Searching msg software vulnerabilities

Buffer overflow in XiRCON 1.0 Beta 4 allows rem

attackers | overflow | service | remote | denial | XiRCON | Buffer | allows | cause | Beta |

Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnect) via a long (1) ctcp, (2) primsg, (3) msg, or (4) notice command.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to file_select.php.


Multiple SQL injection vulnerabilities in YaBB

vulnerabilities | injection | Multiple | YaBB | SQL |

Multiple SQL injection vulnerabilities in YaBB SE 1.5.4 through 1.5.5b allow remote attackers to execute arbitrary SQL via (1) the msg parameter in ModifyMessage.php or (2) the postid parameter in ModifyMessage.php.


Format string vulnerability in the msg function

vulnerability | function | daemon | string | Format | rlpr | msg |

Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.


Buffer overflow in the msg function for rlpr da

overflow | function | daemon | Buffer | rlpr | msg |

Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.


Format string vulnerability in the curses_msg f

vulnerability | curses_msg | interface | function | Ncurses | string | Format |

Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.


Cross-site scripting (XSS) vulnerability in pm.

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in pm.php in PCXP/TOPPE CMS allows remote attackers to inject arbitrary web script or HTML via the msg variable.


SQL injection vulnerability in forum.php in Orc

vulnerability | attackers | arbitrary | injection | parameter | forumphp | commands | earlier | execute | remote | allows | Forum | Orca | msg | SQL | 43b | via |

SQL injection vulnerability in forum.php in Orca Forum 4.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter.


SQL injection vulnerability in blog.php in Orca

vulnerability | attackers | arbitrary | injection | parameter | commands | blogphp | earlier | execute | remote | allows | Orca | Blog | msg | SQL | 13b | via |

SQL injection vulnerability in blog.php in Orca Blog 1.3b and earlier allows remote attackers to execute arbitrary SQL commands via the msg parameter.


Cross-site scripting (XSS) vulnerability in Log

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in LogiSphere 0.9.9j allows remote attackers to inject arbitrary Javascript via the msg command. NOTE: due to lack of appropriate details by the original researcher, it is unclear whether this issue is distinct from the msg DoS.


SQL injection vulnerability in forum.php in PHP

vulnerability | CVE-2005-3585 | PHPWebThings | parameter | attackers | arbitrary | injection | different | forumphp | commands | execute | remote | allows | than | SQL | msg | via |

SQL injection vulnerability in forum.php in PHPWebThings 1.4 allows remote attackers to execute arbitrary SQL commands via the msg parameter, a different vulnerability than CVE-2005-3585.


Multiple "potential" SQL injection vulnerabilit

vulnerabilities | phpWebThings | "potential" | attackers | arbitrary | injection | commands | Multiple | execute | Patched | remote | might | allow | via | SQL |

Multiple "potential" SQL injection vulnerabilities in phpWebThings 1.4 Patched might allow remote attackers to execute arbitrary SQL commands via (1) the ref parameter in download.php, (2) the direction, msg, sforum, reason, subname, and toform parameters in forum.php, (3) the msg and forum parameters in forum_edit.php, (4) the msg and forum parameters in forum_write.php, (5) the tekst parameter in guestbook.php, (6) the menuoption parameter in index.php, and the (7) sel_avatar parameter in myaccount.php. NOTE: the forum.php/forum vector is already identified by CVE-2005-3585.


Cross-site scripting (XSS) vulnerability in Def

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.


Integer overflow in the RTSP_msg_len function i

rtsp/RTSP_msg_lenc | RTSP_msg_len | function | overflow | Integer | Fenice |

Integer overflow in the RTSP_msg_len function in rtsp/RTSP_msg_len.c in Fenice 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a large HTTP Content-Length value, which leads to an invalid memory access.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in post.asp in CodeAvalanche FreeForum (aka CAForum) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) msg_subject and (2) msg_body parameters. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.


Multiple PHP remote file inclusion vulnerabilit

register_globals | vulnerabilities | Cyberfolio | inclusion | parameter | arbitrary | attackers | Multiple | enabled | execute | earlier | remote | allow | code | file | URL | PHP | RC1 | via |

Multiple PHP remote file inclusion vulnerabilities in Cyberfolio 2.0 RC1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the av parameter to (1) msg/view.php, (2) msg/inc_message.php, (3) msg/inc_envoi.php, and (4) admin/incl_voir_compet.php.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in nicecoder.com INDEXU 5.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) error_msg parameter to (a) suggest_category.php; the (2) u parameter to (b) user_detail.php; the (3) friend_name, (4) friend_email, (5) error_msg, (6) my_name, (7) my_email, and (8) id parameters to (c) tell_friend.php; the (9) error_msg, (10) email, (11) name, and (12) subject parameters to (d) sendmail.php; the (13) email, (14) error_msg, and (15) username parameters to (e) send_pwd.php; the (16) keyword parameter to (f) search.php; the (17) error_msg, (18) username, (19) password, (20) password2, and (21) email parameters to (g) register.php; the (22) url, (23) contact_name, and (24) email parameters to (h) power_search.php; the (25) path and (26) total parameters to (i) new.php; the (27) query parameter to (j) modify.php; the (28) error_msg parameter to (k) login.php; the (29) error_msg and (30) email parameters to (l) mailing_list.php; the (31) gateway parameter to (m) upgrade.php; and another unspecified vector.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.


SQL injection vulnerability in qtg_msg_view.php

qtg_msg_viewphp | vulnerability | guestbook | attackers | arbitrary | injection | parameter | QuickTalk | commands | execute | allows | remote | SQL | via |

SQL injection vulnerability in qtg_msg_view.php in QuickTalk guestbook 1.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.


Cross-site scripting (XSS) vulnerability in adm

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in admin/auth.php in Pluxml 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.


Software vulnerabilities results 1 to 20 of 84     
Page: 12345