Computer Security

Search:Vulnerability:28.06.2004
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Lotus Notes URI command line modification
updated since 24.06.2004
Published:28.06.2004
Source:FULL-DISCLOSURE
SecurityVulns ID:3781
Type:client
Level:5/10
Description:notes: URI allows to execute notes.exe with any arguments, for example to cpecify .ini file location.
Affected:LOTUS : Notes 6.0
 LOTUS : Notes 6.5
Original documentdocumentJouko Pynnonen, [Full-Disclosure] Lotus Notes URL argument injection vulnerability (28.06.2004)
 documentIDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 06.23.04: Lotus Notes URI Handler Argument Injection Vulnerability (24.06.2004)
Discuss:Read or add your comments to this news (1 comments)

CGI bugs
updated since 28.06.2004
Published:03.07.2004
Source:
SecurityVulns ID:3792
Type:remote
Level:5/10
Affected:CART32 : Cart32 3.5
 PHPMYADMIN : phpMyAdmin 2.5
 CUTEPHP : CuteNews 1.3
 WEBSOFT : Infinity WEB 1.0
 POWERPORTAL : PowerPortal 1.0
 CGI : csFAQ
 CART32 : Cart32 4.5
 CART32 : Cart32 5.0
 ARTMEDIC : Artmedic Links 5.0
 MILLERGROUP : Centre 1.0
 SIMMCOMM : SCI Photo Chat Server 3.4
 ECHATSERVER : Easy Chat Server 1.2
Original documentdocumentDonato Ferrante, Multiple Vulnerabilities in Easy Chat Server 1.2 (03.07.2004)
 documentDonato Ferrante, [Full-Disclosure] XSS in SCI Photo Chat Server 3.4.9 (02.07.2004)
 documentManip, [Full-Disclosure] Centre 1.0 PHP injection, bypass authentication + possible SQL injection. (02.07.2004)
 documentNasir Simbolon, php codes injection in phpMyAdmin version 2.5.7. (30.06.2004)
 documentSECURITEAM, [UNIX] Artmedic Links File Inclusion Vulnerability (29.06.2004)
 documentSECURITEAM, [NT] Cart32 Cross-Site Scripting (29.06.2004)
 documentDarkBicho, Full path disclosure csFAQ (29.06.2004)
 documentDarkBicho, [Full-Disclosure] Multiple vulnerabilities PowerPortal (28.06.2004)
 documentDarkBicho, [Full-Disclosure] Cross-Site Scripting CuteNews (28.06.2004)
 documentD'Amato Luigi, [Full-Disclosure] ZH2004-14SA (security advisory):Sql Injection in Infinity WEB (28.06.2004)
Files:phpMyAdmin-2.5.7 exploit
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru