SQL injection vulnerability in gotourl.php in PozScripts Classified Auctions Script allows remote attackers to execute arbitrary SQL commands via the id parameter.

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.