[CLOSE] OSVDB ID : 84665 - Disclosed: 2000-06-15

Description:

S to Infinity contains a flaw that may allow a local denial of service. The issue is triggered when the program allows a local attacker to change the directory names in /Program Files and /Winnt/System. This will result in a loss of availability for the program.

[CLOSE] OSVDB ID : 84666 - Disclosed: 2000-06-15

Description:

S to Infinity contains a flaw that is triggered by an error occurs during the handling of the DOS attrib command. This may allow a local attacker to modify file and directory attributes.

[CLOSE] OSVDB ID : 84667 - Disclosed: 2000-06-15

Description:

S to Infinity contains multiple flaws that may allow a local attacker to bypass the invisibility mechanism and gain access to a hidden drive. This issue may be triggered via open and save dialogue boxes, the find function, or by opening a link via Internet Explorer that directs to the drive.

[CLOSE] OSVDB ID : 84664 - Disclosed: 2000-06-15

Description:

S to Infinity contains a flaw that is triggered when the program is configured to allow executable files to read-only, which then allows their presence on the system. This may allow a local attacker to append a trusted file extension, such as .txt, to an executable file, which will then allow the attacker to upload and execute arbitrary files.

[CLOSE] OSVDB ID : 72661 - Disclosed: 2010-12-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 61663 - Disclosed: 2009-06-09

Description:

S-CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'plug' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 52571 - Disclosed: 2009-02-17

Description:

S-Cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/delete_page.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 61662 - Disclosed: 2009-06-09

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 52570 - Disclosed: 2009-02-17

Description:

(Description Provided by CVE) : S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.

[CLOSE] OSVDB ID : 61661 - Disclosed: 2009-06-09

Description:

S-CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'plugin.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'file' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 61664 - Disclosed: 2009-06-09

Description:

S-CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'plugin.php' script not properly sanitizing user-supplied input to the 'username' parameter and the 'username' cookie. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 54155 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.

[CLOSE] OSVDB ID : 69417 - Disclosed: 2010-11-22

Description:

S-CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'viewforum.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 73219 - Disclosed: 2010-11-20

Description:

S-CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'id' parameter upon submission to the 'viewforum.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 60374 - Disclosed: 2003-01-05

Description:

(Description Provided by CVE) : S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html.

[CLOSE] OSVDB ID : 64368 - Disclosed: 2010-01-19

Description:

S.O.M.P.L. Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted M3U file, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 56191 - Disclosed: 2009-07-22

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46626 - Disclosed: 2008-06-28

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function.

[CLOSE] OSVDB ID : 46628 - Disclosed: 2008-06-28

Description:

(Description Provided by CVE) : The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction.

[CLOSE] OSVDB ID : 46627 - Disclosed: 2008-06-28

Description:

(Description Provided by CVE) : Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.

[CLOSE] OSVDB ID : 46432 - Disclosed: 2008-06-15

Description:

(Description Provided by CVE) : S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.

[CLOSE] OSVDB ID : 14175 - Disclosed: 1999-09-23

Description:

(Description Provided by CVE) : keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.

[CLOSE] OSVDB ID : 3271 - Disclosed: 1996-05-01

Description:

S/Key implementations contained a flaw that allowed a remote attacker to gain enough information to launch a trivial brute force attack against a login. The flaw was due to S/Key sending both the user/iteration and seed. By sending the seed along with the user/iteration, it greatly reduces the security provided by the S/Key protocol and allows an attacker relatively trivial effort to compromise the login information.

[CLOSE] OSVDB ID : 65757 - Disclosed: 2010-06-24

Description:

(Description Provided by CVE) : The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download node logs, photographs of persons, and backup files via unspecified HTTP requests.

[CLOSE] OSVDB ID : 65929 - Disclosed: 2010-03-29

Description:

(Description Provided by CVE) : The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for context-dependent attackers to obtain privileged access by recovering the cleartext of this password.

[CLOSE] OSVDB ID : 65928 - Disclosed: 2010-03-29

Description:

(Description Provided by CVE) : The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, which makes it easier for remote attackers to download backup files via unspecified FTP requests.

[CLOSE] OSVDB ID : 65927 - Disclosed: 2010-03-29

Description:

(Description Provided by CVE) : The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attackers to obtain sensitive information via requests for full_*.dar files with predictable filenames.

[CLOSE] OSVDB ID : 77555 - Disclosed: 2011-09-20

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 75460 - Disclosed: 2011-09-14

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 79248 - Disclosed: 2011-12-20

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s2member_pro_authnet_checkout[coupon] parameter (aka Coupon Code field).