15 matches found
Insertion of Sensitive Information Into Sent Data
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the urls during anonymous assignment submissions. An attacker can access internal user identifiers by viewing exposed URLs, which may compromise...
WordPress Google XML Sitemaps plugin <= 4.1.22 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by NumeX in WordPress Plugin Google XML Sitemaps versions = 4.1.22...
Deserialization of Untrusted Data
Overview codeception/codeception is a Full-stack testing PHP framework. Affected versions of this package are vulnerable to Deserialization of Untrusted Data. The RunProcess class can be leveraged as a gadget to run arbitrary commands on a system that is deserializing user input without validatio...
PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Vulnerability
Exploit Title: PHP Timeclock 1.04 - Time and Boolean Based Blind SQL Injection Exploit Author: Tyler Butler Vendor Homepage: http://timeclock.sourceforge.net Software Link: https://sourceforge.net/projects/timeclock/files/PHP%20Timeclock/PHP%20Timeclock%201.04/ Version: 1.04 Tested on: PHP...
Samba Bypass Access Privilege Vulnerability (CNVD-2015-08520)
Samba is a set of programs that implement the SMB Server Messages Block protocol, cross-platform file sharing and print sharing services. An access privilege bypass vulnerability exists in Samba versions 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3. The vulnerability allows an...
Denial of service in Samba Active Directory
Description All versions of Samba from 4.0.0 to 4.3.2 inclusive resp. all ldb versions up to 1.1.23 inclusive are vulnerable to a denial of service attack in the samba daemon LDAP server. A malicious client can send packets that cause the LDAP server in the samba daemon process to become...
PT-2015-3394 · Samba +5 · Samba +5
Name of the Vulnerable Software and Affected Versions: Samba versions prior to 4.1.22 Description: The issue is related to the LDAP server in the AD domain controller in Samba, where it fails to check return values for successful ASN.1 memory allocation. This allows remote attackers to cause a...
openSUSE Security Update : virtualbox (openSUSE-SU-2012:1323-1)
VirtualBox was updated to 4.1.22 stable release, bringing lots of security and also bugfixes. The 4.1.22 release is brought to all openSUSE distributions to align their versions. changes in virtualbox 4.1.22 maintenance release - VMM: fixed a potential host crash triggered by shutting down a VM...
digiSHOP SQL Injection Vulnerability
Exploit for php platform in category web applications ==================================== digiSHOP SQL Injection Vulnerability ==================================== ^Date : 23/7/2010 ^Vendor Site : http://digishop.digisoft77.com/ ^MOD Version : digiSHOP 2.0.2 ^Author : Silic0n...
digiSHOP 2.0.2 - SQL Injection
----------------------------------- TM | | | Y | | | | |. 1 ||||.| | | | |. | -|. |-' | |: | | |: | | |::.|:. | |::.| | --- ---' ---' | Private Place Of 0days | ----------------------------------- ^Exploit Title : ^Date : 23/7/2010 ^Vendor Site : http://digishop.digisoft77.com/ ^MOD Version :...
digiSHOP 2.0.2 - SQL Injection
digiSHOP 2.0.2 - SQL Injection ----------------------------------- TM | | | Y | | | | |. 1 ||||.| | | | |. | -|. |-' | |: | | |: | | |::.|:. | |::.| | --- ---' ---' | Private Place Of 0days | ----------------------------------- ^Exploit Title : ^Date : 23/7/2010 ^Vendor Site :...
UK One Media CMS - id Error-Based SQL Injection
UK One Media CMS - id Error-Based SQL Injection O / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ | | | | | UK One Media CMS id Error Based SQL Injection Vulnerability | | | | | | | |...
mysql security update
4.1.22-2.el4.3 - Add comment suggesting disabling symbolic links in /etc/my.cnf 4.1.22-2.el4.2 - Add fixes for CVE-2008-4098, CVE-2009-4030 two successive attempts to fix DATA/INDEX DIRECTORY vulnerabilities and CVE-2008-4456 mysql command line client XSS flaw Resolves: 512255 4.1.22-2.el4.1 - Ad...
RHEL 4 : mysql (RHSA-2008:0768)
Updated mysql packages that fix various security issues, several bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database...
Moderate: Red Hat Security Advisory: mysql security, bug fix, and enhancement update
Updated mysql packages that fix various security issues, several bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database...