Searching rc2 software vulnerabilities

Cross-site scripting (XSS) vulnerability in php

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews.


ASP-Nuke RC2 and earlier allows remote attacker

submitting | attackers | logged-in | "pseudo" | ASP-Nuke | invalid | earlier | allows | cookie | remote | users | list | RC2 | all |

ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie.


ASP-Nuke RC2 and earlier allows remote attacker

determine | attackers | absolute | ASP-Nuke | earlier | server | allows | remote | path | RC2 |

ASP-Nuke RC2 and earlier allows remote attackers to determine the absolute path of the server by (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments, which leak the pathname in an error message.


Unknown vulnerability in FCKeditor 2.0 RC2, whe

vulnerability | attackers | FCKeditor | arbitrary | PHP-Nuke | Unknown | upload | remote | allows | files | used | RC2 |

Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in versatileBulletinBoard (vBB) 1.0.0 RC2 allow remote attackers to inject arbitrary web script or HTML via (1) the url parameter in dereferrer.php and (2) the file parameter in imagewin.php.


getversions.php in versatileBulletinBoard (vBB)

versatileBulletinBoard | getversionsphp |

getversions.php in versatileBulletinBoard (vBB) 1.0.0 RC2 lists the versions of all installed scripts, which allows remote attackers to obtain sensitive information via a direct request.


SQL injection vulnerability in links.php in 4R

vulnerability | attackers | arbitrary | injection | parameter | commands | linksphp | Linklist | execute | Burning | Woltlab | earlier | module | allows | remote | Board | cat | SQL | RC2 | via |

SQL injection vulnerability in links.php in 4R Linklist 1.0 RC2 and earlier, a module for Woltlab Burning Board, allows remote attackers to execute arbitrary SQL commands via the cat parameter.


Multiple SQL injection vulnerabilities in Unak

vulnerabilities | arbitrary | injection | attackers | commands | Multiple | execute | earlier | remote | allow | Unak | SQL | via | RC2 | CMS |

Multiple SQL injection vulnerabilities in Unak CMS 1.5 RC2 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) u_a or (2) u_s parameters.


SQL injection vulnerability in newthread.php in

vulnerability | newthreadphp | injection | Burning | Woltlab | Board | SQL |

SQL injection vulnerability in newthread.php in Woltlab Burning Board (WBB) 2.0 RC2 allows remote attackers to execute arbitrary SQL commands via the boardid parameter.


PHP remote file inclusion vulnerability in plug

mosConfig_absolute_path | com_comprofiler | pluginclassphp | vulnerability | Components | arbitrary | attackers | parameter | inclusion | execute | remote | allows | Joomla | Mambo | code | file | PHP | URL | RC2 | via |

PHP remote file inclusion vulnerability in plugin.class.php in the com_comprofiler Components 1.0 RC2 for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.


PHP remote file inclusion vulnerability in conf

vulnerability | configphp | attackers | arbitrary | parameter | inclusion | PSYWERKS | execute | allows | remote | fpath | code | file | PUMA | URL | PHP | RC2 | via |

PHP remote file inclusion vulnerability in config.php in PSYWERKS PUMA 1.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter.


PHP remote file inclusion vulnerability in head

MobilePublisherPHP | vulnerability | headerphp | parameter | attackers | arbitrary | inclusion | abspath | execute | earlier | remote | allows | code | file | RC2 | PHP | via | URL |

PHP remote file inclusion vulnerability in header.php in MobilePublisherPHP 1.5 RC2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the search functionality in Simon Brown Pebble 2.0.0 RC1 and RC2 allows remote attackers to inject arbitrary web script or HTML via the query string.


PHP remote file inclusion vulnerability in temp

template/purpletech/base_includephp | vulnerability | DigitalHive | attackers | arbitrary | parameter | inclusion | execute | allows | remote | code | page | file | RC2 | PHP | via | URL |

PHP remote file inclusion vulnerability in template/purpletech/base_include.php in DigitalHive 2.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php in Simple Machines Forum (SMF) 1.1 RC2 allows remote attackers to inject arbitrary web script or HTML via the action parameter.


Multiple SQL injection vulnerabilities in DocMa

vulnerabilities | unspecified | attackers | arbitrary | injection | Multiple | commands | execute | vectors | DocMan | allow | SQL | RC2 | via |

Multiple SQL injection vulnerabilities in DocMan 1.3 RC2 allow attackers to execute arbitrary SQL commands via unspecified vectors.


Cross-site scripting (XSS) vulnerability in Doc

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in DocMan 1.3 RC2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.


DocMan 1.3 RC2 allows remote attackers to obtai

information | attackers | sensitive | obtain | DocMan | allows | remote | RC2 |

DocMan 1.3 RC2 allows remote attackers to obtain sensitive information (the full path) via unspecified vectors.


Cross-site scripting (XSS) vulnerability in wp-

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in wp-admin/vars.php in WordPress before 2.0.10 RC2, and before 2.1.3 RC2 in the 2.1 series, allows remote authenticated users with theme privileges to inject arbitrary web script or HTML via the PATH_INFO in the administration interface, related to loose regular expression processing of PHP_SELF.


PHP remote file inclusion vulnerability in geti

vulnerability | mx_root_path | getinfo1php | arbitrary | parameter | attackers | inclusion | Shotcast | execute | remote | allows | module | code | file | mxBB | PHP | URL | RC2 | via |

PHP remote file inclusion vulnerability in getinfo1.php in the Shotcast 1.0 RC2 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.


Software vulnerabilities results 1 to 20 of 41     
Page: 123