Xen 3.1.1 allows virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.

(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.

pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.

PHP remote file inclusion vulnerability in lib/live_status.lib.php in AdminBot MX 9.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter.

The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demonstrated by mapping files to a CDROM device. NOTE: some of these details are obtained from third party information.

(1) admin/adminlien.php3 and (2) admin/modif.php3 in liens_dynamiques 2.1 do not require authentication, which allows remote attackers to perform unauthorized administrative actions using a direct request.

Cross-site scripting (XSS) vulnerability in liens.php3 in liens_dynamiques 2.1 allows remote attackers to inject arbitrary web script or HTML by using the ajouter=1 query string and the add menu.

Multiple SQL injection vulnerabilities in default.asp in Xenis.creator CMS allow remote attackers to execute arbitrary SQL commands via the (1) nav, (2) s, or (3) print parameters.

Multiple cross-site scripting (XSS) vulnerabilities in default.asp in xenis.creator CMS allow remote attackers to inject arbitrary web script or HTML via the (1) contid or (2) search parameters.

SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter.