDocMan 1.2.5 out.php Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in OpenDocMan 1.2.5 Arbitrary SQL Command Execution in BASIC-CMS via page_id Parameter SQL Injection Vulnerability in MountainGrafix easyTrade 2.x - Remote Code Execution via id Parameter SQL Injection Vulnerability in Kalptaru Infotech Comparison Engine Power Script 1.0: Remote Code Execution via id Parameter SQL Injection Vulnerability in eroCMS 1.4 and Earlier: Remote Code Execution via index.php SQL Injection Vulnerability in ClipShare 3.0.1: Remote Code Execution via tid Parameter in group_posts.php Unspecified Privilege Escalation Vulnerability in Symantec Altiris Notification Server Agent 6.x Arbitrary File Creation and Overwrite Vulnerability in IDM UltraEdit FTP and SFTP Clients Arbitrary SQL Command Execution in FreeCMS 0.2 via index.php Cross-Site Scripting (XSS) Vulnerability in ManageEngine OpUtils 5.0 Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified JavaScript Engine Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution via Privilege Level in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution Vulnerability in mozIJSSubScriptLoader.LoadScript Function Arbitrary File Upload Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Socket Connection Vulnerability in Mozilla Firefox and SeaMonkey on Mac OS X Uninitialized Memory Read Vulnerability in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey SSL Certificate Spoofing Vulnerability Same Origin Policy Bypass via Crafted Windows Shortcut Files Block Reflow Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey NULL pointer dereference vulnerability in Linux kernel before 2.6.25.10 allows for denial of service and potential privilege escalation Arbitrary Local File Inclusion Vulnerability in WallCity-Server Shoutcast Admin Panel 2.0 Cross-Site Scripting (XSS) Vulnerability in WallCity-Server Shoutcast Admin Panel 2.0 Arbitrary SQL Command Execution in MyMarket 1.72 via id Parameter SQL Injection Vulnerability in Oxygen (O2PHP Bulletin Board) 2.0 post.php Allows Remote Code Execution SQL Injection Vulnerability in NiTrO Web Gallery 1.4.3 and Earlier: Remote Code Execution via CatId Parameter Easy-Clanpage 3.0 b1 Directory Traversal Vulnerability SQL Injection Vulnerability in BlognPlus (BURO GUN +) 2.5.4 and Earlier: Remote Code Execution Directory Traversal Vulnerability in Open Azimyt CMS 0.22 and 0.21 Arbitrary File Creation and Overwrite Vulnerability in Glub Tech Secure FTP Arbitrary File Creation and Overwrite Vulnerabilities in 3D-FTP Client 8.01 Arbitrary SQL Command Execution in PHPeasyblog (formerly phpeasynews) 1.13 RC2 and Earlier Unspecified Remote Configuration Change Vulnerability in Xerox WorkCentre 7655, 7665, and 7675 XSS Vulnerability in Xerox WorkCentre Embedded Web Server Integer Overflow in sctp_getsockopt_local_addrs_old Function in Linux Kernel Insecure Permissions Check in Perl 5.10's rmtree Function Stack-based Buffer Overflow in tmsnc UBX Command Handling Buffer Overflow Vulnerability in PHP IMAP Extension Privilege Escalation via Open Scripting Architecture in Apple Mac OS X Cross-Site Scripting (XSS) Vulnerabilities in MailMarshal SMTP's Delegated Spam Management Feature Unrestricted File Upload Vulnerability in aspWebCalendar 2008 Arbitrary File Upload Vulnerability in le.cms 1.4 and Earlier Arbitrary SQL Command Execution in Scientific Image DataBase 0.41 via projects.php Arbitrary SQL Command Execution in IGSuite 3.2.4 via formid Parameter WebCalendar 1.0.4 - PHP Remote File Inclusion Vulnerability in send_reminders.php SQL Injection Vulnerability in CMS-BRD's index.php Allows Remote Code Execution via menuclick Parameter Traindepot 0.1 - Directory Traversal Vulnerability in index.php Traindepot 0.1 Search Module XSS Vulnerability Multiple Directory Traversal Vulnerabilities in Exero CMS 1.0.0 and 1.0.1 XChat Argument Injection Vulnerability via ircs:// URI Arbitrary Web Script Injection Vulnerability in doITLive CMS 2.50 and Earlier Multiple SQL Injection Vulnerabilities in doITLive CMS 2.50 and Earlier SQL Injection Vulnerability in Carscripts Classifieds' index.php Allows Remote Code Execution via cat Parameter SQL Injection Vulnerability in MyBizz-Classifieds index.php SQL Injection Vulnerability in BoatScripts Classifieds' index.php SQL Injection Vulnerability in Maxtrade AIO 1.3.23 Trade Module Arbitrary Code Injection through Search Functionality in MindTouch DekiWiki Arbitrary Code Injection through Cross-Site Scripting (XSS) in TrailScout Drupal Module SQL Injection Vulnerability in TrailScout Module 5.x before 5.x-1.4 for Drupal Buffer Overflow Vulnerabilities in OFF System: Remote Code Execution via HTTP Header Parsing Unspecified Cross-Site Scripting (XSS) Vulnerability in CGIWrap before 4.1 SQL Injection Vulnerability in Easy Webstore 1.2: Remote Code Execution via cat_path Parameter in index.php Multiple PHP Remote File Inclusion Vulnerabilities in Orlando CMS 0.6 Arbitrary Web Script Injection Vulnerability in OwnRS Beta 3 SQL Injection Vulnerability in clanek.php Allows Remote Code Execution via id Parameter Cleartext Password Storage Vulnerability in AlstraSoft AskMe Pro 2.1 and Earlier SQL Injection Vulnerability in WebChamado 1.1 via eml Parameter Unspecified Denial of Service Vulnerability in NetWin SurgeMail IMAP Service SQL Injection Vulnerability in AJSquare AJ Auction Pro Web 2.0: Remote Code Execution via cate_id Parameter Cross-Site Scripting (XSS) Vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and Earlier SQL Injection Vulnerabilities in eLineStudio Site Composer (ESC) 2.6 and Earlier Absolute Path Traversal Vulnerabilities in eLineStudio Site Composer (ESC) 2.6 Information Disclosure in eLineStudio Site Composer (ESC) 2.6 and earlier SQL Injection Vulnerability in Kalptaru Infotech PHP Site Lock 2.0 - Remote Code Execution via articleid Parameter SQL Injection Vulnerability in CaupoShop Classic 1.3: Remote Code Execution via saArticle[ID] Parameter SQL Injection Vulnerability in adclick.php in E-topbiz Viral DX 1 2.07 SQL Injection Vulnerability in DUware DUcalendar 1.0 and Earlier Versions via iEve Parameter in detail.asp SQL Injection Vulnerability in E-topbiz Link ADS 1: Remote Code Execution via linkid Parameter Multiple SQL Injection Vulnerabilities in ShareCMS 0.1 Beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in PEGames Template2.php Arbitrary SQL Command Execution in sHibby sHop 2.2 and Earlier via Default.asp Sensitive Information Exposure in sHibby sHop 2.2 and Earlier Softbiz Jokes & Funny Pics Script index.php SQL Injection Vulnerability SQL Injection Vulnerability in Webdevindo-CMS 1.0.0: Remote Code Execution via hal Parameter in index.php Arbitrary File Inclusion Vulnerability in mUnky 0.0.1 Remote File Inclusion Vulnerability in cmsWorks 2.2 RC4 Open Redirect Vulnerability in rss_getfile.php in Academic Web Tools (AWT YEKTA) 1.4.3.1 and earlier versions Unauthenticated Access to Admin Panel in Benja CMS 0.1 Allows Menu Manipulation Heap-based Buffer Overflow in IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 via Long SRC Property Value Cleartext Password Storage Vulnerability in Relative Real Estate Systems 3.0 and Earlier Unauthenticated File Update Vulnerability in sHibby sHop 2.2 and Earlier Remote File Inclusion Vulnerability in Jamroom 3.3.0 through 3.3.5 Remote File Inclusion Vulnerability in RSS-Aggregator's display.php Allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Open Digital Assets Repository System (ODARS) 1.0.2 Remote File Inclusion Vulnerability in Jamroom 3.3.0 through 3.3.5 Arbitrary Local File Inclusion Vulnerability in FubarForum 1.5 Multiple PHP Remote File Inclusion Vulnerabilities in MiGCMS 2.0.5 Directory Traversal Vulnerability in AceBIT WISE-FTP 4.1.0 and 5.5.8 SQL Injection Vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and Earlier SQL Injection Vulnerability in eMuSOFT emuCMS 0.3: Remote Code Execution via cat_id Parameter Arbitrary SQL Command Execution in EXP Shop Component 1.0 for Joomla! SQL Injection Vulnerability in news.php in AJ Square AJ-HYIP (aka AJ HYIP Acme) Directory Traversal Vulnerability in NCH Software Classic FTP 1.02 for Windows AproxEngine 5.1.0.4 - Directory Traversal Vulnerability in index.php FireAnt 1.3 Directory Traversal Vulnerability SQL Injection Vulnerability in PageSquid CMS 0.3 Beta: Remote Code Execution via index.php Directory Traversal Vulnerability in Hedgehog-CMS 1.21 Allows Remote File Inclusion Unspecified Vulnerability in j00lean-CMS 1.03's page.php with Unknown Impact and Attack Vectors SQL Injection Vulnerability in item.php in PHPAuction 3.2 Multiple SQL Injection Vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.4 SQL Injection Vulnerability in profile.php in AlstraSoft AskMe Pro 2.1 and Earlier SQL Injection Vulnerability in AWBS 2.3.3 through 2.7.1: Remote Code Execution via viewnews Parameter SQL Injection Vulnerability in Conkurent PHPMyCart's shop.php Allows Remote Code Execution via cat Parameter Remote File Inclusion Vulnerability in Mambo 4.6.4 and Earlier with Cache_Lite Package SQL Injection Vulnerability in lista_anexos.php in WebChamado 1.1 Arbitrary SQL Command Execution in WebChamado 1.1 via SQL Injection in admin/index.php Stack-based buffer overflows in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote code execution Clever Copy 3.0 results.php SQL Injection Vulnerability Buffer Overflow in DXTTextOutEffect ActiveX Control Multiple Cross-Site Scripting (XSS) Vulnerabilities in Contenido 4.8.4 Multiple PHP Remote File Inclusion Vulnerabilities in Contenido CMS 4.8.4 Directory Traversal Vulnerability in Devalcms 1.4a Allows Remote File Inclusion SQL Injection Vulnerability in JobSearch3.php in PHP JOBWEBSITE PRO SQL Injection Vulnerabilities in Pre Job Board's JobSearch.php Multiple SQL Injection Vulnerabilities in Pre ADS Portal 2.0 and Earlier SQL Injection Vulnerability in E-SMART CART's productsofcat.asp SQL Injection Vulnerability in Application Dynamics Cartweaver 3.0 - details.php SQL Injection Vulnerability in Gryphon gllcTS2 4.2.4: Remote Code Execution via sort Parameter in listing.php Unauthenticated Remote File Manipulation in EZTechhelp EZCMS 1.2 and Earlier SQL Injection Vulnerability in EZTechhelp EZCMS 1.2 and Earlier: Remote Code Execution via index.php Artegic Dana IRC Client 1.3 Stack-Based Buffer Overflow Vulnerability Lyris ListManager 8.8, 8.95, and 9.3d - Cross-Site Scripting (XSS) Vulnerability in read/search/results Webmatic 2.8 Cross-Site Scripting (XSS) Vulnerability Webmatic 2.8 SQL Injection Vulnerability CA Host-Based Intrusion Prevention System (HIPS) r8 Local Privilege Escalation Vulnerability Integer Overflow Vulnerabilities in Pidgin and Adium MSN Protocol Handler Buffer Overflow Vulnerabilities in Red Hat Directory Server 7.1 Cross-Site Scripting (XSS) Vulnerabilities in Red Hat Directory Server Administration Interface LDAP Search Denial of Service Vulnerability Privilege Escalation and Denial of Service Vulnerability in Linux Kernel Heap-based Buffer Overflow in Red Hat Adminutil 1.1.6: Remote Code Execution Vulnerability Command Injection via Pipe Characters in Mozilla Firefox URI Uninitialized Pointer Vulnerability in Mozilla Firefox 3.0.1 on Mac OS X Heap-based Buffer Overflow in libxslt's RC4 Encryption and Decryption Functions Privilege escalation through symlink manipulation in Postfix Mailbox File Ownership Vulnerability Apache Tomcat Directory Traversal Vulnerability Arbitrary Web Script Injection via FTP URI in Apache Mod_Proxy_FTP Privilege Escalation and Unauthorized Email Sending in HP Linux Imaging and Printing (HPLIP) 1.6.7 Denial of Service Vulnerability in HP Linux Imaging and Printing (HPLIP) 1.6.7 Directory Traversal Vulnerability in Mercurial 1.0.1 patch.py Double Free Vulnerability in IBM Tivoli Directory Server: Remote Code Execution and Denial of Service Double Free Vulnerability in Linux Kernel Utrace Support Arbitrary Code Execution via XSLT Stylesheet in Sun Java System Access Manager and Identity Server Denial of Service Vulnerability in SNMP-DMI Mapper Subagent Daemon Window Location Property Cross-Domain Vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 Cross-Domain Frame Location Manipulation Vulnerability in Microsoft Internet Explorer 7 and 8 Cross-Domain Frame Location Manipulation Vulnerability in Microsoft Internet Explorer 6 and 7 Arbitrary Code Execution via Crafted PDF Document in Poppler 0.8.4 and Earlier Open Redirect Vulnerability in Trac Search Script Allows Phishing Attacks Denial of Service via Crafted ASN.1 BER Datagrams in OpenLDAP 2.2.4 to 2.4.10 Denial of Service Vulnerability in Linux DC++ (linuxdcpp) before 0.707 Out-of-Bounds Read Denial of Service Vulnerability in Linux DC++ (linuxdcpp) Denial of Service Vulnerability in Pidgin 2.4.1 Memory Leak Vulnerability in Pidgin 2.0.0 and Possibly Other Versions via Malformed XML Documents Arbitrary File Download and Denial of Service Vulnerability in Pidgin's UPnP Functionality Race condition vulnerability in checkinstall 1.6.1 and installwatch allows local users to overwrite files and gain unauthorized access. Buffer Overflow in ActiveX Control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in phpMyAdmin Arbitrary File Read Vulnerabilities in CMS Mini 0.2.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyBlog Multiple SQL Injection Vulnerabilities in MyBlog Arbitrary SQL Command Execution in ResearchGuide 0.5 via guide.php SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in JaxUltraBB (JUBB) 2.0 and Earlier Arbitrary File Read Vulnerability in JaxUltraBB 2.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Academic Web Tools (AWT YEKTA) SQL Injection Vulnerability in rating.php in Academic Web Tools (AWT YEKTA) 1.4.3.1 and earlier versions Directory Traversal Vulnerability in Academic Web Tools (AWT YEKTA) 1.4.3.1 and Earlier Versions Session Fixation Vulnerabilities in Academic Web Tools (AWT YEKTA) 1.4.3.1 and Earlier SQL Injection Vulnerability in CiBlog 3.1: Remote Code Execution via links-extern.php SQL Injection Vulnerability in KbLance index.php Allows Remote Code Execution via cat_id Parameter Cross-Site Scripting (XSS) Vulnerabilities in MM Chat 1.5's chathead.php Arbitrary File Inclusion Vulnerability in MM Chat 1.5 Arbitrary Web Script Injection in TinX/cms 1.1 via obj_image.php Multiple Directory Traversal Vulnerabilities in TinX/cms 1.1 PHP Remote File Inclusion Vulnerabilities in Ourvideo CMS 9.5 Arbitrary File Inclusion Vulnerability in Ourvideo CMS 9.5 Arbitrary Web Script Injection in Ourvideo CMS 9.5 Login Page Multiple Cross-Site Scripting (XSS) Vulnerabilities in HomePH Design 2.10 RC2 Remote File Inclusion Vulnerability in HomePH Design 2.10 RC2 Multiple Directory Traversal Vulnerabilities in HomePH Design 2.10 RC2 SQL Injection Vulnerability in Demo4 CMS 01 Beta: Remote Code Execution via id Parameter Arbitrary Web Script Injection Vulnerability in CMReams CMS 1.3.1.1 Beta 2 Arbitrary File Inclusion Vulnerability in CMReams CMS 1.3.1.1 Beta 2 PHP Remote File Inclusion Vulnerabilities in phpDMCA 1.0.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Benja CMS 0.1 Arbitrary PHP File Upload and Execution Vulnerability in Benja CMS 0.1 HoMaP-CMS 0.1 index.php SQL Injection Vulnerability Remote File Inclusion Vulnerability in FacileForms Component 1.4.4 for Mambo and Joomla! Arbitrary Web Script Injection Vulnerability in Adobe RoboHelp Server 6 and 7 Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability Multiple Directory Traversal Vulnerabilities in FOG Forum 0.8.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPEasyData 1.5.4 Multiple SQL Injection Vulnerabilities in PHPEasyData 1.5.4 Multiple SQL Injection Vulnerabilities in Gravity Board X (GBX) 2.0 Beta Arbitrary Web Script Injection Vulnerability in Gravity Board X (GBX) 2.0 Beta Arbitrary Web Script Injection in Aggregation Module for Drupal SQL Injection Vulnerabilities in Aggregation Module for Drupal Access Control Bypass in Aggregation Module for Drupal Arbitrary File Upload and Code Execution Vulnerability in Drupal Aggregation Module Excel Credential Caching Vulnerability Excel Indexing Validation Vulnerability Excel Index Array Vulnerability Excel Record Parsing Vulnerability URI Handler Argument Injection Vulnerability in Microsoft Office Windows Media Encoder Buffer Overrun Vulnerability SPN Vulnerability in Microsoft Windows Media Player and Services ISATAP Vulnerability: Remote Code Execution and Credential Reflection in Microsoft Windows Media Player and Services GDI+ EMF Memory Corruption Vulnerability GDI+ GIF Parsing Vulnerability GDI+ WMF Buffer Overrun Vulnerability GDI+ BMP Integer Overflow Vulnerability Malformed PICT Filter Vulnerability in Microsoft Office 2000, XP, 2003, Converter Pack, and Works 8 Malformed EPS Filter Vulnerability in Microsoft Office 2000, XP, 2003, Converter Pack, and Works 8 Malformed BMP Filter Vulnerability in Microsoft Office 2000, XP, Converter Pack, and Works 8 Microsoft Office PICT Filter Parsing Vulnerability PHP Remote File Inclusion Vulnerabilities in PHPortal 1.2 Beta Arbitrary Web Script Injection Vulnerability in FreeStyle Wiki 3.6.2 and Earlier QNX Momentics Stack-Based Buffer Overflow Vulnerability in phgrafx SQL Injection Vulnerability in plx Ad Trader 3.2: Remote Code Execution via ad.php Arbitrary SQL Command Execution Vulnerability in OneClick CMS (aka Sisplet CMS) 2008-01-24 SQL Injection Vulnerability in VanGogh Web CMS 0.9: Remote Code Execution via get_article.php Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Send-A-Card Extension for TYPO3 Arbitrary Code Injection through Cross-Site Scripting (XSS) in WEC Discussion Forum Extension for TYPO3 SQL Injection Vulnerability in EfesTECH Shop 2.0 Default.asp Arbitrary File Inclusion Vulnerability in Simple PHP Agenda 2.2.4 and Earlier Arbitrary Web Script Injection Vulnerability in phpMyAdmin Extension for TYPO3 Unauthenticated Remote Access to Admin Functions in RSS-aggregator 1.0 SQL Injection Vulnerabilities in RSS-aggregator 1.0 SQL Injection Vulnerability in XchangeBoard 1.70 Final and Earlier: Remote Code Execution via newThread.php Directory Traversal Vulnerability in CMS Little 0.0.1 Allows Remote File Inclusion and Execution Arbitrary Web Script Injection in TYPO3 Address Directory Extension Arbitrary SQL Command Execution in TYPO3 Address Directory Extension Arbitrary SQL Command Execution in TYPO3 DAM Frontend Extension Unspecified Information Disclosure Vulnerability in TYPO3 DAM Frontend Extension Unspecified Broken Access Control Vulnerability in TYPO3 DAM Frontend Extension Unspecified Improper Error Handling Vulnerability in TYPO3 DAM Frontend Extension Arbitrary Code Execution Vulnerability in WEC Discussion Forum Extension for TYPO3 Arbitrary SQL Command Execution in News Calendar Extension for TYPO3 Insufficient Verification of Data Authenticity in Industry Database Extension for TYPO3 Incomplete Blacklist Vulnerability in Packman Extension for TYPO3 Incomplete Blacklist Vulnerability in TYPO3 KB Unpack Extension 0.1.0 and Earlier Unprotected Test Functionality Vulnerability in PDF Generator 2 Extension for TYPO3 Unspecified Information Disclosure Vulnerability in PDF Generator 2 Extension for TYPO3 Denial of Service Vulnerability in PDF Generator 2 Extension for TYPO3 Arbitrary SQL Command Execution in Pinboard Extension for TYPO3 Unspecified Denial of Service Vulnerability in SQL Frontend Extension for TYPO3 Arbitrary SQL Command Execution in SQL Frontend (mh_omsqlio) Extension for TYPO3 Arbitrary SQL Command Execution in Branchenbuch Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Support View Extension Arbitrary SQL Command Execution in Codeon Petition Extension for TYPO3 Insecure Cookie Transmission in Octeth Oempro 3.5.5.1 and Earlier Versions SQL Injection Vulnerabilities in Octeth Oempro 3.5.5.1 and Earlier Versions Cleartext Password Transmission in Octeth Oempro 3.5.5.1 and Earlier Versions Sensitive Information Disclosure in V-webmail 1.5.0 Arbitrary URL Redirection Vulnerability in V-webmail 1.5.0 SQL Injection Vulnerability in V-webmail 1.5.0 Login.php Unspecified Local Resource Reference Vulnerability in RealPlayer Enterprise and RealPlayer 10 Stack-based Buffer Overflow in RealPlayer ActiveX Control Password Leakage Vulnerability in SUSE openSUSE 10.3's sudo Arbitrary URL Usage in Microsoft Crypto API Allows Information Disclosure Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyBB before 1.2.13 Unspecified SQL Injection Vulnerability in MyBB 1.2.13 Directory Traversal Vulnerability in MyBB 1.2.13 inc/class_language.php Insecure Random Number Generator in Simple Machines Forum (SMF) Unspecified Cross-Site Scripting (XSS) Vulnerability in Simple Machines Forum (SMF) 1.1.x and 1.0.x Arbitrary Code Execution via Shell Metacharacter in Vim TAR Plugin Arbitrary Code Execution via Shell Metacharacter in Vim ZIP Plugin Arbitrary Code Execution Vulnerability in Netrw Plugin 125 Use-after-free vulnerability in sys32_ptrace function in Linux kernel before 2.6.25.10 on x86_64 platform Memory Leakage Vulnerability in Opera's CANVAS Element Unspecified Arbitrary Code Execution Vulnerability in Opera on Windows CSRF Vulnerability in myWebland myBloggie 2.1.6 Allows Remote Admin Actions Multiple Input Validation Vulnerabilities in Avaya Message Storage Server (MSS) and Communication Manager Arbitrary Web Script Injection Vulnerability in Commtouch Enterprise Anti-Spam Gateway Arbitrary SQL Command Execution in Brightcode Weblinks Component for Joomla! Arbitrary File Read Vulnerability in Kasseler CMS 1.3.0 Arbitrary Web Script Injection in Kasseler CMS Files Module Arbitrary SQL Command Execution Vulnerability in Xpoze Pro 3.06 Multiple SQL Injection Vulnerabilities in BlognPlus (BURO GUN +) 2.5.5 MySQL and PostgreSQL Editions Arbitrary Code Injection through Taxonomy Autotagger Module in Drupal Taxonomy Autotagger Module SQL Injection Vulnerability Arbitrary PHP Code Execution via Unrestricted File Upload in ImperialBB 2.3.5 and Earlier Information Disclosure Vulnerability in Organic Groups (OG) Module for Drupal Arbitrary Code Injection Vulnerability in Organic Groups (OG) Module for Drupal Privilege Escalation Vulnerability in Outline Designer Module for Drupal Arbitrary Code Injection through Tinytax Module in Drupal Arbitrary Web Script Injection in fuzzylime (cms) Login Form Arbitrary Web Script Injection in Owl Intranet Knowledgebase 0.95 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in vtiger CRM 5.0.4 Insecure Session Cookie Handling in Mantis 1.1.x and 1.2.x Unspecified Remote Unauthorized Operations Vulnerability in Java Management Extensions (JMX) Management Agent Unspecified vulnerabilities in Sun Java Runtime Environment (JRE) allow remote attackers to violate applet security model Unspecified XML Processing Vulnerability in JAX-WS Client and Service in Sun Java Runtime Environment Unspecified Remote URL Access Vulnerability in Sun Java Runtime Environment (JRE) Privilege Escalation Vulnerability in Sun Java Runtime Environment Buffer Overflow Vulnerability in Sun Java Runtime Environment (JRE) Allows Privilege Escalation via Font Processing Privilege Escalation Vulnerability in Sun Java Runtime Environment (JRE) Unspecified vulnerability in Sun Java Runtime Environment allows remote information disclosure Multiple Buffer Overflows in Sun Java Web Start: Privilege Escalation Vulnerability Arbitrary File Creation Vulnerability in Sun Java Web Start Arbitrary File Manipulation Vulnerability in Sun Java Web Start Unspecified vulnerability in Sun Java Web Start allows sensitive information disclosure Insecure Execution of Applets in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15 Format String Vulnerability in Snail Game's dx8render.dll in 5th Street (Hot Step or High Street 5) Arbitrary Code Execution via Unrestricted File Upload in PHPmotion 2.0 and Earlier Arbitrary SQL Command Execution in PHPmotion 2.0 and Earlier via play.php DreamPics Builder index.php SQL Injection Vulnerability Xerox CentreWare Web (CWW) Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerabilities in Xerox CentreWare Web (CWW) Before 4.6.46 SQL Injection Vulnerability in Mole Group Real Estate Script 1.1 and Earlier: Remote Code Execution via listing_id Parameter SQL Injection Vulnerability in Mole Group Hotel Script 1.0: Remote Code Execution via index.php SQL Injection Vulnerability in Mole Group Lastminute Script 4.0 via cid Parameter in index.php Remote Code Execution Vulnerability in Fujitsu Siemens Computers ServerView Web Interface Arbitrary PHP Code Execution via Remote File Inclusion in HIOX Banner Rotator (HBR) 1.3 Arbitrary File Read Vulnerability in Pivot 1.40.5's search.php Multiple SQL Injection Vulnerabilities in Catviz 0.4 beta 1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenCart 0.7.7 SQL Injection Vulnerability in pSys 0.7.0 Alpha's chatbox.php SQL Injection Vulnerability in Joomla! Beamospetition Component Arbitrary SQL Command Execution in BareNuked CMS 1.1.0 Multiple Denial of Service Vulnerabilities in GraphicsMagick Denial of Service Vulnerability in Soldner Secret Wars 33724 and Earlier AShop Deluxe 4.x catalogue.php SQL Injection Vulnerability Denial of Service Vulnerability in Wireshark GSM SMS Dissector Denial of Service Vulnerability in Wireshark PANA and KISMET Dissectors Use-after-free vulnerability in the RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) Denial of Service Vulnerability in Wireshark Syslog Dissector Unspecified Remote Memory Reading Vulnerability in Wireshark RMI Dissector Buffer Overflow Vulnerabilities in Python 2.5.2 and Earlier on 32-bit Platforms Multiple Integer Overflows in Python Versions Before 2.5.2 Integer overflows in PyOS_vsnprintf function in Python 2.5.2 and earlier Buffer Over-read Vulnerability in Wireshark's fragment_add_work Function Buffer Overflow Vulnerabilities in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 Cleartext Storage of Access-Point Keys in WeFi 3.2.1.4.1 Stack-based Buffer Overflow in OllyDBG and ImpREC Allows Arbitrary Code Execution Denial of Service Vulnerability in F5 FirePass 1200 SNMP Daemon Directory Traversal Vulnerability in Neutrino Atomic Edition 0.8.4 Allows Remote File Read and Modification SQL Injection Vulnerability in 4ndvddb 0.91 Module for PHP-Nuke SQL Injection Vulnerability in directory.php in SmartPPC and SmartPPC Pro SQL Injection Vulnerability in Triton CMS Pro via X-Forwarded-For HTTP Header WebBlizzard CMS index.php SQL Injection Vulnerability Stack-based Buffer Overflow in Panda ActiveScan ActiveX Control Arbitrary CAB File Execution Vulnerability in Panda ActiveScan Denial of Service Vulnerability in Nortel SIP Multimedia PC Client 4.x MCS5100 and MCS5200 Unspecified Vulnerability in Novell Client for Windows 4.91 SP4: Potential Memory Overwrite via NWFS.SYS Arbitrary Code Execution via Integer Overflow in Novell eDirectory Unspecified Vulnerabilities in IBM Data ONTAP 7.1 with Unknown Impact and Attack Vectors Cross-Site Scripting (XSS) Vulnerabilities in IBM Maximo 4.1 and 5.2 Stack-based Buffer Overflow in FFmpeg's str_read_packet Function Directory Traversal Vulnerability in DodosMail 2.5 Directory Traversal Vulnerability in Fuzzylime (CMS) 3.01 and 3.01a Directory Traversal Vulnerability in Fuzzylime (CMS) 3.01a and Earlier BoonEx Ray 3.5 PHP Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in BoonEx Dolphin 6.1.2 World Creation Time Disclosure Vulnerability in Empire Server Heap-based Buffer Overflow in Empire Server: Coordinate Normalization Bug Cross-Site Cooking Vulnerability in Apple Safari Safari Referer Leakage Vulnerability Session Fixation Vulnerability in Opera's Handling of Country-Specific Top-Level Domains Cross-Site Cooking Vulnerability in Microsoft Internet Explorer Unspecified Denial of Service Vulnerability in CA Host-Based Intrusion Prevention System (HIPS) r8 Integer Underflow Vulnerability in LGServer Service of CA ARCserve Backup for Laptops and Desktops Denial of Service Vulnerability in Sophos Virus Detection Engine 2.75 on Linux and Unix Arbitrary Code Execution via Unrestricted File Upload in WebXell Editor 0.1.3 Arbitrary Local File Inclusion Vulnerability in Web 2 Business (W2B) phpDatingClub 3.7 Cross-Site Scripting (XSS) Vulnerabilities in ContentNow CMS 1.4.1 Arbitrary Code Execution via Unrestricted File Upload in ContentNow CMS 1.4.1 Stack-based Buffer Overflow in DAP.exe via Long MP3 URL in M3U File Arbitrary PHP Code Execution via Remote File Inclusion in gapicms 9.0.2 Arbitrary Code Execution via Cross-Site Scripting (XSS) in vBulletin Arbitrary SQL Command Execution in Relative Real Estate Systems 3.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Chipmunk Blog Unauthenticated Repository Key Acceptance Vulnerability in zypp-refresh-patches Vulnerability: Weak Password Hashing Algorithm in libxcrypt DreamNews Manager SQL Injection Vulnerability Arbitrary File Inclusion Vulnerability in 1Scripts CodeDB 1.1.1 SQL Injection Vulnerabilities in usercp.php in mForum 0.1a Arbitrary File Inclusion Vulnerability in jSite 1.0 OE Remote Code Execution via SQL Injection in jSite 1.0 OE Directory Traversal Vulnerabilities in pluck 4.5.1: Arbitrary File Inclusion Directory Traversal and Arbitrary File Execution Vulnerability in TWiki before 4.2.3 Out-of-Bounds Stack Access Vulnerability in skeleton.c in yacc CSRF Vulnerability in phpMyAdmin before 2.11.7.1 Arbitrary Code Execution via Script Injection in Mozilla Firefox 3.x Unspecified Denial of Service Vulnerabilities in ReSIProcate before 1.3.4 SQL Injection Vulnerability in Avlc Forum's vlc_forum.php Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pagefusion 1.5 Xomol CMS 1.2 index.php Cross-Site Scripting (XSS) Vulnerability in tellafriend Action Unauthenticated Content Manipulation in AuraCMS 2.2 through 2.2.2 Arbitrary SQL Command Execution in E-topbiz Million Pixels 3 via tops_top.php Arbitrary File Read Vulnerability in Easy-Script Wysi Wiki Wyg 1.0 Arbitrary SQL Command Execution in Yuhhu Pubs Black Cat browse.groups.php Pragyan CMS 2.6.2 Remote File Inclusion Vulnerability Denial of Service Vulnerability in Simple DNS Plus Heap-based Buffer Overflow in Black Ice Document Imaging SDK 10.95 Denial of Service Vulnerability in ReSIProcate 1.3.2 Authentication Bypass Vulnerability in Scripteen Free Image Hosting Script 1.2 and 1.2.1 Multiple SQL Injection Vulnerabilities in Scripteen Free Image Hosting Script 1.2.1 SQL Injection Vulnerability in WebCMS Portal Edition Remote Denial of Service Vulnerability in dnsmasq 2.25 Denial of Service Vulnerability in ClamAV Petite File Parsing Arbitrary File Overwrite Vulnerability in ProjectL 1.001's Save Function Weak Random Number Generator in PowerDNS Recursor Cross-Site Scripting (XSS) Vulnerabilities in Drupal 6.x before 6.3 Insufficient XSS Protection in Drupal's filter_xss_admin Function CSRF Vulnerability in Drupal 5.x and 6.x CSRF Vulnerability in Drupal 6.x Allows Remote Administrative Actions Session Fixation Vulnerability in Drupal 5.x and 6.x SQL Injection Vulnerability in Drupal 6.x Schema API Unspecified Redirect Vulnerability in phpBB before 3.0.1 Joomla! 1.5.4 Vulnerability: Unauthorized Access to Administration Functionality Joomla! File Caching Vulnerability Unspecified Open Redirect Vulnerability in Joomla! before 1.5.4 Unprotected SEF URLs in Joomla! before 1.5.4 pose remote attack vectors Stack-based Buffer Overflow in XAUTHORITY Environment Variable FFmpeg Lavf Demuxer Denial of Service Vulnerability via Crafted GIF File Denial of Service Vulnerability in xine-lib 1.1.15 via Crafted OGG File Arbitrary Code Execution via Unrestricted File Upload in Dotclear 1.2.7.1 and Earlier WordPress XSS Vulnerability in SVN Development Versions OpenSSH 4 and 20070303 Snapshot SELinux Role Escalation Vulnerability Unspecified vulnerability in PropFilePasswordEncoder utility in IBM WebSphere Application Server (WAS) 5.1 before 5.1.1.19 Unspecified Information Disclosure Vulnerability in IBM WebSphere Application Server Arbitrary Web Script Injection Vulnerability in ITechBids 7.0 Gold Multiple SQL Injection Vulnerabilities in ITechBids 7.0 Gold Unrestricted File Upload Vulnerability in PHPizabi 0.848b C1 HFP1 SQL Injection Vulnerability in AlstraSoft Affiliate Network Pro SQL Injection Vulnerability in UltraStats 0.2.136, 0.2.140, and 0.2.142 via players-detail.php PPMate ActiveX Control Heap-Based Buffer Overflow Vulnerability Denial of Service Vulnerabilities in F-Prot Antivirus Scanning Engine Denial of Service Vulnerability in F-Prot Antivirus Scanning Engine Arbitrary SQL Command Execution in phpHoo3 4.3.9, 4.3.10, 4.4.8, and 5.2.6 via viewCat Parameter PDF Distiller Component Vulnerability in BlackBerry Attachment Service Incorrect Size for ldt_desc in Linux Kernel 2.6.25.x Allows Privilege Escalation Uninitialized Filesystem Blocks Vulnerability in Symantec Veritas File System (VxFS) Lenovo System Update SSL Certificate Validation Vulnerability Arctic Issue Tracker 2.0.0 - Remote SQL Injection Vulnerability in index.php Multiple SQL Injection Vulnerabilities in tplSoccerSite 1.0 Stack-based Buffer Overflow in read_article function in newsx 1.6 XenAPI HTTP Interfaces Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in preCMS 1 UserProfil Action Arbitrary Web Script Injection Vulnerability in LunarNight Laboratory WebProxy 1.7.8 and Earlier SQL Injection Vulnerability in Siteframe CMS and Beaumont: Remote Code Execution via id Parameter Apache Connector Buffer Overflow Vulnerability in Oracle WebLogic Server Multiple SQL Injection Vulnerabilities in Zoph before 0.7.0.5 X11 Forwarding Port Hijacking Vulnerability in OpenSSH Multiple Cross-Site Scripting (XSS) Vulnerabilities in Claroline before 1.8.10 Open Redirect Vulnerability in Claroline's redirector.php CSRF Vulnerability in Claroline Allows Password Change without Previous Password Verification IAX2 Protocol Implementation Denial of Service Vulnerability Denial of Service via IAX2 FWDOWNL Request in Asterisk Open Source and Related Products Arbitrary SQL Command Execution in DT Register (com_dtregister) 2.2.3 Component for Joomla! SQL Injection Vulnerability in SoftAcid Hotel Reservation System (HRS) Multi: Remote Code Execution via picture_pic_bv.asp SQL Injection Vulnerability in MojoJobs.cgi Allows Remote Code Execution via cat_a Parameter Privilege Escalation Vulnerability in phpScheduleIt 1.2.0 through 1.2.9 Denial of Service Vulnerability in WinRemotePC (WRPC) Lite 2008 and Full 2008 Insecure SSL Certificate Verification in yum-rhn-plugin in RHEL 5 Concurrent Request Vulnerability in Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 Information Disclosure Vulnerability in Linux Kernel's sound subsystem Sensitive Information Disclosure in JBoss Enterprise Application Platform Kerberos Master Key Disclosure Vulnerability in Red Hat Enterprise IPA and FreeIPA Denial of Service Vulnerability in Linux Kernel's VFS Implementation Integer Overflow Vulnerability in Linux Kernel's DCCP Subsystem Untrusted Search Path Vulnerability in ibutils Package Insecure RPATH Vulnerability in Frysk Packages Untrusted Search Path Vulnerability in libbrlttybba.so in Brltty 3.7.2 Vulnerability: Weak TLS Server Certificates in OpenID Providers Denial of Service Vulnerability in libxml2 2.6.32 and Earlier Integer Overflow in OpenOffice.org Memory Allocator Memory Leak Vulnerabilities in Red Hat Directory Server and Fedora Directory Server Arbitrary Code Execution Vulnerability in Filesys::SmbClientParser Module Remote Denial of Service Vulnerability in SWAT 4 1.1 and Earlier Denial of Service Vulnerability in EMC Dantz Retrospect Backup Client 7.5.116 Weak Hash Algorithm in EMC Dantz Retrospect Backup Server 7.5.508 Allows Password Recovery Cleartext Password Hash Disclosure in EMC Dantz Retrospect Backup Client 7.5.116 Denial of Service Vulnerability in EMC Dantz Retrospect Backup Client 7.5.116 SQL Injection Vulnerability in AproxEngine 5.1.0.4 via id Parameter in index.php Authentication Bypass and Privilege Escalation in EZWebAlbum 1.0 EZWebAlbum download.php Directory Traversal Vulnerability Insecure Ownership and Permissions in Vim's configure.in File XOOPS 2.0.18.1 modules/system/admin.php Cross-site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in XOOPS 2.0.18.1 SQL Injection Vulnerabilities in SocialEngine (SE) before 2.83 Arbitrary PHP Code Execution in SocialEngine (SE) Templates eSyndiCat 1.6 Authentication Bypass Vulnerability Authentication Bypass Vulnerability in AlphAdmin CMS 1.0.5/03 Multiple Cross-Site Scripting (XSS) Vulnerabilities in BilboBlog 0.2.1 Arbitrary SQL Command Execution in BilboBlog 0.2.1 Bypassing Authentication and Gaining Administrative Access in BilboBlog 0.2.1 Information Disclosure Vulnerability in BilboBlog 0.2.1 Arbitrary Web Script Injection in C. Desseno YouTube Blog (ytb) 0.1 SQL Injection Vulnerability in C. Desseno YouTube Blog (ytb) 0.1 SQL Injection Vulnerability in todos.php in C. Desseno YouTube Blog (ytb) 0.1 Arbitrary PHP Code Execution via Remote File Inclusion in C. Desseno YouTube Blog (ytb) 0.1 Arbitrary SQL Command Execution in DigiLeave 1.2 and Earlier via info_book.asp SQL Injection Vulnerability in Pre Survey Poll's default.asp Allows Remote Code Execution via catid Parameter Remote File Inclusion Vulnerability in Adam Scheinberg Flip 3.0 config.php Directory Traversal Vulnerability in Lemon CMS 1.10 Multiple PHP Remote File Inclusion Vulnerabilities in CreaCMS 1.0 Remote Denial of Service Vulnerability in ZDaemon 1.08.07 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Claroline 1.8.10 Cross-Site Scripting (XSS) Vulnerability in Forum Plugin for Geeklog Arbitrary Cookie Bypass Vulnerability in Maian Search 1.1 and Earlier Arbitrary Cookie Bypass Vulnerability in Maian Weblog 4.0 and Earlier Arbitrary Cookie Bypass Vulnerability in Maian Links 3.1 and Earlier Arbitrary Cookie Bypass Vulnerability in Maian Guestbook 3.2 and Earlier Arbitrary Cookie Bypass Vulnerability in Maian Uploader 4.0 and Earlier Arbitrary Recipe_Cookie Bypass Vulnerability in Maian Recipe 1.2 and Earlier Insecure Package Verification in Cygwin Allows Remote Code Execution Insecure Update Verification in PartyGaming PartyPoker Client Program 121/120 CSRF Vulnerability in Moodle Allows Unauthorized Profile Modification and Privilege Escalation Arbitrary Web Script Injection in Moodle Blog Entry Title (CVE-2007-xxxx) Information Disclosure Vulnerability in Moodle 1.6.5 Trac Wiki Engine Cross-Site Scripting (XSS) Vulnerability Unspecified Vulnerability in Links before 2.1 with Only Proxies Enabled Allows for Unknown Impact and Attack Vectors via External Program URLs Arbitrary Web Script Injection in Horde 3.2 and Turba 2.2 Arbitrary Web Script Injection in Mantis' return_dynamic_filters.php Eval Injection Vulnerability in Mantis: Remote Code Execution via adm_config_set.php Directory Traversal Vulnerability in Mantis 1.1.2 and Earlier MyBB 1.2.x XSS Vulnerability in search.php Arbitrary SMTP Command Injection Vulnerability in PunBB before 1.2.19 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PunBB before 1.2.19 PowerDNS Authoritative Server Malformed Query Vulnerability Multiple Buffer Overflow Vulnerabilities in TIBCO Hawk Information Disclosure Vulnerability in Jobbex JobSite Jobbex JobSite Cross-Site Scripting (XSS) Vulnerability in search_result.cfm SQL Injection Vulnerabilities in Jobbex JobSite's search_result.cfm Arbitrary Web Script Injection in MyioSoft EasyPublish 3.0tr SQL Injection Vulnerability in MyioSoft EasyPublish 3.0tr (Trial Edition) Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyioSoft EasyE-Cards 3.5 and 3.10a SQL Injection Vulnerability in MyioSoft EasyE-Cards 3.5 and 3.10a SQL Injection Vulnerability in ShopCart DX's product_detail.php Allows Remote Code Execution SQL Injection Vulnerability in MyioSoft EasyDynamicPages 3.0 Trial Edition (tr) Arbitrary Web Script Injection in MyioSoft EasyDynamicPages 3.0 (tr) Unspecified Remote Code Execution and Denial of Service Vulnerabilities in NetApp Data ONTAP Remote Denial of Service Vulnerability in dnsmasq 2.43 SQL Injection Vulnerability in Atom PhotoBlog 1.0.9.1 and 1.1.5b1 Arbitrary SQL Command Execution in Live Music Plus 1.1.0 via Singer Action Cross-Site Scripting (XSS) Vulnerabilities in Pure Software Lore before 1.7.0 Multiple PHP Remote File Inclusion Vulnerabilities in Newbb Plus Module 0.93 in RunCMS 1.6.1 Arbitrary SQL Command Execution in Camera Life 2.6.2 via sitemap.xml.php Insecure Ownership and Permission Verification in Ingres Database Log File (iivdb.log) Untrusted Search Path Vulnerability in Ingres 2.6, Ingres 2006 Release 1, and Ingres 2006 Release 2 on Linux and HP-UX Arbitrary Script Injection via Crafted URI in SAP NetWeaver Portal SQL Injection Vulnerability in register.php in Owl Intranet Knowledgebase 0.95 and earlier Stack-based Buffer Overflow in IntelliTamper 2.0.7 HTML Parser IntelliTamper 2.07 Stack-Based Buffer Overflow Vulnerability Arbitrary Code Execution via Unrestricted File Upload in Giulio Ganci Wp Downloads Manager Module 0.2 for WordPress Arbitrary File Inclusion Vulnerability in Dokeos E-Learning System 1.8.5 Buffer Overflow in ObjRemoveCtrl ActiveX Control in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3, and 8.0, Client Server Messaging Security (CSM) 3.5 and 3.6, and Worry-Free Business Security (WFBS) 5.0 Directory Traversal Vulnerability in Pixelpost 1.7.1 on Windows with Enabled Register Globals SQL Injection Vulnerability in Pligg CMS Beta 9.9.0 (story.php) Arbitrary Script Injection Vulnerability in Web Wiz Rich Text Editor (RTE) ATutor 1.6.1 pl1 and Earlier: PHP Remote File Inclusion Vulnerability in import.php SQL Injection Vulnerability in ViArt Shop 3.5 and Earlier: Remote Code Execution via products_rss.php SQL Injection Vulnerability in EMC Centera Universal Access (CUA) 4.0_4735.p4 Login Module Arbitrary File Inclusion Vulnerability in TalkBack 2.3.5 and Earlier Versions SQL Injection Vulnerability in Getacoder Clone's search_form.php Allows Remote Code Execution Denial of Service Vulnerability in Grisoft AVG Anti-Virus Files Parsing Engine SQL Injection Vulnerability in Gregarius 0.5.4 and Earlier Versions via ajax.php Authentication Bypass Vulnerability in JamRoom's jrCookie Function Unspecified Vulnerabilities in JamRoom Before 3.4.0 Arbitrary SQL Command Execution in picture.php of phpTest 0.6.3 Arbitrary SQL Command Execution in Fizzmedia 1.51.2 via comment.php Cross-Site Scripting (XSS) Vulnerability in Snark VisualPic 0.3.1 Arbitrary Web Script Injection Vulnerability in MyioSoft EasyBookMarker 4.0 Trial Edition (tr) Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin Macro/AdvancedSearch.py SQL Injection Vulnerability in MojoClassifieds 2.0: Remote Code Execution via cat_a Parameter SQL Injection Vulnerability in MojoAuto.cgi: Remote Code Execution via cat_a Parameter Arbitrary Local File Inclusion Vulnerabilities in Interact Learning Community Environment Interact 2.4.1 Directory Traversal Vulnerability in php Help Agent 1.0 and 1.1 Full SQL Injection Vulnerability in AlstraSoft Video Share Enterprise 4.51 album.php (CVE-2007-4086 variant) SQL Injection Vulnerability in PHPFootball 1.6's show.php Allows Remote Code Execution SQL Injection Vulnerabilities in Def-Blog 1.0.3: Remote Code Execution Stack-based Buffer Overflow in libbecompat Library in Ingres Database Software Arbitrary File Inclusion Vulnerability in Minishowcase Image Gallery 09b136 Cross-Site Scripting (XSS) Vulnerabilities in Web Wiz Forum 9.5 Web Wiz Forum 9.5 Cross-Site Request Forgery (CSRF) Vulnerability Allows Remote Logout SQL Injection Vulnerability in events.cfm in BookMine Cross-Site Scripting (XSS) Vulnerabilities in BookMine's search.cfm Weak World-Readable Permissions in Calacode @Mail 5.41 on Linux Remote Denial of Service Vulnerability in Unreal Tournament 2004 (UT2004) 3369 and Earlier Arbitrary Web Script Injection in Runesoft Cerberus CMS Multiple Cross-Site Scripting (XSS) Vulnerabilities in XRMS CRM 1.99.2 Arbitrary PHP Code Execution via Remote File Inclusion in XRMS CRM 1.99.2 Information Disclosure Vulnerability in XRMS CRM 1.99.2 HIOX Random Ad (HRA) 1.3 - PHP Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerabilities in HIOX Browser Statistics (HBS) 2.0 SQL Injection Vulnerability in mojoClassified.cgi Arbitrary Web Script Injection Vulnerability in MJGuest 6.8 GT Arbitrary File Inclusion Vulnerability in Ricardo Amaral nzFotolog 0.4.1 Arbitrary SQL Command Execution in showcat.php of phpLinkat 0.1 Authentication Bypass Vulnerability in phpLinkat 0.1 Arbitrary Code Execution via Crafted m3u File in CoolPlayer 2.18 Buffer Overflow Vulnerability in Unreal Tournament 3 1.3beta4 and Earlier Denial of Service Vulnerability in Unreal Tournament 3 1.3beta4 and Earlier Unauthenticated Remote Configuration Change Vulnerability in Axesstel AXW-D800 Modem SQL Injection Vulnerability in Comsenz EPShop (aka ECShop) before 3.0 SQL Injection Vulnerability in category.php in Greatclone GC Auction Platinum SQL Injection Vulnerability in SiteAdmin's line2.php Allows Remote Code Execution Directory Traversal Vulnerability in CMScout 2.05 Allows Remote File Inclusion SQL Injection Vulnerability in IceBB 1.0-rc9.3: Remote Code Execution via members.php SQL Injection Vulnerability in fipsCMS Light 2.1 and Earlier (home/index.asp) SQL Injection Vulnerability in TriO 2.1 and Earlier: Remote Code Execution via browse.php Arbitrary SQL Command Execution Vulnerability in ugroups.php of Youtuber Clone SQL Injection Vulnerabilities in Mobius for Mimsy XG 1 1.4.4.1 and Earlier Cross-Site Request Forgery (CSRF) Vulnerabilities in Blackboard Academic Suite 8.0.260.7 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ASP.net Class Libraries in Mono 2.0 and Earlier Authentication Bypass Vulnerability in IBM WebSphere Portal 5.1 through 6.1.0.0 Wildcard Bypass Vulnerability in Condor Authorization Policy Lists Unspecified Remote Administrative Access Vulnerability in Sun Java System Web Server 7.0 Plugin Denial of Service Vulnerability in Solaris Platform Information and Control Library Daemon (picld) Session Fixation Vulnerability in phpFreeChat 1.1: Remote Session Hijacking Buffer Overflow in HTTrack and WinHTTrack URI Processing Buffer Overflow in CoVideoWindow.ocx ActiveX Control 5.0.907.1 Allows Remote Code Execution Privilege Escalation via VBoxDrv.sys IOCTL Buffer Validation Vulnerability Heap-based Buffer Overflow in Vim's mch_expand_wildcards Function Unauthenticated Updates Vulnerability in SpeedBit Download Accelerator Plus (DAP) iTunes Update Authentication Vulnerability LinkedIn Browser Toolbar Remote Code Execution Vulnerability Insecure Update Verification in Notepad++ before 4.8.1 Insecure Update Verification in OpenOffice.org (OOo) Insecure Update Verification in Apple Mac OS X: Exploiting Trojan Horse Updates Unauthenticated Updates Vulnerability in SpeedBit Video Acceleration Vulnerability: Insecure Update Verification in Sun Java Winamp Update Authentication Bypass Vulnerability WinZip Update Authentication Bypass Vulnerability Denial of Service Vulnerability in Ruby Regular Expression Engine Denial of Service Vulnerability in Mozilla Firefox 3.0 and 3.0.1 SQL Injection Vulnerability in phpMyRealty (PMR) 2.0.0: Remote Code Execution via location parameter Arbitrary File Inclusion Vulnerability in LetterIt 2 Denial of Service Vulnerability in F-Prot Antivirus 6.2.1 4252 Scanning Engine Arbitrary Web Script Injection Vulnerability in csphonebook 1.02 Multiple IMAP Connection Requests Denial of Service Vulnerability in MailEnable Professional and Enterprise 3.5.2 Unspecified Privilege Escalation Vulnerability in Sun Solaris Kernel Module User Profile Information Disclosure Vulnerability SQL Injection Vulnerability in eNdonesia Calendar Module Unspecified Vulnerabilities in ImpressCMS 1.0 with Unknown Impact and Attack Vectors Authentication Bypass Vulnerability in JnSHosts PHP Hosting Directory 2.0 Remote File Inclusion Vulnerability in JnSHosts PHP Hosting Directory 2.0 Cross-Site Framing Vulnerability in phpMyAdmin User-assisted Remote Code Injection via Cross-Site Scripting (XSS) in phpMyAdmin setup.php Sensitive Information Exposure in Vtiger CRM 5.0.4 and earlier Arbitrary Command Execution Vulnerability in OpenVPN 2.1-beta14 through 2.1-rc8 WPG Image File Heap Corruption Vulnerability AFD Kernel Overwrite Vulnerability GDI Heap Overflow Vulnerability HIS Command Execution Vulnerability File Format Parsing Vulnerability in Microsoft Excel and Office Applications HTML Element Cross-Domain Vulnerability in Microsoft Internet Explorer 6 and 7 Event Handling Cross-Domain Vulnerability in Microsoft Internet Explorer 6 and 7 Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer 6 and 7 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6 HTML Objects Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 Calendar Object Validation Vulnerability Microsoft Message Queuing Service Remote Code Execution Vulnerability Anzio Web Print Object (WePO) ActiveX Control Buffer Overflow Vulnerability Information Disclosure Vulnerability in Coppermine Photo Gallery (CPG) 1.4.18 and earlier Arbitrary Web Script Injection Vulnerability in Panasonic Network Cameras Arbitrary Script Injection in ScrewTurn Wiki 2.0.29 and 2.0.30 Remote SQL Injection Vulnerability in eStoreAff 0.1 Untrusted Search Path Vulnerability in Citrix MetaFrame Presentation Server Arbitrary File Inclusion Vulnerability in Coppermine Photo Gallery (CPG) 1.4.18 and Earlier Arbitrary SQL Command Execution in PHPAuction GPL Enhanced 2.51 via profile.php Remote Deletion of Property Book Pages in Novell iManager SQL Injection Vulnerability in checkCookie Function in PHPX 3.5.16 SQL Injection Vulnerability in E-topbiz Online Dating 3 1.0: Remote Code Execution via mail_id Parameter SQL Injection Vulnerability in go.php in Scripts24 iPost and iTGP Denial of Service Vulnerability in America's Army 2.8.3.1 and Earlier Denial of Service Vulnerability in RealVNC Windows Client 4.1.2.0 Bypassing Restrictions in 8e6 R3000 Internet Filter 2.0.12.10 via Extra HTTP Host Header SQL Injection Vulnerability in kategori.asp in Pcshey Portal Buffer Overflow in uvc_parse_format function in uvcvideo driver in Linux kernel SQL Injection Vulnerability in MyPHP CMS 0.3.1: Remote Code Execution via pages.php SQL Injection Vulnerability in nBill Component 1.2.0 SP1 for Joomla! Unspecified Vulnerability in Ektron CMS400.NET Workarea Folder Arbitrary Web Script Injection in Drupal Suggested Terms Module Arbitrary Script Injection in Novell Groupwise 7.0.x WebAccess Simple Interface Denial of Service Vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.6 Unrestricted View Access to Collaboration System RSS Feeds in Plain Black WebGUI Unspecified Remote Cookie Manipulation Vulnerability in mask PHP File Manager (mPFM) PolyPager 1.0 rc2 and Earlier XSS Vulnerability PolyPager 1.0 rc2 and Earlier SQL Injection Vulnerability SQL Injection Vulnerability in LiteNews 0.1 (aka 01) and Earlier Versions Authentication Bypass Vulnerability in LiteNews 0.1 (aka 01) Unauthenticated Remote Code Execution in LoveCMS 1.6.2 Arbitrary Script Injection in Crafty Syntax Live Help (CSLH) 2.14.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Softbiz Image Gallery SQL Injection Vulnerability in Kleinanzeigen Module for PHP-Nuke SQL Injection Vulnerability in Book Catalog Module 1.0 for PHP-Nuke VMware VirtualCenter Access Control Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Adobe Presenter 6 and 7 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Adobe Presenter 6 and 7 Sensitive Information Disclosure in JBossEAP Default Configuration Integer Overflow Vulnerabilities in JasPer 1.900.1: Potential Memory Allocation Exploits Race condition in jas_stream_tmpfile function in JasPer 1.900.1 allows local users to cause denial of service Buffer Overflow in JasPer's jas_stream_printf Function Arbitrary File Deletion Vulnerability in rc.sysinit Vulnerability: Lack of Capability Check in sbni_ioctl Function Integer Overflow in sctp_setsockopt_auth_key Function in Linux Kernel Boundary Checking Vulnerability in vDSO Implementation in Linux Kernel Unbounded Error Reporting in Linux Kernel Filesystem Directory Corruption Vulnerability Heap-based Buffer Overflow in xmlParseAttValueComplex Function in libxml2 ICMPv6 Packet Too Big Message MTU Check Vulnerability Privilege Escalation via Stack-based Buffer Overflow in FreeBSD Kernel Insecure SSL Certificate Verification in Pidgin 2.4.3 Format String Vulnerability in Yelp Window_Error Function Denial of Service Vulnerability in Linux Kernel's tmpfs Implementation Off-by-one error in iov_iter_advance function in Linux kernel before 2.6.27-rc2 allows denial of service Unspecified Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Unspecified Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows Unspecified Local Information Disclosure Vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows Arbitrary File Reading Vulnerability in HP Insight Diagnostics Unspecified Denial of Service Vulnerability in NFS / ONCplus on HP-UX B.11.31 Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51 and earlier versions Unspecified Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Stack-based Buffer Overflow in GIT Utilities Buffer Overflow Vulnerability in OpenTTD Server Allows Remote Code Execution Unspecified Denial of Service Vulnerability in Sun Netra T5220 Server with Firmware 7.1.3 Unspecified Denial of Service Vulnerability in pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris Cross-Site Scripting (XSS) Vulnerability in IBM Rational ClearQuest 7.0.1 Login Page Unspecified Remote Code Execution Vulnerabilities in Sun Java Platform Micro Edition Unspecified Remote Code Execution Vulnerabilities in Nokia Series 40 3rd Edition FP1 and Later Devices Unspecified Remote Code Execution Vulnerabilities in Nokia Series 40 3rd Edition Devices (CVE-2008-XXXX) SQL Injection Vulnerability in Discuz! 6.0.1 index.php Allows Remote Code Execution Arbitrary Local File Inclusion Vulnerability in Multiple WSN Applications SQL Injection Vulnerabilities in Battle.net Clan Script 1.5.2 Authentication Bypass Vulnerability in Free Hosting Manager 1.2 and 2.0 Remote Code Execution Vulnerability in Cisco WebEx Meeting Manager Multiple Cross-Site Scripting (XSS) Vulnerabilities in KAPhotoservice Arbitrary Web Script Injection Vulnerability in Kshop Module 2.22 for Xoops SQL Injection Vulnerability in Powergap Shopsystem s03.php Directory Traversal Vulnerability in Chupix CMS 0.1.0 Contact Module Multiple SQL Injection Vulnerabilities in Plogger 3.0 and Earlier Multiple Directory Traversal Vulnerabilities in Dayfox Blog 4 Cross-Site Scripting (XSS) Vulnerabilities in MRBS 1.2.6 Cross-Site Scripting (XSS) Vulnerability in ZoneO-soft freeForum 1.7 Cross-Zone Scripting Vulnerability in Winamp NowPlaying Functionality Absolute Path Traversal Vulnerability in UNAK-CMS 1.5.5 Cross-Site Scripting (XSS) Vulnerabilities in XAMPP 1.6.7 with Enabled register_globals Remote File Inclusion Vulnerability in Africa Be Gone (ABG) 1.0a: Arbitrary PHP Code Execution Denial of Service Vulnerability in Xerox Phaser 8400 via Empty UDP Packet Pligg 9.9.5 index.php Cross-Site Scripting (XSS) Vulnerability Insecure CAPTCHA Implementation Allows Remote Bypass Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pluck 4.5.2 Remote File Inclusion Vulnerability in ezContents CMS Calendar Module Buffer Overflow in TruncateString Function in OpenTTD Buffer Overflow in OpenTTD src/openttd.cpp Denial of Service Vulnerability in HydraIRC 0.3.164 and Earlier Unauthenticated Backup Archive Download Vulnerability in Calacode @Mail 5.41 on Linux Multiple SQL Injection Vulnerabilities in Qsoft K-Links: Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in Qsoft K-Links index.php SQL Injection Vulnerability in Keld PHP-MySQL News Script 0.7.1 Login Page Buffer Overflow in HTML Parser of IntelliTamper 2.07 and 2.08 Beta 4 Allows Remote Code Execution PPPoE Packet Length Check Vulnerability in NetBSD 3.0, 3.1, and 4.0 SQL Injection Vulnerabilities in PozScripts GreenCart PHP Shopping Cart SQL Injection Vulnerability in EZ Store Component for Joomla! Arbitrary Web Script Injection Vulnerability in Chris Bunting Homes 4 Sale's result.php Multiple SQL Injection Vulnerabilities in phsBlog 0.1.1 Arbitrary File Read Vulnerability in moziloCMS 1.10.1 SQL Injection Vulnerabilities in E. Z. Poll 2 Admin Login SQL Injection Vulnerability in Twentyone Degrees Symphony 1.7.01 and Earlier Arbitrary Code Execution via Unrestricted File Upload in Twentyone Degrees Symphony 1.7.01 and Earlier SyzygyCMS 0.3 index.php Directory Traversal Vulnerability SQL Injection Vulnerability in MagicScripts E-Store Kit-1, E-Store Kit-2, E-Store Kit-1 Pro PayPal Edition, and E-Store Kit-2 PayPal Edition in viewdetails.php Remote File Inclusion Vulnerability in txtSQL 2.2 Final Allows Arbitrary PHP Code Execution Harmoni 1.4.7 XSS Vulnerability in Username Field Remote Denial of Service Vulnerability in Skulltag 0.97d2-RC6 Multiple SQL Injection Vulnerabilities in Psipuss 1.0 SQL Injection Vulnerability in image.php in OpenImpro 1.1 Directory Traversal Vulnerability in Gallery 1.5.7 and 1.6-alpha3 via contrib/phpBB2/modules.php Quicksilver Forums 1.4.1 - Remote SQL Injection Vulnerability in index.php Authentication Bypass Vulnerability in PHP-Ring Webring System (aka uPHP_ring_website) 0.9.1 Arbitrary SQL Command Execution in Vacation Rental Script 3.0 Arbitrary SQL Command Execution in ZeeBuddy 2.1 via bannerclick.php Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0 allows for remote offline brute force attacks Heap-based Buffer Overflow in Qbik WinGate IMAP Service Denial of Service Vulnerability in NoticeWare Email Server NG 4.6.3 and Earlier JPEG Image ICC Profile Vulnerability in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 Vulnerability: Inadequate Flushing of Cached Credentials in Apple Mac OS X 10.5 through 10.5.4 Bypassing Password Authentication in Apple Mac OS X Login Window Password Bypass Vulnerability in Apple Mac OS X 10.4.11 Login Window Predictable TCP Initial Sequence Numbers in Apple iPod touch and iPhone Remote Disk Search Denial of Service Vulnerability in Apple Mac OS X 10.5.2 through 10.5.4 Integer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Uninitialized Memory Access Vulnerability in Indeo v5 Codec for QuickTime Integer Overflow Vulnerabilities in Apple Mac OS X SearchKit API Vulnerability in Apple Mac OS X Remote Management and Screen Sharing Allows for Password Guessing Undisclosed File Sharing Vulnerability in Apple Mac OS X 10.5 through 10.5.4 Weak Permissions in Time Machine Backup Log Files in Apple Mac OS X 10.5 through 10.5.4 H.264 Media Vulnerability in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 Persistent JavaScript Injection in Apple Mac OS X Wiki Server Heap-based buffer overflow in CoreGraphics in Apple Safari and iPhone OS allows remote code execution or denial of service via crafted image Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability QuickTime Buffer Overflow Vulnerability Memory Corruption and Code Execution Vulnerability in Apple QuickTime Heap Corruption and Application Crash Vulnerability in Apple QuickTime Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime on Windows Out-of-Bounds Read Vulnerability in Apple QuickTime Vulnerability: Lack of Randomization in mDNSResponder DNS Requests Insecure Application Isolation in Apple iPod touch and iPhone 2.0 through 2.0.2 WebKit Use-After-Free Vulnerability in Apple iPod touch and iPhone Misleading Firewall Security Information Vulnerability in Apple iTunes Stack-based Buffer Overflow in QuickTime Indeo v3.2 Codec Allows Remote Code Execution Integer Overflow in IopfCompleteRequest API in Microsoft Windows and Third-Party Software Uninitialized Variable Vulnerability in Java HMAC Provider on Apple Mac OS X File Access Vulnerability in Java on Apple Mac OS X 10.5.4 and 10.5.5 Heap-based Buffer Overflow in imagetops in CUPS before 1.3.9 CUPS Integer Overflow Vulnerability in WriteProlog Function Arbitrary Code Execution Vulnerability in HPGL Filter in CUPS ColorSync Buffer Overflow Vulnerability in Mac OS X 10.4.11 and 10.5.5 Denial of Service Vulnerability in Finder in Mac OS X 10.5.5 Form Data Caching Vulnerability in Apple Safari Heap-based Buffer Overflow in EAPOLController Plugin for Mac OS X Networking Component Postfix Configuration File Vulnerability in Mac OS X 10.5.5 Buffer Overflow Vulnerability in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 Remote Code Execution Vulnerability in nslookup.exe SQL Injection Vulnerability in categorydetail.php in Article Friendly Standard Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Horde Groupware Webmail Memory Leak Vulnerability in racoon/proposal.c in ipsec-tools Denial of Service Vulnerability in racoon in ipsec-tools Unspecified Vulnerabilities in TikiWiki CMS/Groupware before 2.0 Unspecified Path and PHP Configuration Disclosure Vulnerability in TikiWiki CMS/Groupware Access Restriction Bypass Vulnerability in Ruby Versions 1.8.5 - 1.8.6-p286, 1.8.7-p71, and 1.9-r18423 Denial of Service Vulnerability in WEBrick::HTTPUtils.split_header_value Function Vulnerability: Unsafe Access to Libraries in Ruby's dl Module Buffer Overflow Vulnerability in imageloadfont Function in PHP Buffer Overflow Vulnerability in PHP explode() Function Denial of Service Vulnerability in PHP FastCGI Module Insecure Session Cookie Handling in Drupal Insecure Session Cookie Handling in Gallery before 1.5.9 and 2.x before 2.2.6 Insecure Session Cookie Handling in Squirrelmail 1.4.15 Multiple Cross-Site Scripting (XSS) Vulnerabilities in XRMS Denial of Service Vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 Maxthon Browser 2.0 and Earlier: Remote Code Execution via Long Content-type HTTP Header Multiple Cross-Site Scripting (XSS) Vulnerabilities in Yogurt Social Network Module 3.2 rc1 for XOOPS SQL Injection Vulnerability in ZeeScripts Reviews Opinions Rating Posting Engine Web-Site PHP Script (aka ZeeReviews) SQL Injection Vulnerability in authordetail.php in Article Friendly Pro Insecure Backup Encryption in Acronis True Image Echo Server 9.x on Linux SQL Injection Vulnerability in showcategory.php in PozScripts Classified Ads SQL Injection Vulnerability in browsecats.php in PozScripts Classified Ads Arbitrary SQL Command Execution in PozScripts TubeGuru Video Sharing Script Directory Traversal Vulnerability in Gelato 0.95's imgsize.php Denial of Service Vulnerability in hMailServer 4.4.1 IMAP Server Arbitrary File Inclusion Vulnerability in Freeway before 1.4.2.197 Arbitrary Web Script Injection Vulnerability in Freeway Admin/Search_Links.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in IDevSpot PhpLinkExchange 1.01 Denial of Service Vulnerability in Flagship Industries Ventrilo 3.0.2 and Earlier Joomla! 1.5 through 1.5.5 Reset Token Validation Vulnerability YPN PHP Realty dpage.php SQL Injection Vulnerability Denial of Service Vulnerability in Sun Java System Web Proxy Server 4.0 through 4.0.5 Heap-based Buffer Overflow in EMC Documentum ApplicationXtender Workflow Arbitrary File Upload and Code Execution Vulnerability in EMC Documentum ApplicationXtender Workflow IPv6 NULL Pointer Dereference Denial of Service Vulnerability Heap-based Buffer Overflow in Xen 3.3 Allows Arbitrary Code Execution via flask_op Hypercall Denial of Service Vulnerability in sockethandler.cpp of HAVP 0.88 Unspecified Remote Code Execution Vulnerability in VMware Products Unspecified Remote Code Execution Vulnerability in VMware Products Unspecified Remote Code Execution Vulnerability in VMware Products Unspecified Remote Code Execution Vulnerability in VMware Products Unspecified Remote Code Execution Vulnerability in VMware Products Unspecified Remote Code Execution Vulnerability in VMware Products Denial of Service Vulnerability in VMware Server 1.0.7 Unspecified privilege escalation vulnerability in VMware Workstation, Player, ACE, and Server on Windows Arbitrary File Overwrite Vulnerability in Amarok 1.4.10 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kayako SupportSuite 3.20.02 and Earlier SQL Injection Vulnerability in Kayako SupportSuite 3.20.02 and Earlier: Arbitrary SQL Command Execution in staff/index.php Stack-based buffer overflows in Animation GIF ActiveX Control in JComSoft AniGIF.ocx 1.12 and 2.47 NULL NTLMSSP Authentication Vulnerability in Symantec Veritas Storage Foundation for Windows Masked Edit Control Heap-based Buffer Overflow Vulnerability Stack-based Buffer Overflow in CLogger::WriteFormated Function in EchoVNC Linux SQL Injection Vulnerability in bannerclick.php in ZEEJOBSITE 2.0 Multiple PHP Remote File Inclusion Vulnerabilities in CyBoards PHP Lite 1.21 Directory Traversal Vulnerabilities in dotCMS 1.6.0.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CyBoards PHP Lite 1.21 Directory Traversal Vulnerabilities in CyBoards PHP Lite 1.21 SQL Injection Vulnerability in PHPArcadeScript 4.0: Remote Code Execution via cat Parameter Cross-Site Scripting (XSS) Vulnerabilities in Mambo 4.6.2 and 4.6.5 with Enabled Register_Globals SQL Injection Vulnerability in PHPBasket's product.php Allows Remote Code Execution Cross-site scripting (XSS) vulnerability in AWStats 6.8 awstats.pl Arbitrary Web Script Injection in FlexCMS 2.5 and Earlier Harmoni 1.6.0 CSRF Vulnerability: Unauthorized Administrative Modifications Unauthenticated Information Disclosure in Harmoni before 1.6.0 Multiple SQL Injection Vulnerabilities in cyberBB 0.6 SQL Injection Vulnerability in SFS Affiliate Directory's directory.php Allows Remote Code Execution SQL Injection Vulnerability in DeeEmm CMS (DMCMS) 0.7.4 via page parameter in index.php Remote File Inclusion Vulnerability in DeeEmm CMS (DMCMS) 0.7.4 SQL Injection Vulnerability in fipsCMS 2.1 Forum/neu.asp Directory Traversal Vulnerability in PHPizabi 0.848b C1 HFP3 Arbitrary SQL Command Execution in Papoo CMS 3.7.2 via index.php SQL Injection Vulnerability in trr.php in YourFreeWorld Ad Board Script Arbitrary Code Injection through Cross-Site Scripting (XSS) in MicroWorld Technologies MailScan 5.6.a espatch 1 Directory Traversal Vulnerability in MicroWorld Technologies MailScan 5.6.a espatch 1 Sensitive Information Disclosure in MicroWorld Technologies MailScan 5.6.a espatch 1 Authentication Bypass Vulnerability in MicroWorld Technologies MailScan 5.6.a espatch 1 Arbitrary Code Injection through Cross-Site Scripting (XSS) in Nordicwind Document Management System (NOAH) Denial of Service Vulnerability in Serv-U File Server 7.0.0.1 and Earlier Versions Integer Overflow in VLC Media Player 0.8.6i TTA File Handling Stack-based Buffer Overflow in EO Video 1.36: Remote Code Execution via Malicious .eop File Format String Vulnerability in Ipswitch WS_FTP Home and Professional 2007 Arbitrary Web Script Injection in PHPizabi index.php Cross-Site Request Forgery (CSRF) Vulnerabilities in System Consultants La!Cooda WIZ and SpaceTag LacoodaST Remote Code Execution and File Manipulation Vulnerability in System Consultants La!Cooda WIZ and SpaceTag LacoodaST Session Fixation Vulnerability in SpaceTag LacoodaST 2.1.3 and Earlier: Remote Session Hijacking Arbitrary Web Script Injection Vulnerability in System Consultants La!Cooda WIZ and SpaceTag LacoodaST Arbitrary Web Script Injection Vulnerability in Drupal 5.x and 6.x Cross-Site Scripting (XSS) Vulnerability in Drupal 5.x and 6.x Unrestricted File Upload Vulnerability in Drupal BlogAPI Module Cross-Site Request Forgery (CSRF) Vulnerabilities in Drupal 6.x before 6.4 CSRF Vulnerabilities in Drupal 5.x and 6.x Unspecified Remote Code Execution Vulnerability in Drupal 6.x before 6.4 Denial of Service Vulnerability in neon 0.28.0 through 0.28.2 Unsecured Communication Vulnerability in WordPress 2.6.1 SQL Injection Vulnerability in Active PHP Bookmarks (APB) 1.1.02 and 1.2.06 via id Parameter in view_group.php SQL Injection Vulnerability in YourFreeWorld Banner Management Script SQL Injection Vulnerability in YourFreeWorld URL Rotator Script SQL Injection Vulnerability in tr.php in YourFreeWorld Short URL & URL Tracker Script SQL Injection Vulnerability in tr.php in YourFreeWorld Ad-Exchange Script SQL Injection Vulnerability in YourFreeWorld Programs Rating Script SQL Injection Vulnerability in YourFreeWorld Stylish Text Ads Script SQL Injection Vulnerability in YourFreeWorld Classifieds Script's view.php SQL Injection Vulnerability in tr.php in YourFreeWorld Viral Marketing Script SQL Injection Vulnerability in tr1.php of YourFreeWorld Forced Matrix Script Multiple Cross-Site Scripting (XSS) Vulnerabilities in Lussumo Vanilla 1.1.4 and Earlier CSRF Vulnerability in Vanilla 1.1.4 and Earlier: Unknown Impact and Remote Attack Vectors CSRF Vulnerability in Vanilla 1.1.4 and Earlier Allows Remote Logout Hijacking Denial of Service Vulnerability in VMware Workstation, Player, ACE, and Server SQL Injection Vulnerability in Turnkey PHP Live Helper 2.0.1 and Earlier: Remote Code Execution via onlinestatus_html.php Variable overwrite vulnerability in libsecure.php allows remote attackers to overwrite arbitrary variables and potentially execute code in Turnkey PHP Live Helper 2.0.1 and earlier. Eval Injection Vulnerability in Turnkey PHP Live Helper 2.0.1 and Earlier SQL Injection Vulnerability in Quick Poll Script's code.php Allows Remote Code Execution via id Parameter Denial of Service Vulnerability in llcon 2.1.2 and earlier SQL Injection Vulnerability in phpBazar 2.0.2: Remote Code Execution via adid Parameter Multiple SQL Injection Vulnerabilities in Turnkey Web Tools SunShop Shopping Cart Freeway 1.4.1.171 - PHP Remote File Inclusion Vulnerability in admin/create_order_new.php Multiple Directory Traversal Vulnerabilities in Freeway 1.4.1.171 Arbitrary Script Injection Vulnerability in Pars4u Videosharing 1 SQL Injection Vulnerability in Pars4u Videosharing 1: Remote Code Execution via cat_id Parameter Arbitrary Web Script Injection via vBulletin Private Message Subject Simasy CMS index.php SQL Injection Vulnerability Weak Encryption (ROT-25) in Folder Lock 5.9.5 and Earlier Allows Unauthorized Access to Sensitive Information Fujitsu Web-Based Admin View 2.1.2 Directory Traversal Vulnerability Sensitive Information Disclosure in Avaya SIP Enablement Services Server Remote Management Interface Vulnerability in Avaya SIP Enablement Services Server and Communication Manager Five Star Review Script search/index.php XSS vulnerability Arbitrary SQL Command Execution in Five Star Review Script's recommend.php GMOD GBrowse before 1.69 Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in ACG-PTP 1.0.6 SQL Injection Vulnerabilities in Matterdaddy Market 1.1: Remote Code Execution via index.php Arbitrary SQL Command Execution in BtiTracker and xBtiTracker Multiple SQL Injection Vulnerabilities in MiaCMS 4.6.5 com_content Component Arbitrary Script Injection in PICTURESPRO Photo Cart 3.9 via qtitle Parameter SQL Injection Vulnerability in Web Directory Script 2.0 and Earlier: Remote Code Execution via name Parameter in listing_view.php Multiple SQL Injection Vulnerabilities in PICTURESPRO Photo Cart 3.9 Weak Permissions in Samba 3.2.0: Local Users Can Modify Unix Group Membership XML Entity Explosion Vulnerability in REXML Module Symlink Attack Vulnerability in GPicView 0.1.9 SCTP-AUTH Extension Denial of Service Vulnerability Integer Signedness Error in VLC Media Player 0.8.6i Allows Remote Code Execution Buffer Overflow Vulnerability in Ipswitch WS_FTP Home Client Denial of Service Vulnerability in Swfdec 0.6 Denial of Service Vulnerability in Cisco IOS 12.4 Cisco IOS SIP Memory Leak Vulnerability Unspecified Denial of Service Vulnerability in Cisco IOS and Unified Communications Manager Unspecified Denial of Service Vulnerability in Cisco IOS and Unified Communications Manager Unspecified Denial of Service Vulnerability in Cisco IOS SIP Implementation Logic Error in Cisco IOS Allows Remote Attackers to Read Traffic from Other VPNs Denial of Service Vulnerability in Cisco IOS MPLS Forwarding Infrastructure Denial of Service Vulnerability in Cisco IOS 12.0-12.4 on Cisco 10000, uBR10012, and uBR7200 Series Devices Denial of Service Vulnerability in Cisco IOS 12.0-12.4 on Cisco 10000, uBR10012, and uBR7200 Series Devices Vulnerability: Unauthorized Administrative Access via SNMP in Cisco uBR10012 Series Devices Denial of Service Vulnerability in Cisco IOS 12.0 through 12.4 via Crafted PIM Packet Denial of Service Vulnerability in Cisco IOS 12.0-12.4 on Gigabit Switch Router (GSR) Devices Denial of Service Vulnerability in Cisco IOS 12.2 and 12.4 with NAT SCCP Fragmentation Support Cisco IOS SCCP Fragmentation Denial of Service Vulnerability Denial of Service Vulnerability in Cisco IOS Firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection Denial of Service Vulnerability in Cisco IOS 12.2 and 12.4 with L2TP Mgmt Daemon Process Authentication Bypass Vulnerability in Cisco Unity Bypass of VPN Authentication in Cisco Adaptive Security Appliances (ASA) and PIX Security Appliances Denial of Service Vulnerability in Cisco ASA and PIX Security Appliances Memory Leak Vulnerability in Cisco ASA and PIX Security Appliances Denial of Service Vulnerability in Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 Denial of Service Vulnerability in Cisco Application Control Engine Global Site Selector (GSS) Unauthenticated Remote Root Access Vulnerability in Cisco Security Manager Cisco IOS HTTP Server Cross-Site Scripting (XSS) Vulnerabilities Arbitrary Web Script Injection via MIME Attachment Filename in Horde 3.2.x Cross-site scripting (XSS) vulnerability in Horde and Popoon allows remote script injection via HTML e-mail message Privilege Escalation via pam_krb5 in RHEL 5 and earlier Unspecified User Impersonation Vulnerability in Condor before 7.0.5 Integer Underflows in Real Demuxer of MPlayer 1.0_rc2 and Earlier: Remote Code Execution Vulnerability Stack-based Buffer Overflow in Condor schedd Daemon Unspecified Denial of Service Vulnerability in Condor schedd Daemon Improper Handling of Overlapping Netmasks in Condor Configuration Allows Bypass of Access Restrictions Memory Corruption Vulnerability in i915 Driver Denial of Service Vulnerability in Fedora's utrace Subsystem Privilege Escalation via Insecure File Splicing in Linux Kernel Denial of Service Vulnerability in D-Bus Library (libdbus) Bypassing Same Origin Policy in nsXMLDocument::OnChannelRedirect Function Remote Code Execution via feedWriter in Mozilla Firefox User-assisted remote window movement vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12 NFS RPC Zones Vulnerability in Sun Solaris 10 and OpenSolaris Unspecified Denial of Service Vulnerability in Solaris NFS Module Clear-text Password Storage in Crafty Syntax Live Help (CSLH) 2.14.6 and Earlier Arbitrary Script Injection in Freeway eCommerce 1.4.1.171 via search_link Parameter ASP.NET Request Validation Bypass Vulnerability Cross-Site Scripting (XSS) Vulnerability in ASP.NET with MS07-040 Update Trojan Horse Vulnerability in Red Hat Enterprise Linux OpenSSH Packages SQL Injection Vulnerabilities in Crafty Syntax Live Help (CSLH) 2.14.6 and Earlier Arbitrary Web Script Injection Vulnerability in mysql-lists 1.2 and Earlier Arbitrary Web Script Injection in AN Guestbook (ANG) before 0.7.6 Arbitrary SQL Command Execution in Z-Breaknews 2.0 via single.php Arbitrary Web Script Injection in Civic Website Manager Calendar Controller Accellion File Transfer FTA_7_0_135 Cross-Site Scripting (XSS) Vulnerability in courier/forgot_password.html Multiple Directory Traversal Vulnerabilities in Pluck CMS 4.5.2 on Windows Unspecified Remote Code Execution Vulnerability in IBM Database Add-Ins for Visual Studio Buffer Overflow in IBM DB2 DAS Server Program Stack-based buffer overflow vulnerabilities in IBM DB2 9.1 and 9.5 DB2 Administration Server (DAS) Privilege Escalation Vulnerability Unchanged Ownership of DB2FMP Process in IBM DB2: Unknown Impact and Attack Vectors Cleartext Password Retention Vulnerability in IBM DB2 9.1 Denial of Service Vulnerability in IBM DB2 9.1 Davlin Thickbox Gallery 2: Remote Access to Admin Credentials Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Quickr 8.1 Services for Lotus Domino Multiple SQL Injection Vulnerabilities in phpMyRealty (PMR) 1.0.9 and Earlier Stack-based Buffer Overflow in Trend Micro OfficeScan Server Stack-based Buffer Overflow in GNU Enscript's read_special_escape Function Denial of Service Vulnerability in Trend Micro Network Security Component Heap-based Buffer Overflow Vulnerabilities in Trend Micro Network Security Component Bypassing Access Restrictions and Modifying Firewall Settings in Trend Micro Personal Firewall Service SQL Injection Vulnerability in Interact 2.4.1: Remote Code Execution via email_user_key Parameter CSRF Vulnerability in Interact 2.4.1 Allows Remote Account Hijacking Heap-based Buffer Overflow in sadmind in Sun Solaris 8 and 9: Remote Code Execution Vulnerability Heap-based Buffer Overflow in sadmind in Sun Solaris 8 and 9 Format String Vulnerabilities in UltraISO 9.3.1.2633 and Earlier Versions Filter Evasion Vulnerability in Adobe Flash Player Clipboard Hijacking Vulnerability in Adobe Flash Player 9.0.124.0 and Earlier Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and earlier Covert Communication Channel Vulnerability in Sun Solaris and OpenSolaris Emergency Call Bypass Vulnerability on Apple iPhone 2.0.2 Acoustica Mixcraft Buffer Overflow Vulnerability Stack-based Buffer Overflow in Ultra.OfficeControl ActiveX Control Arbitrary File Download Vulnerability in Ultra.OfficeControl ActiveX Control Arbitrary SQL Command Execution in ZoneMinder 1.23.3 and Earlier ZoneMinder 1.23.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities Command Injection Vulnerability in ZoneMinder 1.23.3 and Earlier Arbitrary File Overwrite Vulnerability in Caudium 1.4.12 Arbitrary Web Script Injection Vulnerability in Blogn (BURO GUN) 1.9.7 and Earlier CSRF Vulnerability in Blogn (BURO GUN) 1.9.7 and Earlier Allows Remote Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in dotProject 2.1.2 SQL Injection Vulnerabilities in dotProject 2.1.2: Remote Code Execution and User Privilege Escalation Arbitrary SQL Command Execution in Mini-NUKE Freehost 2.3 via members.asp Postfix Local Denial of Service Vulnerability Privilege Escalation Vulnerability in FreeBSD Kernel on amd64 Platforms SAML Single Sign-On (SSO) Service Vulnerability: Impersonation via Missing Request Identifier and Recipient Field Buffer overflow vulnerability in VMware Workstation, VMware Player, VMware ACE, and VMware Server allows remote attackers to cause a denial of service or execute arbitrary code via a long string argument in the GuestInfo method. Bitlocker Vulnerability: Unauthorized Access to Pre-Boot Authentication Passwords Pre-boot Authentication Password Exposure in IBM Lenovo Firmware 7CETB5WW 2.05 BIOS Keyboard Buffer Leakage Vulnerability in LILO 22.6.1 and Earlier Pre-boot Authentication Password Exposure in Grub Legacy 0.97 and Earlier Insecure Storage of Pre-Boot Authentication Passwords in DiskCryptor 0.2.6 Vulnerability: Password Exposure in Secu Star DriveCrypt Plus Pack 3.9 Insecure Storage of Pre-Boot Authentication Passwords in TrueCrypt 5.0 Vulnerability: Passwords Stored in BIOS Keyboard Buffer BIOS Keyboard Buffer Leakage Vulnerability HP Firmware 68DTT F.0D BIOS Keyboard Buffer Information Disclosure Vulnerability SIP Username Enumeration Vulnerability in Asterisk and Trixbox PBX Arbitrary Command Execution Vulnerability in GPicView 0.1.9 Sequential Transaction IDs and Constant Source Ports in Ruby DNS Requests Vulnerability CRLF Injection Vulnerability in Mono's Sys.Web Allows HTTP Response Splitting Attacks Arbitrary Command Execution in newsbeuter's open-in-browser Command Multiple Buffer Overflows in Princeton WordNet 3.0: Arbitrary Code Execution Vulnerability Cross-Site Request Forgery (CSRF) Vulnerability in Django 0.91, 0.95, and 0.96 Buffer Overflow Vulnerability in dns2tcp before 0.4.1 Stack-based buffer overflow vulnerability in the proc_do_xprt function in Linux kernel 2.6.26.3 Denial of Service Vulnerability in libclamav in ClamAV before 0.94 Memory leaks in freshclam/manager.c in ClamAV before 0.94 leading to denial of service Unspecified File Descriptor Leak Vulnerabilities in ClamAV Buffer Overflow Vulnerability in NFSd in Linux Kernel Heap-based Buffer Overflow in GNU ed Allows Arbitrary Code Execution Arbitrary Web Script Injection Vulnerability in Ovidentia 6.6.5 SQL Injection Vulnerability in Ovidentia 6.6.5 index.php Remote Code Execution Vulnerability in JustSystems Ichitaro Products Account Recreation and Hijacking Vulnerability in BitlBee before 1.2.2 Cross-Site Scripting (XSS) Vulnerabilities in AWStats Totals 1.0 through 1.14 Arbitrary Code Execution in AWStats Totals 1.0 through 1.14 via sort Parameter CMME 1.12 statistics.php Cross-Site Scripting (XSS) Vulnerabilities Insufficient Access Control in CMME 1.12 and 1.19 Allows Remote Discovery of Sensitive Information CSRF Vulnerability in CMME 1.12 Allows Remote Logout of Admin User Directory Traversal Vulnerabilities in Content Management Made Easy (CMME) 1.12 Symlink Attack Vulnerability in genmsgidx of Tiger 3.2.2 Arbitrary File Overwrite Vulnerability in Honeyd 1.5c Arbitrary File Overwrite Vulnerability in gather-messages.sh in Ampache 3.4.1 Arbitrary File Overwrite Vulnerability in migrate_aliases.sh Local Privilege Escalation Vulnerability in R 2.7.2 via Symlink Attack on Temporary Files Denial of Service Vulnerability in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 Denial of Service Vulnerability in Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 Denial of Service Vulnerability in Wireshark 0.99.6 through 1.0.2 via Crafted Tektronix .rf5 File Arbitrary Web Script Injection Vulnerability in DIC Shop_v50 and Shop_v52 Dreambox DM500C Web Interface Denial of Service Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenDb 1.0.6 CSRF Vulnerability in OpenDb 1.0.6 Allows Password Change via user_admin.php AVTECH PageR Enterprise Directory Traversal Vulnerability Format String Vulnerability in HP TCP/IP Services for OpenVMS 5.x Finger Client Arbitrary Script Injection in BizDirectory 2.04 and Earlier Arbitrary SQL Command Execution Vulnerability in Full PHP Emlak Script SQL Injection Vulnerability in eZoneScripts Living Local 1.1 - Remote Code Execution via listtest.php ACG-PTP 1.0.6 index.php SQL Injection Vulnerability SQL Injection Vulnerability in Words Tag 1.2: Remote Code Execution via Claim Action Arbitrary File Reading Vulnerability in HP TCP/IP Services for OpenVMS 5.x Finger Client Privilege Escalation via Long Command Line in OpenVMS Alpha 8.3 SQL Injection Vulnerability in XRMS Admin/Users/Self-2.php Allows Arbitrary SQL Command Execution and Field Modification Arbitrary Code Execution via Trojan Horse Python File in Emacs 22.1 and 22.2 Memory Page Size Out-of-Bounds Read Vulnerability in Safari for iPhone and iPod Touch SQL Injection Vulnerability in Vastal I-Tech Agent Zone: Remote Code Execution via ann_id Parameter SQL Injection Vulnerability in EsFaq 2.0: Remote Code Execution via idcat Parameter in questions.php SQL Injection Vulnerability in Vastal I-Tech Shaadi Zone 1.0.9: Remote Code Execution via tage Parameter SQL Injection Vulnerability in AlstraSoft Forum Pay Per Post Exchange SQL Injection Vulnerability in Masir Camp E-Shop Module 3.0 and Earlier: Remote Code Execution via ordercode Parameter Denial of Service and Arbitrary Code Execution Vulnerability in Microsoft Organization Chart 2.00 Arbitrary File Download Vulnerability in Microsoft Windows Image Acquisition Logger ActiveX Control Denial of Service Vulnerability in IBM DB2 UDB 8 Denial of Service Vulnerability in IBM DB2 UDB 8.1, 8.2, and 9.1 Denial of Service Vulnerability in IBM DB2 UDB 8 Arbitrary Code Execution Vulnerabilities in Adobe Illustrator CS2 on Macintosh Uninitialized Memory Disclosure in ssmtp's from_format Function MySQL Denial of Service Vulnerability Off-by-one errors in libpng leading to denial of service and potential impact via crafted zTXt chunks Arbitrary SQL Command Execution in MyBB (MyBulletinBoard) Misc.