46 matches found
CVE-2017-6089
PhpCollab 2.5.1 and earlier versions are affected by a SQL injection vulnerability. The issue allows remote attackers to execute arbitrary SQL commands through parameters in topics/deletetopics.php (project or id), bookmarks/deletebookmarks.php (id), and calendar/deletecalendar.php, leading to po...
phpCollab 2.5.1 - SQL Injection
phpCollab 2.5.1 - SQL Injection CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments,...
phpCollab 2.5.1 - SQL Injection
CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments, allowing arbitrary SQL code...
PhpCollab 2.5.1 SQL Injection Vulnerability
Exploit for php platform in category web applications CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not...
PhpCollab 2.5.1 SQL Injection
CVE-2017-6089 PhpCollab 2.5.1 Multiple SQL Injections unauthenticated Description PhpCollab is an open source web-based project management system, that enables collaboration across the Internet. SQL injections The phpCollab code does not correctly filter arguments, allowing arbitrary SQL code...
CVE-2016-6089
IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926...
CVE-2016-6089
CVE-2016-6089 affects IBM WebSphere MQ versions 9.0.0.1 and 9.0.2. The vulnerability arises from improper access controls, enabling a local user to write to or delete files in a directory they should not access. This is a local-privilege-impact issue; no exploit details are provided in the source...
CVE-2013-6089
CVE-2013-6089 is rejected/not used.
CVE-2013-6089
...
CVE-2015-6089
CVE-2015-6089 describes a memory corruption vulnerability in Microsoft Internet Explorer’s VBScript/JScript engines (IE 8–11). The root cause is a memory allocation/handling flaw that can be exploited by a crafted webpage to achieve remote code execution or, per the threat landscape, memory corru...
MS15-112: Cumulative Security Update for Internet Explorer (3104517)
The version of Internet Explorer installed on the remote host is missing Cumulative Security Update 3104517. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these issues by...
Gentoo Security Advisory GLSA 201312-05
Gentoo Linux Local Security Checks GLSA 201312-05 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
CVE-2014-6089
CVE-2014-6089 affects IBM Security Access Manager for Mobile 8.0.x (before 8.0.1) and IBM Security Access Manager for Web 7.x (before 7.0.0 FP10) and 8.x (before 8.0.1). A remote authenticated user can upload a file to a protected area, causing a denial of service. IBM provides patches: Web 7.0.x...
GLSA-201312-05 : SWI-Prolog : Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201312-05 SWI-Prolog : Multiple vulnerabilities Multiple vulnerabilities have been discovered in SWI-Prolog: An error in the canoniseFileName function could cause a stack-based buffer overflow CVE-2012-6089. An error in the expand...
Fedora 17 : pl-6.0.2-4.fc17 (2013-0211)
Fix two buffer overflows when expanding file name glob CVE-2012-6090 and when canonizing path CVE-2012-6089. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...
Fedora Update for pl FEDORA-2013-0211
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for pl FEDORA-2013-0225
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-6089
CVE-2012-6089 affects SWI-Prolog: multiple stack-based buffer overflows in canoniseFileName() of os/pl-os.c allow remote denial of service or possibly arbitrary code execution. Vulnerable in SWI-Prolog before 6.2.5 and in 6.3.x before 6.3.7; remediation is upgrading to the patched versions (e.g.,...
CVE-2008-6089
Directory traversal vulnerability in main.php in ScriptsEz Easy Image Downloader allows remote attackers to read arbitrary files via a .. dot dot in the id parameter in a download action...
CVE-2008-6089
CVE-2008-6089 describes a directory traversal in the ScriptsEz Easy Image Downloader, specifically in the download action that uses main.php. The vulnerability allows an attacker to read arbitrary files by supplying ".." in the id parameter, enabling remote access to non‑intended files. The avail...