100 matches found
Multiple vulnerabilities in Template CMS
Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...
Template CMS 2.1.1 - Multiple Vulnerabilities
Template CMS 2.1.1 - Multiple Vulnerabilities Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting...
Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting
Exploit for php platform in category web applications Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79,...
Template CMS 2.1.1 - Multiple Vulnerabilities
Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...
Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting
Advisory ID: HTB23115 Product: Template CMS Vendor: template-cms.ru Vulnerable Versions: 2.1.1 and probably prior Tested Version: 2.1.1 Vendor Notification: September 12, 2012 Public Disclosure: October 3, 2012 Vulnerability Type: Cross-Site Scripting CWE-79, Cross-Site Request Forgery CWE-352 CV...
Fedora Update for libpng10 FEDORA-2012-4902
Check for the Version of libpng10 OpenVAS Vulnerability Test Fedora Update for libpng10 FEDORA-2012-4902 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Joomla Multiple Components SQL Injection Vulnerabilities
This host is running Joomla with multiple components and is prone to SQL injection vulnerabilities. OpenVAS Vulnerability Test $Id: gbjoomlamultcomponentssqlinjvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ Joomla Multiple Components SQL Injection Vulnerabilities Authors: Madhuri D Copyright:...
CVE-2010-4902
Joomla! extension com_clantools 1.2.3 is affected by SQL injection vulnerabilities in Joomla!, exploitable via index.php using parameters squad or showgame. Root cause: improper handling of user input in the Clantools component. Consequences: remote attackers can potentially execute arbitrary SQL...
openSUSE Security Update : libpcsclite1 (openSUSE-SU-2010:0500-1)
This update of pcsc-liste fixes two vulnerabilities : - CVE-2009-4901: local denial of service daemon crash via crafted SCARDSETATTRIB message data, a related issue to CVE-2010-0407. - CVE-2009-4902: a buffer overflow might allow local users to gain privileges via crafted SCARDCONTROL message dat...
Fedora 12 : pcsc-lite-1.5.2-5.fc12 (2010-10764)
This update fixes up incorrect checks which were introduced with CVE-2010-0407 patch, introducing a regression for certain token types. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...
Fedora 12 : pcsc-lite-1.5.2-4.fc12 (2010-10014)
An update to address a buffer overflow which could allow a local attacker to elevate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
CVE-2009-4902
CVE-2009-4902 relates to a buffer overflow in the MSGFunctionDemarshall function of winscard_svc.c in the MUSCLE PCSC-Lite daemon (pcscd) up to version 1.5.4. Crafted SCARD_CONTROL message data could be improperly demarshalled, enabling a local attacker to gain privileges. The issue is linked to ...
Debian DSA-2059-1 : pcsc-lite - buffer overflow
It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
CVE-2008-4902
CVE-2008-4902 is an SQL injection vulnerability in Article Publisher Pro 1.5 ’s file contact_author.php , exploitable via the userid parameter to execute arbitrary SQL commands remotely. The NVD entry lists a NETWORK attack vector with LOW complexity and no authentication, yielding Partial impact...
CVE-2008-4902
creationtimestamp| type| source ---|---|--- 2008-10-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/6917...
CVE-2007-4902
CVE-2007-4902 describes an absolute path traversal in an ActiveX control within CryptoX.dll (versions ≤ 2.0) and the Ultra Crypto Component. The flaw allows remote attackers to write to arbitrary files by supplying a full pathname to the SaveToFile method, enabling overwriting of files on the aff...
Symantec Veritas NetBackup bpcd.exe Command Chaining (CVE-2006-4902)
Symantec Veritas NetBackup Server is a client/server backup application solution used for performing scheduled automatic backups and on-demand backups requested by users. A remote code execution vulnerability has been reported in Symantec Veritas NetBackup.A remote attacker could exploit the...
VERITAS NetBackup bpcd daemon command chaining vulnerability
Added: 02/16/2007 CVE: CVE-2006-4902 BID: 21565 OSVDB: 31334 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The NetBackup bpcd daemon fails to properly validate chained commands. A remote attacker could execute arbitrary commands by appending the...
CVE-2006-4902
CVE-2006-4902 affects the NetBackup bpcd daemon (bpcd.exe) on Windows, where the daemon fails to properly validate chained commands, enabling a remote attacker to append malicious commands to valid ones and execute arbitrary code. Affected versions include NetBackup 5.0 up to 5.0_MP7, 5.1 up to 5...
MS:58454B4A-DD6B-4902-865B-C57CE21D3B91
...