Multiple bugs in MailEnable Enterprise Edition ASP Version <= 2.0 allow an attacker to bypass authentication, gain elevated privileges, perform cross-site scripting, and hijack user sessions.
OpenEMR version 2.8.1 and prior is vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This request contains a URL in the GLOBALS[fileroot] parameter that points to a malicious script hosted on a remote server.
A login bypass vulnerability exists in myNewsletter version 1.1.2. An attacker can exploit this vulnerability by changing the action in the source code and submitting it. This will allow the attacker to bypass the authentication process and gain access to the application.
A remote file include vulnerability exists in Wikiwig V4.1. An attacker can exploit this vulnerability to include arbitrary files from remote locations by sending a specially crafted request to the vulnerable application. This can lead to arbitrary code execution on the vulnerable system.
This exploit allows an attacker to gain access to the username, password, email, DBHOST, DBUSER, DBPASS, and DBNAME of a vulnerable Dmx Forum version <= v2.1a. The attacker can use this information to gain access to the database and potentially gain access to sensitive information.
A patch review done on the 2.6.16.17->18 Linux kernel source tree revealed a restructuring of code in the snmp_parse_mangle() and the snmp_trap_decode() functions. This vulnerability was previously reported and assigned with CVE-2006-2444.
A remote SQL injection vulnerability exists in ProPublish 2.0. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
A vulnerability in ashnews v0.83 allows remote attackers to include arbitrary files via a URL in the pathtoashnews parameter to ashheadlines.php or ashnews.php.
There is an overflow in the vGetPost() function, it does not do any size checking on the inputed data but instead reads until the word "Submit" is encountered, in turn overflowing pszBuf which points to a 4000 byte buffer in main(). Complete code execution is spawned, with the code being a connectback shell.
pppBlog <= 0.3.8 is vulnerable to system disclosure due to the lack of proper input validation. If register_globals is set to On, an attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This will allow the attacker to view the content of any file on the server, according to open_basedir restrictions.
Services By CQR