|
314601
|
- |
|
yvesglodt
|
i-man
|
I-Man 0.9, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by uploading a file attachment with a .php extension.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2005-1868
|
2024-01-27 04:07 |
2005-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314602
|
- |
|
yapig
|
yapig
|
upload.php in YaPiG 0.92b, 0.93u and 0.94u does not properly restrict the file extension for uploaded image files, which allows remote attackers to upload arbitrary files and execute arbitrary PHP co…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2005-1881
|
2024-01-27 04:07 |
2005-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314603
|
- |
|
deluxebb
|
deluxebb
|
DeluxeBB 1.06 and earlier, when run on the Apache HTTP Server with the mod_mime module, allows remote attackers to execute arbitrary PHP code by uploading files with double extensions via the fileupl…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2006-4558
|
2024-01-27 04:02 |
2006-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314604
|
- |
|
duware_dubanner_project
|
duware_dubanner
|
add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, probably due to client-side enforcement that can be b…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2006-2428
|
2024-01-27 04:01 |
2006-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314605
|
- |
|
rockliffe
|
mailsite_express
|
Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the ca…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2005-3288
|
2024-01-27 04:01 |
2005-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314606
|
- |
|
linux
canonical
debian
mandriva
|
linux_kernel
ubuntu_linux
debian_linux
linux
|
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from …
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2005-3181
|
2024-01-27 03:56 |
2005-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314607
|
- |
|
linux
|
linux_kernel
|
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activ…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2004-0427
|
2024-01-27 03:56 |
2004-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314608
|
- |
|
openbsd
|
openbsd
|
Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP P…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2004-0222
|
2024-01-27 03:55 |
2004-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314609
|
- |
|
freebsd
|
freebsd
|
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count fo…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2002-0574
|
2024-01-27 03:55 |
2002-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314610
|
- |
|
proftpd
mandrakesoft
debian
conectiva
|
proftpd
mandrake_linux
debian_linux
linux
|
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2001-0136
|
2024-01-27 03:53 |
2001-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
