Past Alerts:
[CIA-1069-Alert] ASP.NET Cross-Site Scripting via AutoPostBack
[CIA-1068-Alert] osCommerce Page Parameter Cross-Site Scripting
[CIA-1067-Alert] PHP Multiple Vulnerabilities
[CIA-1066-Alert] Apache mod_tcl Format String
[CIA-1065-Alert] Novell eDirectory\iMonitor Host Header Buffer Overflow
Cenzic Intelligent Analysis Lab Identifies Potentially Threatening Application Vulnerabilities in Blog Technology
[CIA-1064-Alert] MaxDB WebDBM Buffer Overflow
[CIA-1063-Alert] Cube Cart 3.0.11 Cross-Site Scripting
[CIA-1062-Alert] Zen Cart 1.3.0.2 Multiple Vulnerabilities
[CIA-1061-Alert] Apache Off-by-One Code Execution
[CIA-1060-Alert] ASP.NET Application Information Disclosure
[CIA-1059-Alert] PHP 5.1.2 and Prior Multiple Vulnerabilities
[CIA-1058-Alert] PHP Bypass Safe Mode
[CIA-1057-Alert] Cenzic Research Lab Identifies Potentially Threatening Application Vulnerability in Yahoo! Mail
[CIA-1056-Alert] Sun ONE and Sun Java System Application Server Cross-Site Scripting
[CIA-1055-Alert] PostgreSQL Encoding Processes May Let Remote Users Inject SQL Commands
[CIA-1054-Alert] PHP Multiple Vulnerabilities
[CIA-1053-Alert] Weblogic Server Multiple Vulnerabilities
[CIA-1052-Alert] HP Openview Multiple Vulnerabilities
[CIA-1051-Alert] Groupwise Accept-Language Header Buffer Overflow
[CIA-1050-Alert] Microsoft Multiple Cross Site Scripting vulnerabilities
[CIA-1049-Alert] IBM Websphere Multiple Vulnerabilities
[CIA-1048-Alert] IBM Tivoli Business Systems Manager Cross Site Scripting
[CIA-1047-Alert] osCommerce Extras Directory Traversal Vulnerability
[CIA-1046-Alert] InfoVista VistaPortal Discloses Files and Path to Remote Users
[CIA-1045-Alert] Domino Web Access Multiple Cross-Site Scripting Vulnerabilities
[CIA-1044-Alert] IBM Tivoli Access Manager Directory Traversal Vulnerability
[CIA-1043-Alert] Symantec Sygate Management Server SQL Injection Vulnerability
[CIA-1042-Alert] Lotus Domino Directory Traversal and URL/Archive Processing Buffer Overflows
[CIA-1041-Alert] Microsoft Internet Information Server Denial of Service via Multiple GET Requests.
[CIA-1040-Alert] IBM Websphere Insecure Sample Scripts allow Cross-Site Scripting and Reveal Valid User Accounts.
[CIA-1039-Alert] Apache Mod_Imap Cross-Site Scripting
[CIA-1038-Alert] Tomcat Server Lets Remote Attackers Deny Service Via Multiple Directory Requests
[CIA-1037-Alert] PHP Flaw in parse_str() May Let Remote Users Turn On register_globals
[CIA-1036-Alert] PHP Multiple Vulnerabilities
[CIA-1035-Alert-ap1] Apache Denial of Service via Memory Leak in MPM 'worker.c'
[CIA-1034-Alert-ap1] Oracle Database and Application Server Multiple Vulnerabilities.
