W-Agora version 4.20 is susceptible to cross site scripting attacks.
8907e5eca6ca9c11acd8b14eb754fb1cb41119cebabb3a7f98f7c4d277cbbf36
TextFileBB is susceptible to three cross site scripting vulnerabilities.
00760a435e54f4e91e087fe15fd151266eb410982dfe3aece29e4bd6150afcf9
Land Down Under 802 and below suffer from a path disclosure vulnerability.
4c0163192ee650b02e5abeac6f74c77b35309191c2a0c67add7ae0ce3f96f360
Description of a Yahoo! Mail XSS vulnerability that has been patched silently by Yahoo.
49be6d3832e58169091bb8bd1a3af60369ca7fd7e23a79e16dee47991ca06fc3
Secunia Research 28/04/2006 - Servant Salamander unacev2.dll Buffer Overflow Vulnerability - Secunia Research has discovered a vulnerability in Servant Salamander, which can be exploited by malicious people to compromise a user's system.
f652fcd564524b621f1cee3d74f4f0a21942f1b4b1f93a12381f5d8356ae006a
[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability. A format string vulnerability in Sws Web Server allows remote attackers to cause the program to execute arbitrary. The format string vulnerability and buffer overflow can be found in sws_web_server.c ayardosyasi.h file.
f8646aeecd77b8cbcd678f4cf8a66b6822ed939407bb6c8c805b6299c63bd614
Neomail suffers from XSS in Neomail.pl.
f12e48e9d70135ab7131651b0fcc46961410e7e1885d87c88227508cc82d6e0d
Cireos Portal from SirceOS suffers from XSS in buscar.php.
169593e65366f35f19f969828b67320a1a5f9e01937f74356a6ed66526c26adf
There is a vulnerability exists in WinISO and UltraISO, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability has been confirmed in version WinISO 5.3,UltraISO V8.0.0.1392, PowerISO v2.9,Magic ISO 5.0 Build 0166
71af3606163dc754a646b1ae9fe7da5983c7be7d2835bd08dc5f40059c5be068
Microsoft Internet Explorer suffers from a potential user interaction race in its handling of security dialogs. As a result, it may be possible for a malicious web site to install software on a visiting system or take other actions that may compromise the privacy or the security of the visitor.
2e80f78b30be81e611a091caa94ab96e849742fa4ccfafa6ca94c1f6bd9cb89f
eEye Digital Security has discovered a critical vulnerability in Juniper Networks SSL-VPN Client ActiveX Control. JuniperSetup.ocx ActiveX control is automatically loaded through the web interface of Juniper Networks SSL-VPN. There is an exploitable buffer overflow in the handling a parameter of ActiveX control that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code though the web browser.
ae91c48bc6230bd6f8a1f277d0928e54cb08c88233c50af6a00fc28ae3d57404
Open Bulletin Board suffers from multiple XSS and SQL injection vulnerabilities.
d3fee9252fa517b97f432351ede590dce498caba98f8504309eb92ac4b8e139d
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack. A malicious user may be able to send crafted packets to a concentrator which may cause the device to halt and/or drop user connections. The power must then be reset on the device to recover.
e03f528adcfde374db304956080fda8b73d48836f3835c1b5011ddf389ebcb4c
MySmartBB v1.1.x suffers from SQL injection and XSS.
c0985406bbf1ec97555373249ec9cabd96f14826fb71a9e07111d44a95170d0c
DevBB versions less than or equal to 1.0.0 suffer from XSS.
acb9af4df47311a50014b69491af9568cff581cb65eb06f627563fa273c91ad3
Secunia Research 26/04/2006 - SpeedProject Products ACE Archive Handling Buffer Overflow: Secunia Research has discovered a vulnerability in various SpeedProject products, which can be exploited by malicious people to compromise a user's system.
eb48fcd8d4efd5cd002dce6a626ef809a2bc31b7ea9d31354d46bee0d36b2213
eVuln ID: EV0125 - warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities.
106d635e3a71f8c60a3e6faf2e38fe7f2866b945027d44c71d8a69dfdd002665
HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006: Oracle(R) has issued a Critical Patch Update which contains solutions for a number of potential security vulnerabilities. These vulnerabilities may be exploited locally or remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
863d6b0838da3a62db08d3423a378b026358c3a5b663c0b72c7dd9680e10e223
HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access: A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
51e4cde9cd57544ba96cc38922cd56e25abdcaaeb865f2be7c99261f8c148ea9
HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code
8b5495d81f7480de2b5bf6cfb215e510e38b24196e87c3bdc86d72a7e73291b0
ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability: This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail.
70ec9a4add873515b39c5531866ba5b0da716b3456083b4b73454101b5fb0135
ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail.
70ec9a4add873515b39c5531866ba5b0da716b3456083b4b73454101b5fb0135
Gentoo Linux Security Advisory GLSA 200604-18 - Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Versions less than 1.7.13 are affected.
0f05885b0d6cf2099e850bbe9a2ead3eba2b6b3b7d02580d9ab67c1854431cac
Ubuntu Security Notice 275-1: multiple vulnerabilities in mozilla.
245fc0962bafd2ac2ab825291eaa2f5ac86aaf7b5579ab0ee787f227f4f9ebfc
Ubuntu Security Notice 274-1: A logging bypass was discovered in the MySQL query parser. A local attacker could exploit this by inserting NUL characters into query strings (even into comments), which would cause the query to be logged incompletely.
b62c335f8187d3d48d3a6cef6ee2682316c7d0db09ea706236c499c774645dc3