PHP remote file inclusion vulnerability in University of British Columbia iPeer 2.0, and possibly earlier, allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: ...

Admin/adpoll.asp in PacPoll 4.0 and earlier allows remote attackers to bypass authentication by setting the polllog cookie value to "xx".

PHP remote file inclusion vulnerability in index.php in ArticleBeach Script 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter.

Multiple SQL injection vulnerabilities in LedgerSMB (LSMB) 1.1.0 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors in (1) OE.pm, (2) AM.pm, and (3) Form.pm.

Multiple PHP remote file inclusion vulnerabilities in CMS Faethon 2.0 Ultimate and earlier, when register_globals and magic_quotes_gpc are enabled, allow remote attackers to execute arbitrary PHP code...

Multiple PHP remote file inclusion vulnerabilities in MDweb 1.3 and earlier (Mdweb132-postgres) allow remote attackers to execute arbitrary PHP code via a URL in the chemin_appli parameter in (1) admi...

The Graphics Rendering Engine in Microsoft Windows 2000 SP4 and XP SP2 allows local users to gain privileges via "invalid application window sizes" in layered application windows, aka the "GDI Invalid...

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption ...

The Remote Installation Service (RIS) in Microsoft Windows 2000 SP4 uses a TFTP server that allows anonymous access, which allows remote attackers to upload and overwrite arbitrary files to gain privi...

Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNM...

Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" t...

Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka ...

Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote ...

Stack-based buffer overflow in /scripts/cruise/cws.exe in CruiseWorks 1.09c and 1.09d allows remote attackers to execute arbitrary code via a long string in the doc parameter.

Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protoco...

PHP remote file inclusion vulnerability in include/database.php in SourceForge (aka alexandria) 1.0.4 allows remote attackers to execute arbitrary PHP code via the sys_dbtype parameter.

SQL injection vulnerability in admincp.php in Discuz! GBK 5.0.0 allows remote attackers to execute arbitrary SQL commands via the cdb_auth cookie.

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and...

Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this m...

PHP remote file inclusion vulnerability in constantes.inc.php in EPNadmin 0.7 and 0.7.1 allows remote attackers to execute arbitrary PHP code via the langage parameter.

Directory traversal vulnerability in index.php in Imageview 5 allows remote attackers to read or execute arbitrary local files via a .. (dot dot) in the user_settings cookie, as demonstrated by using ...

Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial ...

Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and earlier allow remote attackers to cause a denial of service (CPU consumption or application crash) or execute arbitrary code via a ...

Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.