Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to inject arbitrary web script or HTML via the loc parameter to (1) modcp/index.php or (2) admincp/index.php, or the ip parameter to (3) modcp/user.php or (4) admincp/usertitle.php.

Multiple SQL injection vulnerabilities in vBulletin 3.0.7 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, the (2) thread[forumid] or (3) criteria parameters to thread.php, (4) userid parameter to user.php, the (5) calendarcustomfieldid, (6) calendarid, (7) moderatorid, (8) holidayid, (9) calendarmoderatorid, or (10) calendar[0] parameters to admincalendar.php, (11) the cronid parameter to cronlog.php, (12) user[usergroupid][0] parameter to email.php, (13) help[0] parameter to help.php, the (14) limitnumber or (15) limitstart parameter to user.php, the (16) usertitleid or (17) ids parameters to usertitle.php, (18) rvt[0] parameter to language.php, (19) keep[0] parameter to phrase.php, (20) dostyleid parameter to template.php, (21) thread[forumid] parameter to thread.php, or (22) usertools.php.

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via certain arguments to (1) announcement.php, (2) admincalendar.php, (3) bbcode.php, (4) cronadmin.php, (5) email.php, (6) faq.php, (7) forum.php, (8) image.php, (9) language.php, (10) ranks.php, (11) replacement.php, (12) replacement.php, (13) template.php, (14) template.php, (15) usergroup.php, or (16) usertitle.php.

Multiple SQL injection vulnerabilities in vBulletin 3.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) announcement parameter to announcement.php, (2) userid parameter to user.php, (3) calendar parameter to admincalendar.php, (4) cronid parameter to cronlog.php, (5) usergroupid parameter to email.php, (6) help parameter to help.php, (7) rvt parameter to language.php, (8) keep parameter to phrase.php, or (9) updateprofilepic parameter to usertools.php.

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

Multiple cross-site scripting (XSS) vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter to css.php, (2) redirect parameter to index.php, (3) email parameter to user.php, (4) goto parameter to language.php, (5) orderby parameter to modlog.php, and the (6) hex, (7) rgb, or (8) expandset parameter to template.php.

Multiple SQL injection vulnerabilities in vBulletin before 3.0.9 allow remote attackers to execute arbitrary SQL commands via the (1) request parameter to joinrequests.php, (2) limitnumber or (3) limitstart to user.php, (4) usertitle.php, or (5) usertools.php.

Apple Safari allows remote attackers to cause a denial of service (application crash) via a crafted data:// URL.

PHP file inclusion vulnerability in index.php in Content2Web 1.0.1 allows remote attackers to include arbitrary files via the show parameter, which can lead to resultant errors such as path disclosure, SQL error messages, and cross-site scripting (XSS).

Multiple unspecified vulnerabilities in the WYSIWYG editor in PHP-Nuke before 7.9 Final have unknown impact and attack vectors.

Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 6.5.2 allows remote attackers to inject arbitrary web script or HTML via the (1) BaseTarget or (2) Src parameters.

Cross-site scripting (XSS) vulnerability in Ensim webplliance allows remote attackers to inject arbitrary web script or HTML via the Login (OCW_login_username) field.

Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.

The MasterDataCD::createImage function in masterdatacd.cpp for SimpleCDR-X 1.3.3 creates the .temp temporary directory with insecure permissions, which allows local users to read sensitive ISO images.

The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Direct static code injection vulnerability in the flood protection feature in inc/shows.inc.php in CuteNews 1.4.0 and earlier allows remote attackers to execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flood.db.php.

Cross-site scripting (XSS) vulnerability in CuteNews allows remote attackers to inject arbitrary web script or HTML via the mod parameter to index.php.

Tofu 0.2 allows remote attackers to execute arbitrary Python code via crafted pickled objects, which Tofu unpickles and executes.

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content.

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames.

Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.

SQL injection vulnerability in Interakt MX Shop 3.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idp, (2) id_ctg, or (3) id_prd parameters to the pages module in index.php.

SQL injection vulnerability in index.php in NooTopList 1.0.0 release 17 allows remote attackers to execute arbitrary SQL commands via the (1) o or (2) sort parameters.

Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.