[SECURITY] Fedora 39 Update: libppd-2.0~rc2-4.fc39

Libppd provides all PPD related function/API which is going to be removed from CUPS 3.X, but are still required for retro-fitting support of legacy printers. The library is meant only for retro-fitting printer applications, any new printer drivers have to be written as native printer application...

Padding oracle attacks

It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks...

Hive 2.0 RC2 XSS / Code Execution / SQL Injection

| Title : Hive v2.0 RC2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : "Powered by DigitalHive" | Tested on: windows 8.1 Français V.Pro | Bug : Stop Script | Download : http:///www.digitalhive.com ======================================= Stop SCript working :...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in templates/2k11/admin/overview.inc.tpl in Serendipity before 2.0-rc2 allow remote attackers to inject arbitrary web script or HTML via a blog comment in the QUERYSTRING to serendipity/index.php...

ZeroShell Remote Code Execution

This module exploits a vulnerability found in ZeroShell 2.0 RC2 and lower. It will leverage an unauthenticated local file inclusion vulnerability in the "/cgi-bin/kerbynet" url. The file retrieved is "/var/register/system/ldap/rootpw". This file contains the admin password in cleartext. The...

CVE-2011-1671

Cross-site scripting XSS vulnerability in app/controllers/todoscontroller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to todos/tag/. NOTE: some of these details are obtained from third party information...

Joomla JD-WordPress Vulnerability File Inclusion Version 2.0 RC2

REGISTER GLOBALS ON wp-feed.php?mosConfigabsolutepath= Version 2.0 RC2 UPDATE IT ! !/usr/bin/perl + Author : Don Tukulesto [email protected] + Date : October 20, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : www.joomladeveloping.org + version : 2.0 RC2 + Method : Remote File...

Joomla JD-WordPress 2.0 RC2 remote file icnlusion

Exploit for unknown platform in category web applications ================================================= Joomla JD-WordPress 2.0 RC2 remote file icnlusion ================================================= !/usr/bin/perl + Author : Don Tukulesto + Date : October 20, 2009 + Homepage :...

Digital Hive 2.0 - 'base_include.php' Local File Inclusion

source: https://www.securityfocus.com/bid/29255/info Digital Hive is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local files in the context of the...

CVE-2008-1985

Cross-site scripting XSS vulnerability in base.php in DigitalHive 2.0 RC2 allows remote attackers to inject arbitrary web script or HTML via the mt parameter, possibly related to membres.php...

CVE-2008-1985

This CVE concerns DigitalHive 2.0 RC2 with a Cross-site scripting (XSS) vulnerability in base.php, exploitable via the mt parameter and possibly related to membres.php. The NVD assessment assigns a CVSS v2 base score 4.3 (Medium), with network attack vector, no authentication required, and partia...

CVE-2008-1985

Cross-site scripting XSS vulnerability in base.php in DigitalHive 2.0 RC2 allows remote attackers to inject arbitrary web script or HTML via the mt parameter, possibly related to membres.php...

CVE-2008-0290

Affected software: Digital Hive 2.0 RC2 and earlier. The CVE describes two SQL injection vectors: (1) via the selectskin parameter to an unspecified program, allowing remote execution of arbitrary SQL commands; (2) via the user_id parameter in gestione_membre.php to base.php, allowing remote auth...

Woltlab Burning Board UserGroups.PHP SQL注入漏洞

Woltlab Burning Board是一款基于PHP的WEB应用程序。 Woltlab Burning Board不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息。 问题是'UserGroups.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL代码作为参数数据，可导致更改原来的SQL逻辑，获得敏感信息。 Woltlab Burning Board 2.7 Woltlab Burning Board 2.6 Woltlab Burning Board 2.5 Woltlab Burning Board 2.4 Woltlab Burning...

CVE-2006-5493

PHP remote file inclusion vulnerability in template/purpletech/baseinclude.php in DigitalHive 2.0 RC2 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2006-5493

CVE-2006-5493 affects DigitalHive 2.0 RC2. The issue is a PHP remote file inclusion in template/purpletech/base_include.php that lets an attacker execute arbitrary PHP code by supplying a URL in the page parameter. Impact is user-controlled PHP execution with partial confidentiality/integrity/ava...

CVE-2006-3254

Woltlab Burning Board (WBB) 2.0 RC2 contains a SQL injection in newthread.php that allows remote attackers to execute arbitrary SQL commands via the boardid parameter. The vulnerability is described in CVE-2006-3254; original sources confirm the affected component and impact, but do not provide a...