95 matches found
CVE-2011-4458
Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VERPPrefix and VERPDomain options are enabled, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-5092 and CVE-2011-5093...
Fedora Update for rt3 FEDORA-2012-8363
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rt3 FEDORA-2012-8339
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Debian Security Advisory DSA 2480-1 (request-tracker3.8)
The remote host is missing an update to request-tracker3.8 announced via advisory DSA 2480-1. OpenVAS Vulnerability Test $Id: deb24801.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2480-1 request-tracker3.8 Authors: Thomas Reinke Copyright: Copyright c 20...
Debian Security Advisory DSA 2480-1 (request-tracker3.8)
The remote host is missing an update to request-tracker3.8 announced via advisory DSA 2480-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...
CVE-2009-4458
CVE-2009-4458 corresponds to multiple XSS vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2 (and possibly other versions). The documented vectors are: (1) the tech parameter to admin/admin/config.php during a trunks display action, (2) the description parameter during an Add Zap Channel action, and (...
CVE-2009-4458
creationtimestamp| type| source ---|---|--- 2009-12-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/10645 2009-12-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33443 2009-12-28 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33442...
CVE-2008-4458
The CVE-2008-4458 entry describes a SQL injection in the E-Php B2B Trading Marketplace Script, exploitable via the cid parameter in a product action. Affected component: listings.php. Root cause: unsanitized user input enabling arbitrary SQL execution. Impact: remote attackers could modify or rea...
CVE-2008-4458
creationtimestamp| type| source ---|---|--- 2008-09-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32346...
CVE-2007-4458
PHP remote file inclusion vulnerability in includes/class/classtpl.php in Firesoft allows remote attackers to execute arbitrary PHP code via a URL in the cachefile parameter...
CVE-2006-4458
CVE-2006-4458 describes a directory traversal in phpGroupWare up to version 0.9.16.010 where an attacker can cause arbitrary local file inclusion via a crafted GLOBALS[phpgw_info][user][preferences][common][country] parameter containing a .. sequence followed by a null byte (%00). The affected co...
CVE-2005-4458
The CVE-2005-4458 entry concerns Metadot Portal Server (Group.pm) versions 6.4.4 and earlier. The flaw stems from not resetting the global privilege flags ($IS_OWNER, $IS_ADMIN, $IS_MANAGER) when performing privilege checks, enabling a user to grant themselves administrator rights by adding to th...
CVE-2005-4458
Group.pm in Metadot Portal Server 6.4.4 and earlier does not properly reset the $ISOWNER, $ISADMIN, and $ISMANAGER global variables when performing checks for special privileges, which allows users to gain administrator privileges by adding themselves to the SITEMGR group...
MS:32FB25BB-A972-4458-B737-708AA61A5372
...
MS:BFC8A103-FD5F-4458-9935-231D9F79E2C1
...