74 matches found
Oracle MySQL Server cpujan2020 Multiple Security Vulnerabilities
Description Oracle MySQL Server is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'MySQL Protocol' protocol. The 'InnoDB', 'Server: Optimizer', 'Server: Options', and 'Server: Audit Plugin' components are affected. These vulnerabilities affect the followin...
WordPress content-audit plugin cross-site scripting vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress content-audit plugin. An attacker can exploit thi...
CVE-2017-18560
The content-audit plugin before 1.9.2 for WordPress has XSS...
Vulnerability of the Server component: The Audit Plug-in of the MySQL database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server component: The Audit Plug-in of the MySQL database management system is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...
CVE-2019-1003075
Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Design/Logic Flaw
Jenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
Cross-Site Scripting Vulnerability in WordPress Content Audit Plugin
WordPress is a use of PHP language development blog platform, users can support PHP and MySQL database server set up their own weblog. A cross-site scripting vulnerability exists in the WordPress Content Audit version 1.9.1 plugin, which allows unauthenticated remote attackers to execute arbitrar...
UBUNTU-CVE-2017-3460
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Audit Plug-in. Supported versions that are affected are 5.7.17 and earlier. Easily "exploitable" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2016-6653
The MariaDB auditplugin component in Pivotal Cloud Foundry PCF cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cleartext credentials...
CVE-2016-6653
The MariaDB auditplugin component in Pivotal Cloud Foundry PCF cf-mysql-release 27 and 28 allows remote attackers to obtain sensitive information by reading syslog messages, as demonstrated by cleartext credentials...
Sql injection
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6.1 for WordPress allows remote attackers to execute arbitrary SQL commands via the "Audited content types" option in the content-audit page to wp-admin/options-general.php...
xss
This plugin finds Cross Site Scripting XSS vulnerabilities. One configurable parameters exists: persistentxss To find XSS bugs the plugin will send a set of javascript strings to every parameter, and search for that input in the response. The "persistentxss" parameter makes the plugin store all...
response_splitting
This plugin will find response splitting vulnerabilities. The detection is done by sending "w3af\r\nVulnerable: Yes" to every injection point, and reading the response headers searching for a header with name "Vulnerable" and value "Yes". Plugin type Audit Options This plugin doesnt have any user...
os_commanding
This plugin will find OS commanding vulnerabilities. The detection is performed using two different techniques: Time delays Writing a known file to the HTML output With time delays, the plugin sends specially crafted requests that, if the vulnerability is present, will delay the response for 5...