96 matches found
Fedora 19 : gnutls-3.1.16-1.fc19 (2013-20628)
Minor security update from upstream. New minor upstream release fixing a security issue. Adds ECC NIST Suite B curves support ECDH, ECDSA Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2012-4487
The CVE concerns Drupal’s Subuser module, prior to version 6.x-1.8. The vulnerability arises from insufficient checking of the "switch subuser" permission, enabling remote authenticated parent users to change their role by switching to a subuser they created. Practical impact is a potential privi...
CVE-2011-4487
CVE-2011-4487 affects Cisco Unified Communications Manager (CUCM) and Cisco BE6000/BE5000/BE3000 with various 6.x–8.x releases. The issue is a SQL injection in the SCCP registration handling, allowing remote, unauthenticated attackers to execute arbitrary SQL commands against the CUCM database, p...
CVE-2010-4487
CVE-2010-4487 describes an incomplete blacklist vulnerability in Google Chrome up to version 8.0.552.215 on Linux and macOS, allowing remote attackers to cause an unspecified impact via a "dangerous file" . The primary description provides no details on exploit vectors or specifics of the impact....
An error log data are not sanitized
An error log data are not sanitized Severity: none CVE-2009-4487 Not vulnerable: none Vulnerable: all...
CVE-2009-4487
nginx 0.7.64 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...
CVE-2008-4487
CVE-2008-4487 describes an SQL injection in Atarone CMS 1.2.0, specifically in ap-save.php. The vulnerability allows remote attackers to execute arbitrary SQL commands through the parameters: site_name, email, theme_chosen, hp, c_meta, id, and c_js. The entry notes that provenance is unknown and ...
Malicious Website - Embedded Javascript Detection
Binary data 4487.prm...
CVE-2007-4487
Cross-site scripting XSS vulnerability in D22-Shoutbox for Invision Power Board IPB or IP.Board allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-4487
Technical details about CVE-2007-4487 are not publicly available in the provided documents; monitor for updates. The data here only reiterates a generic XSS vulnerability in D22-Shoutbox for IPB.
CVE-2006-4487
DUware DUpoll 3.0 and 3.1 stores private/Dupoll.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords...
CVE-2006-4487
CVE-2006-4487 affects DUware DUpoll 3.0 and 3.1, where a file under the web document root named _private/Dupoll.mdb is stored with insufficient access control. This allows remote attackers to access sensitive information, specifically user credentials such as usernames and passwords. The provided...
CVE-2005-4487
RAMSite R|1 CMS 1.0 and earlier is affected by a cross-site scripting (XSS) vulnerability. The issue arises in the searchfield parameter, allowing remote attackers to inject arbitrary web script or HTML. Impact is user-facing script execution, with potential credential or session-related implicat...
CVE-2018-4487
CVE-2018-4487 entry is rejected/not used; does not represent an active vulnerability.
MS:0C10888C-F391-4487-9C5A-34A95C6B90F1
...
MS:77F551F7-76A8-4487-AC78-1954FF6D05E6
...