990 matches found
[SECURITY] Fedora 11 Update: drupal-cck-6.x.2.7-1.fc11
The Content Construction Kit allows you create and customize fields using a web browser. The 4.7x version of CCK creates custom content types and allows you to add custom fields to them. In Drupal 5.x custom content types can be created in core, and CCK allows you to add custom fields to any...
Custom fileds inconsistently escaped in view and edit screens
Steps to replicate: Create a custom field and name it Hithere On view issue screens, the field appears as Hithere On edit issue screen, the field appears as Hithere on red font I guess we need to make a decision on which one is the desired functionality allow HTML or not and make it consistent...
Custom fileds inconsistently escaped in view and edit screens
Steps to replicate: Create a custom field and name it Hithere On view issue screens, the field appears as Hithere On edit issue screen, the field appears as Hithere on red font I guess we need to make a decision on which one is the desired functionality allow HTML or not and make it consistent...
JQL breaks issue security levels based on custom fields
The MultiSelectCustomFieldIndexer does 2 things: index but don't store a case-folded version in the field "customfield10017:retail" store a "raw" version in a new field with the raw added to the end "customfield10017raw:Retail" The problem is that com.atlassian.jira.security.type.GroupCF looks fo...
JQL breaks issue security levels based on custom fields
The MultiSelectCustomFieldIndexer does 2 things: index but don't store a case-folded version in the field "customfield10017:retail" store a "raw" version in a new field with the raw added to the end "customfield10017raw:Retail" The problem is that com.atlassian.jira.security.type.GroupCF looks fo...
Adapt CMS Lite 1.5 Remote File Inclusion
/ / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ + AdaptCMS Lite 1.5 Remote File Inclusion Vulnerability - Author : v3n0m - Contact :...
AdaptCMS Lite 1.5 - Remote File Inclusion
AdaptCMS Lite 1.5 - Remote File Inclusion / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ + AdaptCMS Lite 1.5 Remote File Inclusion...
AdaptCMS Lite 1.5 - Remote File Inclusion
/ / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ + AdaptCMS Lite 1.5 Remote File Inclusion Vulnerability - Author : v3n0m - Contact :...
CVE-2009-3892
Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...
Cross site scripting
Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...
CVE-2009-3892
Cross-site scripting XSS vulnerability in Best Practical Solutions RT 3.6.x before 3.6.9, 3.8.x before 3.8.5, and other 3.4.6 through 3.8.4 versions allows remote attackers to inject arbitrary web script or HTML via certain Custom Fields...
PT-2009-6116 · Best Practical Solutions · Rt
Name of the Vulnerable Software and Affected Versions: Best Practical Solutions RT versions 3.4.6 through 3.8.4 Best Practical Solutions RT versions 3.6.x through 3.6.8 Best Practical Solutions RT versions 3.8.x through 3.8.4 Description: A cross-site scripting XSS issue allows remote attackers t...
Shared Filter properties exposed without authentication
Some URLs are not protected by authentication which could expose some properties in JIRA that users may not wish to reveal. Example 1: Searching filters http://support.atlassian.com/secure/ManageFilters.jspa?filterView=search Example 2: Viewing properties of filters. I can see custom fields, sear...
Shared Filter properties exposed without authentication
Some URLs are not protected by authentication which could expose some properties in JIRA that users may not wish to reveal. Example 1: Searching filters http://support.atlassian.com/secure/ManageFilters.jspa?filterView=search Example 2: Viewing properties of filters. I can see custom fields, sear...
[SECURITY] Fedora 10 Update: drupal-cck-6.x.2.2-1.fc10
The Content Construction Kit allows you create and customize fields using a web browser. The 4.7x version of CCK creates custom content types and allows you to add custom fields to them. In Drupal 5.x custom content types can be created in core, and CCK allows you to add custom fields to any...
Design/Logic Flaw
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php...
CVE-2009-0673
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php...
CVE-2009-0673
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php...
CVE-2009-0673
CVE-2009-0673 describes an eval injection in RavenNuke 2.30’s Custom Fields within the Your Account module. The vulnerability allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php. Affected product/stack: Raven W...
[SECURITY] Fedora 10 Update: drupal-cck-6.x.2.0-3.fc10
The Content Construction Kit allows you create and customize fields using a web browser. The 4.7x version of CCK creates custom content types and allows you to add custom fields to them. In Drupal 5.x custom content types can be created in core, and CCK allows you to add custom fields to any...