2769 matches found
FreeBSD : php -- multiple vulnerabilities (27d01223-c457-11dd-a721-0030843d3802)
Secunia reports : Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the 'ZipArchive::extractTo'...
php -- multiple vulnerabilities
Secunia reports: Some vulnerabilities have been reported in PHP, where some have an unknown impact and others can potentially be exploited by malicious people to cause a DoS Denial of Service or compromise a vulnerable system. An input validation error exists within the "ZipArchive::extractTo"...
FreeBSD : lighttpd -- multiple vulnerabilities (fb911e31-8ceb-11dd-bb29-000c6e274733)
Lighttpd seurity announcement : lighttpd 1.4.19, and possibly other versions before 1.5.0, does not decode the url before matching against rewrite and redirect patterns, which allows attackers to bypass rewrites rules. this can be a security problem in certain configurations if these rules are us...
Gentoo Security Advisory GLSA 200408-17 (rsync)
The remote host is missing updates announced in advisory GLSA 200408-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PHP 5.2.5 - Multiple functions 'safe_mode_exec_dir' / 'open_basedir' Restriction Bypass Vulnerabilities
source: https://www.securityfocus.com/bid/31064/info PHP is prone to 'safemodeexecdir' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary code. These vulnerabilities would be an issue in shared-hosting configurations where multip...
CVE-2008-3736
Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...
DSA-1629-2 postfix - privilege escalation
Bulletin has no description...
PHP 5.2.6 - chdir() Function http URL Argument Safe_mode Restriction Bypass
PHP 5.2.6 - chdir Function http URL Argument Safemode Restriction Bypass source: https://www.securityfocus.com/bid/29796/info PHP is prone to multiple 'safemode' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to determine the presence of files in unauthorized...
tDiary cross-site request forgery vulnerability
Overview tDiary, a weblog system from the tDiary development project, contains a cross-site request forgery CSRF vulnerability. Impact If a user loads a malicious web page, an attacker could alter or delete the diary text or alter tDiary configurations. In addition, a remote attacker could execut...
txtCMS 0.3 (index.php) Local File Inclusion Exploit
Exploit for unknown platform in category web applications =================================================== txtCMS 0.3 index.php Local File Inclusion Exploit =================================================== txtCMS 0.3 index.php Local File Inclusion Exploit 0day.today 2018-03-09...
JSPWiki Multiple Vulnerabilities
JSPWiki Multiple Vulnerabilities Vendor: Janne Jalkanen JSPWiki – http://www.jspwiki.org Application Description: From JSPWiki website - “JSPWiki is a feature-rich and extensible WikiWiki engine built around a standart J2EE components Java, servlets, JSP.” Tested versions: JSPWiki v2.4.104 JSPWik...
StatCounteX 3.0 & 3.1 Admin Vulnerability
StatCounteX 3.0 & 3.1 Admin Vulnerability No need to exploit ; An attacker can follow /admin.asp link and edit the scripts configurations google dork : intitle:StatCounteX 3.1 Yцnetici SekoMirza From Turkiye !...
jspwiki-multi.txt
JSPWiki Multiple Vulnerabilities Vendor: Janne Jalkanen JSPWiki – http://www.jspwiki.org Application Description: From JSPWiki website - “JSPWiki is a feature-rich and extensible WikiWiki engine built around a standart J2EE components Java, servlets, JSP.” Tested versions: JSPWiki v2.4.104 JSPWik...
Debian Security Advisory DSA 1150-1 (shadow)
The remote host is missing an update to shadow announced via advisory DSA 1150-1. A bug has been discovered in several packages that execute the setuid system call without checking for success when trying to drop privileges, which may fail with some PAM configurations. OpenVAS Vulnerability Test...
Debian: Security Advisory (DSA-1150-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1217-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 674-1 (mailman)
The remote host is missing an update to mailman announced via advisory DSA 674-1. OpenVAS Vulnerability Test $Id: deb6741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 674-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
[CVE-2007-5342] Apache Tomcat's default security policy is too open
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-5342: Tomcat's default security policy is too open Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.9 to 5.5.25 Tomcat 6.0.0 to 6.0.15 Description: The JULI logging component allows web applications to provid...
conga security, bug fix, and enhancement update
0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...
CVE-2007-3821
Cross-site request forgery CSRF vulnerability in Webcit before 7.11 allows remote attackers to modify configurations and perform other actions as arbitrary users via unspecified vectors...