[CLOSE] OSVDB ID : 72661 - Disclosed: 2010-12-03

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 61663 - Disclosed: 2009-06-09

Description:

S-CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'admin.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'plug' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 52571 - Disclosed: 2009-02-17

Description:

S-Cms contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'admin/delete_page.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.

[CLOSE] OSVDB ID : 61662 - Disclosed: 2009-06-09

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 52570 - Disclosed: 2009-02-17

Description:

(Description Provided by CVE) : S-Cms 1.1 Stable allows remote attackers to bypass authentication and obtain administrative access via an OK value for the login cookie.

[CLOSE] OSVDB ID : 61661 - Disclosed: 2009-06-09

Description:

S-CMS contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'plugin.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'file' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 61664 - Disclosed: 2009-06-09

Description:

S-CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'plugin.php' script not properly sanitizing user-supplied input to the 'username' parameter and the 'username' cookie. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 54155 - Disclosed: 2009-04-29

Description:

(Description Provided by CVE) : Directory traversal vulnerability in plugin.php in S-Cms 1.1 Stable and 1.5.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the page parameter.

[CLOSE] OSVDB ID : 69417 - Disclosed: 2010-11-22

Description:

S-CMS contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'viewforum.php' script not properly sanitizing user-supplied input to the 'id' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

[CLOSE] OSVDB ID : 73219 - Disclosed: 2010-11-20

Description:

S-CMS contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'id' parameter upon submission to the 'viewforum.php' script. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

[CLOSE] OSVDB ID : 60374 - Disclosed: 2003-01-05

Description:

(Description Provided by CVE) : S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html.

[CLOSE] OSVDB ID : 64368 - Disclosed: 2010-01-19

Description:

S.O.M.P.L. Player is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a stack overflow. With a specially crafted M3U file, a remote attacker can potentially cause arbitrary code execution.

[CLOSE] OSVDB ID : 56191 - Disclosed: 2009-07-22

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 46626 - Disclosed: 2008-06-28

Description:

(Description Provided by CVE) : Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function.

[CLOSE] OSVDB ID : 46628 - Disclosed: 2008-06-28

Description:

(Description Provided by CVE) : The MultipacketReciever::RecievePacket function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server termination) via a crafted packet without an expected 0xe0 or 0xe1 value, which triggers the INT3 instruction.

[CLOSE] OSVDB ID : 46627 - Disclosed: 2008-06-28

Description:

(Description Provided by CVE) : Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory.

[CLOSE] OSVDB ID : 46432 - Disclosed: 2008-06-15

Description:

(Description Provided by CVE) : S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.

[CLOSE] OSVDB ID : 14175 - Disclosed: 1999-09-23

Description:

(Description Provided by CVE) : keyinit in S/Key does not require authentication to initialize a one-time password sequence, which allows an attacker who has gained privileges to a user account to create new one-time passwords for use in other activities that may use S/Key authentication, such as sudo.

[CLOSE] OSVDB ID : 3271 - Disclosed: 1996-05-01

Description:

S/Key implementations contained a flaw that allowed a remote attacker to gain enough information to launch a trivial brute force attack against a login. The flaw was due to S/Key sending both the user/iteration and seed. By sending the seed along with the user/iteration, it greatly reduces the security provided by the S/Key protocol and allows an attacker relatively trivial effort to compromise the login information.

[CLOSE] OSVDB ID : 65757 - Disclosed: 2010-06-24

Description:

(Description Provided by CVE) : The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download node logs, photographs of persons, and backup files via unspecified HTTP requests.

[CLOSE] OSVDB ID : 65929 - Disclosed: 2010-03-29

Description:

(Description Provided by CVE) : The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for context-dependent attackers to obtain privileged access by recovering the cleartext of this password.

[CLOSE] OSVDB ID : 65928 - Disclosed: 2010-03-29

Description:

(Description Provided by CVE) : The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, which makes it easier for remote attackers to download backup files via unspecified FTP requests.

[CLOSE] OSVDB ID : 65927 - Disclosed: 2010-03-29

Description:

(Description Provided by CVE) : The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attackers to obtain sensitive information via requests for full_*.dar files with predictable filenames.

[CLOSE] OSVDB ID : 77555 - Disclosed: 2011-09-20

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 75460 - Disclosed: 2011-09-14

Description:

Unknown / Incomplete

[CLOSE] OSVDB ID : 63805 - Disclosed: 2010-04-14

Description:

S5 Clan Roster Component for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied to the 'controller' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 63804 - Disclosed: 2010-04-14

Description:

S5 Clan Roster Component for Joomla! contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'index.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../), supplied to the 'view' parameter. This may allow an attacker to include a file from the targeted host that contains arbitrary commands or code that will be executed by the vulnerable script. Such attacks are limited due to the script only calling files already on the target host. In addition, this flaw can potentially be used to disclose the contents of any file on the system accessible by the web server.

[CLOSE] OSVDB ID : 59678 - Disclosed: 2009-11-04

Description:

(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in the S5 Presentation Player module 6.x-1.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via an unspecified field that is copied to the HTML HEAD element.

[CLOSE] OSVDB ID : 10858 - Disclosed: 2003-06-05

Description:

S8Forum contains a flaw that will allow a remote attacker to execute arbitrary commands. The problem is that user-supplied input upon submission to the 'register.php' script is not verified properly. It is possible for a remote attacker to pass arbitrary commands to the server in the name, email, or password field to be executed on the system resulting in a loss of integrity.

[CLOSE] OSVDB ID : 23849 - Disclosed: 2006-01-19

Description:

(Description Provided by CVE) : Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.