HelpDeskZ < 1.0.2 - (Authenticated) SQL Injection / Unauthorized File Download

''' Exploit Title: HelpDeskZ fetchRow"SELECT , COUNTid AS total FROM ".TABLEPREFIX."attachments WHERE id=".$db-realescapestring$params2." AND ticketid=".$params0." AND msgid=".$params3; third argument AND msgid=".$params3; sent to fetchRow query with out any senitization Steps to reproduce:...

The vulnerability of the GNU Mailman mailing system allows a hacker to gain access to the authentication data of arbitrary users.

The vulnerability of the GNU Mailman system’s user configuration page relates to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to remotely access the authentication data of arbitrary users through modified requests. As a result, the access to the...

The vulnerability of the ABB PCM600 control and configuration device allows a intruder to access information related to user account data.

The vulnerability of the ABB PCM600 control and configuration device lies in the way authentication information is stored in a database, in the form of hexadecimal ASCII values. Exploiting this vulnerability could allow an attacker, operating locally, to gain access to information about user...

DEBIAN-CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

The vulnerability of the Firefox browser, which allows a malicious individual to gain access to authentication data

The Mozilla Firefox browser contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors operating remotely to circumvent Domain Restrictions Policy SOP rules and gain access to authentication data through...

The vulnerability of the Thunderbird email client, which allows a malicious actor to gain access to authentication data

The Mozilla Thunderbird email client contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors operating remotely to circumvent Domain Restrictions Policy SOP rules and gain access to authentication data...

The vulnerability of the Mozilla SeaMonkey software package, which allows a malicious individual to gain access to authentication data

Mozilla SeaMonkey software contains a vulnerability related to errors in the implementation of the Web Workers technology. Exploiting this vulnerability allows malicious actors operating remotely to circumvent Domain Restrictions Policy SOP rules and gain access to authentication data through err...

Open-Xchange Guard Information Disclosure Vulnerability

Open-Xchange Guard OX Guard is a suite of security protection software for e-mail and files from Open-Xchange, Inc. in the United States. An information disclosure vulnerability exists in OX Guard version 2.4.0, which originates when the program returns a different error code. A remote attacker...

The vulnerability of the microprogrammed software of the N600 DB Belkin F9K1102 allows a hacker to gain access to the authentication data of arbitrary users.

The vulnerability of the N600 DB Belkin F9K1102 router’s microprogramming software is related to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of Amped Wireless R10000’s microprogramming software allows a hacker to gain access to the authentication data of arbitrary users.

The vulnerability of Amped Wireless R10000’s microprogramming software is related to the of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Medialink MWN-WARP300N router allows a hacker to gain access to the authentication data of arbitrary users.

The vulnerability of the Microprogrammed Routing Software of the Medialink MWN-WARP300N router is related to the of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

Vulnerabilities in the Moodle learning management system allow a hacker to gain access to the authentication data of arbitrary users

The multiple vulnerabilities of the Moodle learning management system’s module for lessons are related to the manipulation of cross-site requests. Exploiting these vulnerabilities could allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users throu...

The vulnerability of the Cisco Identity Services Engine, a platform for managing network policies, allows a perpetrator to gain access to the authentication data of arbitrary users.

The vulnerability of the web application framework of the Cisco Identity Services Engine is related to the。 Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability relates to the administration tool for EMC Documentum systems, the Digital Asset Management tool for EMC Documentum systems, the access to the repository of EMC Documentum TaskSpace systems, the Web Publisher for managing web projects in EMC Documentum, and the web interface that provides access to the EMC Documentum repository via Webtop. This vulnerability allows a perpetrator to intercept user authentication data.

The vulnerability of the EMC Documentum Administrator, a system for managing electronic document workflows, the EMC Documentum Digital Asset Management tool for managing multimedia materials within the system, the EMC Documentum TaskSpace tool for accessing the repository, and the EMC Documentum...

The vulnerability of the microprogramming software of the Cisco TelePresence Serial Gateway allows a perpetrator to access the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence Serial Gateway device is related to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence Multipoint Control Unit allows a perpetrator to gain access to the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence Multipoint Control Unit is related to the of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence ISDN Gateway allows a perpetrator to access the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence ISDN Gateway relates to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...

The vulnerability of the microprogramming software of the Cisco TelePresence IP Gateway allows a perpetrator to gain access to the authentication data of arbitrary users.

The vulnerability of the microprogramming software of the Cisco TelePresence IP Gateway device is related to the falsification of inter-site requests. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to the authentication data of arbitrary users...