[CIA-1033-Alert-ap1] Sun Java System Application Server May Disclose JSP Source Code to Remote Users
[CIA-1032-Alert-ap1] BEA Weblogic Server Multiple Vulnerabilities
[CIA-1035-Alert] WebLogic Portal Access Control Vulnerability allows access to restricted pages
[CIA-1034-Alert] MySQL Eventum ‘class.auth.php’ Multiple Vulnerabilities
[CIA-1033-Alert] Apache Memory Leak in byterange filter allows Denial of Service
[CIA-1032-Alert] HP Openview Network Node Manager Command Injection
[CIA-1031-Alert] IIS 5.x/6.x Server Name Spoofing results in Source Disclosure
[CIA-1030-Alert] Lotus Domino R5/R6 Webmail Discloses hashed passwords to any authenticated user
[CIA-1029-Alert] Oracle Reports XML File Access via “customize” parameter
[CIA-1028-Alert] Oracle Reports File Access and Destruction via HTML parameters
[CIA-1027-Alert] Oracle Reports Remote Command Execution via Malicious Report Content
[CIA-1026-Alert] Oracle Reports Cross Site Scripting
[CIA-1025-Alert] Sawmill Cross Site Scripting and Privilege Escalation
[CIA-1024-Alert] Microsoft ISA Server 2000 Multiple vulnerabilities
[CIA-1023-Alert] Sun ONE Application Server
[CIA-1022-Alert] IBM WebSphere Application Server Unicode Buffer Overflow
[CIA-1021-Alert]
BEA WebLogic Server and WebLogic Portal Multiple Vulnerabilities
[CIA-1020-Alert] Domino HTTP Buffer Overflow via Time/Date Field. Date Disclosed: April 12, 2005
[CIA-1019-Alert] BEA WebLogic Administration Console Cross Site Scripting via JndiFramesetAction. Date Disclosed: April 26, 2005
[CIA-1018-Alert] MaxDB HTTP “%” Overflow. Date Disclosed: April 25, 2005
[CIA-1017-Alert] MaxDB WebDAV getIfHeader() Overflow. Date Disclosed: April 26, 2005
[CIA-1016-Alert] MaxDB Buffer Overflow in getLockTokenHeader() WebDAV Function. Date Disclosed: April 25, 2005
[CIA-1015-Alert] CProxy Input Validation flaw allows file access and denial of service. Date Disclosed: March 2, 2005
[CIA-1014-Alert]
TYPO3 ‘category_uid’ SQL Injection Vulnerability. Date
Disclosed: March 5, 2005
[CIA-1013-Alert]
Zorum Multiple Vulnerabilities. Date Disclosed: March 4, 2005
[CIA-1012-Alert]
phpBB ‘viewtopic.php’ Path Disclosure. Date Disclosed:
March 4, 2005
[CIA-1011-Alert]
Forumwa search.php Cross Site Scripting vulnerability. Date Disclosed:
March 2, 2005
[CIA-1010-Alert]
auraCMS Path Disclosure and Cross-Site Scripting Vulnerabilities.
Date Disclosed: March 2, 2005
[CIA-1009-Alert]
CA Unicenter Asset Management Input Validation flaw allows Cross
Site Scripting and SQL Injection. Date Disclosed: March 2, 2005
[CIA-1008-Alert]
Oracle Database Server Directory Traversal Vulnerability via the
UTL_FILE package. Date Disclosed: March 7, 2005
[CIA-1007-Alert]
Includer cgi script Input Validation allows execution of arbitrary
code. Date Disclosed: March 7, 2005
[CIA-1006-Alert]
phpBB sessions.php Administrative Access via cookie manipulation.
Date Disclosed: March 4, 2005
[CIA-1005-Alert]
MySQL 'mysqlaccess.sh' Insecure Temporary Files Date Disclosed:
Jan 17, 2005
[CIA-1004-Alert]
MySQL MaxDB password Buffer Overflow and Denial of Service attacks.
Date Disclosed: Jan 14 2005
[CIA-1003-Alert]
Oracle Application Server/E-Business Suite Multiple Vulnerabilities
Date Disclosed: Jan 19 2005
[CIA-1002-Alert]
Oracle Database Server Cumulative Patch Addresses Multiple Vulnerabilities
Date Disclosed: January 19, 2005
[CIA-1001-Alert]
CitrusDB Credit Card Import/Export Exposure Date Disclosed: Jan
28, 2005 |