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyBB (aka MyBulletinBoard) before 1.4.1 Unauthenticated Remote Attack Vector in MyBB Moderation.php Arbitrary Script Injection in PunBB Userlist.php (CVE-XXXX-XXXX) Unspecified Remote Account Overwrite and Hijack Vulnerabilities in BitlBee Local Privilege Escalation via Unverified Mountpoint Ownership in pam_mount Heap-based Buffer Overflow in open_man_file Function in gmanedit 0.4.1 Inadequate Security Update Verification in pkcs15-tool Unspecified Confidentiality Vulnerability in Oracle Database SQL*Plus Windows GUI Component Unspecified Remote Code Execution Vulnerability in Oracle OLAP Component Unspecified Integrity Vulnerability in Oracle Portal Component Unspecified vulnerability in Oracle Spatial component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 Unspecified Integrity Vulnerability in Oracle Portal Component Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.1.0.5 Unspecified SQL Injection Vulnerability in Oracle Spatial Component Unspecified vulnerability in Oracle Database Upgrade component allows remote authenticated users to compromise confidentiality and integrity Unspecified Remote Confidentiality Vulnerability in Oracle Secure Backup 10.1.0.1 Unspecified vulnerability in Oracle Database Workspace Manager component Unspecified vulnerability in Oracle Database Workspace Manager component Unspecified vulnerability in Oracle Database Workspace Manager component Unspecified Remote Confidentiality Vulnerability in Oracle E-Business Suite 12.0.4 Unspecified Local Confidentiality Vulnerability in Oracle Discoverer Administrator Component Unspecified Local Confidentiality Vulnerability in Oracle Discoverer Desktop Component Unspecified Confidentiality Vulnerability in Oracle E-Business Suite iSupplier Portal Unspecified vulnerability in Oracle Data Mining component in Oracle Database 10.2.0.3 Unspecified Remote Code Execution Vulnerability in Oracle OLAP Component Unspecified Remote Code Execution Vulnerability in Oracle OLAP Component Unspecified vulnerability in Oracle Data Mining component in Oracle Database 10.2.0.4 Unspecified Remote Integrity Vulnerability in Oracle Applications Framework Unspecified vulnerability in Oracle Database Workspace Manager component allows remote authenticated users to affect confidentiality and integrity Unspecified vulnerability in Oracle Database Change Data Capture component Unspecified vulnerability in Oracle Database Change Data Capture component Unspecified Remote Code Execution Vulnerability in Oracle OLAP Component Unspecified Remote Vulnerability in Oracle iStore Component in Oracle E-Business Suite 12.0.4 Unspecified Remote Code Execution Vulnerability in Oracle OLAP Component Unspecified vulnerability in PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise Portal Unspecified Confidentiality Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Remote Confidentiality Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Local Vulnerability in JDE EnterpriseOne Business Service Server Component Unspecified vulnerability in Oracle Application Express component in Oracle Database 11.1.0.6 Unspecified Remote Vulnerability in Oracle Secure Backup Component Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise Components Unspecified stack-based buffer overflow vulnerability in WebLogic Server Plugins for Apache Unspecified vulnerability in WebLogic Server component in BEA Product Suite 9.1 Unspecified vulnerability in WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 Unspecified Remote Integrity Vulnerability in WebLogic Server Component Unspecified Remote Code Execution Vulnerability in WebLogic Workshop Component Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified vulnerability in Oracle BPEL Process Manager component in Oracle Application Server Unspecified vulnerability in Oracle Streams component in Oracle Database 10.1.0.5 Unspecified Confidentiality Vulnerability in Oracle Collaboration Suite 10.1.2 Unspecified Confidentiality Vulnerability in Oracle Application Server 10.1.2.3 Incomplete Fix for Arbitrary File Overwrite Vulnerability in IBM AIX 5.2.0 through 6.1.1 Formula Parsing Vulnerability in Microsoft Excel and Office Suite Cross-Site Scripting (XSS) via Content-Disposition Header in Microsoft Office XP SP3 Active Directory Memory Allocation Vulnerability Word Memory Corruption Vulnerability in Microsoft Office Word 2000, 2002, and 2004 Word RTF Object Parsing Vulnerability Word Memory Corruption Vulnerability Double Free Vulnerability in Microsoft Office Word and Outlook: Remote Code Execution via Crafted RTF File or Rich Text Email Microsoft Office Word and Outlook Remote Code Execution Vulnerability MSXML DTD Cross-Domain Scripting Vulnerability Microsoft Office Word and Outlook Remote Code Execution Vulnerability Word RTF Object Parsing Vulnerability Access Control Vulnerability in Microsoft Office SharePoint Server 2007 and Microsoft Search Server 2008 MSXML Header Request Vulnerability Virtual Address Descriptor Elevation of Privilege Vulnerability in Microsoft Windows SMB Credential Reflection Vulnerability in Microsoft Windows SMB Buffer Underflow Vulnerability in Microsoft Windows SQL Injection Vulnerability in Spice Classifieds index.php Kyocera FS-118MFP Command Center Directory Traversal Vulnerability Denial of Service Vulnerability in Softalk Mail Server 8.5.1.431 Multiple SQL Injection Vulnerabilities in AJ Square AJ HYIP Acme SQL Injection Vulnerability in AJ Square aj-hyip: Remote Code Execution via artid Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in @Mail 5.42 SQL Injection Vulnerability in eliteCMS 1.0: Remote Code Execution via index.php Arbitrary TCL Code Execution Vulnerability in Novell Forum Heap-based Buffer Overflow in ActiveX Control in FriendlyPPPoE Client 3.0.0.57 Arbitrary Program Execution Vulnerability in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 Arbitrary Registry Value and File Read Vulnerability in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 Smart Survey 1.0 Cross-Site Scripting (XSS) Vulnerability in surveyresults.asp Stack-based Buffer Overflow in SMGSHR.EXE in OpenVMS for Integrity Servers and OpenVMS ALPHA Cross-Site Scripting (XSS) Vulnerabilities in Bluemoon PopnupBLOG Module for XOOPS SQL Injection Vulnerability in Kolifa.net Download Script 1.2: Remote Code Execution via indir.php Arbitrary SQL Command Execution in Million Pixel Ad Script Cross-Site Scripting (XSS) Vulnerability in Matterdaddy Market 1.1's admin/login.php Unspecified Serious Security Vulnerability in Objective Development Sharity 3 before 3.5 Arbitrary Code Execution via XPCNativeWrappers Pollution Arbitrary Code Execution via XPCNativeWrappers Pollution in Mozilla Firefox Arbitrary Code Execution via Script-Handling Objects in Mozilla Firefox, Thunderbird, and SeaMonkey Integer Overflow Vulnerability in MathML Component of Mozilla Firefox, Thunderbird, and SeaMonkey Multiple Unspecified Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution and Denial of Service Vulnerabilities in Mozilla Firefox 3.x before 3.0.2 Multiple Unspecified Vulnerabilities in Mozilla Firefox 3.x before 3.0.2 Stripped BOM Characters Bug: Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey HTML Escaped Low Surrogates Bug in Mozilla Firefox 2.0.0.14 and Earlier Versions Directory Traversal Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey on Linux Directory Traversal Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Uninitialized Memory Read Vulnerability in XBM Decoder Heap-based Buffer Overflow in Mozilla Thunderbird and SeaMonkey Denial of Service Vulnerability in Adobe Acrobat 9 ActiveX Control Multiple SQL Injection Vulnerabilities in phsBlog 0.2 index.php SQL Injection Vulnerability in Zanfi Autodealers CMS AutOnline: Remote Code Execution via pageid Parameter SQL Injection Vulnerability in Zanfi Autodealers CMS AutOnline: Remote Code Execution via id Parameter Arbitrary File Read Vulnerability in D-iscussion Board 3.01 Arbitrary Web Script Injection Vulnerability in Multiple BBS Platforms Denial of Service Vulnerability in LedgerSMB and SQL-Ledger CGI Scripts AR/AP Transaction Report SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in Movable Type (MT) SQL Injection Vulnerability in Stash 1.0.3 with Disabled Magic Quotes GPC Authentication Bypass Vulnerability in Stash 1.0.3 via bsm Cookie SQL Injection Vulnerability in Tasks Plugin in Brim 2.0.0 Cross-site scripting (XSS) vulnerability in Brim 2.0 Bookmarks Plugin SQL Injection Vulnerability in MyioSoft EasyClassifields 3.0 Local Privilege Escalation Vulnerability in Plait before 1.6 Reciprocal Links Manager 1.1 - SQL Injection Vulnerability in index.php Acoustica Beatcraft 1.02 Build 19 Instrument Title Field Buffer Overflow Vulnerability SQL Injection Vulnerability in print.php in myPHPNuke (MPN) before 1.8.8_8rc2 Arbitrary Web Script Injection Vulnerability in myPHPNuke (MPN) print.php SQL Injection Vulnerability in PHP Coupon Script 4.0: Remote Code Execution via index.php SQL Injection Vulnerability in Web Directory Script 1.5.3: Remote Code Execution via index.php SQL Injection Vulnerability in printfeature.php in myPHPNuke (MPN) before 1.8.8_8rc2 SQL Injection Vulnerability in memberstats.php in YourOwnBux 3.1 and 3.2 Beta Multiple SQL Injection Vulnerabilities in Ruby on Rails before 2.1.1 Unspecified Vulnerabilities in Flip4Mac WMV Importer Arbitrary Code Execution Vulnerability in phpMyAdmin 2.11.9.1 Incomplete Fix for Symlink Vulnerability in MySQL 5.0.51a Incomplete Fix for Symlink Manipulation in MySQL CREATE TABLE Vulnerability Lack of Random Source Ports and Transaction IDs in PyDNS Vulnerability: Fixed Source Port and Sequential Transaction IDs in GNU adns 1.4 and Earlier Arbitrary Command Execution Vulnerability in Vim 3.0 through 7.x before 7.2.010 Weak Seed Initialization Vulnerability in Joomla! 1.5 before 1.5.7 Unvalidated URL in Joomla! 1.5 Allows Remote Spam Transmission Open Redirect Vulnerabilities in Joomla! 1.5 before 1.5.7 Variable Injection Vulnerability in Joomla! 1.5 before 1.5.7 WordPress User Password Reset Vulnerability Weak Random Number Generation in PHP 5.2.6 Arbitrary File Overwrite Vulnerability in Tools/faqwiz/move-faqwiz.sh Denial of Service Vulnerability in OpenSSH Signal Handler Buffer Overflow in SQLVDirControl ActiveX Control in Microsoft SQL Server 2000 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.2 and 6.1 with FileServing feature enabled Untrusted Length Value Vulnerability in Linux Kernel SCTP Implementation SMB Validation Denial of Service Vulnerability in srv.sys Information Disclosure Vulnerability in TalkBack 2.3.6 via install/info.php Buffer Overflow Vulnerability in Apple QuickTime 7.5.5 and iTunes 8.0 Denial of Service Vulnerability in Sun Management Center (SunMC) 3.6.1 and 4.0 Unspecified Cross-Site Scripting (XSS) Vulnerability in High Norm Sound Master 2nd 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CA Service Desk and CMDB Multiple Cross-Site Scripting (XSS) Vulnerabilities in FlatPress 0.804 Multiple Cross-Site Scripting (XSS) Vulnerabilities in cpCommerce 1.2.4 Insecure Session Cookie Handling in Joomla! 1.5.8 PHPBB 2.x Search Function PRNG State Leakage Vulnerability Incomplete Fix for DNS Spoofing Vulnerability in PyDNS (python-dns) Denial of Service Vulnerability in Microsoft Internet Explorer 7 and 8 Cisco IOS 12.4 HTTP Administration Component Cross-Site Request Forgery (CSRF) Vulnerabilities Directory Traversal and Arbitrary File Read Vulnerability in Gallery Gallery 2.x Cross-Site Scripting (XSS) Vulnerability via Crafted Flash Animation Unspecified Privilege Escalation Vulnerabilities in Sun Solaris 8-10 Arbitrary Code Execution Vulnerability in ComponentOne VSFlexGrid ActiveX Control Bypassing Web Restriction Filters in D-Link DIR-100 Firmware 1.12 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in phpRealty 0.03 and Earlier Denial of Service Vulnerability in Symbian OS S60 3rd Edition on Nokia E90 Communicator and Nseries N82 Denial of Service Vulnerability in Michael Roth Software Personal FTP Server (PFT) 6.0f PHP-Crawler 0.8 footer_file parameter remote file inclusion vulnerability Remote File Inclusion Vulnerability in TECHNOTE 7's twindow_notice.php Allows Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in OpenSolution Quick.Cms.Lite 2.1 Quick.Cart 3.1 admin.php Cross-Site Scripting (XSS) Vulnerability PHP Remote File Inclusion Vulnerabilities in x10Media x10 Automatic MP3 Script 1.5.5 SQL Injection Vulnerability in E-Php CMS article.php Arbitrary SQL Command Execution in RazorCommerce Shopping Cart's category_search.php ACG-ScriptShop E-Gold Script Shop index.php SQL Injection Vulnerability SQL Injection Vulnerability in Addalink 1.0 Beta 4 and Earlier: Remote Code Execution via user_read_links.php Remote Code Execution and Visit Counter Manipulation Vulnerability in Addalink 1.0 beta 4 and Earlier Arbitrary Web Script Injection via Modified Content-Type in Mailsave Module for Drupal Arbitrary SQL Command Execution in Mailhandler Module for Drupal Arbitrary Script Injection in Greg Holsclaw Link to Us Module for Drupal SQL Injection Vulnerability in picture_category.php in Diesel Joke Site CYASK 3.x Directory Traversal Vulnerability in collect.php Arbitrary Web Script Injection Vulnerability in Drupal Talk Module Unauthenticated Access to Sensitive Information in Drupal Talk Module SQL Injection Vulnerability in living-e webEdition CMS Multiple Directory Traversal Vulnerabilities in EasySite 2.3 Arbitrary SQL Command Execution in CustomCms (CCMS) Gaming Portal 4.0 SQL Injection Vulnerability in groups.php in Vastal I-Tech phpVID 1.1 and 1.2.3 Directory Traversal Vulnerabilities in Zanfi CMS Lite 1.2 Arbitrary SQL Command Execution Vulnerability in Jaw Portal and Zanfi CMS Lite Unspecified Denial of Service Vulnerability in Solaris UFS Module SQL Injection Vulnerability in Assetman 2.5b's search_inv.php Allows Remote Code Execution and Session Fixation Attacks Open Redirect Vulnerability in NooMS 1.1: Phishing Attack via g_site_url Parameter Unspecified Denial of Service Vulnerability in ISC BIND 9.3.5-P2-W1, 9.4.2-P2-W1, and 9.5.0-P2-W1 on Windows Information Disclosure in MemHT Portal 3.9.0 and earlier via cron.php Cleartext Password Exposure in Kolab Groupware Server 1.0.0 Integer Overflow Vulnerability in Avant Browser 11.7 Build 9 and Earlier Unauthenticated Remote Account Manipulation in Easy Photo Gallery 2.1 Arbitrary Web Script Injection Vulnerability in Pro2col Stingray FTS SQL Injection Vulnerability in iScripts EasyIndex detaillist.php Sensitive Information Disclosure in osCommerce 2.2 RC 2a via Invalid dob Parameter SQL Injection Vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x SQL Injection Vulnerability in Cars & Vehicle Script's page.php ProArcadeScript 1.3 SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Dynamic MP3 Lister 2.0.1 SQL Injection Vulnerabilities in Link Bid Script 1.5 SQL Injection Vulnerability in FoT Video Scripti 1.1 Beta: Remote Code Execution via izle.asp SQL Injection Vulnerability in search.php in Pre Real Estate Listings SQL Injection Vulnerability in tr.php in DownlineGoldmine Special Category Addon, Downline Builder Pro, New Addon, and Downline Goldmine Builder Multiple Cross-Site Scripting (XSS) Vulnerabilities in NooMS 1.1 NooMS 1.1 Remote Brute Force Vulnerability in db.php Directory Traversal Vulnerability in Netenberg Fantastico De Luxe Module Arbitrary Web Script Injection in Horde Turba Contact Manager H3 2.2.1 and Earlier Insufficient Access Control in IntegraMOD 1.4.x Allows Remote Backup Download Cross-Site Scripting (XSS) Vulnerability in webCMS Portal Edition's index.php SQL Injection Vulnerability in index.php in webCMS Portal Edition SQL Injection Vulnerability in index.php of webCMS Portal Edition ProActive CMS Directory Traversal Vulnerability Arbitrary Code Execution Vulnerability in TYPO3 Secure Directory Extension Arbitrary File Overwrite and Code Execution Vulnerability in Openswan IPSEC Livetest Tool Symlink Attack Vulnerability in extract-table.pl of Emacspeak 26 and 28 Symlink Attack Vulnerability in pserver_shutdown Function of cman Stack-based Buffer Overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1: Remote Code Execution via Long Username Parameter Denial of Service Vulnerability in pdnsd 1.2.7-par Address Spoofing Vulnerability in Opera Browser Opera before 9.52 Cross-Site Scripting (XSS) Vulnerability Uninitialized Memory Vulnerability in Opera Insecure Padlock Icon and Security Information Dialog in Opera Local File Disclosure Vulnerability in Opera before 9.52 Address Field Spoofing Vulnerability in Opera before 9.52 Heap-based Buffer Overflow in FAAD2's decodeMP4file Function SQL Injection Vulnerability in Gonafish LinksCaffePRO 4.5 index.php SQL Injection Vulnerability in CzarNews 1.20 and Earlier: Remote Code Execution via recook Cookie SQL Injection Vulnerability in SoftAcid HRS city.asp Allows Remote Code Execution SQL Injection Vulnerability in Attachmax Dolphin 2.1.0 and Earlier: Remote Code Execution via Search.php Remote File Inclusion Vulnerability in Attachmax Dolphin 2.1.0 and Earlier Information Disclosure Vulnerability in Attachmax Dolphin 2.1.0 and Earlier Unspecified Vulnerability in OSADS Alliance Database 2.1 with Unknown Impact and Attack Vectors Privilege Escalation via Improper Stripping of Setuid and Setgid Bits in Linux Kernel Integer Signedness Error in QuickLook and Office Viewer Allows Remote Code Execution Root Access Bypass Vulnerability in Mac OS X rlogind Arbitrary Script Dictionary Write Vulnerability in Mac OS X 10.4.11 and 10.5.5 Multiple Short Names Vulnerability in Mac OS X Server 10.4.11 Weblog Access Control Local URL Access Vulnerability in Apple Safari Plug-in Interface Stack-based Buffer Overflow in BOM in Apple Mac OS X before 10.5.6 Integer Overflow Vulnerabilities in Apple Mac OS X Kernel Denial of Service Vulnerability in Apple Mac OS X Kernel Integer Overflow in inet_net_pton API in Apple Mac OS X Memory Corruption and Arbitrary Code Execution Vulnerability in Apple Mac OS X's strptime API Denial of Service Vulnerability in natd in Apple Mac OS X Authentication Bypass Vulnerability in Apple Mac OS X 10.5 before 10.5.6 Denial of Service Vulnerability in Apple Mac OS X UDF Handling Denial of Service Vulnerability in libxml2 2.7.2 via Integer Overflow in xmlBufferResize Integer Overflow in xmlSAX2Characters Function in libxml2 2.7.2 Lowered Encryption Level in Apple iPhone OS and iPod touch OS PPTP VPN Connections Vulnerability Emergency Call Exploit: Bypassing Passcode Lock on Apple iPhone OS and iPod touch Race condition vulnerability in Passcode Lock feature allows attackers to bypass lock and launch arbitrary applications on Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 SMS Message Disclosure Vulnerability in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 HTML TABLE Element Remote Code Execution Vulnerability in Safari for iPhone OS 1.0-2.1 and iPod touch 1.1-2.1 IFRAME Content Display Spoofing Vulnerability in Safari for Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 Arbitrary Phone Call Vulnerability in Safari for Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 Quarantine Feature Incomplete Blacklist Vulnerability in Apple Mac OS X 10.5 Denial of Service Vulnerability in Apple Type Services (ATS) in Mac OS X 10.5 Misidentification Vulnerability in Managed Client Installation on Apple Mac OS X SQL Injection Vulnerability in CJ Ultra Plus 1.0.4 and Earlier: Remote Code Execution via SID Cookie ProFTPD 1.3.1 Cross-Site Request Forgery (CSRF) Vulnerability Directory Traversal Vulnerability in ImageServer of Epic Games Unreal Tournament 3 (UT3) 1.3 Authentication Bypass Vulnerability in Rianxosencabos CMS 0.9 Unauthenticated Remote Administrative Actions in Rianxosencabos CMS 0.9 Denora IRC Stats Server 1.4.1 Denial of Service Vulnerability FTP Command Injection Vulnerability Server Service Path Canonicalization Overflow Vulnerability DataGrid Control Memory Corruption Vulnerability FlexGrid Control Memory Corruption Vulnerability Hierarchical FlexGrid Control Memory Corruption Vulnerability Windows Common AVI Parsing Overflow Vulnerability Charts Control Memory Corruption Vulnerability Parameter Validation Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 HTML Objects Memory Corruption Vulnerability in Microsoft Internet Explorer 7 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 7 HTML Rendering Memory Corruption Vulnerability File Format Parsing Vulnerability in Microsoft Office Excel File Format Parsing Vulnerability in Microsoft Office Excel 2000 SP3 Excel Global Array Memory Corruption Vulnerability Windows Saved Search Memory Freeing Vulnerability Windows Search Parsing Vulnerability VMware VirtualCenter 2.5 Vulnerability: Cleartext Password Display Vulnerability: Privilege Escalation via Indirect Jump in VMware Workstation, Player, Server, and ESX VMWare ESXi 3.5 Directory Traversal Privilege Escalation Vulnerability CRLF Injection Vulnerability in IBM WebSphere Application Server (WAS) 5.1.1.19 and Earlier Versions Open Redirect Vulnerability in IBM WebSphere Application Server (WAS) Allows Phishing Attacks Denial of Service Vulnerability in IBM WebSphere Application Server's Performance Monitoring Infrastructure (PMI) Feature Lack of CRL Override Check in Opera before 9.52 Unspecified Remote Code Execution Vulnerability in Opera on Windows Session Hijacking Vulnerability in IBM Tivoli Netcool/Webtop 2.1 Denial of Service Vulnerability in Microsoft Windows Mobile 6.0 on HTC Wiza 200 and HTC MDA 8125 Devices Default Password Vulnerability in Cisco Linksys WRT350N Firmware 1.0.3.7 Arbitrary File Read Vulnerability in Mercurial before 1.0.2 Memory Leak in lighttpd's http_request_parse Function Allows Remote DoS Denial of Service Vulnerability in Microsoft Internet Authentication Service (IAS) Helper COM Component Denial of Service Vulnerability in ActiveX Control in IIS Remote Password Setting Vulnerability in Microsoft Internet Information Services (IIS) ActiveX Control Denial of Service Vulnerability in Linux Kernel's Splice Subsystem Multiple SQL Injection Vulnerabilities in phpCollab 2.5 rc3, 2.4, and Earlier Arbitrary Command Execution via SSL_CLIENT_CERT in phpCollab 2.5 rc3 and Earlier Static Code Injection Vulnerability in phpCollab 2.5 rc3 and Earlier: Remote Code Execution via installation/setup.php Buffer Overflow Vulnerability in enscript before 1.6.4 with Unknown Impact and Attack Vectors Race condition in do_setlk function in Linux kernel before 2.6.26 allows local users to cause denial of service via interrupted RPC call leading to a stray FL_POSIX lock Apache Tomcat POST Content Leakage Vulnerability Integer overflow leading to heap-based buffer overflow in netsnmp_create_subtree_cache function Denial of Service Vulnerability in WEBrick in Ruby 1.8.1 and 1.8.5 Default Configuration Vulnerability in D-Bus Allows Local Users to Bypass Access Restrictions Remote Authentication Bypass Vulnerability in OpenGroup Pegasus 2.7.0 Arbitrary Memory Read and Denial of Service Vulnerability in Samba 3.0.29 through 3.2.4 Unlogged Failed Authentication Attempts in OpenGroup Pegasus 2.7.0 Integer overflows in glib/gbase64.c leading to arbitrary code execution Arbitrary Command Execution in Observer 0.3.2.1 and Earlier Authentication Bypass and Arbitrary File Access in Libra File Manager 1.18 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenNMS before 1.5.94 Remote Code Execution Vulnerability in FlashGet FTP 1.9 via Buffer Overflow RealFlex Technologies Ltd. RealWin Server 2.0 FC_INFOTAG/SET_CONTROL Packet Buffer Overflow Vulnerability Denial of Service Vulnerability in Windows Explorer via Crafted .ZIP File Denial of Service Vulnerability in Mozilla Firefox 3.0.3 Inconsistent Content-Type Header Vulnerability in ViewVC 1.0.5 Cross-Site Scripting (XSS) Vulnerability in phpMyAdmin Denial of Service Vulnerability in GDI+ Handling of Crafted .ico Files SQL Injection Vulnerability in EasyRealtorPRO 2008's site_search.php OpenEngine 2.0 Beta4 and Earlier: PHP Remote File Inclusion Vulnerability in openengine.php LanSuite 3.3.2 - Directory Traversal Vulnerability in index.php Arbitrary File Inclusion Vulnerability in phpOCS 0.1 beta3 and Earlier SQL Injection Vulnerability in showjavatopic Function in PHP infoBoard V.7 Plus Arbitrary Web Script Injection Vulnerability in PHP infoBoard V.7 Plus Authentication Bypass Vulnerability in PHP infoBoard V.7 Plus SQL Injection Vulnerability in Atomic Photo Album (APA) 1.1.0pre4: Remote Code Execution via apa_album_ID Parameter Arbitrary Web Script Injection Vulnerability in Atomic Photo Album (APA) 1.1.0pre4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bitweaver 2.0.2 SQL Injection Vulnerability in Brilliant Gallery Checklist Save Function Unspecified Privilege Escalation Vulnerability in Symantec Veritas NetBackup Server and NetBackup Enterprise Server Denial of Service Vulnerability in Google Chrome 0.2.149.29 and 0.2.149.30 Authentication Bypass Vulnerability in MyBlog 0.9.8 and Earlier Arbitrary File Overwrite and Creation Vulnerability in NuMedia Soft NMS DVD Burning SDK Activex Arbitrary File Manipulation and Remote Code Execution in Chilkat XML ChilkatUtil.CkData.1 ActiveX Control SQL Injection Vulnerability in cat.php in 6rbScript: Remote Code Execution via CatID Parameter SQL Injection Vulnerability in WebPortal CMS 0.7.4 and Earlier: Remote Code Execution via download.php TalkBack 2.3.6 and 2.3.6.4 Directory Traversal Vulnerability Arbitrary SQL Command Execution in Powie pNews 2.03 via newskom.php SQL Injection Vulnerability in photo.php in PHPortfolio Arbitrary Web Script Injection in s0nic Paranews 3.4 SQL Injection Vulnerability in vbLOGIX Tutorial Script 1.0 and Earlier: Remote Code Execution via cat_id Parameter Arbitrary File Inclusion Vulnerability in phpSmartCom 0.2 SQL Injection Vulnerability in phpSmartCom 0.2: Remote Code Execution via viewprofile.php SQL Injection Vulnerability in link.php in Linkarity SQL Injection Vulnerability in NetArt Media iBoutique 4.0 Products Module Arbitrary SQL Command Execution Vulnerability in Powie PSCRIPT Forum Multiple SQL Injection Vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 SQL Injection Vulnerability in Powie pLink 2.07's linkto.php Allows Remote Code Execution Unspecified Directory Traversal Vulnerability in SPAW Editor PHP Edition URL Pattern Comparison Vulnerability in lighttpd Case-Sensitive Comparison Vulnerability in mod_userdir of Lighttpd PowerPortal 2.0.13 Directory Traversal Vulnerability Denial of Service Vulnerability in DESlock+ Virtual Token Driver Arbitrary Code Execution and Denial of Service Vulnerability in DESlock+ 3.2.7 SQL Injection Vulnerability in ParsaWeb CMS Default.aspx Cross-site scripting (XSS) vulnerability in Siteman 1.1.11 and earlier in search.php Arbitrary Code Execution via Unrestricted File Upload in Camera Life 2.6.2b4 Weak Encryption Key Size in Java 1.5 on Apple Mac OS X 10.5.4 and 10.5.5 SQL Injection Vulnerability in Availscript Photo Album's pics.php Allows Remote Code Execution via sid Parameter Cross-Site Scripting (XSS) Vulnerabilities in Availscript Photo Album SQL Injection Vulnerability in AvailScript Article Script's articles.php Allows Remote Code Execution via aIDS Parameter AvailScript Article Script - Cross-Site Scripting (XSS) Vulnerability in articles.php SQL Injection Vulnerability in AvailScript Job Portal Script SQL Injection Vulnerability in CMS Buzz: Remote Code Execution via playgame Action SQL Injection Vulnerability in Availscript Classmate Script's viewprofile.php SQL Injection Vulnerability in Live TV Script's index.php Allows Remote Code Execution via mid Parameter Arbitrary SQL Command Execution in Creative Mind Creator CMS 5.0 via index.asp SQL Injection Vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3.0 and Earlier via id Parameter in report.php Arbitrary Web Script Injection Vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3.0 and Earlier Denial of Service Vulnerability in Samsung DVR SHR2040 Web Interface Denial of Service Vulnerability in Microsoft Internet Explorer 7 Denial of Service Vulnerability in Konqueror 3.5.9 via URL-encoded Invalid Characters Stack-based buffer overflow in Agranet-Emweb embedded management web server in Alcatel OmniSwitch devices Stack-based buffer overflow vulnerabilities in MGI Software LPViewer ActiveX Control (LPControl.dll) Arbitrary Program Execution Vulnerability in Husdawg, LLC Systems Requirements Lab 3 Arbitrary Code Execution Vulnerability in Simba MDrmSap ActiveX Control Arbitrary Code Execution Vulnerability in Symantec AppStream Client Arbitrary File Download and Execution Vulnerability in Symantec AppStream and Workspace Streaming Cleartext Configuration Data Leakage in Cisco Linksys WVC54GC Wireless Video Camera Stack-based Buffer Overflow in NetCamPlayerWeb11gv2 ActiveX Control Simultaneous Identical Outbound DNS Queries Vulnerability in djbdns 1.05 Arbitrary Web Script Injection Vulnerability in VeriSign Kontiki Delivery Management System (DMS) 5.0 and Earlier Untrusted Search Path Vulnerabilities in Portage: Arbitrary Code Execution Buffer Overflow Vulnerabilities in ndiswrapper Module 1.53 for Linux Kernel 2.6 Safer Networking FileAlyzer Stack-Based Buffer Overflow Vulnerability Directory Traversal Vulnerability in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 Denial of Service Vulnerability in CA ARCserve Backup Tape Engine Service Unspecified Denial of Service Vulnerability in CA ARCserve Backup Unspecified Denial of Service Vulnerability in CA ARCserve Backup Unrestricted ActionScript FileReference API Vulnerability in Adobe Flash Player Buffer Overflow Vulnerabilities in Trend Micro OfficeScan 8.0 SP1 and 8.0 SP1 Patch 1 Denial of Service Vulnerability in Trend Micro OfficeScan 8.0 SP1 IPv6 Neighbor Discovery Protocol (NDP) Implementation Vulnerability on IBM zSeries Servers Unrestricted Write Access Vulnerability in Xen 3.0.3 Symlink Attack Vulnerability in Debian Patch for Sabre (xsabre) 0.2.4b Denial of Service Vulnerability in XRunSabre (aka xsabre) 0.2.4b Arbitrary Script Injection in MediaWiki 1.13.1 and Earlier Versions Denial of Service Vulnerability in libxml2 2.7.0 and 2.7.1 Improper Function Invocation in VMI Write LDT Entry Function Arbitrary Web Script Injection Vulnerability in HP System Management Homepage (SMH) Unspecified Remote Information Disclosure Vulnerability in HP Systems Insight Manager (SIM) Unspecified Local Unauthorized Access Vulnerability in HP System Management Homepage (SMH) Privilege Escalation Vulnerability in AdvFS showfile Command in HP Tru64 UNIX 5.1B-3 and 5.1B-4 Remote Code Execution Vulnerability in HP Service Manager (HPSM) before 7.01.71 Unspecified Denial of Service Vulnerability in HP-UX Kernel Unspecified Denial of Service Vulnerability in HP-UX DCE Directory Traversal Vulnerability in HP JetDirect Web Administration Interface Multiple stack-based buffer overflows in DZIP32.DLL and DZIPS32.DLL in DynaZip Max and DynaZip Max Secure MetaGauge 1.0.0.17 Directory Traversal Vulnerability Arbitrary SQL Command Execution in Ovidentia 6.6.5 via index.php Cross-Site Scripting (XSS) Vulnerability in GooCMS 1.02 index.php Directory Traversal Vulnerability in Phlatline's Personal Information Manager (pPIM) 1.0 Allows Arbitrary File Deletion Arbitrary Web Script Injection in Phlatline's Personal Information Manager (pPIM) 1.0 via events.php Unauthenticated Password Change Vulnerability in Phlatline's Personal Information Manager (pPIM) 1.0 and Earlier Arbitrary Code Execution via Unrestricted File Upload in Phlatline's pPIM 1.0 and Earlier Denial of Service Vulnerability in SOURCENEXT Virus Security SQL Injection Vulnerability in IceBB 1.0-rc9.3 and Earlier: Remote Code Execution via index.php Arbitrary Web Script Injection Vulnerability in RMSOFT MiniShop Module 1.0 for Xoops SQL Injection Vulnerability in RMSOFT MiniShop Module 1.0 for Xoops Stack-based Buffer Overflow in uTorrent and BitTorrent Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in RMSOFT Downloads Plus Module for Xoops Arbitrary SQL Command Execution in bBlog 0.7.6 via bblog_plugins/builtin.help.php Directory Traversal Vulnerability in Bugzilla's importxml.pl Arbitrary Script Injection in Datafeed Studio 1.6.2 search.php Remote File Inclusion Vulnerability in MartinWood Datafeed Studio Arbitrary File Overwrite Vulnerability in to-upgrade Plugin of Feta 1.4.16 Denial of Service Vulnerability in Marvell Driver for Linksys WAP4400N Wi-Fi Access Point Denial of Service and Remote Code Execution Vulnerability in Cisco Unified IP Phone 7960G and 7940G SCTP-AUTH Extension Identifier Index Bounds Verification Vulnerability Arbitrary Web Script Injection Vulnerability in Nucleus EUC-JP 3.31 SP1 and Earlier Cross-Site Scripting (XSS) Vulnerability in Positive Software H-Sphere WebShell 4.3.10 CSRF Vulnerability in Positive Software H-Sphere WebShell 4.3.10 Allows Unauthorized Administrative Actions Remote Code Execution Vulnerability in mIRC 6.34 via Long Hostname in PRIVMSG Message XAMPP for Windows 1.6.8 adodb.php Cross-Site Scripting (XSS) Vulnerability Arbitrary Code Execution Vulnerability in ESET System Analyzer Tool Buffer Overflow Vulnerability in Cambridge Computer Corporation vxFtpSrv 2.0.3 Arbitrary File Manipulation and Remote Code Execution in GdPicture Imaging ActiveX Controls Directory Traversal Vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 Directory Traversal Vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 and Earlier Cross-site scripting (XSS) vulnerability in MySQL command-line client with enabled --html option Arbitrary SQL Command Execution in MemHT Portal 3.9.0 and Earlier SQL Injection Vulnerability in E-Php B2B Trading Marketplace Script's listings.php Allows Remote Code Execution SQL Injection Vulnerability in pick_users.php in eXtrovert Thyme 1.3 SQL Injection Vulnerability in Vastal I-Tech MMORPG Zone's game.php Allows Remote Code Execution SQL Injection Vulnerability in Vastal I-Tech Dating Zone's advanced_search_results.php SQL Injection Vulnerability in Vastal I-Tech Visa Zone: Remote Code Execution via news_id Parameter SQL Injection Vulnerability in Vastal I-Tech Jobs Zone: Remote Code Execution via view_news.php SQL Injection Vulnerability in Vastal I-Tech Mag Zone's view_mags.php Allows Remote Code Execution SQL Injection Vulnerability in Vastal I-Tech DVD Zone's view_mags.php Allows Remote Code Execution SQL Injection Vulnerability in Vastal I-Tech Cosmetics Zone: Remote Code Execution via cat_id Parameter SQL Injection Vulnerability in show_series_ink.php in Vastal I-Tech Toner Cart SQL Injection Vulnerability in Vastal I-Tech Share Zone's view_news.php Allows Remote Code Execution SQL Injection Vulnerability in Vastal I-Tech Freelance Zone's view_cresume.php Numark CUE 5.0 rev2 Stack-Based Buffer Overflow Vulnerability Directory Traversal Vulnerability in DWF Viewer ActiveX Control (AdView.dll 9.0.0.96) Arbitrary Code Execution Vulnerability in LiveUpdate ActiveX Control Heap-based Buffer Overflow Vulnerabilities in Adobe Flash CS3 Professional and Flash MX 2004 Arbitrary File Overwrite Vulnerability in FreeRADIUS-DialupAdmin Local Privilege Escalation Vulnerability in iBackup 2.27 Arbitrary File Overwrite Vulnerability in Sympa 5.3.4 Symlink Attack Vulnerability in alert.d/test.alert in mon 0.99.2 Multiple Integer Overflows in Novell eDirectory 8.8 and 8.7.3.10 ftf1 Allow Remote Code Execution Remote Code Execution Vulnerability in Novell eDirectory 8.8 and 8.7.3 Remote Code Execution Vulnerability in Novell eDirectory 8.x Redmine 0.7.2 XSS Vulnerability XML Parser Denial of Service Vulnerability Arbitrary File Inclusion Vulnerability in Crux Gallery 1.32 and Earlier Remote Code Execution Vulnerability in Crux Gallery 1.32 and Earlier ICAP Patience Page Cross-Site Scripting (XSS) Vulnerability in Blue Coat Security Gateway OS Arbitrary File Inclusion Vulnerability in SAC.php (SACphp) in Yerba 6.3 and Earlier SQL Injection Vulnerability in Atarone CMS 1.2.0: Remote Code Execution via ap-save.php Cross-site scripting (XSS) vulnerability in Atarone CMS 1.2.0 in ap-pages.php Directory Traversal Vulnerability in Atarone CMS 1.2.0 Arbitrary File Inclusion Vulnerability in phpAbook 0.8.8b and Earlier Vulnerability: Plaintext Storage of S/MIME Drafts in Apple Mail.app Arbitrary SQL Command Execution via usNick Cookie in YourOwnBux 4.0 Arbitrary File Upload Vulnerability in Microsoft PicturePusher ActiveX Control SQL Injection Vulnerability in TorrentTrader Classic 1.08 and Earlier Versions SQL Injection Vulnerability in PHP Auto Dealer 2.7 - Remote Code Execution via view_cat.php SQL Injection Vulnerability in PHP Realtor 1.5: Remote Code Execution via view_cat.php SQL Injection Vulnerability in Built2Go Real Estate Listings 1.5 - event_detail.php SQL Injection Vulnerability in PHP Autos 2.9.1: Remote Code Execution via catid Parameter Directory Traversal Vulnerabilities in PHP Web Explorer 0.99b and Earlier Denial of Service Vulnerability in Serv-U 7.0.0.1 through 7.3 Directory Traversal Vulnerability in Serv-U FTP Server 7.0.0.1 - 7.3 Multiple PHP Remote File Inclusion Vulnerabilities in DataFeedFile (DFF) PHP Framework API Clickjacking Vulnerability in Adobe Flash Player 9.0.124.0 and earlier Heap-based Buffer Overflow in Hero DVD Player 3.0.8 Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Unspecified Vulnerability in IBM Lotus Quickr 8.1 Allows Unauthorized Demotion or Deletion of Place Superuser Group Unspecified Vulnerability in IBM Lotus Quickr 8.1 Allows Unauthorized Deletion of Pages Stack-based Buffer Overflow in Tonec Internet Download Manager File Parsing Function Arbitrary Code Execution via Unrestricted File Upload in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta Denial of Service Vulnerability in Microsoft Windows Vista Home and Ultimate Edition SP1 and Earlier Insufficient Access Control in Todd Woolums ASP News Management (possibly 2.21) Allows Information Disclosure Insufficient Access Control in ASP/MS Access Shoutbox Allows Information Disclosure Phorum 5.2.8 BBcode API Module XSS Vulnerability Denial of Service Vulnerability in KDE Konqueror 3.5.9 via Long Color Value in Font Tag Bypassing Authentication in Blue Coat K9 Web Protection 4.0.230 Beta SQL Injection Vulnerability in Galerie 3.2's galerie.php Allows Remote Code Execution via pic Parameter SQL Injection Vulnerability in leggi.php in geccBBlite 2.0 Multiple SQL Injection Vulnerabilities in Fastpublish CMS 1.9.9.9.9 d (1.9999 d) Arbitrary Local File Inclusion Vulnerabilities in Fastpublish CMS 1.9999 d Arbitrary Web Script Injection Vulnerability in AutoNessus bulk_update.pl SQL Injection Vulnerability in World of Warcraft Tracker Infusion (raidtracker_panel) Module 2.0 for PHP-Fusion Directory Traversal Vulnerabilities in JMweb MP3 Music Audio Search and Download Script SQL Injection Vulnerability in login.php Allows Remote Code Execution SQL Injection Vulnerability in Check User Feature of AdaptCMS Lite and AdaptCMS Pro 1.3 SQL Injection Vulnerability in AmpJuke 0.7.5: Remote Code Execution via index.php Multiple Directory Traversal Vulnerabilities in CCMS 3.1 SQL Injection Vulnerability in Recept.php in Recepies (Recept) Module 1.1 for PHP-Fusion Arbitrary File Inclusion Vulnerability in Phlatline's Personal Information Manager (pPIM) 1.01 Multiple PHP Remote File Inclusion Vulnerabilities in asiCMS Alpha 0.208 Brilliant Gallery 5.x before 5.x-4.2 Drupal Module XSS Vulnerability SQL Injection Vulnerability in Brilliant Gallery 5.x before 5.x-4.2 Arbitrary Script Injection in MaxiScript Website Directory's index.php Arbitrary Web Script Injection Vulnerability in Kantan WEB Server 1.8 and Earlier Arbitrary SQL Command Execution Vulnerability in EC-CUBE Ver2 2.1.2a and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in EC-CUBE Ver2 2.1.2a and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in EC-CUBE Versions 1.4.6 and Earlier, 1.5.0-beta and Earlier, 2.1.2a and Earlier, 2.2.0-beta and Earlier, 1.3.4 and Earlier, and Nightly-Build r17319 and Earlier Arbitrary web script injection vulnerability in EC-CUBE versions 1.4.6 and earlier, 1.5.0-beta and earlier, 2.1.2a and earlier, 2.1.1-beta and earlier, 1.3.4 and earlier, and Nightly-Build r17336 and earlier LGD-54XX bitblt Heap Overflow Vulnerability WLAN Password Leakage Vulnerability in Windows Mobile 6 on HTC Hermes Heap-based Buffer Overflow in Sun Java System Web Proxy Server 4.0 through 4.0.7 via Crafted HTTP GET Request Arbitrary Web Script Injection Vulnerability in Cisco Unity Denial of Service Vulnerability in Cisco Unity Denial of Service Vulnerability in Unspecified Microsoft API Used by Cisco Unity and Other Products Weak Permissions in Cisco Unity Directory Allows Unauthorized Access to Sensitive Information Adobe Flash Player and Adobe AIR Denial of Service Vulnerability Heap-based Buffer Overflow in PdvrAtl.PdvrOcx.1 ActiveX Control in DVRHOST Web CMS OCX 1.0.1.25 Stack-based Buffer Overflow in PTZCamPanelCtrl ActiveX Control in RTS Sentry 2.1.0.2 Arbitrary Image Upload Vulnerability in ImageShack Toolbar ActiveX Control Denial of Service Vulnerability in strongSwan 4.2.6 and Earlier Incorrect Argument Order in good_client Function Allows Bypass of Access Restrictions in nfs-utils Symlink Attack Vulnerability in qemu-make-debian-root in QEMU 0.9.1-5 on Debian GNU/Linux Arbitrary File Modification Vulnerability in Linux Kernel's do_splice_from Function Stack-based Buffer Overflow in push_subg function in Graphviz Remote Code Execution Vulnerability in Sun Solstice AdminSuite Arbitrary PHP Code Execution in Strawberry CuteNews.ru 1.1.1 via plugins/wacko/highlight/html.php Vulnerability: Arbitrary Code Execution in VLC Media Player 0.9.2 via Negative Identifier Tag in XSPF Playlist Remote Code Execution in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Information Disclosure in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Buffer Overflow in HP OpenView Network Node Manager (OV NNM) CGI Program Heap-based Buffer Overflow in adsmdll.dll in IBM Tivoli Storage Manager (TSM) Express and TSM Stack-based Buffer Overflow in Autonomy KeyView SDK 10.4 and Earlier Allows Remote Code Execution via Crafted WPD File SQL Injection Vulnerability in XIGLA Software Absolute Poll Manager XE 4.1 SQL Injection Vulnerability in Real Estate Classifieds Allows Remote Code Execution via cat Parameter Cross-site scripting (XSS) vulnerability in Plone LiveSearch module before 3.0.4 Remote Code Execution and Denial of Service Vulnerability in GuildFTPd 0.999.14 SQL Injection Vulnerability in kategori.asp in MunzurSoft Wep Portal W3 SQL Injection Vulnerability in Ayco Okul Portali Default.asp Buffer Overflow Vulnerability in jhead: Denial of Service via Long -cmd Argument and String Overflows Denial of Service Vulnerability in Linux Kernel SCTP Implementation Vulnerability: Bypassing Access Restrictions in Dovecot ACL Plugin Dovecot ACL Plugin Vulnerability: Unauthorized Creation of Parent/Child/Child Mailboxes Local Privilege Escalation via Symlink Attack in fence_apc and fence_apc_snmp Programs Arbitrary File Modification Vulnerability in fence_manual Access Restriction Bypass Vulnerability in IBM ENOVIA SmarTeam Same Origin Policy Bypass in Mozilla Firefox and SeaMonkey Arbitrary File Overwrite Vulnerability in Chilkat FTP 2.0 ActiveX Component Arbitrary File Overwrite Vulnerability in Chilkat Mail 7.8 ActiveX Control Remote Code Execution in Belong Software Site Builder 0.1 beta via admin/home.php Arbitrary File Download and Execution Vulnerability in Macrovision FLEXnet Connect 6.1 Arbitrary File Download and Execution Vulnerability in MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX Control Stack-based Buffer Overflow in Etype Eserv FTP Server Allows Remote Code Execution Heap-based Buffer Overflow in Lenovo Rescue and Recovery 4.20 Kernel Driver Multiple SQL Injection Vulnerabilities in Stash 1.0.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpWebGallery 1.3.4 Directory Traversal Vulnerability in Sports Clubs Web Panel 0.0.1 SMS Message Disclosure Vulnerability on Apple iPhone 2.1 with Firmware 5F136 Unspecified Remote Vulnerability in Linksys WAP4400N Firmware 1.2.14 Unspecified Remote Vulnerabilities in Slaytanic Scripts Content Plus 2.1.1 Arbitrary Script Injection Vulnerability in Shindig-Integrator 5.x for Drupal Unrestricted Page Access Vulnerability in Shindig-Integrator 5.x for Drupal Unspecified Remote Vulnerability in Shindig-Integrator 5.x Module for Drupal SQL Injection Vulnerability in Mosaic Commerce's category.php Allows Remote Code Execution via cid Parameter Authentication Bypass Vulnerability in PokerMax Poker League Tournament Script 0.13 Habari CMS 0.5.1 Login Feature Cross-Site Scripting (XSS) Vulnerability Post Affiliate Pro 2.0 - Directory Traversal Vulnerability in index.php Remote SQL Injection Vulnerability in iGaming CMS 2.0 Alpha 1 Arbitrary SQL Command Execution in Easy CafeEngine 1.1 via index.php SQL Injection Vulnerability in CafeEngine: Remote Code Execution via id Parameter in dish.php and menu.php SQL Injection Vulnerabilities in IP Reg 0.4 and Earlier: Remote Code Execution TCP Connection Queue Exhaustion Vulnerability Remote Denial of Service Vulnerability in MPlayer via Malformed AAC and Ogg Media Files Arbitrary SQL Command Execution in PHP Arsivimiz Php Ziyaretci Defteri Arbitrary Web Script Injection in PortalApp 4.0 via keywords parameter in forums.asp and content.asp SQL Injection Vulnerability in PortalApp 4.0 Forums.ASP Allows Remote Code Execution Unauthenticated Remote Attackers Can Create and Delete Forums, Topics, and Replies in PortalApp 4.0 Unspecified Vulnerability in i_utils.asp in PortalApp Before 4.01a Vulnerability: Remote Code Execution in SpamBam WordPress Plugin SQL Injection Vulnerability in Actualite Module 1.0 for Joomla! Denial of Service Vulnerability in Linux Kernel's SCTP Implementation Denial of Service Vulnerability in Sun Solaris 9 RPC Subsystem SQL Injection Vulnerability in MRBS 1.4: Remote Code Execution via area parameter SQL Injection Vulnerability in ZeeScripts Zeeproperty's bannerclick.php Allows Remote Code Execution Authentication Bypass Vulnerability in phpFastNews 1.0.0 Arbitrary SQL Command Execution in DS-Syndicate Component 1.1.1 for Joomla Fast Click SQL Lite 1.1.7 - PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in ShiftThis Newsletter Plugin for WordPress Arbitrary File Inclusion Vulnerability in Fritz Berger Yappa-ng Photo Album SQL Injection Vulnerability in rGallery Plugin 1.09 for WoltLab Burning Board (WBB) SQL Injection Vulnerability in del.php in myWebland miniBloggie 1.0 Arbitrary Web Script Injection Vulnerability in Usagi Project MyNETS 1.2.0 and Earlier Unspecified Vulnerabilities in Midgard Components (MidCOM) Framework before 8.09.1 Stack-based Buffer Overflow in MUSCLE Message::AddToString Function Directory Traversal Vulnerabilities in Kure 0.6.3 with Disabled Magic Quotes GPC Arbitrary SQL Command Execution in Node Vote Drupal Module Movable Type 4 Cross-Site Scripting (XSS) Vulnerability Unspecified Remote Information Disclosure Vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 and earlier Privilege Escalation via Shell Metacharacters in yast2-backup Filename Handling Cross-site scripting (XSS) vulnerability in cpCommerce before 1.2.4 in advanced search feature Arbitrary File Read Vulnerability in Symantec Veritas File System (VxFS) Symlink Attack Vulnerability in jhead.c Arbitrary File Deletion Vulnerability in jhead 2.84 and Earlier Arbitrary Command Execution Vulnerability in jhead 2.84 and Earlier SQL Injection Vulnerability in AstroSPACES 1.1.1 - Remote Code Execution via profile.php Remote Code Execution via SQL Injection in myWebland myStats Remote IP Address Bypass Vulnerability in myWebland myStats Arbitrary PHP Code Execution in PhpWebGallery 1.7.2 and Earlier Plaintext Storage of Database Administrator Password in Websense Reporter Module SQL Injection Vulnerability in sweetCMS 1.5.2: Remote Code Execution via index.php Elxis CMS 2008.1 XSS Vulnerability in index.php Session Fixation Vulnerability in Elxis CMS 2008.1 Revision 2204: Remote Session Hijacking SQL Injection Vulnerability in viewevent.php in myEvent 1.6 SQL Injection Vulnerabilities in Jetbox CMS 2.1 Arbitrary Code Execution Vulnerability in Dart Communications PowerTCP FTP for ActiveX 2.0.2.0 SQL Injection Vulnerability in Makale 0.26 and Possibly Other Versions Remote Code Execution Vulnerability in VLC Media Player via Crafted TiVo TY Media File Arbitrary SQL Command Execution in Simple Survey Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Frontend Users View Extension Arbitrary SQL Command Execution Vulnerability in Econda Plugin for TYPO3 Arbitrary SQL Command Execution Vulnerability in JobControl Extension for TYPO3 Arbitrary SQL Command Execution in Mannschaftsliste (kiddog_playerlist) Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in M1 Intern (m1_intern) 1.0.0 Extension for TYPO3 Arbitrary Code Injection through Cross-Site Scripting (XSS) in TYPO3 Page Improvements Extension Arbitrary File Inclusion Vulnerability in LokiCMS 0.3.4 Cross-Site Scripting (XSS) Vulnerability in analysis.cgi 1.44 QVOD Player ActiveX Control Heap-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in PG Matchmaking SQL Injection Vulnerability in Ultimate Webboard 3.00: Remote Code Execution via Category Parameter ArabCMS 2.0 beta 1 - Directory Traversal Vulnerability in rss.php Arbitrary File Inclusion Vulnerability in Image Browser Component for Joomla! Cross-Site Scripting (XSS) Vulnerability in Dan Fletcher Recipe Script's search.php Cross-Site Scripting (XSS) Vulnerability in Ed Pudol Clickbank Portal's search.php Arbitrary Web Script Injection Vulnerability in Wordpress MU (WPMU) before 2.6 Cross-Site Scripting (XSS) Vulnerability in buymyscripts Lyrics Script's search_results.php PHP Remote File Inclusion Vulnerability in WebBiscuits Software Events Calendar 1.1 SQL Injection Vulnerability in Conkurent Real Estate Manager 1.01: Remote Code Execution via cat_id Parameter SQL Injection Vulnerability in PHPcounter 1.3.2 and Earlier: Remote Code Execution via Name Parameter Unspecified privilege escalation vulnerability in Citrix XenApp and Access Essentials Sensitive Information Disclosure in Netrw Plugin for Vim Denial of Service Vulnerability in IBM WebSphere Application Server Bypassing Access Restrictions via Revoked Certificate in IBM WebSphere Application Server Denial of Service Vulnerability in Wireshark USB Dissector Unspecified Denial of Service Vulnerability in Wireshark Bluetooth RFCOMM Dissector Denial of Service in Wireshark 0.99.7 through 1.0.3 via Malformed Tamos CommView Capture File Denial of Service Vulnerability in Wireshark Bluetooth ACL Dissector Denial of Service Vulnerability in Wireshark 0.99.2 through 1.0.3 Use-after-free vulnerability in Wireshark Q.931 Dissector Integer Overflow Vulnerabilities in TY Demux Plugin of VLC Media Player Arbitrary Code Execution via Sort Parameter in Mantis Unauthenticated Information Disclosure in Mantis Bug Tracker Session Cookie Hijacking Vulnerability in Mantis before 1.1.3 Remote Code Execution in Lynx 2.8.6dev.15 and Earlier via Crafted lynxcgi: URL Unspecified Denial of Service Vulnerability in IBM DB2 9.1 Preservation of Inoperative Views and Triggers in IBM DB2 Native Managed Provider Sensitive Information Disclosure in IBM DB2 9.1 and 9.5 Unspecified Remote Code Execution Vulnerability in Opera before 9.60 Remote Code Execution via Predictable Cache Pathname in Opera Browser Opera.dll XSS Vulnerability Cross-Site Scripting (XSS) Vulnerability in Opera's Fast Forward Feature Arbitrary Feed Subscription and Content Disclosure Vulnerability in Opera before 9.61 Arbitrary Code Execution Vulnerability in Peachtree Accounting 2004 ActiveX Control SQL Injection Vulnerability in Libera CMS 1.12 and Earlier: Remote Code Execution via admin.php SQL Injection Vulnerability in Libera CMS 1.12 admin.php Multiple Directory Traversal Vulnerabilities in PhpWebGallery 1.3.4 SQL Injection Vulnerability in BosDev BosNews 4.0: Remote Code Execution via article Parameter SezHoo 0.1 PHP Remote File Inclusion Vulnerability Arbitrary SQL Command Execution Vulnerability in MyPHPDating's success_story.php SQL Injection Vulnerability in VBGooglemap Hotspot Edition 1.0.3 Directory Traversal Vulnerability in BbZL.PhP 0.92 via lien_2 Parameter BbZL.PhP 0.92 Authentication Bypass Vulnerability Arbitrary SQL Command Execution Vulnerability in Pilot Group (PG) eTraining Arbitrary Code Injection through Cross-Site Scripting (XSS) in Stock 6.x before 6.x-1.0 Drupal Module SQL Injection Vulnerability in Joovili 3.0 and Earlier: Remote Code Execution via id Parameter Arbitrary Local File Inclusion Vulnerability in LnBlog 0.9.0 and Earlier SQL Injection Vulnerability in 212cafe Board 0.07 - Remote Code Execution via qID Parameter in view.php Authentication Bypass Vulnerability in Atomic Photo Album 1.1.0 pre4 SQL Injection Vulnerability in Jpad (com_jpad) 1.0 Component for Joomla! Arbitrary SQL Command Execution in BitmixSoft PHP-Lance 1.52 via catid Parameter SQL Injection Vulnerability in bannerclick.php in ZEELYRICS 2.0 Directory Traversal Vulnerability in X7 Chat 2.0.1 A1 and Earlier PHP Remote File Inclusion Vulnerability in openEngine 2.0 beta2 PHP Remote File Inclusion Vulnerabilities in The Gemini Portal 4.7 Authentication Bypass Vulnerability in PHP Jabbers Post Comment 3.0 Unspecified Remote Access Vulnerability in Sun Integrated Lights-Out Manager (ILOM) Cross-Site Scripting (XSS) Vulnerabilities in Mozilla Firefox 3.0.1 through 3.0.3 via FTP URLs in Various File Formats Cross-Site Scripting (XSS) Vulnerabilities in Google Chrome 0.2.149.30 via FTP URLs in Various File Formats Opera 9.52 Cross-Site Scripting (XSS) Vulnerability Stack-based Buffer Overflow in GoodTech SSH 6.4 SFTP Subsystem Arbitrary Script Injection in SunGard Banner Student 7.3 Contact Update Page Arbitrary Code Execution Vulnerabilities in Hummingbird Deployment Wizard 2008 ActiveX Control Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control in Hummingbird Xweb ActiveX Control 13.0 and earlier Arbitrary Web Script Injection in phpMyID 0.9 via MyID.php Unspecified Vulnerabilities in YaCy Before 0.61 with Unknown Impact and Attack Vectors SQL Injection Vulnerability in WP Comment Remix Plugin Arbitrary Script Injection in WP Comment Remix Plugin CSRF Vulnerability in WP Comment Remix Plugin Allows Unauthorized Actions Remote File Inclusion Vulnerability in CoAST 0.95 Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in RPG.Board 0.8 Beta2 and Earlier: Remote Code Execution via showtopic Parameter Arbitrary Web Script Injection Vulnerability in WhoDomLite 1.1.3 SQL Injection Vulnerability in MyCard 1.0.2: Remote Code Execution via gallery.php PlugSpace 0.1 Directory Traversal Vulnerability Arbitrary File Inclusion Vulnerability in TinyCMS 1.1.2 Arbitrary File Read Vulnerability in FAR-PHP 1.00 Cross-Site Scripting (XSS) Vulnerabilities in TimeTrex 2.2.11 Login Interface SQL Injection Vulnerability in QuidaScript FAQ Management Script via catid Parameter Arbitrary SQL Command Execution in DXShopCart 4.30mc via product_detail.php Uniwin eCart Professional 2.0.17 EmailFriend.asp Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerabilities in Uniwin eCart Professional 2.0.17 Unspecified Vulnerability in Sun Java System LDAP JDK: Sensitive Information Disclosure Format String Vulnerability in KVirc 3.4.0 URI Handler Arbitrary File Overwrite Vulnerabilities in VImpX.VImpAX ActiveX Control Vulnerability: Stack-based Buffer Overflow in VImpX.VImpAX ActiveX Control Arbitrary Web Script Injection in iPei Guestbook 2.0 (CVE-2005-4597) Remote Authentication Bypass Vulnerability in TlNews 2.2 SQL Injection Vulnerability in EditUrl.php in AJ Square RSS Reader SQL Injection Vulnerability in Scripts for Sites (SFS) Ez Forum's forum.php Allows Remote Code Execution SQL Injection Vulnerability in gotourl.php in PozScripts Classified Auctions Script Arbitrary Web Script Injection Vulnerability in PHP-Daily's add_prest_date.php Multiple SQL Injection Vulnerabilities in PHP-Daily Arbitrary File Read Vulnerability in PHP-Daily's download_file.php Arbitrary File Read Vulnerability in BuzzyWall 1.3.1 SQL Injection Vulnerability in Graphiks MyForum 1.3: Remote Code Execution via lecture.php Cross-site scripting (XSS) vulnerability in Kayako eSupport 3.20.2 via jsMakeSrc parameter in HtmlTidy plugin Stack-based Buffer Overflow in freeSSHd 1.2.1: Remote Code Execution and Denial of Service Arbitrary Web Script Injection in WiKID wClient-PHP 3.0-2 and Earlier Arbitrary File Read Vulnerability in eXtplorer Module of Joomla! SQL Injection Vulnerability in osCommerce Poll Booth Add-On 2.0 SQL Injection Vulnerability in Oxygen Bulletin Board 1.1.3 - Remote Code Execution via member parameter Unrestricted File Upload Vulnerability in DownloadsPlus Module in PHP-Nuke SQL Injection Vulnerability in TLM CMS 3.1 via nom parameter in a-b-membres.php Directory Traversal Vulnerability in WordPress get_category_template Function Arbitrary Code Execution Vulnerability in RealVNC VNC Viewer Component Stack-based Buffer Overflow in VATDecoder.VatCtrl.1 ActiveX Control SQL Injection Vulnerability in QuestCMS main/main.php QuestCMS Directory Traversal Vulnerability in main/main.php QuestCMS main/main.php Cross-Site Scripting (XSS) Vulnerability Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0 and earlier versions with register_globals enabled Buffer Over-read Vulnerability in libgadu before 1.8.2 SQL Injection Vulnerability in Showroom Joomlearn LMS Component for Joomla! and Mambo SQL Injection Vulnerability in Koobi CMS 4.3.0 Gallery Module Stack-based Buffer Overflow in TUGzip 3.5.0.0: Remote Code Execution Arbitrary File Inclusion Vulnerability in MyForum 1.3 MyKtools 2.4 Update.php Directory Traversal Vulnerability SQL Injection Vulnerability in All In One Control Panel (AIOCP) 1.4: Remote Code Execution via poll_id Parameter Authentication Bypass Vulnerability in tlAds 1.0 Authentication Bypass Vulnerability in aflog 1.01 Arbitrary SQL Command Execution Vulnerability in e107 Alternate Profiles Plugin Arbitrary SQL Command Execution in EasyShop Plugin for e107 Address bar spoofing vulnerability in Microsoft Internet Explorer 6 Address Bar Spoofing Vulnerability in Microsoft Internet Explorer 6 Bypassing Access Restrictions in Drupal 6.x Upload Module File Access Bypass Vulnerability in Drupal 5.x Core Upload Module Authentication Bypass Vulnerability in Drupal 5.x and 6.x Access Restriction Bypass in Drupal BlogAPI Module Bypassing Node Validation in Drupal 5.x Arbitrary Command Execution in Opera History Search Results Page Cross-Site Scripting (XSS) Vulnerability in Opera's Links Panel Arbitrary Command Execution via Shell Metacharacters in Snoopy 1.2.3 and Earlier Arihiro Kurata Kantan WEB Server 1.8 Directory Traversal Vulnerability Arbitrary Code Execution via Crafted URL in WebGUI Asset.pm Out-of-Bounds Read Vulnerability in Netpbm Denial of Service Vulnerability in DebugDiag ActiveX Control Heap-based Buffer Overflow in Data Protection for SQL CAD Service Arbitrary Script Injection in Simple PHP Scripts Blog 0.3 via complete.php Cross-site scripting (XSS) vulnerability in Simple PHP Scripts gallery 0.1, 0.3, and 0.4 in index.php SQL Injection Vulnerability in Gallery Module 1.3 for PHP-Nuke Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Connections 2.x SQL Injection Vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 Sensitive Information Exposure in IBM Lotus Connections 2.x Unspecified Vector Password Discovery Vulnerability in IBM Lotus Connections 2.x Unspecified Active Content Vulnerabilities in IBM Lotus Connections 2.x Arbitrary PHP Code Execution in Smarty 2.6.20 (CVE-2008-4811) Arbitrary PHP Code Execution via Backslash-Dollar Sign in Smarty 2.6.20 r2797 and Earlier Out-of-bounds Write Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Unspecified Remote Code Execution Vulnerability in Adobe Reader and Acrobat Untrusted Search Path Vulnerability in Adobe Reader and Acrobat on Unix and Linux Unspecified Remote Code Execution Vulnerability in Adobe Reader's Download Manager Heap Corruption Vulnerability in Adobe Acrobat Professional and Reader 8.1.2 and Earlier Adobe Flash Player XSS Vulnerability in HTTP Response Headers DNS Rebinding Vulnerability in Adobe Flash Player 9.0.124.0 and Earlier Unspecified Information Disclosure Vulnerability in Adobe Flash Player ActiveX Control Adobe Flash Player Vulnerability: Information Disclosure via jar: URLs Bypassing Non-Root Domain Policy in Adobe Flash Player 9.0.124.0 and Earlier Arbitrary Script Injection Vulnerability in Adobe Flash Player 9.0.124.0 and Earlier Unspecified Remote Code Execution Vulnerabilities in Adobe Flash Player 10.x and 9.x Buffer Overflow Vulnerabilities in UltraISO 9.3.1.2633 and Earlier Versions Multiple Heap-Based Buffer Overflows in ComponentOne SizerOne ActiveX Controls Multiple stack-based buffer overflows in IBM Tivoli Storage Manager (TSM) client and TSM Express client allow remote code execution Multiple Buffer Overflows in Streamripper 1.63.5's lib/http.c Insecure Method Vulnerability in SAP GUI ActiveX Control Allows File Manipulation and Execution Unspecified Local Privilege Escalation Vulnerability in Adobe ColdFusion Race condition vulnerability in rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via symlink attack SMB Buffer Overflow Remote Code Execution Vulnerability SMB Validation Remote Code Execution Vulnerability Word Memory Corruption Vulnerability WordPad Text Converter Remote Code Execution Vulnerability Use-after-free vulnerability in CRecordInstance::TransferToDestination function in mshtml.dll in Internet Explorer allows remote code execution Untrusted Search Path Vulnerability in Blender 2.46 Allows Arbitrary Code Execution Integer Overflow Vulnerability in Python's imageop Module Untrusted Search Path Vulnerability in Valgrind Buffer Overflow Vulnerabilities in FFmpeg/libavformat/utils.c Buffer Overflow in libavcodec/dca.c in FFmpeg 0.4.9: Unknown Impact via Incorrect DCA_MAX_FRAME_SIZE Value Unspecified Vulnerability in avcodec_close Function in FFmpeg 0.4.9 FFmpeg 0.4.9 Tcp/udp Memory Leak Vulnerability World-readable permissions for dovecot.conf in dovecot 1.0.7 in RHEL 5 and Fedora Arbitrary Script Injection via BBcode IMG Tags in My Little Forum 1.75 and 2.0 Beta 23 Cross-Site Scripting (XSS) Vulnerability in bidhistory.php in iTechBids Gold 5.0 Arbitrary Command Execution in Sepal SPBOARD 4.5 via board.cgi Backdoor Service Account Vulnerability in Philips VOIP841 DECT Phone Directory Traversal Vulnerability in Philips VOIP841 DECT Phone Firmware Arbitrary Web Script Injection in Philips Electronics VOIP841 DECT Phone SQL Injection Vulnerability in WebCards 1.3 admin.php Arbitrary Code Execution via Unrestricted File Upload in WebCards 1.3 SQL Injection Vulnerability in prod.php in Maran PHP Shop SQL Injection Vulnerability in prodshow.php in Maran PHP Shop SQL Injection Vulnerability in tr.php in YourFreeWorld Reminder Service Script SQL Injection Vulnerability in tr.php in YourFreeWorld Autoresponder Hosting Script SQL Injection Vulnerability in tr.php in YourFreeWorld Blog Blaster Script SQL Injection Vulnerability in tr.php in YourFreeWorld Classifieds Hosting Script SQL Injection Vulnerability in YourFreeWorld Scrolling Text Ads Script (tr1.php) Arbitrary SQL Command Execution Vulnerability in YourFreeWorld Shopping Cart Script SQL Injection Vulnerability in NetRisk 2.0 and Earlier: Remote Code Execution via id Parameter Cross-Site Scripting (XSS) Vulnerability in NetRisk 2.0 and Earlier SQL Injection Vulnerability in deV!L'z Clanportal (DZCP) 1.4.9.6 and Earlier Arbitrary SQL Command Execution Vulnerability in 1st News 4 Professional (PR 1) Cross-Site Scripting (XSS) Vulnerability in Planetluc SignMe 1.5 before 1.55 Cross-site scripting (XSS) vulnerability in Planetluc MyGallery 1.7.2 and earlier, allowing remote code injection via mghash parameter Cross-Site Scripting (XSS) Vulnerability in Tribiq CMS 5.0.10a via template_path Parameter Arbitrary Local File Inclusion in Tribiq CMS 5.0.10a and 5.0.12c SQL Injection Vulnerability in tr.php in YourFreeWorld Downline Builder Cross-Site Scripting (XSS) Vulnerability in Logz CMS 1.3.1 via art Parameter in fichiers/add_url.php Arbitrary SQL Command Execution in Logz Podcast CMS 1.3.1 Cross-Site Scripting (XSS) Vulnerability in planetluc RateMe 1.3.3 CSRF Vulnerability in Planetluc RateMe 1.3.3 Allows Unauthorized Actions as Other Users SQL Injection Vulnerability in tr.php in YourFreeWorld Classifieds Blaster Script SQL Injection Vulnerability in Article Publisher Pro 1.5 Allows Remote Code Execution via admin.php SQL Injection Vulnerability in contact_author.php in Article Publisher Pro 1.5 Typo 5.1.3 and Earlier Cross-Site Scripting (XSS) Vulnerability in Leave Comment Feature Arbitrary SQL Command Execution in Typo Manage Pages Feature Hard-coded Salt Vulnerability in Typo 5.1.3 and Earlier SQL Injection Vulnerability in Lyrics (lyrics_menu) Plugin 0.42 for e107 Denial of Service Vulnerability in Dovecot Message Parsing Feature Arbitrary File Overwrite Vulnerability in CrossFire crossfire-maps 1.11.0 CSRF Vulnerability in CompactCMS 1.1 and Earlier Arbitrary Code Execution Vulnerability in Sun Java Web Start's BasicService Remote File Inclusion Vulnerability in Chattaitaliano Istant-Replay's read.php Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in RS MAXSOFT Fotogalerie Module Arbitrary File Deletion Vulnerability in LokiCMS 0.3.3 and Earlier Denial of Service Vulnerability in VMware ESXi 3.5 and ESX 3.5 Privilege Escalation Vulnerability in VMware Workstation, Player, ACE, Server, ESX, and ESXi Unspecified Denial of Service Vulnerability in VMware Virtual Device Driver Arbitrary Physical-Memory Write Vulnerability in VMware Products Universal Website Hijacking: Cross-Site Scripting (XSS) Vulnerability in SonicWALL SonicOS Enhanced Arbitrary File Overwrite Vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX Control Authentication Bypass Vulnerability in Chipmunk CMS 1.3 Buffer Overflow in DjVu ActiveX Control 3.0 for Microsoft Office: Remote Code Execution Vulnerability Arbitrary File Overwrite Vulnerabilities in MW6 Technologies Aztec ActiveX Control Arbitrary File Overwrite Vulnerabilities in MW6 Technologies 1D Barcode ActiveX Control Arbitrary File Overwrite Vulnerabilities in MW6 Technologies DataMatrix ActiveX Control Arbitrary File Overwrite Vulnerabilities in MW6 Technologies PDF417 ActiveX Control Denial of Service Vulnerability in Microsoft Windows Media Player MyBB 1.4.2 Redirect Function XSS Vulnerability Insufficient Randomness in MyBB 1.4.2 File Attachment Filenames Incomplete Protection Against MIME-Sniffing in MyBB 1.4.2: Exploiting HTML File Upload Vulnerability Arbitrary Web Script Injection in firmCHANNEL Digital Signage 3.24 Arbitrary File Overwrite and Code Execution in U-Mail Webmail Server 4.91 Buffer Overflow in hfsplus_find_cat Function in Linux Kernel Denial of Service Vulnerability in Linux Kernel's hfsplus_block_allocate Function Local File Overwrite Vulnerability in asciiview 1.3.0 Symlink Attack Vulnerability in mgetty 1.1.36's faxspool Arbitrary File Overwrite Vulnerability in senddoc of OpenOffice.org (OOo) 2.4.1 Arbitrary File Overwrite Vulnerability in Aegis 4.24 and Aegis-Web 4.24 Arbitrary File Overwrite Vulnerability in Apertium 3.0.7 Arbitrary File Overwrite Vulnerability in aptoncd 0.1 Arb-common Local File Overwrite Vulnerability Arbitrary File Overwrite Vulnerability in Audiolink 0.05 Local File Overwrite Vulnerability in bulmages-servers 0.11.1 Symlink Attack Vulnerability in cdcontrol 1.90 Symlink Attack Vulnerability in amlabel-cdrw of cdrw-taper 0.4 Local File Overwrite Vulnerability in convirt 0.8.2 Local File Overwrite Vulnerability in dhis-dummy-log-engine Local File Overwrite Vulnerability in digitaldj 0.7.5 via Symlink Attack Local users can overwrite arbitrary files through symlink attacks on temporary files in dist 3.5 Arbitrary File Overwrite Vulnerability in dpkg-cross 2.3.0 Arbitrary File Overwrite Vulnerability in DTC 0.29.6 Arbitrary File Overwrite Vulnerability in emacs-jabber 0.7.91 Arbitrary File Overwrite Vulnerability in FireHOL 1.256 Arbitrary File Overwrite Vulnerability in mead.pl in FML 4.0.3 Arbitrary File Overwrite Vulnerability in Freevo 1.8.1 Local Privilege Escalation Vulnerability in fwbuilder 2.1.19 via Symlink Attack on /tmp/ssh-agent.##### Temporary File Symlink Attack Vulnerability in Kitware GCC-XML (gccxml) 0.9.0 Local File Overwrite Vulnerability in gdrae 0.1 Arbitrary File Overwrite Vulnerability in geo-code of gpsdrive-scripts 2.10~pre4 Local Privilege Escalation Vulnerability in Impose+ 0.2 Allows Arbitrary File Overwrite via Symlink Attack Vulnerability in VLAN Trunking Protocol (VTP) Implementation on Cisco IOS and CatOS Arbitrary File Deletion Vulnerability in konwert 1.8 Arbitrary File Overwrite Vulnerability in liguidsoap 0.3.8.1+2 Local File Overwrite Vulnerability in Linux Patch Openswan 2.4.12 Symlink Attack Vulnerability in Linuxtrade 3.65 Local File Overwrite Vulnerability in lmbench 3.0-a7 Arbitrary File Overwrite Vulnerability in ltp-network-test 20060918 Symlink Attack Vulnerability in runiozone of Lustre 1.6.5 Arbitrary File Overwrite Vulnerability in MAFFT-Homologs Local Privilege Escalation via Symlink Attack in mailgo 2.31 Arbitrary File Overwrite Vulnerability in i2myspell 3.1 Arbitrary File Overwrite Vulnerability in rrdedit of netmrg 0.20 Local File Overwrite Vulnerability in mkmailpost in Newsgate 1.6 Symlink Attack Vulnerability in Ogle 0.9.2 and Ogle-mmx 0.9.2 Arbitrary File Overwrite Vulnerability in Postfix 2.5.2 Vulnerability: Local File Overwrite via Symlink Attack in Radiance 3R9+20080530 Arbitrary File Overwrite Vulnerability in Rancid 2.3.2~a8 Symlink Attack Vulnerability in delqueueask in RCCP 0.9 Symlink Attack Vulnerability in perl.robot in RealTimeBattle 1.0.8 Local Privilege Escalation via Symlink Attack in rkhunter 1.3.2 Arbitrary File Overwrite Vulnerability in scilab-bin 4.1.2 Arbitrary File Overwrite Vulnerability in Scratchbox2 1.99.0.24 Arbitrary File Overwrite Vulnerability in Video Disk Recorder (vdr-dbg or vdr) 1.6.0 Local File Overwrite Vulnerability in WIMS 3.62 Arbitrary File Overwrite Vulnerability in xastir 1.9.2 Arbitrary File Overwrite Vulnerability in pscal 4.1 Arbitrary Trusted Self-Signed Certificate Vulnerability in GnuTLS Symlink Attack Vulnerability in Enomaly Elastic Computing Platform (ECP) SQL Injection Vulnerability in LOCKON CO.,LTD. EC-CUBE and Community Edition Memory Access Vulnerability in SPARC Hypervisor on Sun System Firmware Arbitrary File Overwrite Vulnerability in Xen 3.2.1 Arbitrary File Overwrite Vulnerability in xmcd 2.6 Local File Overwrite Vulnerability in redirect.pl in bk2site 1.1.9 Symlink Attack Vulnerability in initramfs-tools 0.92f Arbitrary File Overwrite Vulnerability in dfxml-invoice Local File Overwrite Vulnerability in Twiki 4.1.2 via Symlink Attack in postinst Denial of Service Vulnerability in Nortel Networks UNIStim IP Phone 0604DAS Arbitrary SQL Command Execution via SQL Injection in PHPX 3.5.16 Multiple stack-based buffer overflows in UltraVNC vncviewer/FileTransfer.cpp Arbitrary File Overwrite Vulnerability in ChilkatCrypt2 ActiveX Control SQL Injection Vulnerability in ndetail.php in Shahrood SQL Injection Vulnerability in genscode.php in myWebland Bloggie Lite 0.0.2 beta Multiple stack-based buffer overflows in University of Washington IMAP Toolkit, Alpine, and Panda IMAP Denial of Service Vulnerability in University of Washington IMAP Toolkit 2007b Arbitrary File Overwrite/Delete Vulnerability in create_lazarus_export_tgz.sh in Lazarus 0.9.24 Buffer Overflow in Secret Rabbit Code (SRC) Allows Arbitrary Code Execution Race condition vulnerability in s_xout kernel module in Sun Solstice X.25 9.2 Denial of Service Vulnerability in Solaris DHCP Implementation (Bug ID 6713805) Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Quickr 8.1 before 8.1.0.2 Services for Lotus Domino Same Origin Policy Bypass and Arbitrary Image Access Vulnerability Memory Access Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Privilege Escalation via File: URI in Mozilla Firefox 3.x Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Integer Overflow Vulnerability in nsEscape.cpp in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox 3.x and 2.x Remote Code Execution and Denial of Service Vulnerability in nsFrameManager Arbitrary Script Execution via Multiple Listeners in Firefox, Thunderbird, and SeaMonkey Arbitrary Script Execution via -moz-binding CSS Property in Firefox and SeaMonkey XML Injection Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Stack-based Buffer Overflow in hfs_cat_find_brec Function in Linux Kernel Cross-Site Scripting (XSS) Vulnerability in Microsoft SharePoint Remote Code Execution Vulnerability in Nagios and op5 Monitor CSRF Vulnerability in Nagios and op5 Monitor Allows Remote Command Execution Denial of Service Vulnerability in Linux Kernel's __scm_destroy Function Arbitrary Code Execution via CDDB Data in libcdaudio 0.99.12p2 Integer Overflow in Python's expandtabs Method Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 via invalid CUE image file header in modules/access/vcd/cdrom.c Denial of Service Vulnerability in Linux Kernel's chip_command Function Arbitrary File Overwrite Vulnerability in master-filter of printfilters-ppd 2.13 Denial of Service Vulnerability in IBM Hardware Management Console (HMC) 7 Release 3.2.0 SP1 and 3.3.0 SP2 Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 via invalid RealText subtitle file SQL Injection Vulnerability in ElkaGroup Image Gallery 1.0: Remote Code Execution via cid Parameter in view.php NetWare Core Protocol (NCP) Use-After-Free Vulnerability in Novell eDirectory League module in PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via tid parameter Authentication Bypass Vulnerability in Graphiks MyForum 1.3 Default Password Vulnerability in Sweex RO002 Router Authentication Bypass Vulnerability in Zeeways PhotoVideoTube 1.1 and Earlier IBM Metrica Service Assurance Framework Multiple Cross-Site Scripting (XSS) Vulnerabilities Race condition vulnerability in UnhookWindowsHookEx in Microsoft Windows Server 2003 and Vista allows local users to cause denial of service Heap-based Buffer Overflow in Network-Client FTP Now 2.6 SQL Injection Vulnerability in Mole Group Pizza Script's index.php Allows Remote Code Execution via manufacturers_id Parameter SQL Injection Vulnerability in Mole Group Rental Script's admin/index.php Buffer Overflow Vulnerability in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and Earlier Buffer Overflow Vulnerability in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and Earlier Heap-based buffer overflow in Clam Anti-Virus (ClamAV) before 0.94.1 in get_unicode_name function (libclamav/vba_extract.c) allows remote attackers to execute arbitrary code or cause a denial of service. Arbitrary SQL Command Execution Vulnerability in JooBlog (com_jb2) Component 0.1.1 for Joomla! Memory Corruption Vulnerability in AppendAttributeValue Function Arbitrary PHP Code Execution via Remote File Inclusion in Simple RSS Reader Component for Joomla! SQL Injection Vulnerabilities in Develop It Easy Membership System 1.3 SQL Injection Vulnerability in ActiveCampaign TrioLive Arbitrary Web Script Injection in ActiveCampaign TrioLive before 1.58.7 SQL Injection Vulnerability in film.asp in Yigit Aybuga Dizi Portali SQL Injection Vulnerability in Pre Simple CMS Arbitrary Script Injection via new_language Parameter in ModernBill 4.4 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in ModernBill 4.4 and Earlier Arbitrary Web Script Injection Vulnerability in Mini Web Calendar (mwcal) 1.2 Arbitrary File Read Vulnerability in Mini Web Calendar (mwcal) 1.2 Remote File Inclusion Vulnerability in OTManager 2.4 Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in liga.php in H&H WebSoccer 2.80 Authentication Bypass Vulnerability in TlGuestBook 1.2 Agares Media ThemeSiteScript 1.0 - Remote File Inclusion Vulnerability in upload/admin/frontpage_right.php Cross-Site Scripting (XSS) Vulnerability in Kmita Catalogue 2.x search.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kmita Gallery SQL Injection Vulnerability in go.php in Panuwat PromoteWeb MySQL SQL Injection Vulnerability in Pro Chat Rooms 3.0.3 with Disabled Magic Quotes GPC Multiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier Denial of Service Vulnerability in K-Lite Mega Codec Pack 3.5.7.0 Heap-based Buffer Overflow in Novell ZENworks Desktop Management 6.5 ActiveX Control SQL Injection Vulnerability in Freshlinks 1.0 RC1 Module for PHP-Fusion Multiple SQL Injection Vulnerabilities in E-Uploader Pro 1.0 (aka Uploader PRO) Unsanitized Process Names in htop 0.7 Allow for Local User Exploitation Bypassing Certificate Chain Validation in OpenSSL 0.9.8i and Earlier Buffer overflow vulnerabilities in GNU enscript 1.6.1 and earlier versions Denial of Service Vulnerability in Linux Kernel's ATM Subsystem Cross-Site Scripting (XSS) Vulnerability in AWStats 6.8 and Earlier Denial of Service Vulnerability in Avahi-daemon via Crafted mDNS Packet Bypassing Authentication Policies in Red Hat and Dogtag Certificate Systems Unauthorized Access to Private Resource Information in JON 2.1.x before 2.1.2 SP1 Bypassing Access Restrictions in libvirt 0.3.2 through 0.5.1 Arbitrary SQL Command Execution in TYPO3 Another Backend Login Extension (wrg_anotherbelogin) Multiple SQL Injection Vulnerabilities in PHPKB Knowledge Base Software 1.5 Professional Arbitrary File Overwrite Vulnerabilities in Data Dynamics ActiveReports 2.5.0.1314 Arbitrary PHP Code Execution in Electron Inc. Advanced Electron Forum before 1.0.7 LDAP Service Buffer Overflow Vulnerability in Novell eDirectory Heap-based Buffer Overflow Vulnerabilities in Novell eDirectory HTTPSTK Novell eDirectory HTTPSTK Cross-Site Scripting (XSS) Vulnerability Heap-based Buffer Overflow in NDS Service of Novell eDirectory: Unknown Impact and Attack Vectors Arbitrary Web Script Injection Vulnerability in Novell User Application and Identity Manager Roles Based Provisioning Module Unspecified Information Disclosure Vulnerability in TYPO3 File List Extension MyFWB 1.0 index.php SQL Injection Vulnerability Unspecified Cross-Site Scripting (XSS) Vulnerability in Sun Java System Messaging Server 6.2 and 6.3 Cleartext Display of OpenBoot PROM (OBP) Security-Password Variable in Sun Logical Domain Manager (LDoms Manager or ldm) 1.0 through 1.0.3 Weakness in Strong Name Implementation in Microsoft .NET Framework 2.0.50727 Buffer Overflow Vulnerability in OptiPNG BMP Reader Denial of Service Vulnerability in PythonScripts in Zope 2 Root Account Cleartext Password Bypass Vulnerability in VMBuilder 0.9 Default Root Password Vulnerability in Ubuntu Virtual Machines Denial of Service Vulnerability in KarjaSoft Sami FTP Server 2.0.x Buffer Overflow Vulnerability in KarjaSoft Sami FTP Server 2.0.x MSI Logging Vulnerability in Citrix Presentation Server and Desktop Server Unspecified JavaScript Execution Vulnerability in Adobe AIR 1.1 and Earlier Lack of SWF Verification in Adobe Flash Media Server 3.0 allows for unauthorized video content copying Vulnerability: Chroot Escape in syslog-ng Unspecified Denial of Service Vulnerability in Solaris and OpenSolaris LDAP Server User Enumeration Vulnerability Delayed and Persistent Cross-Site Request Forgery (CSRF) Vulnerability in WordPress 2.6.3 Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Identity Manager CSRF Vulnerability in Sun Java System Identity Manager Arbitrary File Read Vulnerability in Sun Java System Identity Manager Open Redirect Vulnerability in Sun Java System Identity Manager Frame Injection Vulnerability in Sun Java System Identity Manager Arbitrary Web Script Injection Vulnerability in Scripts4Profit DXShopCart 4.30mc Remote Code Execution Vulnerability in Process Software MultiNet Finger Service Privilege Escalation via Crafted DNE_IOCTL DeviceIoControl Request in Citrix Deterministic Network Enhancer (DNE) SQL Injection Vulnerability in Ektron CMS400.NET 7.5.2 and Earlier: WorkArea/ContentRatingGraph.aspx SQL Injection Vulnerability in CCleague Pro 1.2 admin.php Allows Remote Code Execution Insecure SSH Host Key Verification in JSCAPE Secure FTP Applet 4.8.0 and Earlier Authentication Bypass in CCleague Pro 1.2 via admin.php BoutikOne CMS search.php XSS Vulnerability Insufficient Access Control in Ocean12 Contact Manager Pro 1.02 Allows Remote Information Disclosure Insufficient Access Control in Ocean12 Membership Manager Pro Allows Remote Information Disclosure Insufficient Access Control in Ocean12 Poll Manager Pro 1.00 Allows Remote Information Disclosure Insufficient Access Control in Ocean12 Calendar Manager Gold 2.04 Allows Remote Information Disclosure SQL Injection Vulnerabilities in Develop It Easy News And Article System 1.4 SQL Injection Vulnerability in MemHT Portal 4.0.1 via X-Forwarded-For Header IP Filter in Sun Solaris 10 and OpenSolaris before snv_96 DNS Spoofing Vulnerability Buffer Overflow in lbs_process_bss function in libertas subsystem in Linux kernel Vulnerability: Arbitrary File Overwrite via Symlink Attack in os-prober 1.17 Arbitrary File Overwrite Vulnerability in tkusr 0.82 Local Privilege Escalation Vulnerability in tkman 2.2 via Symlink Attack on Temporary Files Arbitrary File Overwrite Vulnerability in libpam-mount 0.43 Arbitrary File Overwrite Vulnerability in updatejail of Jailer 0.4 Arbitrary File Overwrite Vulnerability in MailScanner 4.55.10 and Earlier Versions Local Privilege Escalation via Symlink Attack in Flamethrower 0.1.8 Local Privilege Escalation via Symlink Attack in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux Arbitrary File Overwrite Vulnerability in mgt-helper of multi-gnome-terminal 1.6.2 Arbitrary File Overwrite Vulnerability in nvidia-cg-toolkit-installer Arbitrary File Overwrite Vulnerability in ltpmenu of ltp 20060918 Symlink Attack Vulnerability in add-accession-numbers in CTN 3.0.6 Arbitrary File Overwrite Vulnerability in docvert 2.4 Local File Overwrite Vulnerability in sch2eaglepos.sh in geda-gnetlist 1.4.0 Arbitrary File Overwrite Vulnerability in fwd_check.sh Arbitrary File Append Vulnerability in maildirsync 1.1 Arbitrary File Overwrite Vulnerability in test_parser.py in Mayavi 1.5 Local File Overwrite Vulnerability in inmail-show in mh-book 200605 Arbitrary File Overwrite Vulnerability in spell-check-logic.cgi Symlink Attack Vulnerability in Bluetooth.rc of p3nfs 5.19 Arbitrary File Overwrite and Data Append Vulnerability in mail2sms.sh Arbitrary File Overwrite Vulnerability in si_mkbootserver of systemimager-server 3.6.3 Arbitrary File Overwrite Vulnerability in tau 2.16.4 Authentication Bypass Vulnerability in WinCom LPD Total 3.0.2.623 and Earlier Remote Denial of Service Vulnerability in WinCom LPD Total 3.0.2.623 and Earlier Denial of Service Vulnerability in MyServer 0.8.11 Vulnerability in Error Handling of SSH Protocol in SSH Tectia and OpenSSH Insufficient Entropy Source in FreeBSD Kernel's arc4random Function SQL Injection Vulnerabilities in The Rat CMS Pre-Alpha 2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in The Rat CMS Pre-Alpha 2 SQL Injection Vulnerabilities in eTicket 1.5.7 SQL Injection Vulnerability in Riddles Website 1.2.1: Remote Code Execution via riddleid Parameter Boonex Orca 2.0 and 2.0.2 Remote File Inclusion Vulnerability Arbitrary SQL Command Execution in Tips Complete Website 1.2.0 via tipid Parameter Arbitrary SQL Command Execution in Drinks Complete Website 2.1.0 SQL Injection Vulnerability in item.php in Cheats Complete Website 1.1.1 Arbitrary Local File Inclusion Vulnerabilities in phpBLASTER CMS 1.0 RC1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Yazd Forum Software 3.x Arbitrary PHP Code Execution Vulnerability in testMaker before 3.0p16 Arbitrary SQL Command Execution in Jokes Complete Website 2.1.3 via jokeid Parameter AceFTP Freeware and AceFTP Pro 3.80.3 - Directory Traversal Vulnerability Buffer Overflow Vulnerabilities in WinCom LPD Total 3.0.2.623 and Earlier Stack-based Buffer Overflow in Yosemite Backup 8.7 DtbClsLogin Function Heap-based Buffer Overflow in Opera 9.62 on Windows via long file:// URI Denial of Service Vulnerability in Microsoft Office Communications Server, Office Communicator, and Windows Live Messenger via Crafted RTCP Receiver Report Packet Denial of Service Vulnerability in Microsoft Communicator and Office 2010 Beta Denial of Service Vulnerability in Microsoft Communicator via Emoticon Overload Race Condition Vulnerability in Linux Kernel's inotify Functionality Denial of Service Vulnerability in CUPS 1.3.9 and Earlier CSRF Vulnerability in CUPS Web Interface Denial of Service Vulnerability in GeSHi's Highlighting Functionality Potential File Inclusion Vulnerability in GeSHi's set_language_path Function Heap-based Buffer Overflow in XPM Loader of imlib2 1.4.2 eCryptfs Cleartext Password Exposure Vulnerability CRLF Injection Vulnerability in Ruby on Rails Redirect_to Function SQL Injection Vulnerability in eSHOP100 index.php Allows Remote Code Execution via SUB Parameter SQL Injection Vulnerabilities in SePortal 2.4: Remote Code Execution SQL Injection Vulnerability in W1L3D4 Philboard 1.14 and 1.2 via forumid Parameter Cross-site scripting (XSS) vulnerability in search.asp in W1L3D4 Philboard 1.14 and 1.2 Arbitrary SQL Command Execution in SoftVisions Software Online Booking Manager (obm) 2.2 Multiple SQL Injection Vulnerabilities in SebracCMS (sbcms) 0.4 SQL Injection Vulnerability in Kroax.php in Kroax 4.42 and Earlier Module for PHP-Fusion Arbitrary SQL Command Execution in PHP-Fusion Classifieds SQL Injection Vulnerability in Acmlmboard 1.A2 memberlist.php PHP Remote File Inclusion Vulnerability in PHPOutsourcing IdeaBox 1.1 SQL Injection Vulnerability in Xe WebTV Component for Joomla! Directory Traversal Vulnerability in OTManager CMS 24a Allows Remote File Inclusion Arbitrary Web Script Injection Vulnerability in OTManager CMS 24a Arbitrary Web Script Injection Vulnerability in PowerAward 1.1.0 RC1 PowerAward 1.1.0 RC1 Multiple Directory Traversal Vulnerabilities Arbitrary Web Script Injection in wellyblog's edit.php via articleid Parameter Remote File Inclusion Vulnerability in MosXML 1 Alpha Directory Traversal Vulnerabilities in Jonascms 1.2 Arbitrary SQL Command Execution in Datsogallery Joomla Module 1.6 Admidio 1.4.8 Directory Traversal Vulnerability in get_file.php Multiple PHP Remote File Inclusion Vulnerabilities in PhpBlock A8.5 Cross-site scripting (XSS) vulnerability in Sphider 1.3.4 search.php with enabled search suggestion feature SQL Injection Vulnerability in AJ Auction 6.2.1 and Earlier: Remote Code Execution via classifide_ad.php SQL Injection Vulnerability in AJ Article 1.0's featured_article.php Allows Remote Code Execution ClanLite 2.2006.05.20 - Cross-Site Scripting (XSS) Vulnerability in service/calendrier.php SQL Injection Vulnerability in ClanLite 2.2006.05.20: Remote Code Execution via link Parameter SQL Injection Vulnerability in AJ Square ZeusCart 2.0 and Earlier: Remote Code Execution via cid Parameter Arbitrary File Inclusion Vulnerability in txtCMS 0.3 Insufficient Access Control in ScriptsEz FREEze Greetings 1.0 Allows Remote Password Disclosure Unauthenticated Remote Password Change Vulnerability in VideoScript 4.0.1.50 and Earlier Arbitrary Code Execution via Unrestricted File Upload in wPortfolio 0.3 and Earlier Unauthenticated Password Change Vulnerability in wPortfolio 0.3 and Earlier SQL Injection Vulnerability in Dvbbs 8.2.0 Login.asp SQL Injection Vulnerability in Airvae Commerce 3.0 index.php (pid parameter) Arbitrary Web Script Injection Vulnerability in Kent Web Mart 1.61 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xerox DocuShare 6 and Earlier SQL Injection Vulnerability in MambAds Component 1.0 RC1 Beta and 1.0 RC1 for Mambo PHPCow Remote Code Execution Vulnerability Unencoded Parameter Cross-Site Scripting (XSS) Vulnerability in IBM Workplace Content Management (WCM) Stack-based Buffer Overflow in Microsoft Device IO Control in iphlpapi.dll Insufficient Countermeasures in TKIP Implementation: Exploiting Wi-Fi Networks for Packet Decryption and Spoofing Remote Code Execution Vulnerability in Novell iPrint ActiveX Control Buffer Overflow in CallHTMLHelp Method in Microsoft Windows Media Services ActiveX Control Memory Allocation Vulnerabilities in xine-lib 1.1.12 and Earlier Versions Heap-based Buffer Overflow Vulnerabilities in xine-lib 1.1.12 and Earlier Versions Heap-based Buffer Overflow in demux_real_send_chunk Function in xine-lib Multiple Heap-Based Buffer Overflows in xine-lib 1.1.12 and Earlier Versions Multiple Integer Overflows in xine-lib: Denial of Service and Arbitrary Code Execution Vulnerabilities Integer Overflow in real_parse_mdpr function in xine-lib 1.1.12 and earlier versions Arbitrary Code Execution and Denial of Service Vulnerability in xine-lib 1.1.12 and Earlier Versions Memory Allocation Vulnerability in xine-lib 1.1.12 and Earlier Versions Integer Underflow Vulnerability in xine-lib 1.1.12 and Earlier Versions Memory Allocation Vulnerability in xine-lib 1.1.12 and Earlier Versions Buffer Overflow Vulnerability in xine-lib 1.1.12 and Earlier Versions Unspecified Vulnerability in xine-lib and libfaad with Unknown Impact and Attack Vectors Buffer Overflow Vulnerability in xine-lib's open_video_capture_device Function Heap-based Buffer Overflows in xine-lib: Remote Code Execution via ID3 Data Divide-by-Zero Denial of Service Vulnerability in xine-lib Denial of Service Vulnerability in xine-lib 1.1.15 and earlier Arbitrary Web Script Injection Vulnerability in MediaWiki 1.13.0 through 1.13.2 Arbitrary Web Script Injection in MediaWiki CSRF Vulnerability in MediaWiki Special:Import Feature Arbitrary File Overwrite Vulnerability in Sun Innotek VirtualBox Denial of Service Vulnerability in WebSEAL 6.0.0.17 DivX Web Player Heap-Based Buffer Overflow via Crafted STRF Chunk AxisCamControl.ocx Heap-based Buffer Overflow Vulnerability Stack-based buffer overflows in iGetHdrHeader function in DevIL 1.7.4 Stack-based Buffer Overflow in mt_codec::getHdrHead function in ksquirrel-libs 0.8.0 Arbitrary Web Script Injection in Tornado Knowledge Retrieval System 4.2 and Earlier Arbitrary File Inclusion Vulnerability in TNT Forum 0.9.4 Cross-Site Scripting (XSS) Vulnerability in GlassFish 2 UR2 b04 Webadmin Interface SQL Injection Vulnerability in Experts 1.0.0: Remote Code Execution via answer.php ASPPortal Content/Forums/Reply.asp SQL Injection Vulnerability Arbitrary SQL Command Execution in pSys 0.7.0 alpha via Shownews Parameter SQL Injection Vulnerability in Yuhhu Superstar 2008: Remote Code Execution via view.topics.php Arbitrary Web Script Injection in Fred Stuurman SyndeoCMS 2.6.0 via section Parameter Directory Traversal Vulnerabilities in Fred Stuurman SyndeoCMS 2.6.0 SQL Injection Vulnerability in Todd Woolums ASP News Management 2.2: Remote Code Execution via viewnews.asp Remote Information Disclosure in Todd Woolums ASP News Management 2.2 Directory Traversal Vulnerabilities in net2ftp 0.96 and 0.97: Arbitrary File Manipulation and Code Execution Heap-based buffer overflow in Real demuxer plugin in VideoLAN VLC media player 0.9.0 through 0.9.7 Denial of Service Vulnerability in PowerDNS 2.9.21.2 Arbitrary Web Script Injection via Host Header in WordPress RSS Feed Generator Multiple Buffer Overflow Vulnerabilities in Zilab Chat and Instant Messaging (ZIM) Server 2.1 and Earlier Denial of Service Vulnerability in Zilab Chat and Instant Messaging (ZIM) Server 2.0 and 2.1 Heap-based Buffer Overflow in Titan FTP Server 6.05 Build 550 via Long DELE Command Stack-based buffer overflow vulnerabilities in W3C Amaya Web Browser 10.0.1 Remote File Deletion Vulnerability in Google Hack Honeypot (GHH) File Upload Manager 1.3 Denial of Service Vulnerability in IEA Software RadiusNT, RadiusX, Emerald, Air Marshal, and Radlogin Denial of Service Vulnerability in Wireshark 1.0.4 and Earlier via Long SMTP Request Integer Overflow in _cupsImageReadPNG Function in CUPS Arbitrary SQL Command Execution in Werner Hilversum FAQ Manager 1.2 via catagorie.php Remote File Inclusion Vulnerability in Werner Hilversum FAQ Manager 1.2 Arbitrary SQL Command Execution in Werner Hilversum Clean CMS 1.5 via full_txt.php Arbitrary Web Script Injection in Werner Hilversum Clean CMS 1.5 Arbitrary File Inclusion Vulnerability in FuzzyLime 3.03 code/track.php SQL Injection Vulnerability in view_snaps.php in VideoGirls BiZ SQL Injection Vulnerability in WebStudio eHotel's index.php SQL Injection Vulnerability in WebStudio eCatalogue's index.php SQL Injection Vulnerability in Jamit Job Board 3.4.10: Remote Code Execution via show_emp Parameter Authentication Bypass Vulnerability in Gallery 1.5.x and 1.6 Buffer Overflow in No-IP DUC 2.1.7 and Earlier: Remote Code Execution via Crafted DNS Response Denial of Service Vulnerability in chm2pdf 0.9 Arbitrary File Deletion Vulnerability in chm2pdf 0.9 Denial of Service Vulnerability in Linux Kernel 2.6.28 Directory Traversal Vulnerability in Dovecot ManageSieve Implementation Arbitrary Setuid Binary Creation via Symlink Attack in Perl's File::Path Race condition vulnerability in rmtree function in Perl 5.8.8 allows local users to delete arbitrary files via symlink attack Arbitrary Script Injection in TWiki before 4.2.4 via %URLPARAM{}% Variable TWiki Eval Injection Vulnerability in %SEARCH{}% Variable SQL Injection Vulnerability in PG Real Estate Solution's admin/index.php SQL Injection Vulnerability in PG Roommate Finder Solution Unrestricted Access to Administrator Functions in Simple Forum 3.1d Module for LoveCMS 1.6.2 Final SQL Injection Vulnerability in NetArt Media Real Estate Portal 1.2 SQL Injection Vulnerability in NetArt Media Car Portal 2.0's image.php Allows Remote Code Execution SQL Injection Vulnerability in NetArt Media Blog System 1.5: Remote Code Execution via image.php Arbitrary File Overwrite Vulnerability in MailScanner Arbitrary File Overwrite Vulnerability in MailScanner Stack Consumption Vulnerability in ClamAV Allows Remote DoS via Crafted JPEG File Apple iPhone Configuration Web Utility 1.0 Directory Traversal Vulnerability Buffer Overflow in ReadEmbeddedTextTag Function in Little cms Color Engine (lcms) Integer Signedness Error in cmsAllocGamma Function in Little CMS Color Engine Unspecified User-Input Size Vulnerability in Tikiwiki before 2.2 Unspecified Vulnerability in Tikiwiki before 2.2 with Unknown Impact and Attack Vectors in tiki-error.php Arbitrary SQL Command Execution Vulnerability in e107 0.7.13 and Earlier SQL Injection Vulnerability in GesGaleri Module for XOOPS Remote Information Disclosure Vulnerability in Wysi Wiki Wyg 1.0 Arbitrary Script Injection Vulnerability in Wysi Wiki Wyg 1.0 Cross-Site Scripting (XSS) Vulnerabilities in IBM Rational ClearQuest 2007 and 2008 Cross-Site Scripting (XSS) Vulnerabilities in IBM Rational ClearQuest 7.0.0 and 7.0.1 ClearQuest Maintenance Tool Password Disclosure Vulnerability ClearQuest Maintenance Tool Password Disclosure Vulnerability ClearQuest Maintenance Tool Password Disclosure Vulnerability Arbitrary Database Redirection Vulnerability in ClearQuest Web Cross-Site Scripting (XSS) Vulnerabilities in IBM Rational ClearCase Web Interface Vulnerability in Adobe Acrobat 9 Allows Brute-Force Password Guessing Multiple PHP Remote File Inclusion Vulnerabilities in Pie 0.5.3 SQL Injection Vulnerability in NitroTech 0.0.3a: Remote Code Execution via members.php NitroTech 0.0.3a - Remote File Inclusion Vulnerability in includes/common.php SQL Injection Vulnerability in messages.php in PHP-Fusion 6.01.15 and 7.00.1 WebStudio CMS index.php SQL Injection Vulnerability Arbitrary SQL Command Execution Vulnerability in Bandwebsite 1.5 Arbitrary Web Script Injection Vulnerability in Bandwebsite 1.5 Unspecified Network Connection Vulnerability in Java Web Start (JWS) and Java Plug-in Unspecified Privilege Escalation Vulnerability in Java Web Start and Java Plug-in (CVE-2008-3112) Unspecified vulnerability in Java Web Start and Java Plug-in allows unauthorized access to JWS cache and application username Unspecified Local File Display Vulnerability in Java Web Start and Java Plug-in (CVE-6767668) GIFAR: Unauthorized Network Connections and Session Hijacking Vulnerability in Java Web Start and Java Plug-in Unspecified vulnerability in Java Web Start and Java Plug-in allows unauthorized file access and network connections (CVE-2008-5353) Arbitrary File Reading and Unauthorized Localhost Connections Vulnerability in Java Runtime Environment (JRE) Arbitrary Memory Read Vulnerability in Java Runtime Environment (JRE) Unspecified Privilege Escalation Vulnerabilities in Java Runtime Environment (JRE) Unspecified Denial of Service Vulnerability in Java Runtime Environment (JRE) Denial of Service Vulnerability in Java Runtime Environment (JRE) Unspecified Directory Listing Vulnerability in Java Runtime Environment (JRE) Vulnerability: Non-Shortest Form UTF-8 Encoding Bypass Heap-based Buffer Overflow in Java Runtime Environment's JAR Unpacking Utility Privilege Escalation through ZoneInfo Deserialization in Java Runtime Environment Stack-based buffer overflow in Java Runtime Environment (JRE) allows arbitrary code execution via long Main-Class manifest entry Unverified Signature Vulnerability in Java Update Feature Heap-based Buffer Overflow in Java Runtime Environment (JRE) Allows Remote Code Execution via Crafted TrueType Font File Heap-based buffer overflow in Java Runtime Environment (JRE) allows remote code execution via crafted TrueType font file Arbitrary Code Execution Vulnerability in Java Runtime Environment (JRE) Buffer Overflow Vulnerability in Java AWT Library Allows Remote Code Execution Predictable File Names in Java Runtime Environment (JRE) Vulnerability Memory Disclosure Vulnerability in Adobe Flash Player and Adobe AIR Untrusted Input in DefineConstantPool Action in Adobe Flash Player and Adobe AIR Allows Memory Reading ActionScript 2 Virtual Machine Denial of Service Vulnerability Stack-based Buffer Overflow in getPlus ActiveX Control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager SQL Injection Vulnerability in ActiveVotes 2.2: Remote Code Execution via VoteHistory.asp Local Privilege Escalation via Symlink Attack in ppp 2.4.4rel on Debian GNU/Linux Arbitrary File Overwrite Vulnerability in ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux Arbitrary File Overwrite Vulnerability in Muttprint 0.72d Local Privilege Escalation via Symlink Attack in noip2 2.1.7 Arbitrary File Overwrite Vulnerability in pvpgn-support-installer Arbitrary File Overwrite Vulnerability in Screenie 1.30.0 Arbitrary File Overwrite Vulnerability in sdm-login Local File Overwrite Vulnerability in bacula-common 2.4.2 via mtx-changer.Adic-Scalar-24 Local Privilege Escalation Vulnerability in bash-doc 3.2 via Symlink Attack on Temporary Files Arbitrary File Overwrite Vulnerability in cmus-status-display in cmus 2.2.0 Local Privilege Escalation Vulnerability in Editcomment 3.7 Arbitrary File Overwrite Vulnerability in pstopdf in CUPS 1.3.8 Arb 0.0.20071207.1 Local File Overwrite Vulnerability Arbitrary File Overwrite Vulnerability in netdisco-mibs-installer 1.0 Arbitrary File Overwrite Vulnerability in gpsdrive 2.09 Buffer Overflow Vulnerability in ffdshow-tryout Allows Remote Code Execution via Long URL CSRF Vulnerability in I-O DATA DEVICE HDL-F160, HDL-F250, HDL-F300, and HDL-F320 Firmware Stack-based Buffer Overflow in National Instruments Electronics Workbench Privilege Escalation via Crontab Editor in IBM AIX 6.1.0-6.1.2 Arbitrary File Deletion Vulnerability in IBM AIX 6.1.0 through 6.1.2 Local Privilege Escalation Vulnerability in IBM AIX 6.1.0 through 6.1.2 Privilege Escalation via Buffer Overflow in IBM AIX Autoconf6 Vulnerability: Kernel Support for Mounting RAID Arrays in UPR Symlink Attack Vulnerability in /bin/login in Debian GNU/Linux Denial of Service Vulnerability in parisc_show_stack Function Array Index Error in Zaptel (DAHDI) Drivers Allows Local Users to Overwrite Kernel Memory Privilege Escalation Vulnerability in Tor before 0.2.0.32 Remote Exit Relays Mapping Internal IP Addresses to Refused Streams in Tor Arbitrary Web Script Injection in mvnForum's Who's Online Component CSRF Vulnerabilities in mvnForum before 1.2.1 GA Allow Remote Attackers to Perform Unauthorized Actions Remote Code Execution via Stack-based Buffer Overflow in Trillian's Image Tooltip Implementation Double Free Vulnerability in Trillian XML Parser Allows Remote Code Execution Heap-based Buffer Overflow in Trillian AIM Plugin XML Parser Arbitrary File Creation and Overwrite Vulnerability in FlexCell.Grid ActiveX Control Remote Code Execution via Stack-based Buffer Overflow in Cain & Abel RDP Password Decoder Stack-based Buffer Overflow in Apple QuickTime Player and iTunes Unspecified Authentication Bypass Vulnerabilities in Symantec Backup Exec Remote-Agent Logon Process Buffer Overflow in Symantec Backup Exec for Windows Servers 11.0, 12.0, and 12.5 Unspecified vulnerability in pdf.xmd module allows remote code execution or denial of service Denial of Service Vulnerability in OpenSSL PKCS#11 Engine in Sun Solaris 10 Unsecured TCP Traffic Vulnerability in IBM WebSphere Application Server (WAS) 7 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows with unknown impact and attack vectors related to JSPs Information Disclosure in PerfServlet in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 in Web Services Security component related to userNameToken Remote Code Execution Vulnerability in CA ARCserve Backup Server SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability World-writable permissions for OSIT$NAMES logical name table in HP DECnet-Plus 8.3 before ECO03 for OpenVMS on Alpha platform Directory Traversal Vulnerability in PunPortal Module Allows Arbitrary File Inclusion Arbitrary Code Execution Vulnerability in EMC Control Center's SAN Manager Master Agent Service Arbitrary File Read Vulnerability in EMC Control Center Denial of Service Vulnerability in NetWin SmsGate 1.1n and Earlier Unrestricted Access Vulnerability in Sun Ray Server Software 3.1 through 4.0 Exposure of LDAP Password in Sun Ray Server Software and Windows Connector Configuration Denial of Service Vulnerability in Microsoft Outlook Express 6.00.2900.5512 Denial of Service Vulnerability in ESet NOD32 2.70.0039.0000 Denial of Service Vulnerability in Kaspersky Internet Security Suite 2009 Denial of Service Vulnerability in Norton Antivirus Denial of Service Vulnerability in Opera 9.51 on Windows XP Denial of Service Vulnerability in Incredimail Build 5853710 Denial of Service Vulnerability in Mozilla Thunderbird 2.0.14 Denial of Service Vulnerabilities in Teamtek Universal FTP Server 1.0.44 Arbitrary Web Script Injection via Moodle Wiki Page Title Arbitrary Web Script Injection Vulnerability in PunBB 1.3 and 1.3.1 SQL Injection Vulnerabilities in PunBB 1.3 and 1.3.1 Arbitrary Web Script Injection in PunBB moderate.php Unspecified Remote Vulnerability in Oracle OLAP Component Unspecified vulnerability in Oracle Database Job Queue component allows remote authenticated users to affect confidentiality and integrity Unspecified Remote Integrity Vulnerability in Oracle Portal Component Unspecified Confidentiality Vulnerability in Oracle Database 10.2.0.4 SQL*Plus Windows GUI Component Unspecified vulnerability in TimesTen Data Server component in Oracle Database 7.0.5.0.0 Unspecified Remote Code Execution Vulnerability in Oracle Secure Backup 10.2.0.2 Unspecified Remote Availability Vulnerability in Oracle Secure Backup 10.2.0.2 Unspecified Remote Code Execution Vulnerability in Oracle Secure Backup 10.2.0.2 Unspecified Remote Vulnerability in Oracle Secure Backup Component Unspecified Denial of Service Vulnerability in Oracle Secure Backup Component Unrestricted Guest Access Vulnerability in Oracle Applications Framework Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.4 Unspecified Remote Vulnerability in Oracle Secure Backup Component Unspecified Remote Vulnerability in Oracle Secure Backup Component Unspecified Local Confidentiality Vulnerability in Oracle E-Business Suite Unspecified Confidentiality Vulnerability in JD Edwards Tools Component Unspecified Remote Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified vulnerability in Oracle E-Business Suite iProcurement component Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise HRMS - ePerformance Component Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified Remote Code Execution Vulnerability in Oracle BEA WebLogic Server Plugins Unspecified Remote Vulnerability in Oracle E-Business Suite 11.5.10 and CU2 Unspecified Remote Confidentiality Vulnerability in WebLogic Server Component Unspecified Remote Confidentiality Vulnerability in WebLogic Server Component Unspecified vulnerability in WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 Unspecified vulnerability in WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 Unspecified vulnerability in PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 and 9.0.8 SQL Injection Vulnerability in admin.php of TurnkeyForms Text Link Sales Arbitrary Web Script Injection Vulnerability in TurnkeyForms Text Link Sales SQL Injection Vulnerability in E-topbiz Domain Shop 2: Remote Code Execution via passfromform Parameter in admin.php SQL Injection Vulnerability in ClipShare Pro 4 channel_detail.php (2006-2007) SQL Injection Vulnerability in PHPStore Yahoo Answers Arbitrary SQL Command Execution in SlimCMS 1.0.0 and Earlier via edit.php Heap-based Buffer Overflow in VeryDOC PDF Viewer OCX Control Arbitrary SQL Command Execution in PHPStore Wholesales (aka Wholesale) via track.php Arbitrary SQL Command Execution in Joomla! Contact Information Module (com_contactinfo) Component 1.0 Arbitrary Java Application Execution Vulnerability in GungHo LoadPrgAx ActiveX Control SQL Injection Vulnerability in PozScripts Business Directory Script Authentication Bypass Vulnerability in BandSite CMS 1.1.4 Arbitrary Memory Read Vulnerability in PHP's imageRotate Function Remote Code Execution Vulnerability in Adobe Flash Player for Linux Denial of Service and Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Engines Cross-Domain Data Access Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary JavaScript Execution with Chrome Privileges in Mozilla Firefox 2.x Bypassing Privacy Restrictions in Mozilla Firefox 3.x Same Origin Policy Bypass via XMLHttpRequest and 302 Redirect Same Origin Policy Bypass via JavaScript URL Redirection and window.onerror DOM API Access URL Parsing Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Null character bypass vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Vulnerabilities Allowing Arbitrary JavaScript Execution in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox Session-Restore Feature Buffer overflow vulnerability in rfc822_output_char function in UW c-client library Directory Traversal Vulnerability in Apache Tomcat Arbitrary Command Execution in Gitweb 1.5.x Arbitrary Command Execution in Gitweb 1.5.x Multiple Directory Traversal Vulnerabilities in Apache Geronimo Application Server Web Administration Console Apache Tomcat JK Connector Information Disclosure Vulnerability Vulnerability: Malware Detection Bypass in AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0 Vulnerability: Malware Detection Bypass in Avira AntiVir 7.9.0.36 and possibly 7.8.1.28 Vulnerability: AVG Anti-Virus 8.0.0.161 Bypasses Malware Detection in HTML Documents Vulnerability: Avast! Antivirus HTML Document Malware Detection Bypass Vulnerability: Remote Malware Detection Bypass in CAT-QuickHeal 10.00 and 9.50 Vulnerability: ClamAV Malware Detection Bypass via Modified HTML Document Vulnerability: DrWeb Anti-virus 4.44.0.09170 Bypasses Malware Detection in HTML Documents ESET Smart Security Vulnerability: Malware Detection Bypass in Internet Explorer 6 and 7 Aladdin eSafe 7.0.17.0 Vulnerability: Malware Detection Bypass via Modified File Extensions Bypassing Malware Detection in CA eTrust Antivirus 31.6.6086 with Internet Explorer 6 or 7 Vulnerability: Ewido Security Suite 4.0 Malware Detection Bypass via Modified HTML Filename Fortinet Antivirus 3.113.0.0 Bypass Vulnerability Ikarus Virus Utilities Remote Malware Detection Bypass Vulnerability Vulnerability: Malware Detection Bypass in K7AntiVirus 7.10.541 and possibly 7.10.454 ESET NOD32 Antivirus HTML Document Malware Detection Bypass Vulnerability Vulnerability: Norman Antivirus 5.80.02 Bypasses Malware Detection in HTML Documents Panda Antivirus 9.0.0.4 Vulnerability: Malware Detection Bypass via Modified HTML Document Vulnerability: Malware Detection Bypass in PC Tools AntiVirus 4.4.2.0 with Internet Explorer 6 or 7 Vulnerability: Prevx Prevx1 2 Malware Detection Bypass in Internet Explorer 6 and 7 Vulnerability: Remote Malware Detection Bypass in RISING Antivirus Bypassing Malware Detection in Secure Computing Secure Web Gateway Vulnerability: Sophos Anti-Virus 4.33.0 Bypasses Malware Detection in HTML Documents Vulnerability in Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1: Malware Detection Bypass via Modified HTML Filename Vulnerability: Remote Malware Detection Bypass in Symantec AntiVirus (SAV) 10 Remote Code Execution Vulnerability in Hacksoft The Hacker 6.3.1.2.174 and 6.3.0.9.081 with Internet Explorer 6 or 7 Vulnerability in Trend Micro AntiVirus Allows Malware Bypass via Modified HTML Document Vulnerability: Malware Detection Bypass in VirusBlokAda VBA32 3.12.8.5 with Internet Explorer 6 or 7 Vulnerability in HAURI ViRobot 2008.12.4.1499 and possibly 2008.9.12.1375: Malware Detection Bypass via Modified HTML Filename Vulnerability: Malware Detection Bypass in VirusBuster 4.5.11.0 with Internet Explorer 6 or 7 Unspecified Remote File Access Vulnerability in Sun Java Web Console Components Open Redirect Vulnerability in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 Double Injection XSS Vulnerability in Microsoft Internet Explorer 8.0 Beta 2 XSS Filter Bypass Vulnerability in Microsoft Internet Explorer 8.0 Beta 2 XSS Filter Bypass Vulnerability in Microsoft Internet Explorer 8.0 Beta 2 XSS Filter Bypass in Microsoft Internet Explorer 8.0 Beta 2 XDomainRequest Allowed Injection (XAI) Vulnerability in Microsoft Internet Explorer 8.0 Beta 2 XSS Bypass Vulnerability in Microsoft Internet Explorer 8.0 Beta 2 Heap-based buffer overflow in mbfilter_htmlent.c in PHP allows arbitrary code execution via a crafted string containing an HTML entity. Denial of Service Vulnerability in Asterisk Open Source and Business Edition SQL Injection Vulnerability in sendcard.cfm in PostEcards Insufficient Access Control in PostEcards Allows Remote Database Download SQL Injection Vulnerability in Netref 4.0: Remote Code Execution via id Parameter in fiche_product.php and presentation.php Insufficient Access Control in ASPPortal Allows Remote Database Download Aruba Mobility Controller EAP Frame Denial of Service Vulnerability Denial of Service Vulnerability in Orb Networks Orb Media Server CSRF Vulnerability in DL PayCart 1.34 and Earlier: Unauthorized Password Change Arbitrary Web Script Injection Vulnerability in Triangle Solutions PHP Multiple Newsletters 2.7 CSRF Vulnerability in Bonza Cart 1.10 and Earlier Allows Remote Password Change CSRF Vulnerability in IPN Pro 3 1.44 and Earlier Allows Remote Password Change Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPepperShop 1.4 Arbitrary File Inclusion Vulnerability in PHP Multiple Newsletters 2.7 SQL Injection Vulnerability in Professional Download Assistant 0.1 Insufficient Access Control in Professional Download Assistant 0.1 Allows Remote Database Download SQL Injection Vulnerability in Poll Pro 2.0 Login Feature SQL Injection Vulnerability in Webmaster Marketplace's member.php Session Fixation Vulnerability in Pro Clan Manager 0.4.2 and Earlier: Remote Session Hijacking Authentication Bypass Vulnerability in sCssBoard 1.0, 1.1, 1.11, and 1.12 Remote File Inclusion Vulnerability in sCssBoard 1.0-1.12 Allows Arbitrary Code Execution Multiple SQL Injection Vulnerabilities in sCssBoard 1.0-1.12 Absolute Path Traversal Vulnerability in mini-pub 0.3 Arbitrary Command Execution in mini-pub 0.3 via sFileName Argument Arbitrary PHP Code Execution via Remote File Inclusion in mini-pub 0.3 SQL Injection Vulnerability in Nukedit 4.9.x: Remote Code Execution via email Parameter CSRF Vulnerability in ProjectPier 0.8 and Earlier Allows Remote Administrator Actions Multiple Cross-Site Scripting (XSS) Vulnerabilities in ProjectPier 0.8 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in lcxBBportal 0.1 Alpha 2 Arbitrary SQL Command Execution in Check Up New Generation 4.52 Directory Traversal Vulnerability in phpPgAdmin 4.2.1 and Earlier SQL Injection Vulnerability in rankup.asp in Katy Whitton RankEm SQL Injection Vulnerability in Katy Whitton RankEm's processlogin.asp SQL Injection Vulnerability in Kalptaru Infotech Product Sale Framework 0.1 beta: Remote Code Execution via forum_topic_id Parameter Nightfall Personal Diary 1.0 Login Page Cross-Site Scripting (XSS) Vulnerability Insufficient Access Control in Nightfall Personal Diary 1.0 Allows Remote Database Download Arbitrary Local File Inclusion Vulnerabilities in Mini CMS 1.0.1 Arbitrary Local File Inclusion Vulnerabilities in Mini Blog 1.0.1 ASP AutoDealer Detail.asp SQL Injection Vulnerability Sensitive Information Disclosure in Ikon AdManager 2.1 and Earlier Insecure Storage of Sensitive Information in Cold BBS Arbitrary Directory Listing Vulnerability in PHPmyGallery 1.51 Gold SQL Injection Vulnerability in Merlix Teamworx Server Default.asp Insufficient Access Control in Merlix Teamworx Server Allows Remote Database Download Insufficient Access Control in User Engine Lite ASP Allows Remote Database Download Insecure Storage of Sensitive Information in Natterchat 1.12 Insufficient Access Control in ASPTicker 1.0 Allows Remote Database Download Arbitrary File Inclusion Vulnerability in My Simple Forum 3.0 and 4.1 Multiple SQL Injection Vulnerabilities in ASP Portal Insufficient Access Control in Gazatem QMail Mailing List Manager 1.2 Allows Remote Database Download SQL Injection Vulnerability in JMovies Component 1.1 for Joomla! Insufficient Access Control in ASP AutoDealer Allows Remote Database Download Arbitrary SQL Command Execution Vulnerability in TYPO3 Commerce Extension 0.9.6 and Earlier Stack-based Buffer Overflow in MPlayer 1.0 rc2 before r28150 ACL Bypass Vulnerability in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 Denial of Service Vulnerability in imudp of rsyslog Arbitrary Code Execution via preg_replace in html2text.php Denial of Service Vulnerability in RoundCube Webmail (roundcubemail) before 0.2-beta CSRF Vulnerability in phpMyAdmin Allows Unauthorized Actions and Code Execution Improper Initialization of page_uid and page_gid Variables in PHP 5 before 5.2.7 Arbitrary File Write Vulnerability in PHP 5 before 5.2.7 Denial of Service Vulnerability in XM Easy Personal FTP Server 5.6.0 SQL Injection Vulnerability in Active Trade 2's account.asp Allows Remote Code Execution Arbitrary SQL Command Execution in CMS little 0.0.1 via index.php Turnkey Arcade Script index.php SQL Injection Vulnerability SQL Injection Vulnerability in Post Affiliate Pro 3 and 3.1.4: Remote Code Execution via umprof_status Parameter SQL Injection Vulnerability in Active eWebquiz 8.0 start.asp SQL Injection Vulnerability in Active Time Billing 3.2 Account.asp SQL Injection Vulnerability in ActiveVotes 2.2 register.asp Allows Remote Code Execution SQL Injection Vulnerability in Active Force Matrix 2.0 Account.asp SQL Injection Vulnerability in Active Membership 2.0's account.asp Allows Remote Code Execution Arbitrary SQL Command Execution in Lito Lite CMS via cate.php SQL Injection Vulnerability in ParsBlogger (Pb) Blog.asp Allows Remote Code Execution Multiple SQL Injection Vulnerabilities in Active Price Comparison 4 Directory Traversal Vulnerability in TxtBlog 1.0 Alpha Allows Arbitrary File Reading SQL Injection Vulnerability in Active Bids 3.5: Remote Code Execution via bidhistory.asp SQL Injection Vulnerability in Active Photo Gallery 6.2: Remote Code Execution via account.asp Directory Traversal Vulnerability in CMS Made Simple 1.4.1 - Arbitrary File Read SQL Injection Vulnerability in Joomla! Books Component (com_books) Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in TYPO3 4.2.2 File Backend Module Orb Networks Orb Media Server Directory Traversal Vulnerability Denial of Service Vulnerability in Trac 0.11.2 and earlier Unspecified HTML Sanitizer Vulnerability in Trac 0.11.2 and earlier SQL Injection Vulnerability in DeltaScripts PHP Shop 1.0 - admin/login.php SQL Injection Vulnerability in AlstraSoft Article Manager Pro 1.6: Remote Code Execution via username parameter in admin/admin.php SQL Injection Vulnerability in AlstraSoft Web Host Directory Login Directory SQL Injection Vulnerability in EasyBookMarker 4.0 Plugin SQL Injection Vulnerability in EasyBookMarker 4.0's loginADP Function SQL Injection Vulnerability in MyioSoft AjaxPortal 3.0's loginADP Function SQL Injection Vulnerability in MyioSoft EasyCalendar 4.0 LoginADP Function Multiple SQL Injection Vulnerabilities in MyioSoft EasyBookMarker 4.0 Arbitrary web script injection vulnerability in TYPO3 frontend plugin for felogin system extension CRLF Injection Vulnerability in Quassel Core Allows IRC Message Spoofing ZipArchive::extractTo Directory Traversal Vulnerability Predictable Seed Vulnerability in GNU Classpath's PRNG Class Format string vulnerability in vinagre_utils_show_error function in Vinagre Denial of Service Vulnerability in Sun Solaris 10 and OpenSolaris Buffer Overflow Vulnerabilities in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and Earlier Arbitrary Code Execution via Unrestricted File Upload in Kusaba 1.0.4 and Earlier Remote Code Execution Vulnerability in Realtek Media Player XOOPS xhresim Module SQL Injection Vulnerability Denial of Service Vulnerability in WinFTP FTP Server 2.3.0 Denial of Service Vulnerability in VirusBlokAda VBA32 Personal Antivirus 3.12.8.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in Textpattern (aka Txp CMS) 4.0.5 Denial of Service Vulnerability in Textpattern 4.0.5 Comments Preview Section Password Reset Vulnerability in Textpattern (aka Txp CMS) 4.0.5 Joomla! 1.0.11-1.0.14 Remote File Inclusion Vulnerability CSRF Vulnerabilities in PHParanoid 0.4: Remote User Authentication Hijacking Unrestricted Access to Members Area in PHParanoid before 0.4 Multiple Array Index Errors in Darkwet Network webcamXP: Remote DoS and Memory Disclosure Vulnerabilities Access problems with BasicAuthTAI in IBM WebSphere Portal 6.0 before 6.0.1.5: Unspecified Vulnerability Unspecified vulnerabilities in ModSecurity module 2.5.0-2.5.5 allow remote attackers to cause denial of service or bypass functionality via transformation caching. Arbitrary Code Execution via Unrestricted File Upload in Kwalbum 2.0.4 and Earlier Sensitive Information Disclosure in FDI OLIB7 WebView 2.5.1.1 Arbitrary Code Execution via Invalid Pointer Calculation and Heap Corruption in Opera HTML Parsing Engine Multiple Buffer Overflows in Opera Browser (Versions Prior to 9.63) Allow Remote Code Execution Unspecified scripted URLs Vulnerability in Opera before 9.63 Opera XSS Vulnerability in Built-in XSLT Templates Unspecified Remote Data Disclosure Vulnerability in Opera Denial of Service Vulnerability in libICE Library on Solaris and OpenSolaris Remote Access and Denial of Service Vulnerability in Sun ScApp Firmware Arbitrary Functionality Access Vulnerability in IBM Tivoli Provisioning Manager Insecure Backup Protection in MediaWiki Allows Unauthorized Access to Deleted Images Information Disclosure Vulnerability in MediaWiki 1.8.1 and Earlier Versions Vulnerability: Denial of Service and Arbitrary Code Execution in Solaris 10 and OpenSolaris Kerberos Credential Renewal Denial of Service Vulnerability Phoenician Casino FlashAX ActiveX Control Heap-Based Buffer Overflow Vulnerability Authentication Bypass and Log Disclosure in Ipswitch WS_FTP Server Manager Remote File Disclosure Vulnerability in Ipswitch WS_FTP Server Manager Remote File Inclusion Vulnerability in Sandbox 1.4.1 Arbitrary Code Execution via Unvalidated Option Update in WordPress MU and WordPress Unauthenticated Remote Configuration Access in Novell NetWare 6.5 Arbitrary Data Write Vulnerability in Skype Extension BETA 2.2.0.95 for Firefox Denial of Service Vulnerability in HTMLTokenizer::scriptHandler in Konqueror Privilege Escalation and Information Disclosure Vulnerability in Sun Solaris 10 and OpenSolaris Denial of Service Vulnerability in libata SG_IO Requests Array Index Error in Linux Kernel on 64-bit MIPS Platforms Buffer underflow vulnerability in ibwdt_ioctl function in Linux kernel before 2.6.28-rc1 Arbitrary File Overwrite Vulnerability in gpsdrive 2.10~pre4 Arbitrary File Overwrite Vulnerability in gpsdrive-scripts 2.10~pre4 Arbitrary Command Execution Vulnerability in Verlihub 0.9.8d-RC2 and Earlier Arbitrary File Overwrite Vulnerability in Verlihub 0.9.8d-RC2 and Earlier SQL Injection Vulnerability in urunler.asp in Iltaweb Alisveris Sistemi Unauthenticated Remote Creation of Administrative Users in SlimCMS 1.0.0 Unspecified Remote Code Execution Vulnerabilities in Avaya Communication Manager Web Management Interface Unspecified Remote File Disclosure Vulnerabilities in Avaya Communication Manager (CM) Facebook PhotoUploader ActiveX Control Heap-Based Buffer Overflow Vulnerability Denial of Service Vulnerability in KDE Konqueror 3.5.9 HTML Parser Denial of Service Vulnerability in Linux Kernel's __qdisc_run Function Vulnerability: Off-by-one error in Qemu 0.9.1 allows easier guessing of VNC password Denial of Service Vulnerability in Mozilla Firefox 3.0.5 Improper Write Access Vulnerability in Xen 3.3.0 Hitachi JP1/Integrated Management - Service Support Cross-Site Scripting (XSS) Vulnerability Arbitrary Command Execution via Shell Metacharacters in Netatalk Print Request Title Cross-Site Scripting (XSS) Vulnerability in Hitachi Groupmax Web Workflow SDK and Development Kit Mayaa 1.1.23 XSS Vulnerability in Default Error Page Authentication Bypass Vulnerability in SapporoWorks BlackJumboDog (BJD) before 4.2.3 Buffer Overflow Vulnerability in SAWStudio 3.9i Arbitrary File Read Vulnerability in CGI RESCUE KanniBBS2000 Privilege Escalation via Crafted IOCTL Request in ESET Smart Security Privilege Escalation Vulnerability in EnTech Taiwan PowerStrip 3.84 and Earlier SQL Injection Vulnerability in stormBoards 1.0.1: Remote Code Execution via thread.php SQL Injection Vulnerability in AIST NetCat 3.12 and Earlier: modules/auth/password_recovery.php Multiple Directory Traversal Vulnerabilities in AIST NetCat 3.12 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in AIST NetCat 3.12 and Earlier CRLF Injection Vulnerabilities in AIST NetCat 3.12 and Earlier PGP Desktop Driver Collapse Vulnerability Arbitrary Code Execution via Unrestricted File Upload in KafooeyBlog 1.55b SQL Injection Vulnerability in Team Impact TI Blog System mod for PHP-Fusion Arbitrary Script Injection via IMG Element in WebMail Pro in IceWarp Software Merak Mail Server 9.3.2 Arbitrary Code Execution via PlaylistSkin Value in CoolPlayer Unspecified Privilege Escalation Vulnerabilities in FreeBSD SQL Injection Vulnerability in Nodstrum MySQL Calendar 1.1 and 1.2 via username parameter in index.php Authentication Bypass Vulnerability in Nodstrum MySQL Calendar 1.1 and 1.2 Pligg CMS 9.9.5 Beta SQL Injection Vulnerability in evb/check_url.php Open Redirect Vulnerabilities in AIST NetCat 3.12 and Earlier Vulnerability: Symlink Attack in pdfjam Array Index Error in Zaptel (DAHDI) Driver Allows Local Users to Overwrite Kernel Memory Integer Overflow Denial of Service Vulnerability in Microsoft Windows Media Player Local Privilege Escalation via Symlink Attack in Sun SNMP Management Agent (SUNWmasf) Remote Code Execution Vulnerability in F-Prot 4.6.8 for GNU/Linux Directory Traversal Vulnerability in BloofoxCMS 0.3.4 Allows Remote File Read Argument Injection Vulnerability in Google Chrome 1.0.154.36 on Windows XP SP3 Argument Injection Vulnerability in Microsoft Internet Explorer 8 Beta 2 on Windows XP SP3 SQL Injection Vulnerability in AlstraSoft Web Email Script Enterprise (ESE) Arbitrary File Read Vulnerability in Page Flip Image Gallery Plugin for WordPress Arbitrary Code Execution via Long Host Name in BulletProof FTP Client Arbitrary Code Execution Vulnerability in BulletProof FTP Client via Long Second Line in .bps File Stack-based Buffer Overflow in IntelliTamper 2.07 and 2.08: Remote Code Execution Vulnerability Buffer Overflow in Hex Workshop 5.1.4: Denial of Service and Arbitrary Code Execution via Long Mapping Reference in Color Mapping (.cmap) File Cross-site scripting (XSS) vulnerability in Textpattern CMS 4.0.6 and earlier CSRF Vulnerability in PHParanoid Allows Unauthorized Actions via Private Messages Arbitrary Script Injection in FlatnuX CMS (aka Flatnuke3) 2008-12-11 Arbitrary Script Injection in Kerio MailServer 6.6.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in FlatnuX CMS (aka Flatnuke3) 2008-12-11 Insufficient Access Control in SiTeFiLo 1.0.6 Allows Password Database Download Remote File Inclusion Vulnerability in Simple Text-File Login Script (SiTeFiLo) 1.0.6 Remote File Inclusion Vulnerability in WorkSimple 1.2.1 calendar.php Insufficient Access Control in WorkSimple 1.2.1 Allows Unauthorized Access to Sensitive Data SQL Injection Vulnerability in Faupload's download.php Allows Remote Code Execution via id Parameter SQL Injection Vulnerability in authors.asp in gNews Publisher SQL Injection Vulnerability in AM Events Module 0.22 for XOOPS Cross-Site Scripting (XSS) Vulnerabilities in Kerio MailServer before 6.6.2 Arbitrary Web Script Injection in PHP Weather 2.2.2 via PATH_INFO Arbitrary File Inclusion Vulnerability in PHP Weather 2.2.2 SQL Injection Vulnerabilities in ASPSiteWare RealtyListings 1.0 and 2.0 Insufficient Access Control in Nukedit 4.9.8 Allows Unauthorized Access to Sensitive Information Multiple SQL Injection Vulnerabilities in ASPSiteWare HomeBuilder 1.0 and 2.0 SQL Injection Vulnerability in Aperto Blog 0.1.1: Remote Code Execution via id Parameter in categories.php Multiple Directory Traversal Vulnerabilities in Aperto Blog 0.1.1 SQL Injection Vulnerability in CadeNix index.php Allows Remote Code Execution SQL Injection Vulnerability in Free Links Directory Script (FLDS) 1.2a: Remote Code Execution via linkid Parameter in report.php Arbitrary SQL Command Execution in Free Links Directory Script (FLDS) 1.2a Insecure Storage of Sensitive Information in Forest Blog 1.3.2 Arbitrary SQL Command Execution in CFAGCMS 1.0 Beta 1 via right.php's title Parameter Arbitrary SQL Command Execution in ZeeMatri 3.0 via bannerclick.php Authentication Bypass Vulnerability in V3 Chat Live Support 3.0.4 V3 Chat - Profiles/Dating Script 3.0.2 Remote Authentication Bypass Vulnerability SQL Injection Vulnerability in V3 Chat - Profiles/Dating Script 3.0.2 Silva Find Extension XSS Vulnerability Arab Portal 2.1 mod.php Directory Traversal Vulnerability Arbitrary SQL Command Execution in Domain Seller Pro 1.5 via id Parameter Multiple PHP Remote File Inclusion Vulnerabilities in Recly Interactive Feederator Component 1.0.5 for Joomla! Multiple PHP Remote File Inclusion Vulnerabilities in Recly!Competitions Component 1.0 for Joomla! Unspecified Vulnerabilities in PrestaShop e-Commerce Solution with Unknown Impact and Attack Vectors PHP Remote File Inclusion Vulnerability in Indiscripts Enthusiast 3.1.4 Multiple PHP Remote File Inclusion Vulnerabilities in Clickheat - Heatmap Stats Component 1.0.1 for Joomla! Arbitrary File Deletion Vulnerability in LoveCMS 1.6.2 Final Arbitrary Script Injection in eluna Page Comments Extension for TYPO3 SQL Injection Vulnerability in eluna Page Comments Extension for TYPO3 Remote Code Execution via SQL Injection in advCalendar Extension for TYPO3 Arbitrary SQL Command Execution in CMS Poll System Extension Arbitrary Web Script Injection in TYPO3 Wir ber uns (fsmi_people) Extension Remote Code Execution via SQL Injection in TYPO3 Wir ber uns (fsmi_people) Extension Arbitrary Code Execution Vulnerability in Dictionary Extension for TYPO3 SQL Injection Vulnerability in E-topbiz Online Store 1.0: Remote Code Execution via cat_id Parameter SQL Injection Vulnerability in E-topbiz Online Store 1.0 - Remote Code Execution via User Parameter SQL Injection Vulnerability in e-topbiz Number Links 1 Php Script SQL Injection Vulnerability in DeltaScripts PHP Classifieds 7.5 and Earlier (CVE-2006-5828) SQL Injection Vulnerability in DeltaScripts PHP Classifieds 7.5 and Earlier: Remote Code Execution via admin_username Parameter Cross-Site Scripting (XSS) Vulnerabilities in TestLink before 1.8 RC1 Unspecified Cross-Site Scripting (XSS) Vulnerability in Six Apart Movable Type Predictable Session ID Vulnerability in Futomi CGI Cafe Access Analyzer Arbitrary Command Execution in WBPublish.exe of Fujitsu-Siemens WebTransactions 7.0 and 7.1 SQL Injection Vulnerability in PaxGallery Component 0.1 for Joomla! Unspecified Vulnerabilities in SPIP 1.8, 1.9, and 2.0 SQL Injection Vulnerability in SPIP 1.8, 1.9, and 2.0 Unspecified Cross-Site Scripting (XSS) Vulnerability in PHP SQL Injection Vulnerability in Acomment.php in phpAlumni SQL Injection Vulnerability in ILIAS 3.7.4 and Earlier: Arbitrary SQL Command Execution via ref_id Parameter in repository.php SQL Injection Vulnerabilities in Web Scribble Solutions webClassifieds 2005: Remote Code Execution via User and Password Fields Directory Traversal Vulnerability in eDreamers eDContainer 2.22 Arbitrary File Inclusion Vulnerability in eDNews_archive.php in eDreamers eDNews 2 Arbitrary SQL Command Execution in eDNews_view.php in eDreamers eDNews 2 Memory Leak Vulnerability in WebKit.dll in Apple Safari 3.2 on Windows Vista SP1 Memory Leak in Libxul Allows Remote DoS via Long CLASS Attribute in HR Element Denial of Service Vulnerability in Microsoft Money 2006 Heap-based Buffer Overflow in libaudiofile Allows Arbitrary Code Execution via Crafted WAV File Nokia 6131 NFC Phone SmartPoster URI Display Vulnerability Denial of Service Vulnerability in Nokia 6131 NFC Phone with 05.12 Firmware Nokia 6131 NFC Phone Firmware 05.12 Arbitrary Code Execution Vulnerability Intranet IP Address and Port Discovery Vulnerability in Microsoft Windows Live Messenger Client 8.5.1 and earlier Arbitrary SQL Command Execution in E-Php Shopping Cart Script via cid Parameter Remote Code Execution Vulnerability in Foxmail 6.5 via Long Mailto URI Authentication Bypass in PHP iCalendar 2.24 and Earlier Multiple SQL Injection Vulnerabilities in iGaming 1.5 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Fujitsu-Siemens WebTransactions 7.0 and 7.1 Untrusted Search Path Vulnerabilities in pdfjam Allow Privilege Escalation Vulnerability: PHP 5.2.7 Incorrectly Disables magic_quotes_gpc, Allowing SQL Injection Attacks Multiple Cross-Site Scripting (XSS) Vulnerabilities in Six Apart Movable Type (MT) before 4.23 Bypassing Access Restrictions and Publishing Posts in Six Apart Movable Type (MT) before 4.23 Clear-text Password Storage in Constructr CMS 3.02.5 and Earlier Default Password Vulnerability in Advantech ADAM-6000 Module Allows Unauthorized Access and Control Intranet IP Address Discovery via Check Point VPN-1 PAT Vulnerability SQL Injection Vulnerability in My PHP Baseball Stats (MyPBS) Allows Remote Code Execution via seasonID Parameter Insufficient Access Control in Emefa Guestbook 3.0 Allows Remote Database Download Insufficient Access Control in Chilek Content Management System (ChiCoMaS) 2.0.4 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in myPHPscripts Login Session 2.0 Insufficient Access Control in myPHPscripts Login Session 2.0 Allows Unauthorized Access to Sensitive Information Arbitrary File Read Vulnerability in ClaSS before 0.8.61 Privilege Escalation in KnowledgeTree DropDocuments Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in KnowledgeTree before 3.5.4a SQL Injection Vulnerability in Constructr CMS 3.02.5 and Earlier: Remote Code Execution via index.php Arbitrary File Creation and Read Vulnerability in Constructr CMS 3.02.5 FreeLyrics 1.0 Source.php Directory Traversal Vulnerability WebcamXP 5.3.2.375 and 5.3.2.410 build 2132 Directory Traversal Vulnerability SQL Injection Vulnerability in Userlocator Module 3.0 for Woltlab Burning Board (wBB) Arbitrary SQL Command Execution Vulnerability in Top Hotel Component 1.0 Arbitrary SQL Command Execution Vulnerability in Hotel Booking Reservation System (HBS) 1.0.0 for Joomla! Default SNMP Community String Vulnerability in Proxim Wireless Tsunami MP.11 2411 Firmware 3.0.3 Directory Traversal Vulnerability in Yerba SACphp 6.3 Stack-based Buffer Overflow in IntelliTamper 2.07 and 2.08 via Long ProxyLogin Value in Configuration File Cross-Site Scripting (XSS) Vulnerability in Proxim Wireless Tsunami MP.11 2411 Firmware 3.0.3 Denial of Service Vulnerability in FastStone Image Viewer 3.6 Unauthenticated Call Spoofing and Redirection in Nortel MSC 5100 3.0.13 Denial of Service Vulnerabilities in Nortel MSC 5100 3.0.13 Authentication Bypass Vulnerability in Yerba SACphp 6.3 and Earlier SQL Injection Vulnerabilities in Hotel Booking Reservation System for Joomla! Arbitrary SQL Command Execution in Hotel Booking Reservation System (HBS) for Joomla! Buffer Overflow Vulnerability in Irrlicht B3D Loader Multiple SQL Injection Vulnerabilities in Phpclanwebsite 1.23.3 Fix Pack 5 and Earlier Arbitrary File Inclusion Vulnerabilities in Phpclanwebsite (aka PCW) 1.23.3 Fix Pack 5 and Earlier Arbitrary Web Script Injection in Phpclanwebsite (PCW) 1.23.3 Fix Pack 5 and Earlier Authentication Bypass Vulnerability in Gobbl CMS 1.0 Directory Traversal Vulnerabilities in playSMS 0.9.3 SQL Injection Vulnerability in Citrix Application Gateway - Broadcast Server (BCS) Absolute Path Traversal Vulnerability in mini-pub 0.3 and Earlier Denial of Service Vulnerability in AyeView 2.20 Insufficient Access Control Vulnerability in Net Guys ASPired2Quote Allows Unauthorized Database Access Insufficient Access Control in TAKempis Discussion Web 4.0 Allows Remote Password Disclosure Local File Inclusion Vulnerability in phplist before 2.10.8 Multiple SQL Injection Vulnerabilities in Click&Rank Click&Rank User.asp Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in feeds.php in Injader 2.1.2 and earlier versions Unspecified Cross-Site Scripting (XSS) Vulnerability in Injader before 2.1.2 Multiple SQL Injection Vulnerabilities in ClickAndEmail Arbitrary Web Script Injection Vulnerability in ClickAndEmail's admin_dblayers.asp Directory Traversal Vulnerability in Mediatheka 4.2 Allows Remote File Inclusion SQL Injection Vulnerability in Mediatheka 4.2 and Earlier: Remote Code Execution via user Parameter Insufficient Access Control Allows Remote Download of Administrator Password Insufficient Access Control in CodeAvalanche FreeWallpaper Allows Remote Download of Administrator Password Insufficient Access Control in CodeAvalanche Directory Allows Remote Download of Administrator Password Insufficient Access Control Allows Remote Download of Sensitive Database File Insufficient Access Control Allows Remote Download of Sensitive Database File Sensitive Information Disclosure in iyzi Forum 1.0 beta 3 Remote Code Execution Vulnerability in xrdp Bitmap Invalidation Function Arbitrary Code Execution Vulnerability in xrdp 0.4.1 and Earlier Buffer Overflow Vulnerability in xrdp 0.4.1 and Earlier Arbitrary Torrent File Upload and Download Triggering Vulnerability in KTorrent Web Interface Plugin Remote Code Execution via Eval Injection in KTorrent Web Interface Plugin Arbitrary Memory Write Vulnerability in png_check_keyword Function Unspecified Temporary File Vulnerability in Sun OpenSolaris Root/Boot Archive Tool Unspecified Local File Handling Vulnerability in conv_lpd in Sun OpenSolaris Unspecified vulnerability in txzonemgr in Sun OpenSolaris allows for local attacks and has unknown impact Multiple Buffer Overflows in RealNetworks Helix Server and Helix Mobile Server 11.x and 12.x In-Session Phishing Attack Vulnerability in Microsoft Internet Explorer Insecure Random Number Generation in JavaScript Implementation in Mozilla Firefox and SeaMonkey In-Session Phishing Attack Vulnerability in Apple Safari In-Session Phishing Attack Vulnerability in Google Chrome Arbitrary Command Execution in Gitweb Arbitrary Web Script Injection via Style Attributes in Horde Application Framework 3.2.2 and 3.3 Arbitrary Script Injection in WebSVN 2.0 and Earlier WebSVN 2.0 Directory Traversal Vulnerability Arbitrary PHP Code Execution Vulnerability in WebSVN 1.x SQL Injection Vulnerability in albums.php in Umer Inc Songs Portal Remote File Inclusion Vulnerabilities in CFAGCMS 1: Arbitrary PHP Code Execution SQL Injection Vulnerability in ASP-Dev XM Events Diary Default.asp SQL Injection Vulnerability in diary_viewC.asp in ASP-Dev XM Events Diary Insufficient Access Control in ASP-Dev XM Events Diary Allows Unauthorized Database Download SQL Injection Vulnerabilities in ASP-Dev Internal E-Mail System Login SQL Injection Vulnerabilities in FlexPHPNews 0.0.6: Remote Code Execution SQL Injection Vulnerability in Free Links Directory Script (FLDS) 1.2a: Remote Code Execution via redir.php Insufficient Access Control in VP-ASP Shopping Cart 6.50 Allows Password Database Download SQL Injection Vulnerability in ASPired2Blog Allows Remote Code Execution Insufficient Access Control in ASPired2Blog Allows Unauthorized Access to Sensitive Data Insufficient Access Control in CodeAvalanche FreeForum Allows Remote Password Theft Multiple Cross-Site Scripting (XSS) Vulnerabilities in CMS ISWEB 3.0 SQL Injection Vulnerability in CMS ISWEB 3.0 index.php Allows Remote Code Execution Insecure Storage of Sensitive Information in Facto Web Application Arbitrary File Read Vulnerability in mini-pub 0.3 and Earlier Denial of Service Vulnerability in AyeView 2.20 Arbitrary PHP Code Execution via Remote File Inclusion in MODx CMS 0.9.6.2 and Earlier Arbitrary Script Injection via Username Field in MODx CMS 0.9.6.2 and Earlier SQL Injection Vulnerability in MODx 0.9.6.2 and Earlier: Remote Code Execution via searchid Parameter CSRF Vulnerability in MODx 0.9.6.1p2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in MODx before 0.9.6.3 Arbitrary File Inclusion Vulnerabilities in NavBoard 16 (2.6.0) NavBoard 16 (2.6.0) modules.php Cross-Site Scripting (XSS) Vulnerability Nukeviet 2.0 Beta Authentication Bypass Vulnerability Arbitrary SQL Command Execution in readmore.php in PHP-Fusion 4.01 YapBB 1.2.Beta 2 - PHP Remote File Inclusion Vulnerability in class_yapbbcooker.php Arbitrary File Inclusion Vulnerability in BNCwi 1.04 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in ccTiddly 1.7.4 and 1.7.6 SQL Injection Vulnerability in ASP Template Creature Insufficient Access Control in ASP Template Creature Allows Remote Database Download SQL Injection Vulnerability in KTPCCD CMS Allows Remote Authenticated Users to Execute Arbitrary SQL Commands Arbitrary File Inclusion Vulnerability in KTPCCD CMS SQL Injection Vulnerability in KTPCCD CMS Allows Remote Code Execution Arbitrary SQL Command Execution in Wbstreet (PHPSTREET Webboard) 1.0 via show.php SQL Injection Vulnerability Insufficient Access Control in Wbstreet (aka PHPSTREET Webboard) 1.0 Allows Remote Database Credential Retrieval Arbitrary SQL Command Execution Vulnerability in Mydyngallery Component 1.4.2 for Joomla! SQL Injection Vulnerabilities in Active Test 2.1 SQL Injection Vulnerabilities in Active Test 2.1's start.asp SQL Injection Vulnerability in Tribiq CMS Community 5.0.10B and 5.0.11E Arbitrary Script Injection in Tribiq CMS Community 5.0.10B and 5.0.11E Arbitrary File Inclusion Vulnerability in Gravity Getting Things Done (GTD) 0.4.5 and Earlier Remote Code Execution via Eval Injection in Gravity Getting Things Done (GTD) 0.4.5 and earlier Session Fixation Vulnerability in Social ImpressCMS before 1.1.1 RC1 Allows Remote Session Hijacking LokiCMS 0.3.4 Directory Traversal Vulnerability Arbitrary File Creation and Overwrite Vulnerability in Globsy 1.0 and Earlier Arbitrary File Upload Vulnerability in PHP iCalendar 2.3.4 and Earlier PHP iCalendar 2.24 Directory Traversal Vulnerability in print.php SQL Injection Vulnerability in Sunbyte e-Flower's popupproduct.php Allows Remote Code Execution SQL Injection Vulnerability in i-Net Solution Orkut Clone: Remote Code Execution via profile_social.php Arbitrary Code Injection via id Parameter in i-Net Solution Orkut Clone Active Business Directory 2 Default.asp SQL Injection Vulnerability SQL Injection Vulnerability in Active Web Mail 4.0 Login Page SQL Injection Vulnerabilities in Active Price Comparison 4.0 Login Page SQL Injection Vulnerability in Active Price Comparison 4.0 (links.asp) Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in PHP JOBWEBSITE PRO's siteadmin/forgot.php SQL Injection Vulnerability in PHP JOBWEBSITE PRO's forgot.php Allows Remote Code Execution SQL Injection Vulnerabilities in Ocean12 Mailing List Manager Gold Ocean12 Mailing List Manager Gold Default.asp XSS Vulnerability Insufficient Access Control in Ocean12 Mailing List Manager Gold Allows Remote Database Download Insecure Storage of Sensitive Information in PacPoll 4.0 BMC PATROL Agent Format String Vulnerability Untrusted Search Path Vulnerability in PySys_SetArgv API Function in Python Untrusted Search Path Vulnerability in Dia Python Plugin (CVE-2008-5983) Untrusted Search Path Vulnerability in Epiphany Python Interface (CVE-2008-5983) Untrusted Search Path Vulnerability in Csound 5.08.2 VST Plugins with Python Scripting (CVE-2008-5983) Untrusted Search Path Vulnerability in Eye of GNOME (eog) 2.22.3 Arbitrary SQL Command Execution in Jadu CMS for Government's recruit_details.php Arbitrary File Inclusion Vulnerability in PHPcounter 1.3.2 and Earlier Arbitrary File Inclusion Vulnerability in emergecolab 1.0 Arbitrary File Inclusion Vulnerability in MailWatch for MailScanner SQL Injection Vulnerabilities in Jetik Emlak Sistem A (ESA) 2.0 Arbitrary File Inclusion Vulnerability in Barcode Generator 1D (barcodegen) 2.0.0 and Earlier Cross-Site Scripting (XSS) Vulnerability in Check Point Connectra NGX R62 HFA_01 index.php Arbitrary Web Script Injection in freeCap CAPTCHA Extension for TYPO3 Arbitrary Code Injection through Simplenews Module in Drupal Absolute Path Traversal Vulnerability in Omnicom Content Platform (OCP) 2.0 SQL Injection Vulnerabilities in Ajax Checklist Module for Drupal Arbitrary Script Injection in Ajax Checklist Module for Drupal Privilege Escalation and Denial of Service Vulnerability in G DATA AntiVirus 2008, InternetSecurity 2008, and TotalCare 2008 Authentication Bypass Vulnerability in ADN Forum 1.0b and Earlier Absolute Path Traversal Vulnerability in sendfile.php in web-cp 0.5.7 SQL Injection Vulnerability in sellers_othersitem.php in AJ Auction Pro Platinum 2 AJ Auction Pro Platinum 2 search.php Cross-Site Scripting (XSS) Vulnerability Buffer Overflow Vulnerabilities in W3C Amaya Web Browser 10.0.1 and 11.0.1 PHP Remote File Inclusion Vulnerabilities in Micronation Banking System (minba) 1.5.0 SQL Injection Vulnerability in QuidaScript BookMarks Favourites Script (APB) Insufficient Access Control in hyBook Guestbook Script Allows Password Theft Authentication Bypass Vulnerability in SG Real Estate Portal 2.0 Directory Traversal Vulnerabilities in SG Real Estate Portal 2.0 SG Real Estate Portal 2.0 - SQL Injection Vulnerability in index.php Arbitrary File Read Vulnerability in Pritlog 0.4 and Earlier SQL Injection Vulnerabilities in Freeway before 1.4.3.210: Remote Code Execution SQL Injection Vulnerability in Rianxosencabos CMS 0.9 via id Parameter in scripts/links.php Multiple SQL Injection Vulnerabilities in EsFaq 2.0 search.php SQL Injection Vulnerability in EsFaq 2.0 questions.php Allows Remote Code Execution SQL Injection Vulnerability in messages.php in I-Rater Basic Directory Traversal Vulnerability in MyPHPSite index.php SQL Injection Vulnerability in EACOMM DO-CMS 3.0 index.php SQL Injection Vulnerability in Views Module for Drupal Unspecified Security Vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server Remote File Inclusion Vulnerability in Xnova 0.8 sp1: Arbitrary PHP Code Execution Remote Code Execution in Xnova 0.8 SP1 via PHP File Inclusion Vulnerability Unspecified Denial of Service Vulnerability in NFSv4 Client Module on Sun Solaris 10 and OpenSolaris Directory Traversal Vulnerability in openElec 3.01 and Earlier: Arbitrary File Inclusion in scr/form.php Arbitrary SQL Command Execution in BlueCUBE CMS tienda.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in BLUEPAGE CMS 2.5 and Earlier SQL Injection Vulnerability in University of Queensland Library Fez 1.3 and 2.0 RC1: Remote Code Execution via parent_id Parameter Arbitrary SQL Command Execution in BuzzyWall 1.3.1 and Earlier SQL Injection Vulnerabilities in NetArtMedia Jobs Portal 1.3: Remote Code Execution SQL Injection Vulnerability in WSN Links 2.22, 2.23, and 2.34 via vote.php Arbitrary SQL Command Execution in WSN Links Free 4.0.34P via comments.php Arbitrary SQL Command Execution in WSN Links 2.20 comments.php Cross-Site Scripting (XSS) Vulnerability in Achievo 1.3.2 dispatch.php Achievo 1.3.2-STABLE dispatch.php Cross-site Scripting (XSS) Vulnerability Remote File Inclusion Vulnerability in BaseBuilder 2.0.1 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in AvailScript Article Script's view.php SQL Injection Vulnerability in MapCal 0.1: Remote Code Execution via id Parameter Session Fixation Vulnerability in BLUEPAGE CMS 2.5 and Earlier: Remote Session Hijacking SQL Injection Vulnerability in Arcadem Pro 2.700 through 2.802 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dataspade 1.0 Index.asp SQL Injection Vulnerability in NetArtMedia Real Estate Portal 2.0 SQL Injection Vulnerabilities in PHP Pro Bid (PPB) 6.04 Arbitrary Script Injection in xt:Commerce 3.0.4 and Earlier via advanced_search_result.php Session Fixation Vulnerability in xt:Commerce 3.0.4 and Earlier: Hijacking Web Sessions via shopping_cart.php SQL Injection Vulnerability in ADbNewsSender before 1.5.2 Unspecified Cross-Site Scripting (XSS) Vulnerability in ADbNewsSender before 1.5.2 CSRF Vulnerabilities in TangoCMS 2.2.0 and Earlier Allow Remote Authentication Hijacking Arbitrary SQL Command Execution in Tech Articles (com_tech_article) 1.0 Component for Joomla! Insufficient Access Control in MetaCart Free Allows Unauthorized Access to User Credentials Insufficient Access Control in PreProjects Pre E-Learning Portal Allows Password Retrieval Insufficient Access Control in PreProjects Pre Resume Submitter Allows Password Retrieval Insufficient Access Control in PreProjects Pre Courier and Cargo Business Stores Insufficient Access Control in PreProjects Pre Classified Listings Allows Password Retrieval Multiple Cross-Site Scripting (XSS) Vulnerabilities in World Recipe 2.11 Insufficient Access Control in Doug Luxem Liberum Help Desk 0.97.3 Allows Password Retrieval Denial of Service Vulnerability in Syslserve 1.058 and Earlier Improper Restriction of Access to Set-Cookie Headers in WebKit Arbitrary SWF Content Injection via XSS in FusionCharts Arbitrary SWF Content Injection via Cross-Site Scripting (XSS) in Techsmith Camtasia Studio Cross-site scripting (XSS) vulnerability in Adobe Dreamweaver SWF files via asfunction URI in skinName parameter Path Disclosure Vulnerability in Microsoft Word 2007 Save as PDF Add-on Multiple SQL Injection Vulnerabilities in DomPHP 0.81 Arbitrary Pathname Alias Vulnerability in Oracle Database Server Multiple PHP Remote File Inclusion Vulnerabilities in Meet#Web 0.8 Arbitrary SQL Command Execution Vulnerability in JoomlaDate Component 1.2 Arbitrary SQL Command Execution in eChat Plugin 4.2 for e107 Heap-based Buffer Underflows in ReadPALMImage Function in GraphicsMagick Heap-based buffer overflow in DecodeImage function in GraphicsMagick Denial of Service Vulnerabilities in GraphicsMagick before 1.1.14 and 1.2.x before 1.2.3 Insecure Disk Encryption in StorageCrypt 2.0.1 Arbitrary File Inclusion Vulnerability in phpcrs 2.06 and Earlier SQL Injection Vulnerability in Bahar Download Script 2.0 (aspkat.asp) Allows Remote Code Execution Arbitrary SQL Command Execution in Daily Message (com_dailymessage) 1.0.3 Component for Joomla! SQL Injection Vulnerability in LoudBlog 0.8.0a and Earlier: Remote Code Execution via colpick Parameter SQL Injection Vulnerability in Private Messaging Component of Limbo CMS Multiple Heap and Stack Based Buffer Overflows in imlib2 Before 1.4.2 Arbitrary File Read Vulnerability in ionFiles Joomla Component (com_ionfiles) 4.4.2 Arbitrary SQL Command Execution in Simple Customer 1.2 via contact.php Denial of Service (CPU Consumption) Vulnerability in Titan FTP Server 6.26 build 630 Directory Traversal Vulnerability in TXTshop Beta 1.0 Allows Remote File Inclusion Arbitrary PHP Code Execution via Unrestricted File Upload in Iamma Simple Gallery F-Secure Anti-Virus Integer Overflow Vulnerability in Compressed Archive Scanning SQL Injection Vulnerability in album.php in Camera Life 2.6.2b4 Arbitrary Web Script Injection Vulnerability in Camera Life 2.6.2b4 Joomtracker (com_joomtracker) 1.01 Module SQL Injection Vulnerability Arbitrary File Read Vulnerability in ScriptsEz Easy Image Downloader Directory Traversal Vulnerability in ScriptsEz Mini Hosting Panel Allows Remote File Read SQL Injection Vulnerability in BMForum 5.6 plugins.php: Remote Code Execution via tagname Parameter Remote Authentication Bypass Vulnerability in phpscripts Ranking Script SQL Injection Vulnerability in Noname CMS 1.0: Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in Celoxis Technologies Celoxis Arbitrary Web Script Injection Vulnerability in OpenNMS 1.5.94 Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in WikyBlog before 1.7.1 Vulnerability: Bypassing Moderation in Bugzilla Quips Approval RPortal 1.1 and Earlier: PHP Remote File Inclusion Vulnerability in index.php SQL Injection Vulnerabilities in Discussion Forums 2k 3.3 SQL Injection Vulnerability in click.php in Adult Banner Exchange Website SQL Injection Vulnerability in ratelink.php in Link Trader Script A4Desk Event Calendar PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in A4Desk PHP Event Calendar Arbitrary Web Script Injection Vulnerability in IBM Workplace for Business Controls and Reporting and IBM Workplace Web Content Management CSRF Vulnerability in IBM Workplace for Business Controls and Reporting and IBM Workplace Web Content Management Missing Virtual-Address Range Checks in Linux Kernel MREMAP_FIXED Vulnerability Arbitrary Web Script Injection Vulnerability in Galatolo WebManager (GWM) 1.0 Privilege Escalation Vulnerability in Robin Rawson-Tetley Animal Shelter Manager (ASM) Unspecified vulnerability in SemanticScuttle before 0.90 allows for improper validation of parameters in profile.php SQL Injection Vulnerability in NetArt Media Vlog System 1.1: Remote Code Execution via blog.php Directory Traversal Vulnerabilities in Ez Ringtone Manager Arbitrary Script Injection in SemanticScuttle before 0.90 SQL Injection Vulnerability in Mytipper Zogo-shop 1.15.4 Plugin for e107 SQL Injection Vulnerability in Prozilla Hosting Index Directory.php Arbitrary SQL Command Execution Vulnerability in EXtrovert Software Thyme (com_thyme) 1.0 Component for Joomla! SQL Injection Vulnerability in PG Job Site Pro Homepage.php Authentication Bypass Vulnerability in Goople CMS 1.7 Static Code Injection Vulnerability in Goople CMS 1.7: Remote PHP Code Injection in editpass.php Arbitrary SQL Command Execution in SocialEngine (SE) Profile Comments CRLF Injection Vulnerability in SocialEngine (SE) 2.7 and Earlier Denial of Service Vulnerability in Netgear WGR614v9 Web Management Interface Bypassing Access Restrictions in net-snmp's netsnmp_udp_fmtaddr Function SQL Injection Vulnerability in HotPot Module in Moodle 1.6-1.9.2 Unspecified privilege escalation vulnerability in Moodle user editing interface Multiple Directory Traversal Vulnerabilities in moziloCMS 1.10.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in moziloCMS 1.10.2 and Earlier Session Fixation Vulnerability in moziloCMS 1.10.2 and Earlier: Remote Session Hijacking Arbitrary File Read Vulnerability in moziloWiki 1.0.1 and Earlier Arbitrary Web Script Injection Vulnerability in moziloWiki 1.0.1 and Earlier Session Fixation Vulnerability in moziloWiki 1.0.1 and Earlier: Remote Session Hijacking Remote Code Execution via Eval Injection in phpScheduleIt 1.2.10 and Earlier SQL Injection Vulnerability in arsaprint.php in Full PHP Emlak Script Arbitrary SQL Command Execution Vulnerability in EveryBlog 5.x and 6.x Arbitrary Web Script Injection Vulnerability in EveryBlog Drupal Module Unspecified Privilege Escalation Vulnerability in EveryBlog 5.x and 6.x for Drupal Access Restriction Bypass Vulnerability in EveryBlog 5.x and 6.x Module for Drupal Remote File Inclusion Vulnerability in WebBiscuits Modules Controller 1.1 and Earlier Arbitrary File Read Vulnerability in WebBiscuits Modules Controller 1.1 Denial of Service Vulnerability in Avaya one-X Desktop Edition 2.1.0.78 Denial of Service Vulnerability in Avaya IP Softphone 6.0 SP4 and 6.01.85 SQL Injection Vulnerabilities in FlexPHPic 0.0.x Versions Authentication Bypass Vulnerability in OwenPoll 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in WEC Discussion Forum Extension for TYPO3 Arbitrary SQL Command Execution in WEC Discussion Forum Extension for TYPO3 SQL Injection Vulnerability in DeluxeBB 1.2 and Earlier: Remote Code Execution via pm.php Insecure Storage of Sensitive Information in ForumApp 3.3 SQL Injection Vulnerability in Joomla! Live Ticker Module 1.0 SQL Injection Vulnerability in mDigg Component 2.2.8 for Joomla! SQL Injection Vulnerability in SepCity Classified Ads: Remote Code Execution via ID Parameter SQL Injection Vulnerability in shpdetails.asp in SepCity Shopping Mall SQL Injection Vulnerability in deptdisplay.asp in SepCity Faculty Portal SQL Injection Vulnerability in Jay Patel Pixel8 Web Photo Album 3.0 Arbitrary SQL Command Execution in Hispah Text Links Ads 1.1 via idcat Parameter SQL Injection Vulnerability in Hispah Text Links Ads 1.1 SQL Injection Vulnerability in AdMan 1.1.20070907: Remote Code Execution via editCampaign.php Cleartext Storage of Admin Password in SepCity Classified Ads Unspecified Remote Vulnerabilities in w3b>cms Admin Backend Information Disclosure Vulnerability in Content Management Made Easy (CMME) 1.19 Unspecified Remote Information Disclosure in SIOC Drupal Module Arbitrary Code Injection through Cross-Site Scripting (XSS) in WOW Raid Manager (WRM) Bux.to Clone Script Vulnerability: Remote Authentication Bypass and Administrative Access SQL Injection Vulnerability in OpenX 2.6.1: Remote Code Execution via bannerid Parameter DreamCost HostAdmin 3.1.1 - Cross-Site Scripting (XSS) Vulnerability in index.php SQL Injection Vulnerability in CSPartner 0.1 gestion.php Arbitrary SQL Command Execution Vulnerability in KBase (com_kbase) 1.2 Component for Joomla! Arbitrary File Inclusion Vulnerability in miniPortail 2.2 and Earlier Arbitrary Web Script Injection Vulnerability in miniPortail 2.2 and Earlier CSRF Vulnerability in Localization Client and Server Modules for Drupal Arbitrary Web Script Injection via Book Page Title in Drupal 5.x and 6.x Arbitrary File Inclusion Vulnerability in Drupal 5.x and 6.x Arbitrary File Inclusion Vulnerability in RWCards Joomla Component Arbitrary Web Script Injection in ClipShare Pro 4.0 via fullscreen.php Title Parameter Arbitrary Script Injection Vulnerability in Jetbox CMS 2.1 Denial of Service Vulnerability in SilverSHielD 1.0.2.34 via Crafted Argument in opendir SFTP Command Multiple Directory Traversal Vulnerabilities in LightBlog 9.8 Arbitrary Code Execution via Unrestricted File Upload in FCKeditor 2.2 SQL Injection Vulnerability in sug_cat.php in IndexScript 3.0 SQL Injection Vulnerability in NewLife Blogger 3.0 and Earlier: Remote Code Execution via nlb3 Cookie SQL Injection Vulnerability in Mad4Joomla Mailforms Component (com_mad4joomla) Allows Remote Code Execution SQL Injection Vulnerability in Ignite Gallery Component for Joomla! Directory Traversal Vulnerabilities in My PHP Indexer 1.0 SQL Injection Vulnerability in OwnBiblio Component 1.5.3 for Joomla! Denial of Service Vulnerability in NoticeWare Email Server NG 5.1.2.2 RaidenFTPD 2.4 build 3620 Stack-based Buffer Overflow Vulnerability SQL Injection Vulnerability in Gforge 4.5.19 and Earlier: Remote Code Execution via release_id Parameter SQL Injection Vulnerability in Gforge 4.6 rc1 and Earlier: Remote Code Execution via skill_edit[] Parameter SQL Injection Vulnerability in GForge 4.5.19: Remote Code Execution via offset Parameter Arbitrary Web Script Injection Vulnerability in EEBCMS 0.95 Hardcoded Password Vulnerability in Intrinsic Swimage Encore Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Portal Server 7.0 and 7.1 Clear-text Password Storage in Sam Crew MyBlog Memory Leak Vulnerability in Microsoft Windows DNS Server Allows Remote DoS Directory Traversal Vulnerability in LANDesk Management Suite (LDMS) PXE TFTP Service (PXEMTFTP.exe) PHP Remote File Inclusion Vulnerabilities in Philippe CROCHAT EasySite 2.0 SQL Injection Vulnerability in KwsPHP 1.3.456 Galerie Module Arbitrary SQL Command Execution in Custom Pages 1.0 Plugin for MyBB Insufficient Access Control in 2532designs 2532|Gigs 1.2.2 and Earlier Allows Remote Backup and Sensitive Information Disclosure Multiple Cross-Site Scripting (XSS) Vulnerabilities in Swiki 1.5 Arbitrary Command Execution via Directory Traversal in KwsPHP 1.3.456 CoBaLT 1.0 SQL Injection Vulnerability SQL Injection Vulnerability in adminler.asp in CoBaLT 2.0 Multiple SQL Injection Vulnerabilities in SuperNET Shop 1.0 and Earlier Xavier Flahaut URLStreet 1.0 seeurl.php Cross-Site Scripting (XSS) Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in RobotStats 0.1 Unrestricted File Upload Vulnerability in PHPG Upload 1.0 Cross-Site Scripting (XSS) Vulnerability in submitnews.php in e107 CMS 0.7.11 SQL Injection Vulnerability in Vastal I-Tech Software Zone's view_product.php Allows Remote Code Execution SQL Injection Vulnerability in Koobi 4.4 and 5.4: Remote Code Execution via img_id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpForums.net mcGallery 1.1 Php-Stats 0.1.9.1 admin.