[CLOSE] OSVDB ID : 78966 - Disclosed: 2009-09-04

Description:

Unknown / Incomplete

Comments: 0, Blogs: 0, References: 2

Vulnerability Classification

[CLOSE] OSVDB ID : 78964 - Disclosed: 2012-01-30

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 7

Vulnerability Classification

[CLOSE] OSVDB ID : 78962 - Disclosed: 2012-01-30

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 7

Vulnerability Classification

[CLOSE] OSVDB ID : 78960 - Disclosed: 2012-01-30

Description:

(Description Provided by CVE) : ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Comments: 0, Blogs: 0, References: 7

Vulnerability Classification

[CLOSE] OSVDB ID : 78958 - Disclosed: 2012-01-31

Description:

Vastal I-Tech Agent Zone contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the search.php script not properly sanitizing user-supplied input to the 'price_from' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Comments: 0, Blogs: 0, References: 3

Vulnerability Classification

[CLOSE] OSVDB ID : 65465 - Disclosed: 2010-06-06

Description:

WMS-CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'printpage.asp' script not properly sanitizing user-supplied input to the 'psPrice', 'pr' and 'sbr' parameters. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Comments: 0, Blogs: 0, References: 9

Vulnerability Classification

[CLOSE] OSVDB ID : 76733 - Disclosed: 2011-09-28

Description:

Digital College contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php script not properly sanitizing user input supplied to the 'basepath' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

Comments: 0, Blogs: 0, References: 6

Vulnerability Classification

[CLOSE] OSVDB ID : 18293 - Disclosed: 2005-07-15

Description:

By default, many Belkin 54G wireless routers using a default ssid of "belkin54g" are preconfigured with a default password. The "admin" account has a null password which is publicly known and documented. This allows attackers to trivially access the program or system as the routers come preconfigured with remote telnet access enabled.

Comments: 1, Blogs: 0, References: 5

Vulnerability Classification

[CLOSE] OSVDB ID : 66441 - Disclosed: 2008-04-11

Description:

By default, Siemens SIMATIC installs with a default password. The 'WinCCConnect' and 'WinCCAdmin' accounts have a password of '2WSXcder' which is publicly known and documented. This allows attackers to trivially access the program or system.

Comments: 0, Blogs: 0, References: 26

Vulnerability Classification

[CLOSE] OSVDB ID : 62923 - Disclosed: 2010-03-14

Description:

Domain Verkaus & Auktions Portal contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'index.php' script (when 'a' is set to 'd') not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Comments: 0, Blogs: 0, References: 6

Vulnerability Classification

[CLOSE] OSVDB ID : 78057 - Disclosed: 2011-12-28

Description:

(Description Provided by CVE) : The CaseInsensitiveHashProvider.getHashCode function in the HashTable implementation in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka "Collisions in HashTable May Cause DoS Vulnerability."

Comments: 0, Blogs: 8, References: 16

Vulnerability Classification

[CLOSE] OSVDB ID : 77658 - Disclosed: 2011-06-08

Description:

(Description Provided by CVE) : The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record.

Comments: 0, Blogs: 6, References: 36

Vulnerability Classification

[CLOSE] OSVDB ID : 78418 - Disclosed: 2012-01-17

Description:

A memory corruption flaw exists in Oracle Database. The Core RDBMS component fails to sanitize user-supplied input when handling SCN values, resulting in memory corruption. With a specially crafted SCN value, a remote attacker can execute arbitrary code.

Comments: 0, Blogs: 2, References: 6

Vulnerability Classification

[CLOSE] OSVDB ID : 78026 - Disclosed: 2011-12-16

Description:

A memory corruption flaw exists in Adobe Reader and Acrobat. The PRC component fails to sanitize user-supplied input when handling certain data, resulting in memory corruption. With a specially crafted PDF file, a context-dependent attacker can execute arbitrary code.

Comments: 0, Blogs: 5, References: 8

Vulnerability Classification