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Harlandscripts Pro Traffic One SQL Injection Vulnerability in poll_results.php in Harlandscripts Pro Traffic One Arbitrary Web Script Injection Vulnerability in Venalsur Booking Centre Booking System SQL Injection Vulnerability in Venalsur Booking Centre Booking System for Hotels Group Extrakt Framework 0.7 index.php Cross-Site Scripting (XSS) Vulnerability Memory Leak in libpng's png_handle_tEXt Function Allows Denial of Service Memory Exhaustion Vulnerability in EMC Networker Products SQL Injection Vulnerability in Simple Document Management System (SDMS) Login Page Remote File Inclusion Vulnerability in Dada Mail Manager Component 2.6 for Joomla! Arbitrary File Read Vulnerability in Pro Desk Support Center Component for Joomla! Remote File Inclusion Vulnerability in Way Of The Warrior (WOTW) 5.0 and earlier: Execution of Arbitrary PHP Code Directory Traversal Vulnerability in Way Of The Warrior (WOTW) 5.0 and Earlier: Arbitrary File Read via visualizza.php SQL Injection Vulnerability in Mole Group Airline Ticket Sale Script's info.php SQL Injection Vulnerability in Pre Projects PHP Auto Listings Script SQL Injection Vulnerability in buyer_detail.php in Pre Multi-Vendor Shopping Malls Vulnerability: Authentication Bypass in Pre Multi-Vendor Shopping Malls Arbitrary Script Injection in Drupal Content Construction Kit (CCK) Administrative Interface SQL Injection Vulnerability in Tour.php in Pre Projects Pre Podcast Portal Pre Classified Listing PHP Remote Authentication Bypass Vulnerability Pre Shopping Mall Remote Authentication Bypass Vulnerability SQL Injection Vulnerability in Five Dollar Scripts Drinks Script SQL Injection Vulnerability in com_musica Module in Joomla! and Mambo Arbitrary Command Execution Vulnerability in Vim Netrw Plugin SQL Injection Vulnerability in Simple Document Management System (SDMS) 1.1.5 and Earlier Versions SQL Injection Vulnerability in Scripts For Sites (SFS) Hotscripts-like Site Allows Remote Code Execution via id Parameter Arbitrary Script Injection in OpenEdit DAM's savequeryfinish.html OpenEdit Digital Asset Management (DAM) CSRF Vulnerability Arbitrary Web Script Injection in OpenEdit Digital Asset Management (DAM) Multiple SQL Injection Vulnerabilities in FlexPHPSite 0.0.1 and 0.0.7 SQL Injection Vulnerability in SearchResults.php in SFS EZ e-store Allows Remote Code Execution Arbitrary SQL Command Execution in Scripts For Sites (SFS) Hotscripts-like Site via showcategory.php Arbitrary SQL Command Execution in Scripts for Sites (SFS) EZ Gaming Cheats via view_reviews.php SQL Injection Vulnerability in track.php in SFS EZ BIZ PRO: Remote Code Execution via id Parameter SQL Injection Vulnerability in SFS EZ Webring's category.php Allows Remote Code Execution Arbitrary SQL Command Execution in SFS EZ Top Sites topsite.php Galatolo WebManager 1.3a XSS Vulnerability in all.php SQL Injection Vulnerability in Galatolo WebManager 1.3a and Earlier: Remote Code Execution via id Parameter SQL Injection Vulnerability in Comdev Web Blogger 4.1.3 and Earlier: Remote Code Execution via arcmonth Parameter Remote File Inclusion Vulnerability in phpFan 3.3.4: Arbitrary PHP Code Execution Arbitrary Code Execution and Privilege Escalation via Stack-Based Buffer Overflow in smcFanControl 2.1.2 Arbitrary File Inclusion Vulnerability in Pluck 4.5.3 SQL Injection Vulnerability in Jadu Galaxies' scripts/documents.php Multiple SQL Injection Vulnerabilities in vBulletin 3.7.4 SQL Injection Vulnerability in vBulletin 3.7.3.pl1 Admin Calendar (admincp/admincalendar.php) SQL Injection Vulnerability in Openasp 3.0 and Earlier: Remote Code Execution via idpage Parameter SQL Injection Vulnerability in QuadComm Q-Shop 3.0 (users.asp) Cross-Site Scripting (XSS) Vulnerability in QuadComm Q-Shop 3.0 Arbitrary SQL Command Execution in Ultrastats 0.2.144 and 0.3.11 via serverid Parameter SQL Injection Vulnerability in E-topbiz AdManager 4's view.php Allows Remote Code Execution SQL Injection Vulnerability in SaturnCMS's lib/url/meta_url.php SQL Injection Vulnerability in SaturnCMS t_user.php SQL Injection Vulnerability in E-topbiz Slide Popups 1.0: Remote Code Execution via Password Parameter Arbitrary File Inclusion Vulnerability in Cyberfolio 7.12.2 and Earlier SQL Injection Vulnerability in links.php in Appalachian State University phpWebSite Arbitrary Web Script Injection in Multi Languages WebShop Online 1.02 Arbitrary SQL Command Execution in WEBBDOMAIN Multi Languages WebShop Online 1.02 Authentication Bypass Vulnerability in Joovili 3.1.4 SQL Injection Vulnerability in Dragan Mitic Apoll 0.7 beta and 0.7.5 Directory Traversal Vulnerability in TBmnetCMS 1.0 Allows Arbitrary File Reading SQL Injection Vulnerability in Dragan Mitic Apoll 0.7 beta and 0.7.5 Directory Traversal Vulnerability in MyKtools 3.0 configuration_script.php SQL Injection Vulnerabilities in FamilyProject 2.0 Arbitrary Web Script Injection in User Karma Module for Drupal SQL Injection Vulnerabilities in User Karma Module for Drupal Arbitrary SQL Command Execution in RakhiSoftware Price Comparison Script Cross-Site Scripting (XSS) Vulnerabilities in RakhiSoftware Price Comparison Script Sensitive Information Disclosure in RakhiSoftware Price Comparison Script Linksys WRT160N apply.cgi Cross-Site Scripting (XSS) Vulnerability Bluo CMS 1.2 index.php SQL Injection Vulnerability SQL Injection Vulnerability in CMS Ortus 1.13 and Earlier: Remote Code Execution via users_edit_pub.inc Subtext 2.0 XSS Vulnerability in URL Conversion Feature Arbitrary SQL Command Execution in Z1Exchange 1.0 via edit.php Arbitrary SQL Command Execution in PHP TV Portal 2.0 and Earlier Multiple SQL Injection Vulnerabilities in Active Newsletter 4.3 SubscriberStart.asp Multiple PHP Remote File Inclusion Vulnerabilities in Broadcast Machine 0.1 Arbitrary File Read Vulnerability in Interface Medien ibase 2.03 and Earlier SQL Injection Vulnerability in Tours Manager 1.0: Remote Code Execution via cityid Parameter in cityview.php Arbitrary File Inclusion Vulnerability in nicLOR Sito Authentication Bypass Vulnerability in Acc PHP eMail 1.1 Authentication Bypass Vulnerability in Acc Autos 4.0 Authentication Bypass Vulnerability in Acc Real Estate 4.0 Authentication Bypass Vulnerability in Acc Statistics 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Camera Life 2.6.2b8 Authentication Bypass Vulnerability in Maran PHP Shop's admin.php DHCart order.php Cross-site Scripting (XSS) Vulnerability Unspecified vulnerability in sISAPILocation before 1.0.2.2 allows remote attackers to bypass access restrictions via HTTP header rewrite function. Cross-Site Scripting (XSS) Vulnerabilities in Joomla! 1.5.7 and Earlier Authentication Bypass Vulnerability in Galatolo WebManager 1.3a Arbitrary SQL Command Execution in Small ShoutBox Module 1.4 for phpBB Remote Authentication Bypass Vulnerability in TurnkeyForms Local Classifieds SQL Injection Vulnerability in ToursManager's tourview.php Allows Remote Code Execution SQL Injection Vulnerability in xt:Commerce 3.0.4 Sp2.1 with enabled magic_quotes_gpc and activated SEO URLs Remote File Inclusion Vulnerability in Free Directory Script 1.1.1 Arbitrary Code Injection via msg Parameter in Softbiz Classifieds Script Authentication Bypass Vulnerability in E-topbiz Link Back Checker 1 Directory Traversal Vulnerabilities in Private Messaging System (PMS) 1.2.3 and Earlier for PunBB SQL Injection Vulnerability in W3matter AskPert index.php SQL Injection Vulnerability in W3matter RevSense 1.0 via f[password] Parameter SQL Injection Vulnerability in Butterfly Organizer 2.0.1 (view.php) via mytable Parameter SQL Injection Vulnerability in ProQuiz 1.0 index.php Allows Remote Code Execution Directory Traversal Vulnerability in phpAddEdit 1.3 Allows Remote File Inclusion SQL Injection Vulnerability in Tag Board Module 4.0 and Earlier for phpBB PHPmyGallery 1.0 beta2 Remote File Inclusion Vulnerability in common-tpl-vars.php PHPmyGallery 1.0 beta2 Directory Traversal Vulnerability Directory Traversal Vulnerability in PHPmyGallery 1.5 Beta PHPmyGallery 1.5 beta Remote File Inclusion Vulnerability SQL Injection Vulnerability in CF_Calendar's calendarevent.cfm Allows Remote Code Execution SQL Injection Vulnerability in CF Shopkart 5.2.2: Remote Code Execution via Category Parameter Insufficient Access Control in CF Shopkart 5.2.2 Allows Remote Information Disclosure SQL Injection Vulnerability in CFMBlog's index.cfm Allows Remote Code Execution via categorynbr Parameter SQL Injection Vulnerability in CF_Auction's forummessages.cfm Allows Remote Code Execution SQL Injection Vulnerability in CF_Forum's forummessages.cfm Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Softbiz Classifieds Script SQL Injection Vulnerability in login.php of Simple Customer (20081118) ProQuiz 1.0 index.php SQL Injection Vulnerability SQL Injection Vulnerability in Butterfly Organizer 2.0.0 and 2.0.1: Remote Code Execution via id Parameter in view.php SQL Injection Vulnerability in Pre ASP Job Board's Employee/login.asp SQL Injection Vulnerability in MyTopix 1.3.0 and Earlier: Remote Code Execution via Notes Action Cross-Site Request Forgery (CSRF) Vulnerabilities in Streber before 0.08093 SQL Injection Vulnerability in Simple Customer 1.2 Login.php SQL Injection Vulnerability in RSS Simple News (RSSSN) Allows Remote Code Execution via pid Parameter Arbitrary File Read Vulnerability in eMetrix Extract Website's download.php Arbitrary File Read Vulnerability in eMetrix Online Keyword Research Tool Arbitrary File Read Vulnerability in Text Lines Rearrange Script 1.0 SQL Injection Vulnerability in Volunteer Management System (com_volunteer) Module 2.0 for Joomla! Remote Code Execution via SQL Injection in WEBERkommunal Facilities Extension 2.0 for TYPO3 Arbitrary Web Script Injection in TYPO3 Vox populi Extension Arbitrary Web Script Injection in SB Universal Plugin Extension for TYPO3 Unspecified Information Disclosure Vulnerability in TYPO3 Simple File Browser Extension Arbitrary Web Script Injection in TU-Clausthal ODIN TYPO3 Extension Arbitrary SQL Command Execution in TU-Clausthal Staff Extension for TYPO3 SQL Injection Vulnerability in SolarCMS 0.53.8 and 1.0 Arbitrary Web Script Injection in DR Wiki Extension for TYPO3 Arbitrary PHP Code Execution via Remote File Inclusion in Onguma Time Sheet 2.0 4b Component for Joomla Multiple SQL Injection Vulnerabilities in DevelopItEasy Photo Gallery 1.2 SQL Injection Vulnerability in TurnkeyForms Business Survey Pro 1.0: Remote Code Execution via id Parameter SQL Injection Vulnerability in TurnkeyForms Local Classifieds Arbitrary Web Script Injection Vulnerability in TurnkeyForms Local Classifieds SQL Injection Vulnerability in Xpoze Pro 4.10: Remote Code Execution via menu Parameter in home.html Arbitrary SQL Command Execution Vulnerability in ASP-CMS 1.0 Insufficient Access Control in ASPired2poll Allows Remote Database Download Insufficient Access Control in ASPired2Protect Allows Remote Download of Sensitive Database Sensitive Information Exposure in evCal Events Calendar Insufficient Access Control in MyCal Personal Events Calendar Allows Unauthorized Database Download SQL Injection Vulnerability in Social Groupie's group_index.php Max's Guestbook Cross-Site Scripting (XSS) Vulnerability Cross-site scripting (XSS) vulnerability in userranks feature in ImpressCMS 1.0.2 final Arbitrary File Inclusion Vulnerability in InSun Feed CMS 1.7.3 19Beta SQL Injection Vulnerability in Multiple Membership Script 2.5: Remote Code Execution via id Parameter in sitepage.php DesignWorks Professional Buffer Overflow Vulnerability SQL Injection Vulnerability in Ad Server Solutions Banner Exchange Solution Java SQL Injection Vulnerability in Ad Server Solutions Ad Management Software Java SQL Injection Vulnerability in Ad Server Solutions Affiliate Software Java 4.0 Arbitrary Code Execution via Unrestricted File Upload in Social Groupie SQL Injection Vulnerability in Chipmunk Guestbook 1.4m: Remote Code Execution via start Parameter Ocean12 Contact Manager Pro 1.02 Default.asp SQL Injection Vulnerability Arbitrary Web Script Injection in Ocean12 Contact Manager Pro 1.02 via DisplayFormat Parameter Ocean12 Membership Manager Pro Login.ASP SQL Injection Vulnerability SQL Injection Vulnerability in Ocean12 FAQ Manager Pro 1.0 Unspecified Remote Attack Vector Vulnerability in Nagios CGI Programs Insufficient Access Control in CodefixerSoftware MailingListPro Free Edition Allows Unauthorized Access to Sensitive Information Insecure Storage of Sensitive Information in JBook Allows Unauthorized Database Access SQL Injection Vulnerability in Jbook's main.asp Allows Remote Code Execution via Password Parameter Remote File Inclusion Vulnerability in Multi SEO phpBB 1.1.0: Arbitrary PHP Code Execution Arbitrary SQL Command Execution in Calendar Mx Professional 2.0.0 SQL Injection Vulnerability in Gallery MX 2.0.0: Remote Code Execution via ID Parameter Active Web Helpdesk 2.0 Default.aspx SQL Injection Vulnerability SQL Injection Vulnerability in bcoos 1.0.13: Remote Code Execution via cid Parameter Insufficient Access Control in ASP Portal 3.2.5 Allows Remote Database Download SQL Injection Vulnerability in SpeedTech Organization and Resource Manager (Storm) CSRF Vulnerabilities in Comment Mail 5.x before 5.x-1.1 for Drupal W3matter RevSense 1.0 index.php Cross-Site Scripting (XSS) Vulnerability Z1Exchange 1.0 showads.php Cross-Site Scripting (XSS) Vulnerability Insufficient Access Control in Quick Tree View .NET 3.1 Allows Remote Database Download Sensitive Information Disclosure in Rapid Classified 3.1 and 3.15 SQL Injection Vulnerability in Rae Media Contact Management Software SQL Injection Vulnerability in Ocean12 Membership Manager Pro Login Page SQL Injection Vulnerability in Jbook's main.asp Allows Remote Code Execution via User Parameter Arbitrary SQL Command Execution in showads.php of Z1Exchange Heap-based Buffer Overflow in PSI Jabber Client CS-Cart 1.3.5 SQL Injection Vulnerability in core/user.php Denial of Service Vulnerability in 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point Arbitrary Script Injection in Celerondude Uploader 6.1 via account.php Symlink Attack Vulnerability in AlcoveBook sgml2x 1.0.0 Arbitrary File Overwrite Vulnerability in sng_regress 1.0.2 Unspecified Remote Role Addition Vulnerability in DotNetNuke 4.5.2 through 4.9 Cross-site scripting (XSS) vulnerability in refbase before 0.9.5 via headerMsg parameter in show.php and search.php SQL Injection Vulnerability in JETIK-WEB's sayfa.php Allows Remote Code Execution via kat Parameter Remote File Inclusion Vulnerability in Sofi WebGui 0.6.3 PRE and Earlier OpenRat 0.8-beta4 Remote File Inclusion Vulnerability Arbitrary Script Injection in eXtrovert Software Thyme 1.3 via add_calendars.php SQL Injection Vulnerability in showcategory.php in Hotscripts Clone Arbitrary Web Script Injection Vulnerability in DataLife Engine (DLE) 7.2 admin.php Arbitrary File Inclusion Vulnerability in ol'bookmarks manager 0.7.5 Remote File Inclusion Vulnerability in ol'bookmarks manager 0.7.5: Arbitrary PHP Code Execution SQL Injection Vulnerability in ol'bookmarks manager 0.7.5: Remote Code Execution via id Parameter Arbitrary File Inclusion Vulnerability in ol'bookmarks manager 0.7.5 and Earlier Authentication Bypass Vulnerability in Explay CMS 2.1 and Earlier Privilege Escalation Vulnerability in Vignette Content Management 7.3.0.5, 7.3.1, 7.3.1.1, 7.4, and 7.5 Cross-Site Scripting (XSS) Vulnerability in Drupal Answers Module AJ Auction Pro Platinum Skin 2 - SQL Injection Vulnerability in detail.php Buffer Overflow Vulnerability in YoungZSoft CCProxy 6.5: Remote Code Execution via Long Hostname in CONNECTION Request Multiple Cross-Site Scripting (XSS) Vulnerabilities in GreenSQL-Console before 0.3.5 Unspecified Directory Disclosure Vulnerability in GreenSQL-Console before 0.3.5 SQL Injection Vulnerability in scrape.php in TorrentTrader Multiple SQL Injection Vulnerabilities in Social Site Generator (SSG) 2.0 Arbitrary File Read Vulnerability in Social Site Generator (SSG) 2.0 Remote File Inclusion Vulnerability in Social Site Generator (SSG) 2.0's social_game_play.php Allows Arbitrary PHP Code Execution SQL Injection Vulnerabilities in PsychoStats 2.3, 2.3.1, and 2.3.3 via id parameter in weapon.php and map.php PassWiki 0.9.16 RC3 and Earlier Directory Traversal Vulnerability FFFTP 1.96b Directory Traversal Vulnerability SQL Injection Vulnerability in news.php in ComicShout 2.8 SQL Injection Vulnerability in Hivemaker Professional 1.0.2 and Earlier: Remote Code Execution via cid Parameter Arbitrary HTTP Header Injection and Cross-Site Scripting (XSS) Vulnerability in Kaya 0.4.0 SQL Injection Vulnerability in PrayerCenter Component 1.4.9 and Earlier for Joomla! SQL Injection Vulnerability in MyContent Component 1.1.13 for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in BMForum 5.6 Arbitrary Script Injection in Blue River Interactive Group Sava CMS (CVE-XXXX-XXXX) Arbitrary SQL Command Execution in Blue River Interactive Group Sava CMS (CVE-XXXX-XXXX) Cross-Site Scripting (XSS) Vulnerabilities in phpSQLiteCMS 1 RC2 XSS Vulnerability in Xerox WorkCentre Web Server Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPFreeForum 1.0 RC2 and Earlier SQL Injection Vulnerability in MacGuru BLOG Engine Plugin 2.2 for e107 Cross-Site Scripting (XSS) Vulnerability in ABK-Soft AbleDating 2.4 search_results.php Information Disclosure in Cerberus Helpdesk before 4.0 (Build 600) Epic Games Unreal Engine Client Format String Vulnerability Arbitrary File Overwrite Vulnerability in Sina Inc. DLoader Class ActiveX Control SQL Injection Vulnerability in phpKF Forum Software Remote Code Execution Vulnerability in Baidu Hi IM via CSTransfer.dll Unspecified Vulnerability in YourPlace 1.0.1: Potential Authentication Bypass and Arbitrary PHP Code Upload Static Code Injection Vulnerability in CMS MAXSITE Guestbook Component Buffer Overflow Vulnerability in QuikSoft EasyMail MailStore ActiveX Control Arbitrary Web Script Injection in SKYARC System MTCMS WYSIWYG Editor's install.cgi CSRF Vulnerability in Century Systems Routers Allows Unauthorized Configuration Modification Arbitrary Web Script Injection Vulnerability in Under Construction, Baby (UCB) PC2M 0.9.22.4 and Earlier SQL Injection Vulnerability in humor.php in jPORTAL 2 Arbitrary SQL Command Execution in Oceandir 2.9 and Earlier via show_vote.php Arbitrary File Read Vulnerability in 6rbScript 3.3 SQL Injection Vulnerability in 6rbScript 3.3's section.php Allows Remote Code Execution Session Fixation Vulnerability in Edikon phpShop 0.8.1 Arbitrary SQL Command Execution in HBook Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in Swigmore Institute TYPO3 Extension Arbitrary SQL Command Execution in TYPO3 tt_address & direct mail Extension Arbitrary SQL Command Execution in TYPO3 Auto BE User Registration Extension Arbitrary SQL Command Execution in Simple Random Objects Extension for TYPO3 Arbitrary SQL Command Execution in Random Prayer 2 Extension for TYPO3 Arbitrary SQL Command Execution in My Quiz and Poll Extension for TYPO3 Arbitrary SQL Command Execution in Diocese of Portsmouth Church Search Extension Arbitrary SQL Command Execution in Mevin Productions Basic PHP Events Lister 1.0 Cross-Site Scripting (XSS) Vulnerabilities in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 Login.php SQL Injection Vulnerability in Akira Powered Image Gallery Plugin 0.9.6.2 for e107 SQL Injection Vulnerability in Diesel Job Site's job-info.php Allows Remote Code Execution SQL Injection Vulnerability in Diesel Pay's index.php Allows Remote Code Execution Arbitrary SQL Command Execution in PlainCart 1.1.2 via index.php Unspecified Remote Code Execution Vulnerabilities in ClanSphere before 2008.2.1 SQL Injection Vulnerability in MountainGrafix easyLink 1.1.0 - Remote Code Execution via cat Parameter in show Action Denial of Service Vulnerability in Wireshark WLCCP Dissector Arbitrary User Password Change Vulnerability in Blogator-script 0.95 Arbitrary Perl Code Injection Vulnerability in F5 BIG-IP 9.4.3 Management Interface SQL Injection Vulnerability in Drake CMS Guestbook Component Arbitrary Script Injection in BlogEngine.NET Blog Search Remote Code Execution via SQL Injection in Mumbo Jumbo Media OP4 VZPP Web Interface File Manager Cross-Site Request Forgery (CSRF) Vulnerability CSRF Vulnerability in VZPP Web Interface Allows Unauthorized Password Modification CSRF Vulnerability in Datalife Engine 6.7 Image Preview Module Arbitrary SQL Command Execution in Joomla! and Mambo Versioning Component (com_versioning) 1.0.2 Arbitrary PHP Code Execution via Remote File Inclusion in Flash Tree Gallery Component for Joomla Arbitrary PHP Code Execution via Remote File Inclusion in VirtueMart Google Base Component for Joomla SQL Injection Vulnerability in Mole Group Taxi Map Script: Remote Code Execution via login.php SoftComplex PHP Image Gallery index.php SQL Injection Vulnerability Remote Code Execution via PHP File Inclusion in SharedLog SQL Injection Vulnerabilities in Digiappz DigiAffiliate 1.4 and Earlier: Remote Code Execution SQL Injection Vulnerability in SoftComplex PHP Image Gallery 1.0: Remote Code Execution via Admin Field SQL Injection Vulnerability in MyAlbum Component (com_myalbum) 1.0 for Joomla! Arbitrary File Overwrite Vulnerability in FLABER 1.1 and Earlier PHPGKit 0.9 Remote File Inclusion Vulnerability in connexion.php Arbitrary Code Execution via Unrestricted File Upload in Tizag Countdown Creator 3 Sensitive Information Disclosure: Unprotected Database Access via Direct Request Insufficient Access Control in ASP User Engine.NET Allows Remote Database Download Arbitrary Web Script Injection in Fritz Berger Yappa-ng 2.3.2 Arbitrary File Creation and Overwrite Vulnerability in VSPDFEditorX.VSPDFEdit ActiveX Control Denial of Service Vulnerability in Neostrada Livebox ADSL Router XAMPP 1.6.8 CSRF Vulnerability in xamppsecurity.php Remote Code Execution Vulnerability in XAMPP 1.6.8 via SERVER Superglobal Array Extraction CodeToad ASP Shopping Cart Script XSS Vulnerability Pro Chat Rooms 3.0.2 - Cross-Site Scripting (XSS) Vulnerability in profiles/index.php Arbitrary PHP Script Execution and Cross-Site Request Forgery in Pro Chat Rooms 3.0.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PrestaShop 1.1.0.3 Remote Code Execution via Object-Graph Navigation Language (OGNL) Injection in ParametersInterceptor Apache Struts 2 Multiple Directory Traversal Vulnerabilities Account Activation Bypass Vulnerability in phpBB before 3.0.4 Unspecified vulnerability in phpBB before 3.0.4 allows unauthorized access to sensitive information via password-protected forum private message quoting. Openfire Admin Console Directory Traversal Vulnerability Arbitrary SQL Command Execution Vulnerability in Openfire SIP Plugin Arbitrary Web Script Injection Vulnerability in Openfire Admin Console Open Redirect Vulnerability in Openfire 3.6.0a and Earlier: Phishing Attack via login.jsp Cross-domain vulnerability in Google Gears WorkerPool API allows bypassing Same Origin Policy Arbitrary Code Execution via Unrestricted File Upload in Andy's PHP Knowledgebase (aphpkb) 0.92.9 Expo Plugin Vulnerability in Compiz Fusion 0.7.8 Allows Unauthorized Access to Locked Desktop Arbitrary Web Script Injection in Fritz Berger PHP Photo Album - Next Generation (Yappa-ng) Multiple Directory Traversal Vulnerabilities in phpKF-Portal 1.10 SQL Injection Vulnerability in NewsHOWLER 1.03 Beta: Remote Code Execution via news_user Cookie Parameter Unrestricted File Upload Vulnerability in VidiScript Profile Feature Format String Vulnerability in Xitami Web Server 2.2a through 2.5c2 Format string vulnerabilities in SSI filter of Xitami Web Server 2.5c2 and other versions Information Disclosure Vulnerability in Terracotta 0.6.1 Revealing Installation Path Directory Traversal Vulnerabilities in Terracotta 0.6.1 Authentication Bypass and Privilege Escalation in openInvoice 0.90 Beta and Earlier Arbitrary Password Change Vulnerability in openInvoice 0.90 Beta and Earlier SQL Injection Vulnerability in Nice PHP FAQ Script Admin Panel SQL Injection Vulnerability in BosDev BosClassifieds index.php SQL Injection Vulnerability in GO4I.NET ASP Forum 1.0: Remote Code Execution via forum.asp Remote Code Disclosure Vulnerability in NTFS TmaxSoft JEUS 5 before Fix 26 Arbitrary Web Script Injection Vulnerability in eZoneScripts Living Local 1.1 Arbitrary PHP Code Execution via Unrestricted File Upload in eZoneScripts Living Local 1.1 WebWork 1 Parameter Injection Hole Cross-Site Request Forgery (CSRF) Vulnerabilities in Drupal Update Feature Allow Unauthorized Actions Unfiltered Content Deletion Vulnerability in Drupal 5.x and 6.x Arbitrary Command Execution Vulnerability in NULL FTP Server Free and Pro 1.1.0.7 Remote Code Execution in PayPal eStores via NewAdmin Parameter Unspecified Remote Vulnerability in 7-Zip Administrator Password Hash Disclosure in LightNEasy No Database Version 1.2 Arbitrary User Addition Vulnerability in DeStar 0.2.2-5 Static Code Injection Vulnerability in DeStar 0.2.2-5: Arbitrary Administrator Addition and Python Code Injection via Crafted Pin Parameter Default Keys Bypass Vulnerability in DotNetNuke Unrestricted File Upload Vulnerability in DotNetNuke File Manager Module Remote Code Execution Vulnerability in DotNetNuke Skin Manager Multiple PHP Remote File Inclusion Vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 PHP Remote File Inclusion Vulnerabilities in Simple Machines Forum (SMF) 1.1.4 Remote File Inclusion Vulnerability in Web Server Creator Web Portal 0.1 Unspecified Activation Permissions Vulnerability in phpns before 2.1.3 Bypassing Access Restrictions in FormEncode 1.0 Unauthenticated Access to Included Files in MoinMoin 1.6.1 Denial of Service Vulnerability in MoinMoin 1.6.1 Password Checker Function Cross-site scripting (XSS) vulnerability in Glossaire 2.0 allows remote code injection via glossaire.php. Multiple Directory Traversal Vulnerabilities in e-Vision CMS 2.0.2 and Earlier Local Privilege Escalation via Symlink Attacks in Red Hat Cluster Project 2.x Unauthenticated Remote Account Manipulation in Implied by Design Micro CMS (Micro-CMS) 3.5 Remote Command Execution in Aztech ADSL2/2+ 4-port Router 3.7.0 Build 070426 via cgi-bin/script Arbitrary Command Execution in Puppet Master WebUtil via Shell Metacharacters Arbitrary Command Execution in Puppet Master WebUtil 2.3 via Shell Metacharacters in whois Command Arbitrary Command Execution in Puppet Master WebUtil 2.7 via details Command Untrusted Search Path Vulnerability in ReliantHA 1.1.4 Allows Local Privilege Escalation Local Privilege Escalation in Merge mcd in ReliantHA 1.1.4 on SCO UnixWare 7.1.4 Buffer Overflow Vulnerability in CMAN Cluster Manager Credential Information Leakage in Citrix Presentation Server Client for Windows Arbitrary Script Injection in Jack (tR) Jax LinkLists 1.00 via cat Parameter XML Parser Buffer Overflow Vulnerability in Trillian 3.1.9.0 and Earlier Predictable Sequence Numbers in Nortel UNIStim Protocol: A Session Hijacking Vulnerability Invision Power Board 2.3.1 XSS Vulnerability in Signature IFRAME Tag Injection Unspecified Major Security Vulnerability in Octopussy before 0.9.5.8 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gallarific Free Edition Unrestricted File Upload Vulnerability in Yehe 2.0 Allows Remote Code Execution Session Fixation Vulnerability in Cybozu Garoon 2.0.0 through 2.1.3: Remote Session Hijacking Cybozu Garoon RSS Reader XSS Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in LinPHA before 1.3.4 SQL Injection Vulnerability in ABK-Soft AbleDating 2.4 search_results.php Multiple SQL Injection Vulnerabilities in Avaya SIP Enablement Services (SES) in Avaya Communication Manager 3.x, 4.0, and 5.0 Unspecified Privilege Escalation and Denial of Service Vulnerability in Avaya Communication Manager Unspecified Denial of Service Vulnerability in Avaya Communication Manager SIP Server Denial of Service Vulnerability in Nortel Communications Server 1000 (CS1K) FTP Service Unspecified Hard-Coded Accounts and Passwords in Nortel CS1K 4.50.x Unspecified Remote Code Execution and Privilege Escalation Vulnerabilities in Nortel Communication Server 1000 4.50.x Information Disclosure Vulnerability in Nortel Communication Server 1000 4.50.x Sensitive Information Exposure in Red_Reservations ColdFusion Script Authentication Bypass Vulnerability in PhpAddEdit 1.3 SQL Injection Vulnerability in Miniweb 2.0 index.php Allows Remote Code Execution Buffer Overflow Vulnerability in BS.player 2.27 Build 959 via Long String in .SRT File Arbitrary Code Execution Vulnerability in TorrentFlux 2.3 CSRF Vulnerability in TorrentFlux 2.3 Allows Unauthorized Account Creation CSRF vulnerability in µTorrent WebUI 0.315 allows remote hijacking of user authentication and administrator account modification CSRF Vulnerability in Vuze Allows Remote Torrent File Download Default isp Account Vulnerability in Aztech ADSL2/2+ 4-Port Router Multiple Cross-Site Scripting (XSS) Vulnerabilities in LightNEasy No Database Version 1.2.2 Directory Traversal Vulnerabilities in LightNEasy no database Version 1.2.2 Arbitrary File Creation Vulnerability in LightNEasy no database Version 1.2.2 Arbitrary File Access via Directory Traversal in Thumbs-Up 1.12 Arbitrary PHP Code Injection Vulnerability in LightNEasy SQLite 1.2.2 and Earlier Arbitrary SQL Command Execution in TYPO3 cm_rdfexport Extension Arbitrary SQL Command Execution in TYPO3 pmk_rssnewsexport Extension SQL Injection Vulnerability in PHCDownload 1.1 - Remote Code Execution via hash Parameter PHCDownload 1.1 Upload/Install Cross-Site Scripting (XSS) Vulnerability Race Conditions in WANPIPE 3.3.6: Unspecified Impact and Attack Vectors in bri restart logic Insufficient Access Control in CookieCheck 1.0 Allows Remote Session Data Retrieval XMLPortal 3.0 Search Feature XSS Vulnerability Unspecified Remote IP Address Disclosure Vulnerability in Epona 1.5rc3 Unspecified Vulnerability in Download Center Lite 2.1 with Unknown Impact and Attack Vectors ACL Bypass Vulnerability in MoinMoin 1.6.2 and 1.7 Arbitrary File Inclusion Vulnerability in PicoFlat CMS 0.5.9 CSRF Vulnerability in 2wire Web-based Management Interface SQL Injection Vulnerability in MatPo Link 1.2 Beta's view.php Allows Remote Code Execution Arbitrary Web Script Injection in MatPo Link 1.2 Beta's view.php Multiple SQL Injection Vulnerabilities in DevelopItEasy Events Calendar 1.2 Arbitrary Web Script Injection Vulnerability in Stefan Ott phpcksec 0.2 Absolute Path Traversal Vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 Arbitrary SQL Command Execution in Minimal ABlog 0.4 via index.php Arbitrary Code Execution via Unrestricted File Upload in Minimal ABlog 0.4 Unrestricted Access Vulnerability in minimal-ablog 0.4's uploader.php SQL Injection Vulnerabilities in IBD Micro CMS 3.5 SQL Injection Vulnerability in Zen Cart 2008 Allows Remote Code Execution Cross-site scripting (XSS) vulnerability in Zen Cart 2008 allows remote code injection via keyword parameter in advanced_search_result page Arbitrary Code Execution via Unrestricted File Upload in SiteXS CMS 0.1.1 Multiple SQL Injection Vulnerabilities in ClassSystem 2.3 Arbitrary Code Execution via Unrestricted File Upload in ClassSystem 2.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in GraFX miniCWB 2.1.1 and Earlier Denial of Service Vulnerability in GraphicsMagick 1.2.3 and Earlier via Unspecified Vectors in DPX Images Arbitrary SQL Command Execution Vulnerability in choosecard.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02, 1.01, and earlier SQL Injection Vulnerability in getin.php in WEBBDOMAIN Post Card (aka Web Postcards) 1.02 and Earlier: Remote Code Execution via Username Parameter SQL Injection Vulnerability in getin.php of WEBBDOMAIN Petition 1.02, 2.0, and 3.0 SQL Injection Vulnerability in Polls 1.0 and 1.01: Remote Code Execution via Username Parameter SQL Injection Vulnerability in getin.php in WEBBDOMAIN Quiz 1.02 and Earlier: Remote Code Execution via Username Parameter SQL Injection Vulnerability in getin.php in WEBBDOMAIN WebShop 1.2, 1.1, 1.02, and Earlier Arbitrary Web Script Injection Vulnerability in WEBBDOMAIN Multi Languages WebShop Online 1.02 Arbitrary File Read Vulnerability in wt_gallery Extension for TYPO3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in BlogPHP 2.0 SQL Injection Vulnerability in MercuryBoard 1.1.5 and Earlier via User-Agent Header SQL Injection Vulnerability in RoomPHPlanning 1.5: Remote Code Execution via idresa Parameter SQL Injection Vulnerability in RoomPHPlanning 1.5: Remote Code Execution via idroom Parameter Remote File Inclusion Vulnerability in Geody Labs Dagger - The Cutting Edge r12feb2008 Remote File Inclusion Vulnerability in Geody Labs Dagger - The Cutting Edge r12feb2008 Cross-Site Scripting (XSS) Vulnerabilities in SAFARI Montage 3.1.x's forgotPW.php Arbitrary File Deletion Vulnerability in Versalsoft HTTP Image Uploader ActiveX Control CSRF Vulnerability in AjaXplorer 2.3.3 and 2.3.4 Allows Password Modification SQL Injection Vulnerabilities in BatmanPorTaL Multiple SQL Injection Vulnerabilities in Shader TV (Beta) SQL Injection Vulnerability in DotContent FluentCMS 4.x view.php LokiCMS 0.3.4 and Earlier Versions Administrative Function Access Restriction Bypass Arbitrary Web Script Injection Vulnerability in DotNetNuke Default.aspx Opencosmo VisualSentinel 0.7 User-Agent Header XSS Vulnerability Arbitrary Web Script Injection Vulnerability in CoronaMatrix phpAddressBook 2.0 Arbitrary SQL Command Execution in Ktools PhotoStore 3.4.3 via gallery.php SQL Injection Vulnerability in crumbs.php in Ktools PhotoStore 3.4.3 and 3.5.2 Arbitrary SQL Command Execution in Ktools PhotoStore 2.5-3.5.2 Arbitrary Post Deletion Vulnerability in miniBloggie 1.0 Arbitrary PHP Code Injection Vulnerability in OxYProject OxYBox 0.85 SQL Injection Vulnerability in OneCMS 2.5 (asd.php) Allows Remote Code Execution Arbitrary SQL Command Execution in Webhosting Component (com_webhosting) Module Arbitrary Web Script Injection Vulnerability in InfoBiz Server's search_results.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in GEDCOM_TO_MYSQL 2 Multiple SQL Injection Vulnerabilities in Open Auto Classifieds 1.4.3b CSRF vulnerability in Simple Machines Forum (SMF) allows remote admin authentication hijacking Arbitrary Directory Traversal Vulnerability in Simple Machines Forum (SMF) Arbitrary Local File Execution via Directory Traversal in Simple Machines Forum (SMF) 1.0 and 1.1 Arbitrary Code Execution via Unrestricted File Upload in BigDump 0.29b Integer Overflow Vulnerabilities in Bitdefender for Linux Scanning Engine Remote Code Execution via Malformed UPX Compressed File in AVG Anti-Virus for Linux 7.5.51 SQL Injection Vulnerability in profile.php in PHPAuctions.info PHPAuctions Authentication Bypass Vulnerability in SH-News 3.0 Remote Code Injection Vulnerability in Ananta CMS 1.0b5 via change.php Cross-Site Scripting (XSS) Vulnerabilities in Kronos webTA Authentication Bypass Vulnerability in A+ PHP Scripts News Management System (NMS) Arbitrary File Read Vulnerabilities in nweb2fax 0.2.7 and Earlier Arbitrary Code Execution via Shell Metacharacters in nweb2fax 0.2.7 and Earlier Integer Overflow Denial of Service Vulnerability in Vertex4 SunAge 1.08.1 and Earlier Denial of Service Vulnerability in Vertex4 SunAge 1.08.1 and Earlier Denial of Service Vulnerability in Vertex4 SunAge 1.08.1 and Earlier Improper Access Control in QuickerSite 1.8.5 Allows Remote Administrative Functionality Modification Remote Email Flooding Vulnerability in QuickerSite 1.8.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in QuickerSite 1.8.5 Information Disclosure Vulnerability in QuickerSite 1.8.5 Unrestricted File Upload Vulnerability in QuickerSite 1.8.5 SQL Injection Vulnerability in QuickerSite 1.8.5: Remote Code Execution via sNickName Parameter Buffer Overflow in Ghostscript BaseFont Writer Module Denial of Service Vulnerability in ClamAV's libclamav/pe.c Arbitrary Script Injection in Dojo's dijit.Editor Cross-Site Scripting (XSS) Vulnerabilities in Apache Struts 2.0.x and 2.1.x Arbitrary Web Script Injection Vulnerability in Apartment Search Script Arbitrary Code Execution via Unrestricted File Upload in Apartment Search Script Arbitrary Command Execution Vulnerability in Frontend Filemanager Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in CoolURI Extension for TYPO3 Arbitrary Code Injection through DCD GoogleMap Extension in TYPO3 Arbitrary Web Script Injection Vulnerability in JobControl Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in JobControl Extension for TYPO3 Remote Configuration Modification Vulnerability in nd_antispam TYPO3 Extension Arbitrary SQL Command Execution in Diocese of Portsmouth Calendar Today Extension 0.0.3 for TYPO3 Arbitrary SQL Command Execution Vulnerability in Diocese of Portsmouth Training Courses Extension 0.1.1 for TYPO3 Arbitrary SQL Command Execution Vulnerability in TYPO3 Download System Extension Arbitrary SQL Command Execution in Random Prayer (ste_prayer) 0.0.1 for TYPO3 SQL Injection Vulnerability in TIMTAB Sociable Extension for TYPO3 Arbitrary SQL Command Execution in Fussballtippspiel (toto) TYPO3 Extension SQL Injection Vulnerability in TARGET-E WorldCup Bets Extension for TYPO3 Arbitrary Web Script Injection in TARGET-E WorldCup Bets Extension for TYPO3 Arbitrary Web Script Injection in TYPO3 Resource Library Extension Multiple Cross-Site Scripting (XSS) Vulnerabilities in Butterfly Organizer 2.0.0 Unrestricted Access to ResourceManager/en_US/domains/add_domain.jsp in NetScout Visualizer V2100 and InfiniStream i1730 Denial of Service Vulnerability in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and Earlier Stack-based Buffer Overflow in IPureServer::_Recieve Function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and Earlier Integer Overflow in NET_Compressor::Decompress Function in S.T.A.L.K.E.R.: Shadow of Chernobyl Allows Remote Denial of Service Denial of Service Vulnerability in MultipacketReciever::RecievePacket Function Unspecified Remote Code Execution Vulnerabilities in Avaya SIP Enablement Services Unauthenticated Access and Information Disclosure in Avaya SIP Enablement Services (SES) Unspecified Remote Privilege Escalation Vulnerability in Avaya SIP Enablement Services Unspecified Remote Command Execution Vulnerability in Avaya SIP Enablement Services Unspecified Remote Privilege Escalation Vulnerability in Avaya Communication Manager Arbitrary Command Execution Vulnerability in Avaya Communication Manager Web Administration Interface Denial of Service Vulnerability in Crysis 1.21 HTTP/XML-RPC Service Denial of Service Vulnerability in World in Conflict (WIC) 1.008 and Earlier Authentication Bypass Vulnerability in xeCMS 1.0.0 RC2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Pre ADS Portal 2.0 and Earlier Unauthenticated Remote Access Vulnerability in Pre ADS Portal 2.0 Unauthenticated Remote Code Execution in U&M Software Signup 1.0 and 1.1 Unauthenticated Remote Access to Scripts in U&M Software JustBookIt 1.0 Admin Directory Unauthenticated Remote Code Execution in U&M Software Event Lister (aka JustListIt) 1.0 SQL Injection Vulnerability in DeltaScripts PHP Links 1.3 and Earlier: Remote Code Execution via admin/adm_login.php AJ Article index.php SQL Injection Vulnerability Session Hijacking Vulnerability in Novell Access Manager 3 SP4 Authentication Bypass Vulnerability in TurnkeyForms Entertainment Portal 2.0 Arbitrary Web Script Injection in Perl Nopaste 1.0 via language Parameter Multiple SQL Injection Vulnerabilities in CMScout 2.06 Multiple Directory Traversal Vulnerabilities in CMScout 2.06 with Enabled Register_Globals Arbitrary Script Injection via User-Agent Header in Ultimate PHP Board (UPB) SQL Injection Vulnerability in PHP-Nuke Sections Module CSRF Vulnerabilities in PHPmotion 2.1 and Earlier: Account Hijacking via password.php SQL Injection Vulnerabilities in FlexPHPLink Pro 0.0.6 and 0.0.7 Arbitrary PHP Code Execution via Unrestricted File Upload in FlexPHPLink Pro 0.0.7 Arbitrary Script Injection in DotNetNuke Language Skin Object Arbitrary Script Injection Vulnerability in DotNetNuke Error Handling Page Arbitrary File Inclusion Vulnerability in Keller Web Admin CMS 0.94 Pro ThaiQuickCart 3 Directory Traversal Vulnerability Improper Access Control in Flat Calendar 1.1 Crysis 1.21 and Earlier Remote Information Disclosure Vulnerability Authentication Bypass Vulnerability in MyShoutPro 1.2 Unauthenticated Remote Code Execution in Todd Woolums ASP Download Management Script 1.03 HoMaP-CMS 0.1 - Remote File Inclusion Vulnerability in plugin_admin.php SQL Injection Vulnerability in Simple Machines Forum (SMF) 1.1.4 and Earlier via Load.php Foxy P2P Software Denial of Service Vulnerability Authentication Bypass Vulnerability in RSMScript 1.21 CSRF Vulnerability in Cybozu Office, Cybozu Dezie, and Cybozu Garoon Remote Code Execution in BlogPHP 2.0 via Crafted Email Parameter Arbitrary Script Injection in Turba Contact Manager H3 Unrestricted Access to Administrative Pages in dotProject before 2.1.2 Remote Code Execution via Eval Injection in Megacubo 5.0.7 SQL Injection Vulnerabilities in FlexPHPDirectory 0.0.1: Remote Code Execution Arbitrary Code Execution via Unrestricted File Upload in FlexPHPDirectory 0.0.1 Arbitrary Code Execution via Unrestricted File Upload in TClone Plugin for ReVou Micro Blogging Unauthenticated Password Change Vulnerability in TClone Plugin for ReVou Micro Blogging SQL Injection Vulnerability in SilverStripe before 2.2.2: Remote Code Execution via AjaxUniqueTextField Arbitrary Thread Information Disclosure in Personal Sticky Threads Addon for vBulletin Insecure Ownership and Permissions of /etc/zm.conf in ZoneMinder 1.23.3 on Fedora 10 Insecure Permissions in ZoneMinder 1.23.3 on Gentoo Linux Allows Unauthorized Access to Database Credentials Arbitrary Web Script Injection Vulnerability in ViArt Shop 3.5 CSRF Vulnerability in ViArt Shop 3.5 Allows Remote XSS Attacks Sensitive Information Disclosure in ViArt Shop (aka Shopping Cart) 3.5 Sensitive Information Disclosure in ViArt Shop (aka Shopping Cart) 3.5 Static Code Injection Vulnerability in Flexcustomer 0.0.6: Remote PHP Code Injection via installdbname Parameter Open Redirect Vulnerability in WordPress wp-admin/upgrade.php Allows for Phishing Attacks Authentication Bypass Vulnerability in Silentum LoginSys 1.0.0 Silentum LoginSys 1.0.0 - Cross-Site Scripting (XSS) Vulnerability in login.php Arbitrary Shopping Cart Access in ViArt Shop 3.5 Denial of Service Vulnerability in ViArt Shop 3.5 Remote Code Execution and Denial of Service Vulnerability in WordPress Upgrade.php Arbitrary PHP Code Execution via Unrestricted File Upload in K&S Shopsoftware Arbitrary Code Execution via Unrestricted File Upload in YourPlace 1.0.2 and Earlier Insufficient Access Control in YourPlace 1.0.2 and Earlier Allows Remote Access to User Credentials Sensitive System Information Disclosure in YourPlace 1.0.2 and Earlier Username Existence Bypass Vulnerability in YourPlace 1.0.2 and Earlier Arbitrary PHP Code Execution Vulnerability in YourPlace 1.0.2 and Earlier Bypassing User Restrictions in YourPlace 1.0.2 and Earlier vCard Flood Vulnerability in HTC Touch Pro and HTC Touch Cruise SQL Injection Vulnerability in Scripts For Sites (SFS) EZ Hot or Not: Remote Code Execution via phid Parameter in viewcomments.php Multiple SQL Injection Vulnerabilities in MyPHP Forum 3.0 and Earlier SQL Injection Vulnerability in viewfaqs.php in SFS EZ Auction: Remote Code Execution via cat Parameter SQL Injection Vulnerability in Sarkilar Module for PHP-Nuke Arbitrary SQL Command Execution in SFS EZ Affiliate's directory.php SQL Injection Vulnerability in SFS Gaming Directory's directory.php Allows Remote Code Execution Arbitrary SQL Command Execution in SFS EZ Hosting Directory's directory.php Arbitrary SQL Command Execution in SFS EZ Home Business Directory's directory.php SQL Injection Vulnerability in SFS EZ Adult Directory's directory.php Allows Remote Code Execution Arbitrary Code Execution via Unrestricted File Upload in Mini File Host 1.5 Directory Traversal Vulnerabilities in GeekiGeeki.py in GeekiGeeki before 3.0 Arbitrary SQL Command Execution in Lizardware CMS 0.6.0 and Earlier Arbitrary SQL Command Execution in MindDezign Photo Gallery 2.2 SQL Injection Vulnerability in MindDezign Photo Gallery 2.2 Remote Code Execution Vulnerability in MindDezign Photo Gallery 2.2 Denial of Service Vulnerability in PumpKIN TFTP Server 2.7.2.0 Weak Password Hashing in system-tools-backends Arbitrary Command Execution in DFLabs PTK 0.1, 0.2, and 1.0 SQL Injection Vulnerability in Scripts For Sites (SFS) EZ Pub Site's directory.php Allows Remote Code Execution via cat Parameter SQL Injection Vulnerability in nicLOR Vibro-School-CMS view_news.php SQL Injection Vulnerability in Pre Projects Pre Real Estate Listings Cleartext Transmission of Usernames and Passwords in Mitel NuPoint Messenger R11 and R3 Multiple SQL Injection Vulnerabilities in Pre Projects Pre Real Estate Listings Login Page Bypassing Role Filter Mechanism in FlashChat 5.0.8: Remote Administrative Privilege Escalation CSRF Vulnerability in Vivvo CMS before 4.0.4 Allows Remote Authentication Hijacking SQL Injection Vulnerabilities in phPhotoGallery 0.92 SQL Injection Vulnerability in diziler.asp in Yigit Aybuga Dizi Portali Authentication Bypass Vulnerability in Tribiq CMS 5.0.9a Beta Multiple SQL Injection Vulnerabilities in Mic_Blog 0.0.3 Arbitrary Code Execution via Unrestricted File Upload in 7Shop 1.1 and Earlier PHP Remote File Inclusion Vulnerability in ListRecords.php in Osprey 1.0a4.1 SQL Injection Vulnerability in SFS EZ Link Directory's links.php Allows Remote Code Execution SQL Injection Vulnerability in Venalsur Booking Centre Booking System for Hotels Group 2.01 SQL Injection Vulnerabilities in Venalsur Booking Centre Booking System for Hotels Group 2.01 Arbitrary Code Execution via Unrestricted File Upload in e-Commerce Plugin for WordPress SQL Injection Vulnerability in bukutamu.php in phpWebNews 0.2 MySQL Edition SQL Injection Vulnerability in phpWebNews 0.2 MySQL Edition via id_kat Parameter Arbitrary Code Execution via Unrestricted File Upload in SimpleBoard Component Unauthenticated Remote Database Backup Access in MyKtools 2.4 Arbitrary Code Execution in Eaton MGEOPS Network Shutdown Module Cleartext Password Storage Vulnerability in Mole Group Lastminute Script Cleartext Password Storage Vulnerability in Mole Group Real Estate Script Denial of Service Vulnerability in win32k.sys on Windows Server 2003 and Vista Unknown Impact and Attack Vectors in db2fmp Process on IBM DB2 Buffer Overflow Vulnerability in IBM DB2 DAS Server Arbitrary Code Execution via Unrestricted File Upload in NEPT imgupload 1.0 CSRF Vulnerabilities in A-LINK WL54AP3 and WL54AP2 Access Points Default Blank Password Vulnerability in A-LINK WL54AP3 and WL54AP2 Access Points Arbitrary File Inclusion Vulnerability in Fonality trixbox CE 2.6.1 and Earlier Arbitrary Command Execution in dhtml.pl in MHF Media Pro Privilege Escalation and Arbitrary Command Execution Vulnerability in Symantec Altiris Deployment Solution 6.x Cleartext Storage of Application Identity Account Password in Symantec Altiris Deployment Solution 6.x VicFTPS 5.0 Denial of Service Vulnerability Session Hijacking Vulnerability in Citrix Web Interface 5.0 and 5.0.1 Cross-Site Scripting (XSS) Vulnerabilities in Atlassian JIRA Enterprise Edition 3.13 CSRF Vulnerability in Atlassian JIRA Enterprise Edition 3.13 Arbitrary File Inclusion Vulnerability in Fuzzylime CMS (commsrss.php) Multiple Directory Traversal Vulnerabilities in fuzzylime (CMS) 3.01 and 3.01a OpenID Module XSS Vulnerability in Drupal 5.x OpenID Module CSRF Vulnerability Allows Unauthorized Deletion of Identities SQL Injection Vulnerability in Zoph 0.7.2.1 Allows Remote Code Execution Zoph 0.7.2.1 search.php Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in TGS Content Management 0.3.2r2 Multiple PHP Remote File Inclusion Vulnerabilities in V-webmail 1.6.4 Remote File Inclusion Vulnerability in Green Mountain IT and Consulting Database Query Component for Joomla Arbitrary File Inclusion Vulnerability in Pluck 4.6.1 Fantastico Directory Traversal Vulnerability in index.php Privilege Escalation via Registration View in eZ Publish Denial of Service Vulnerability in ClamAV 0.93.3 and Earlier via Corrupted LZH File Stack-based buffer overflows in avast! Linux Home Edition: Remote Code Execution via Malformed ISO and RPM Files Arbitrary Web Script Injection Vulnerability in Pre ASP Job Board's Employee Login Arbitrary Script Injection in phpGreetCards 3.7 via category Parameter Arbitrary PHP Code Execution via Unrestricted File Upload in phpGreetCards 3.7 Arbitrary Web Script Injection Vulnerability in PHP-Fusion messages.php Arbitrary SQL Command Execution in PHP Link Directory (phpLD) 3.3 SQL Injection Vulnerability in Ice Gallery Component 0.5 Beta 2 for Joomla! SQL Injection Vulnerability in AIST NetCat 3.0 and 3.12 - Remote Code Execution via PollID Parameter Authentication Bypass Vulnerability in Xigla Software Absolute FAQ Manager.NET 6.0 Authentication Bypass Vulnerability in Xigla Software Absolute News Feed 1.0 and 1.5 Authentication Bypass Vulnerability in Xigla Software Absolute News Manager.NET 5.1 Authentication Bypass Vulnerability in Absolute Podcast .NET 1.0 Authentication Bypass Vulnerability in Absolute Banner Manager .NET 4.0 Authentication Bypass Vulnerability in Xigla Software Absolute Control Panel XE 1.5 Authentication Bypass Vulnerability in Xigla Software Absolute Poll Manager XE 4.1 Authentication Bypass Vulnerability in Xigla Software Absolute Newsletter 6.0 and 6.1 Authentication Bypass Vulnerability in Absolute Content Rotator 6.0 Authentication Bypass Vulnerability in Xigla Software Absolute Form Processor .NET 4.0 Authentication Bypass Vulnerability in Xigla Software Absolute Live Support .NET 5.1 SQL Injection Vulnerability in PHP-Nuke's Sectionsnew Module SQL Injection Vulnerability in PHP-Nuke Current_Issue Module SQL Injection Vulnerability in EZ Career's content.php Allows Remote Code Execution Cross-site scripting (XSS) vulnerability in EditeurScripts EsBaseAdmin 2.1 default/login.php Insufficient Access Control in Oramon Oracle Database Monitoring Tool 2.0.1 Allows Remote Database Download Remote Information Disclosure Vulnerability in Merlix Educate Server Insufficient Access Control in Merlix Educate Server Allows Remote Information Disclosure Insufficient Access Control in ASPThai.NET ASPThai Forums 8.5 Allows Remote Database Download SQL Injection Vulnerability in Active Web Mail 4.0: Remote Code Execution SQL Injection Vulnerabilities in ASP SiteWare autoDealer 1 and 2 ASP Product Catalog Default.asp SQL Injection Vulnerability Cross-site scripting (XSS) vulnerability in login.php in EsPartenaires 1.0 Directory Traversal Vulnerability in Zen Cart 1.3.8 and 1.3.8a Directory Traversal Vulnerability in Zen Cart 1.3.8a and Earlier Versions Apache Roller 2.3-4.0 Cross-Site Scripting (XSS) Vulnerability in Search Action Arbitrary SQL Command Execution Vulnerability in EasySiteNetwork Free Jokes Website SQL Injection Vulnerabilities in Live Chat Component for Joomla! Remote Code Execution via Open HTTP Proxy in Live Chat Component for Joomla! SQL Injection Vulnerability in Live Chat Component 1.0 for Joomla! Arbitrary Local File Inclusion Vulnerabilities in XOOPS 2.3.1 Arbitrary Script Injection via URL BBcode Tag in XOOPS Private Message Unrestricted Access to User Profile Functionality in RSA EnVision 3.5.0 - 3.7.0 Arbitrary SQL Command Execution in Pre Classified Listings 1.0 via detailad.asp Arbitrary Web Script Injection in Pre Classified Listings 1.0 Signup Page SQL Injection Vulnerability in Merchantsadd.asp in ASPReferral 5.3 ASP Forum Script messages.asp SQL Injection Vulnerability ASP Forum Script Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in Peel 3.1 lire/index.php via rubid Parameter Arbitrary Web Script Injection Vulnerability in Alt-N MDaemon WorldClient 10.0.2 Cross-Site Scripting (XSS) Vulnerabilities in 3CX Phone System Free Edition 6.1793 and 6.0.806.0 Denial of Service Vulnerability in 3CX Phone System 6.0.806.0 Information Disclosure Vulnerability in 3CX Phone System 6.0.806.0 Multiple Buffer Overflows in Getleft.exe in Andres Garcia Getleft 1.2 Buffer Overflow Vulnerability in SaschArt SasCam Webcam Server ActiveX Control Buffer Overflow Vulnerabilities in freeSSHd 1.2.1: Remote Code Execution and Denial of Service Arbitrary Code Execution via Unrestricted File Upload in AvailScript Article Script Multiple Directory Traversal Vulnerabilities in 2532designs 2532|Gigs 1.2.2 Stable Arbitrary Code Execution via Unrestricted File Upload in 2532|Gigs 1.2.2 Stable Denial of Service Vulnerability in Sophos Anti-Virus Software Unspecified Remote Code Execution Vulnerabilities in Sophos SAVScan 4.33.0 for Linux CSRF Vulnerability in BabbleBoard 1.1.6 Allows Remote Admin Hijacking BabbleBoard 1.1.6 - Cross-Site Scripting (XSS) Vulnerability in index.php Multiple SQL Injection Vulnerabilities in checkuser.php in 2532designs 2532|Gigs 1.2.2 Stable Insecure Hash Vulnerability in Services Module for Drupal Unauthenticated Remote Code Execution Vulnerability in Drupal Services Module Replay Attack Vulnerability in Drupal Services Module SQL Injection Vulnerability in BrewBlogger (BB) 2.1.0.1 Authentication Bypass Vulnerability in Zeeways SHAADICLONE 2.0 Arbitrary Code Execution via Unrestricted File Upload in Zeeways ZEEJOBSITE 2.0 Arbitrary Code Execution via Unrestricted File Upload in Zeeways ZEEPROPERTY 1.0 Arbitrary Web Script Injection in Zeeways ZEEPROPERTY 1.0 via view_prop_details.php Authentication Bypass Vulnerability in Siemens SpeedStream 5200 with NetPort Software 1.1 SQL Injection Vulnerability in Exocrew ExoPHPDesk 1.2 Final: Remote Code Execution via Username Parameter in admin.php Arbitrary PHP Code Execution via Unrestricted File Upload in ThePortal2 2.2 Authentication Bypass Vulnerability in TaskDriver 1.3 and Earlier Arbitrary Code Execution via Unrestricted File Upload in phpEmployment 1.8 Arbitrary Code Execution via Unrestricted File Upload in phpAdBoard 1.8 Multiple stack-based buffer overflows in CMailServer 5.4.6 Arbitrary SQL Command Execution in Joomla! Content Component (com_content) 1.0.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in eSyndiCat Directory 2.2 Register.php Cross-Site Scripting (XSS) Vulnerability in Zenphoto 1.1.7's function.php Directory Traversal Vulnerability in Fantastico De Luxe Module for cPanel Multiple Cross-Site Scripting (XSS) Vulnerabilities in Fantastico De Luxe Module for cPanel Arbitrary Code Execution via Unrestricted File Upload in PHPStore Complete Classifieds Arbitrary Code Execution via Unrestricted File Upload in PHPStore Auto Classifieds Arbitrary Code Execution via Unrestricted File Upload in PHPStore Real Estate Arbitrary Code Execution via Unrestricted File Upload in PHPStore Job Search Unrestricted File Upload Vulnerability in AlstraSoft SendIt Pro MiniGal b13 (MG2) Directory Traversal Vulnerability Static Code Injection Vulnerability in Sanus|artificium Guestbook PHP Script Exodus 0.10 Argument Injection Vulnerability via im:// URI Exodus 0.10 Argument Injection Vulnerability Exodus 0.10 Argument Injection Vulnerability Pi3Web 2.0.3 Denial of Service and Information Disclosure Vulnerability Authentication Bypass Vulnerability in TurnkeyForms Web Hosting Directory Insufficient Access Control in TurnkeyForms Web Hosting Directory Allows Remote Database Backup Retrieval SQL Injection Vulnerability in TurnkeyForms Web Hosting Directory Login Functionality Arbitrary Code Execution via Unrestricted File Upload in ScriptsFeed Realtor Classifieds System Arbitrary Code Execution via Unrestricted File Upload in ScriptsFeed Recipes Listing Portal Unrestricted File Upload Vulnerability in ScriptsFeed Auto Classifieds Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Interchange 5.7, 5.6, and 5.4 Arbitrary Script Injection in Collabtive 0.4.8 via manageproject.php Authentication Bypass Vulnerability in Collabtive 0.4.8 Arbitrary Code Execution via Unrestricted File Upload in Collabtive 0.4.8 CSRF Vulnerabilities in Collabtive 0.4.8 Allow Remote Authentication Hijacking SQL Injection Vulnerabilities in Bankoi WebHosting Control Panel 1.20 Login Page Unauthenticated File Upload Vulnerability in MauryCMS 0.53.2 and Earlier MauryCMS 0.53.2 SQL Injection Vulnerability in Rss.php Buffer Overflow Vulnerability in ooVoo 1.7.1.35: Remote Code Execution via oovoo: URI Arbitrary Code Execution in CobblerWeb via Cheetah Kickstart Template Insufficient Access Control in mxCamArchive 2.2 Allows Unauthorized Access to Sensitive Information Arbitrary PHP Code Injection in mxCamArchive 2.2 via admin/admin.php Arbitrary User Password Reset Vulnerability in Crossday Discuz! Board Arbitrary PHP Code Execution in Crossday Discuz! Board 6.x and 7.x via creditsformula Parameter Arbitrary File Overwrite Vulnerability in Chilkat Socket ActiveX Control Arbitrary File Read Vulnerability in X10media x10 Automatic Mp3 Search Engine Script Information Disclosure in Mozilla Thunderbird and SeaMonkey Arbitrary Code Execution Vulnerability in Avira AntiVir Products Authentication Bypass Vulnerability in TurnkeyForms Text Link Sales SQL Injection Vulnerability in X7 Chat 2.0.5 Login Page Unauthenticated Access to Admin Functions in AJ Square AJ Auction OOPD Authentication Bypass Vulnerability in AJ Auction Pro Platinum Skin #1 Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Alt-N MDaemon WorldClient SQL Injection Vulnerabilities in Pligg CMS 9.9.5's submit.php Cross-Site Scripting (XSS) Vulnerabilities in Avactis Shopping Cart 1.8.0 and 1.8.1 Arbitrary SQL Command Execution in UBB.threads 7.3.1 and Earlier Predictable Validation Codes in Simple Machines Forum (SMF) Password Reset Functionality Cross-Site Scripting (XSS) Vulnerabilities in Drupal Content Construction Kit (CCK) 5.x through 5.x-1.8 Unspecified Vulnerabilities in IBM WebSphere Commerce 6.0 before 6.0.0.7 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in DD-WRT 24 sp1 and Earlier Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in DD-WRT 24 sp2 Remote Code Execution via SNMP Set Request in MikroTik RouterOS Full Revolution aspWebAlbum 3.2 album.asp XSS Vulnerability Arbitrary Code Execution via Unrestricted File Upload in Full Revolution aspWebAlbum 3.2 Arbitrary Script Injection in phpAdultSite CMS via as_archives.php SQL Injection Vulnerability in phpAdultSite CMS (Possibly Version 2.3.2) Path Disclosure Vulnerability in phpAdultSite CMS Arbitrary Web Script Injection Vulnerability in devalcms 1.4a Arbitrary PHP Code Execution in devalcms 1.4a via Hitcounter Module Authentication Bypass and Spam Email Vulnerability in Plesk 8.6.0 Multiple SQL Injection Vulnerabilities in Zen Cart Shopping Cart SQL Injection Vulnerability in Zen Cart 1.3.0 through 1.3.8a: actionMultipleAddProduct Function in shopping_cart.php Unrestricted File Upload Vulnerability in eZoneScripts Dating Website Script Multiple Cross-Site Scripting (XSS) Vulnerabilities in Easy Photo Gallery 2.1 Arbitrary SQL Command Execution in Easy Photo Gallery 2.1 SQL Injection Vulnerability in Easy Photo Gallery 2.1 (Ezphotogallery) Allows Remote Code Execution SQL Injection Vulnerability in Websens CMSbright's public/page.php Allows Remote Code Execution SQL Injection Bypass in GreenSQL Firewall Insecure Default Password Vulnerability in Siemens Gigaset WLAN Camera 1.27 Stack-based Buffer Overflow in SaveAs Feature of Google Chrome Integer Underflow Vulnerability in Google Chrome Allows Remote Denial of Service Lack of Prompt Before Saving Executable Files in Google Chrome BETA (0.2.149.27) Denial of Service Vulnerability in Google Chrome 0.2.149.27 via Long IMG src Attribute Stack-based buffer overflow in Google Chrome allows remote code execution via large number of path elements in a link target Information Disclosure Vulnerability in phpAuction 3.2 and 3.3.0 GPL Basic Edition PHPAuction 3.2 - Remote File Inclusion Vulnerability in index.php Arbitrary Code Execution via Unrestricted File Upload in Creative Mind Creator CMS 5.0 Bypassing open_basedir and safe_mode_exec_dir restrictions in PHP 5.2.5 SQL Injection Vulnerabilities in The Rat CMS Alpha 2 Login Page Buffer Overflow Vulnerability in ELOG 2.7.1 and Earlier Versions Arbitrary PHP Code Execution in Minb Is Not a Blog (minb) 0.1.0 via quotes_to_edit Parameter Authentication Bypass and Database Backup Download in Free PHP VX Guestbook 1.06 Authentication Bypass Vulnerability in Free PHP VX Guestbook 1.06 Authentication Bypass and Database Backup Download Vulnerability in HyperStop Web Host Directory 1.2 Buffer Overflow in Check Point ZoneAlarm Security Suite 7.0.483.000 and 8.0.020.000 Remote Code Execution in Skalfa Software SkaLinks Exchange Script 1.5 via admin/register.php Remote Authenticated Denial of Service Vulnerability in Unreal Engine Accellion File Transfer Appliance FTA_7_0_178 - Remote Spam Email Vulnerability Denial of Service Vulnerability in Baidu Hi IM's NetService.dll Denial of Service Vulnerability in fhttpd 0.4.2 via Invalid Character in Authorization Header Unreal Engine 3 Denial of Service Vulnerability CSRF Vulnerability in tnftpd before 20080929 Cross-site scripting (XSS) vulnerability in CAcert 20080921 and earlier versions through 20080928 NashTech Easy PHP Calendar 6.3.25 - Cross-Site Scripting (XSS) Vulnerability in Add New Event Action Authentication Bypass and Privilege Escalation in Esqlanelapse 2.6.1 and 2.6.2 Vulnerability: Sensitive Information Exposure in McAfee SafeBoot Device Encryption Arbitrary Code Execution via Unrestricted File Upload in AvailScript Jobs Portal Script Arbitrary Program Execution Vulnerability in ChilkatMail_v7_9.dll Default X.509 Certificate Vulnerability in Aruba Mobility Controller Arz Development The Gemini Portal 4.7 and Earlier: Authentication Bypass Vulnerability Denial of Service and HIDS Module Disabling Vulnerability in Check Point ZoneAlarm 8.0.020.000 Arbitrary Code Execution via Unrestricted File Upload in eFront 3.5.1 Authentication Bypass Vulnerability in Libra File Manager 1.18 and Earlier Authentication Bypass Vulnerability in RPG.Board 0.8 Beta2 and Earlier Arbitrary Code Execution via Unrestricted File Upload in AliBoard Beta Multiple SQL Injection Vulnerabilities in Site2Nite Real Estate Web Heap-based Buffer Overflow in Foxit Remote Access Server (WAC Server) 2.0 Build 3503 F5 BIG-IP Web Management Console CSRF Vulnerability SQL Injection Vulnerability in Simple Shop Galore Component for Joomla! PHP Remote File Inclusion Vulnerability in PHPEcho CMS 2.0 rc3 Unspecified Cross-Site Scripting (XSS) Vulnerability in Simple Machines phpRaider 1.0.7 Cross-Site Scripting (XSS) Vulnerabilities in DevTracker Module 3.0 and DevTracker Module 0.20 Arbitrary Command Execution Vulnerability in ITN News Gadget SQL Injection Vulnerability in My_eGallery Module for PHP-Nuke Arbitrary Script Injection in Gelato CMS 0.95 admin/comments.php SQL Injection Vulnerability in Yellow Swordfish Simple Forum Module for WordPress Remote Authentication Bypass Vulnerability in AJ Classifieds FreshScripts Fresh Email Script 1.0-1.11: PHP Remote File Inclusion Vulnerability in url.php Cross-Site Scripting (XSS) Vulnerability in FreshScripts Fresh Email Script 1.0 through 1.11 SQL Injection Vulnerability in AJ Square Free Polling Script (AJPoll) Database Version Remote Authentication Bypass and Vote Reset Vulnerability in AJ Square Free Polling Script (AJPoll) Database Version Remote Authentication Bypass and Poll Creation in AJ Square Free Polling Script (AJPoll) Authentication Bypass Vulnerability in NatterChat 1.1 Cross-Site Scripting (XSS) Vulnerabilities in NatterChat 1.12 SQL Injection Vulnerabilities in NatterChat 1.1 and 1.12 Login Page Authentication Bypass Vulnerability in WoW Raid Manager 3.5.1 AJ Square AJ Article Remote Authentication Bypass Vulnerability Arbitrary Code Execution via Unrestricted File Upload in Pre Real Estate Listings Denial of Service Vulnerability in LogMeIn Remote Access Utility ActiveX Control Multiple Directory Traversal Vulnerabilities in ezContents 2.0.3 Arbitrary Local File Inclusion Vulnerability in ezContents 2.0.3 Unauthenticated Database Access in BandSite CMS 1.1.4 Arbitrary HTML Injection Vulnerability in BandSite CMS 1.1.4 CSRF Vulnerability in BandSite CMS 1.1.4 Allows Remote Logout Hijacking One-News Beta 2 index.php SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in One-News Beta 2 Denial of Service via Long Title Attribute in Google Chrome Tooltip Manager Unrestricted File Upload Vulnerability in LoveCMS Download Manager Module 1.0 Insufficient Access Control in Ocean12 FAQ Manager Pro Allows Remote Database Download Directory Traversal Vulnerability in Quicksilver Forums 1.4.2 and Earlier Denial of Service Vulnerability in Siemens C450 IP and C475 IP VoIP Devices Authentication Bypass and Password Reset Vulnerability in OpenForum 0.66 Beta Remote File Inclusion Vulnerability in PageTree CMS 0.0.2 BETA 0001 Denial of Service Vulnerability in PHP dba_replace Function Insufficient Access Control in All Club CMS (ACCMS) 0.0.2 and Earlier Allows Remote Database Configuration Disclosure Argument Injection Vulnerability in KVIrc 3.4.2 Shiny URI Handler SQL Injection Vulnerability in authenticate.php in Chipmunk Topsites Arbitrary Web Script Injection Vulnerability in Chipmunk Topsites Remote File Inclusion Vulnerability in RSS Module 0.1 for Pie Web M{a,e}sher Format String Vulnerability in MemeCode Software i.Scribe 1.88 through 2.00: Remote Code Execution and Denial of Service Multiple SQL Injection Vulnerabilities in Kalptaru Infotech Ltd. Star Articles 6.0 Arbitrary Code Execution via Unrestricted File Upload in Kalptaru Infotech Ltd. Star Articles 6.0 SQL Injection Vulnerabilities in SailPlanner 0.3a: Remote Code Execution Buffer overflow vulnerabilities in Rumpus before 6.0.1: Remote DoS and Code Execution Buffer Overflow in Nero ShowTime 5.0.15.0 via Long Entry in .M3U Playlist File Insufficient Access Control in Team PHP PHP Classifieds Script Allows Remote Database Credential Retrieval Authentication Bypass Vulnerability in RaidSonic ICY BOX NAS Firmware 2.3.2.IB.2.RS.1 CSRF Token Theft Vulnerability in MyBB 1.4.3 SQL Injection Vulnerabilities in ReVou Micro Blogging Twitter Clone Velocity Security Management System Web Server 1.0 Directory Traversal Vulnerability SQL Injection Vulnerabilities in TheHockeyStop HockeySTATS Online 2.0 Basic and Advanced Authentication Bypass Vulnerability in Maian Greetings 2.1 OpenPro 1.3.1 - Remote File Inclusion Vulnerability in search_wA.php Unrestricted File Upload Vulnerability in PhotoPost vBGallery 2.4.2 Pligg 9.9 and Earlier: Cross-Site Scripting (XSS) Vulnerability in Search Action Directory Traversal Vulnerabilities in Pligg 9.9 and Earlier Multiple SQL Injection Vulnerabilities in Pligg 9.9 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 Directory Traversal Vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 Denial of Service Vulnerability in Unica Affinium Campaign 7.2.1.0.55 Aruba Mobility Controller SNMP Access Vulnerability Local Privilege Escalation and Code Modification Vulnerability in Intel Desktop and Mobile Boards BIOS Firmware Multiple SQL Injection Vulnerabilities in Qsoft K-Rate Premium Multiple Cross-Site Scripting (XSS) Vulnerabilities in Qsoft K-Rate Premium Remote Code Execution Vulnerability in Qsoft K-Rate Premium's Manage Templates Feature Authentication Bypass Vulnerability in DotNetNuke 4.4.1 through 4.8.4 Unspecified Information Disclosure Vulnerability in DotNetNuke Remote Code Execution in DotNetNuke 2.0 through 4.8.4 via .ascx File Loading Stack-based Buffer Overflow in Najdi.si Toolbar ActiveX Control Denial of Service Vulnerability in Sophos PureMessage Scanner Service Denial of Service Vulnerability in Sophos PureMessage for Microsoft Exchange 3.0 Sophos PureMessage for Microsoft Exchange 3.0 Vulnerability: Scan Engine Failure Under Heavy Load Denial of Service Vulnerability in ESET Smart Security 3.0.667.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Carmosa phpCart Bypassing Authorization and Arbitrary File Upload Vulnerability in Kyocera Mita Scanner File Utility Directory Traversal Vulnerability in Kyocera Mita Scanner File Utility Arbitrary Code Execution and File Overwrite Vulnerability in Kyocera Mita Scanner File Utility Denial of Service Vulnerability in Kyocera Mita Scanner File Utility Predictable User Identification Numbers in Kyocera Mita Scanner File Utility Allows Remote Document Upload Arbitrary SQL Command Execution in iFusion Services iFdate 2.0.3 and Earlier Authentication Bypass Vulnerability in Belkin Wireless G Router and ADSL2 Modem F5D7632-4V6 SQL Injection Vulnerability in WeBid Auction Script 0.5.4 Admin Panel Arbitrary CSS File Modification Vulnerability in WeBid Auction Script 0.5.4 Insufficient Access Control in WeBid Auction Script 0.5.4 Allows Remote SQL Query Log Retrieval SQL Injection Vulnerability in WeBid Auction Script 0.5.4: Remote Code Execution via item.php SQL Injection Vulnerability in Mr. CGI Guy Hot Links SQL-PHP 3 and Earlier: Remote Code Execution via news.php Parameter Arbitrary Web Script Injection Vulnerability in Mr. CGI Guy Hot Links SQL-PHP Multiple Insecure Method Vulnerabilities in Evans Programming Registry Pro ActiveX Control Static Code Injection Vulnerability in zKup CMS 2.0-2.3: Bypassing Regular Expression Check in admin/configuration/modifier.php Unauthenticated Remote Code Execution in zKup CMS 2.0-2.3 Arbitrary Shell Command Execution in Ariadne Before 2.6 via PINP Programs and Annotate Command Integer Overflow and Heap-Based Buffer Overflow in Borland VisiBroker Smart Agent Denial of Service Vulnerability in Borland VisiBroker Smart Agent 08.00.00.C1.03 and Earlier Bleichenbacher Attack Vulnerability in XySSL Denial of Service Vulnerability in XySSL before 0.9 Arbitrary File Upload Vulnerability in DB2 Monitoring Console 2.2.4 and Earlier Remote Access Vulnerability in DB2 Monitoring Console 2.2.4 and Earlier Arbitrary Script Injection in Nuked-Klan 1.3 beta via nuked_nude Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in EasyImageCatalogue 1.3.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Chris LaPointe RedGalaxy Download Center 1.2 Denial of Service Vulnerability in ICQ Toolbar (ICQToolbar) 2.3 Denial of Service Vulnerability in ICQ Toolbar (ICQToolbar) 2.3 Denial of Service Vulnerability in Eye-Fi 1.1.2 WS-Proxy Predictable snonce values in Eye-Fi Manager 1.1.2 allow remote authentication bypass and arbitrary image uploads Multiple CSRF Vulnerabilities in Eye-Fi WS-Proxy 1.1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in @lex Guestbook 4.0.5 and Earlier Cross-Site Scripting (XSS) Vulnerability in @lex Poll 2.1 setup.php Absolute Path Traversal Vulnerability in cPanel Disk Usage Module Session Hijacking via Remote Image in phpBB 2.0.23 Unspecified Vulnerabilities in WinRAR Before 3.71: Impact and Attack Vectors in Various Archive Formats SQL Injection Vulnerabilities in CoronaMatrix phpAddressBook 2.0: Remote Code Execution Sensitive Information Disclosure in IntraLearn Software IntraLearn 2.1 and Earlier Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in IntraLearn Software IntraLearn 2.1 and Earlier Versions Arbitrary Code Execution Vulnerability in Synfig Animation Studio Unspecified Password Vulnerability in AgileWiki before 0.10.1 Refine by Taxonomy Drupal Module XSS Vulnerability CSRF Vulnerability in Drupal Live 5.x Module Allows Remote Code Execution PHP Remote File Inclusion Vulnerabilities in Specimen Image Database (SID) with Enabled Register Globals SQL Injection Vulnerability in autoDetectRegion Function in Docebo 3.5.0.3 and Earlier Information Disclosure Vulnerability in Docebo 3.5.0.3 and Earlier Arbitrary User Password Change Vulnerability in NetRisk 1.9.7 Remote Code Execution Vulnerability in EkinBoard 1.1.0 and Earlier Arbitrary Code Execution via Unrestricted File Upload in EkinBoard 1.1.0 and Earlier Arbitrary Command Execution in Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a1 Stack Overflow Vulnerability in SILC Toolkit's silc_asn1_encoder Function Arbitrary Code Execution via Crafted Content-Length Header in SILC Toolkit Fortinet FortiGuard FortiGate-1000 3.00 build 040075,070111 URL Filtering Bypass Vulnerability Buffer Overflow Vulnerability in Hero Super Player 3000 Arbitrary File Inclusion Vulnerability in SineCMS 2.3.5 and Earlier Unspecified Vulnerabilities in Shareaza Before 2.3.1.0 with Unknown Impact and Attack Vectors Cross-Site Request Forgery Vulnerability in TELECOM ITALIA Alice Gate2 Plus Wi-Fi Administrator Panel Buffer Overflow Vulnerability in BitTorrent and uTorrent Web Interface Unrestricted File Upload Vulnerability in Page Manager 2006-02-04 Remote Code Execution Vulnerability in UUSee UUUpgrade ActiveX Control Arbitrary SQL Command Execution in Jabode Horoscope Extension for Joomla Arbitrary Command Execution Vulnerability in GSC Build 2067 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Lightweight News Portal (LNP) 1.0b Unrestricted Administrator Access in Lightweight News Portal (LNP) 1.0b Vulnerability: Unrestricted Access to Privileged Functions in Jura Impressa F90 Coffee Maker Buffer Overflow Vulnerabilities in Jura Internet Connection Kit for Jura Impressa F90 Coffee Maker Arbitrary Script Injection in NextGEN Gallery Plugin for WordPress Directory Traversal Vulnerabilities in Facil CMS 0.1RC Buffer Overflow in NASM Listing Module (NASM < 2.03.01) with Unknown Impact and Attack Vectors Arbitrary File Read Vulnerability in Uploader Module 1.1 for XOOPS Authentication Bypass Vulnerability in OTManager CMS 2.4 Arbitrary Contact Deletion Vulnerability in Telephone Directory 2008 Arbitrary Category and Account Deletion Vulnerabilities in Butterfly Organizer 2.0.0 Buffer Overflow Vulnerability in NetWin Surgemail IMAP Service Arbitrary PHP Code Execution via Remote File Inclusion in EVA CMS 2.3.1 Arbitrary Script Injection in Diigo Toolbar and Diigolet via Public Comment Denial of Service Vulnerability in GNOME Rhythmbox 0.11.5 Unrestricted Access to update.php in Coppermine Photo Gallery (CPG) 1.4.14 Information Disclosure Vulnerability in Coppermine Photo Gallery (CPG) 1.4.14 Arbitrary User Profile Modification and Password Recovery in ClipShare 2.6 Unspecified Security Vulnerabilities in Local Media Browser Unspecified Cross-Site Scripting (XSS) Vulnerability in Adium before 1.2 Denial of Service Vulnerability in Polipo before 1.0.4 Cross-Site Request Forgery (CSRF) Vulnerability in WoltLab Burning Board (wBB) 3.x Cross-Site Request Forgery (CSRF) Vulnerability in PHPKIT 1.6.4 PL1 Denial of Service Vulnerability in Fujitsu Interstage HTTP Server Denial of Service Vulnerability in Fujitsu Interstage HTTP Server Unspecified Vulnerability in Metashell Before 0.03: Potential PATH Execution Security Flaw Unspecified Vulnerabilities in G15Daemon before 1.9.4 Unspecified Vulnerabilities in phpns before 2.1.1beta1 Denial of Service Vulnerability in Phoenix Contact FL IL 24 BK-PAC Double Free Vulnerability in Deliantra Server Engine: Unveiling Unknown Impacts and Attack Vectors Remote Denial of Service Vulnerability in Lantronix MSS485-T OpenWebMail before 2.53 (Stable) Multiple Cross-Site Scripting (XSS) Vulnerabilities Denial of Service Vulnerability in Valve Software Half-Life Counter-Strike 1.6 CSRF Vulnerability in VirtueMart 1.0.13a and Earlier: Administrator Authentication Hijacking Arbitrary File Read Vulnerability in VirtueMart 1.0.13a and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in Electronic Logbook (ELOG) before 2.7.2 Cleartext Password Storage in RivetTracker Config.php Multiple SQL Injection Vulnerabilities in OneCMS 2.4 and Earlier Versions Unrestricted File Upload Vulnerability in OneCMS 2.4 and Earlier SQL Injection Vulnerability in directory.php of AJchat 0.10 Privilege Escalation via Crafted IRP Request in CreativeLabs es1371mp.sys 5.1.3612.0 WDM Audio Driver Information Disclosure Vulnerability in MOStlyCE Arbitrary Web Script Injection Vulnerability in MOStlyCE CSRF Vulnerability in MOStlyCE Allows Remote Account Hijacking Arbitrary File Renaming and Denial of Service Vulnerability in MOStlyCE Image Manager Bypassing CAPTCHA Protection in Peter's Math Anti-Spam Spinoff Plugin for WordPress Bypassing Administrator Restrictions in Microsoft Office 2008 for Mac Unspecified vulnerability in Horde API in multiple versions has unknown impact and attack vectors Unvalidated Ownership in Horde Groupware Applications Unspecified Cross-Site Ajax Request Vulnerability in Prototype JavaScript Framework CSRF Vulnerability in RunCMS 1.6.1 Allows Remote Authentication Hijacking Arbitrary Web Script Injection Vulnerability in RunCMS 1.6.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in LinPHA before 1.3.3 Buffer Overflow Vulnerability in ELinks Entity Cache Heap-based Buffer Overflow in Foxit Remote Access Server (WAC Server) 2.0 Build 3503 SQL Injection Vulnerability in Recipes Module 1.3 and 1.4 for PHP-Nuke Potential Denial of Service Vulnerability in PartialBufferOutputStream2 in GeoServer Unspecified Impact Format String Vulnerabilities in White_Dune before 0.29beta851 Bypassing SQL Injection Protection in GreenSQL Firewall (greensql-fw) before 0.9.2 Unspecified Vulnerability in Small Footprint CIM Broker (SFCB) Before 1.2.5 Arbitrary Web Script Injection in Meridio Document and Records Management Remote Code Execution Vulnerability in xtacacsd 4.1.2 and earlier via Crafted CONNECT TACACS Command AS02: Unspecified Vulnerability in Oracle E-Business Application Client Unspecified Remote Vulnerability in Oracle BPEL Worklist Application (AS03) AS04: Unspecified Remote Integrity Vulnerability in Oracle Forms Component AS05: Unspecified Remote Integrity Vulnerability in Oracle JDeveloper Component Unspecified Confidentiality Vulnerability in Oracle Internet Directory Component (AS06) Unspecified vulnerabilities in Oracle E-Business Suite 12.0.3 Unspecified Remote Code Execution Vulnerabilities in Oracle E-Business Suite 11.5.10.2 Directory Traversal Vulnerability in Linux Web Shop (LWS) php User Base 1.3beta CSRF Vulnerability in PunBB Allows Remote Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in MODx CMS 0.9.6.1 and 0.9.6.1p1 Cross-Site Request Forgery (CSRF) Vulnerability in MODx CMS 0.9.6.1 and 0.9.6.1p1 Mozilla Firefox 3.0.1 and earlier printing DoS attack vulnerability Opera Browser Denial of Service Vulnerability Google Chrome Denial of Service Vulnerability via Window.Print Function Symlink Bypass Vulnerability in MySQL Data Directory CSRF Protection Bypass in Ruby on Rails 2.1 and 2.2 Buffer Overflow in Sarg 2.2.3.1 and Later Versions Allows Remote Code Execution Incomplete fix for Cross-site scripting (XSS) vulnerability in Squid Analysis Report Generator (Sarg) 2.2.4 allows remote attackers to inject arbitrary web script or HTML via User-Agent header Insecure Temporary Directory Permissions in phpMyAdmin 2.11.x Predictable Filenames for Temporary Files in phpMyAdmin 2.11.x IBM Lotus Domino Server Default Configuration Enables HTTP TRACE Method Vulnerability Directory Traversal Vulnerability in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2 Session Hijacking via Saved Password Vulnerability in aMSN (Alvaro's Messenger) Incomplete Fix for CVE-2010-1643 in Linux Kernel Allows Denial of Service CRLF Injection Vulnerability in WebVPN on Cisco ASA 5580 Series Devices Denial of Service Vulnerability in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 Sensitive Information Exposure in IBM FileNet P8 Application Engine (P8AE) 3.5.1 Directory Traversal Vulnerabilities in pyftpdlib FTPServer.py FTP Server Brute-Force Vulnerability in pyftpdlib FTP Server Denial of Service Vulnerability Denial of Service Vulnerability in ProFTPD 1.3.2rc3 Unspecified Cross-Site Scripting (XSS) Vulnerability in RSA Adaptive Authentication SQL Injection Vulnerability in SiteEngine 5.x: Remote Code Execution via announcements.php Remote Information Disclosure Vulnerability in SiteEngine 5.x Open Redirect Vulnerability in SiteEngine 5.x: User-Assisted Remote Phishing Attack via api.php OpenSSL Session Cache Cipher Modification Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Eclipse IDE Help Contents Application Insecure Handling of Passphrases and Cleartext in FireGPG before 0.6 Insecure Tempfile Handling Vulnerability in Iceweasel-firegpg before 0.6 Internal Application Hashtable Login Vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.9 Cross-Site Scripting (XSS) Vulnerabilities in OTRS 2.3.3 and Earlier Insecure Directory Permissions in OTRS 2.3.2 and Earlier Authorization Bypass Vulnerability in OTRS Ticket Merge Operation Inadequate Entropy Configuration in S/MIME Feature of OTRS Arbitrary Customer Ticket Access Vulnerability in OTRS Denial of Service Vulnerability in OTRS Email Parser Information Disclosure Vulnerability in OTRS 2.2.7 and earlier Bypassing Access Restrictions in OTRS Ticket Queue Selection Bypassing Access Restrictions in OTRS Ticket System Denial of Service Vulnerability in IBM Lotus Quickr 8.1 (SPR QCAO7E6AM8) Unspecified Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Memory Leak Vulnerabilities in IBM Tivoli Directory Server (TDS) 5.2 Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 5.2 Denial of Service Vulnerability in IBM Tivoli Directory Server Memory Leak in ldap_explode_rdn API Function in IBM Tivoli Directory Server Insecure Temporary File Generation in gri before 2.12.18 Unsecured Temporary Files in Bugzilla on Windows Cookie Forcing Vulnerability in Mozilla Firefox Cookie Forcing Vulnerability in Google Chrome Cookie Forcing Vulnerability in Microsoft Internet Explorer Cookie Forcing Vulnerability in Apple Safari Cookie Forcing Vulnerability in Opera Browser Android Browser Vulnerability: Cookie Forcing via HTTPS Session Manipulation Incomplete SAML 1.x Browser-Artifact Handling in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 Vulnerability Bypassing Mandatory Access Control (MAC) Policy in Solaris Trusted Extensions SQL Injection Vulnerability in jSite 1.0 OE Admin Login SQL Injection Vulnerability in nBill Component 1.2.0 SP1 for Joomla! Inadequate Propagation of Restrictions in Apple Mac OS X 10.5.x Sandbox Profiles Insoshi before 20080920 mass assignment vulnerability allows remote attackers to set ForumPost user_id value via modified URL Mass Assignment Vulnerability in Spree 0.2.0 Allows Bypassing Payment Step Hardcoded Secret Key Vulnerability in Spree 0.2.0 Session Cookie Store Implementation IP Address Bypass Vulnerability in Websense Enterprise Filtering Service Arbitrary Command Execution Vulnerability in Snoopy's _httpsrequest Function Denial of Service Vulnerability in mIRC 6.35 and Earlier Versions Arbitrary Command Execution in UI-Dialog 1.09 and Earlier Denial of Service Vulnerability in Linux Kernel's mm/filemap.c Shell Command Injection in Net::Ping::External Perl Extension Vulnerability: Plaintext Password Exposure in GNOME Seahorse XSS Vulnerability in TubePress Plugin for WordPress (Version < 1.6.5)