976 matches found
[SECURITY] Fedora 10 Update: drupal-cck-6.x.2.2-1.fc10
The Content Construction Kit allows you create and customize fields using a web browser. The 4.7x version of CCK creates custom content types and allows you to add custom fields to them. In Drupal 5.x custom content types can be created in core, and CCK allows you to add custom fields to any...
Design/Logic Flaw
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php...
CVE-2009-0673
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php...
CVE-2009-0673
Eval injection vulnerability in the Custom Fields feature in the Your Account module in Raven Web Services RavenNuke 2.30 allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php...
CVE-2009-0673
CVE-2009-0673 describes an eval injection in RavenNuke 2.30’s Custom Fields within the Your Account module. The vulnerability allows remote authenticated administrators to execute arbitrary PHP code via the ID Field Name box in a yaCustomFields action to admin.php. Affected product/stack: Raven W...
[SECURITY] Fedora 10 Update: drupal-cck-6.x.2.0-3.fc10
The Content Construction Kit allows you create and customize fields using a web browser. The 4.7x version of CCK creates custom content types and allows you to add custom fields to them. In Drupal 5.x custom content types can be created in core, and CCK allows you to add custom fields to any...
[SECURITY] Fedora 9 Update: drupal-cck-6.x.2.0-3.fc9
The Content Construction Kit allows you create and customize fields using a web browser. The 4.7x version of CCK creates custom content types and allows you to add custom fields to them. In Drupal 5.x custom content types can be created in core, and CCK allows you to add custom fields to any...
[SECURITY] Fedora 8 Update: kronolith-2.1.8-1.fc8
Kronolith is the Horde calendar application. It provides repeating events, all-day events, custom fields, keywords, and managing multiple users through Horde Authentication. The calendar API that Kronolith uses is abstracted; MCAL and SQL drivers are currently provided. The Horde Project writes w...
[SECURITY] Fedora 7 Update: kronolith-2.1.8-1.fc7
Kronolith is the Horde calendar application. It provides repeating events, all-day events, custom fields, keywords, and managing multiple users through Horde Authentication. The calendar API that Kronolith uses is abstracted; MCAL and SQL drivers are currently provided. The Horde Project writes w...
[SECURITY] Fedora 8 Update: kronolith-2.1.7-1.fc8
Kronolith is the Horde calendar application. It provides repeating events, all-day events, custom fields, keywords, and managing multiple users through Horde Authentication. The calendar API that Kronolith uses is abstracted; MCAL and SQL drivers are currently provided. The Horde Project writes w...
[SECURITY] Fedora 7 Update: kronolith-2.1.7-1.fc7
Kronolith is the Horde calendar application. It provides repeating events, all-day events, custom fields, keywords, and managing multiple users through Horde Authentication. The calendar API that Kronolith uses is abstracted; MCAL and SQL drivers are currently provided. The Horde Project writes w...
igal207-sql.txt
!/usr/bin/perl Invision Gallery version "r57ig207" ; $mw-geometry '420x510' ; $mw-resizable0,0; $mw-Label-text = '!', -font = 'Webdings 22'-pack; $mw-Label-text = 'Invision Gallery 'Verdana 7 bold',-foreground='red'-pack; $mw-Label-text = ''-pack; $fleft=$mw-Frame-pack -side = 'left', -anchor =...
user value of JiraAuthenticationContext not set is SOAP service getIssue()
Call to JiraAuthenticationContext.setUser missing during getIssue SOAP service call. Service call will fail silently if there are custom fields with explicit secutity checking for attributes derived from current user. In my case I try to verify existance of an issue using getIssue SOAP service...
user value of JiraAuthenticationContext not set is SOAP service getIssue()
Call to JiraAuthenticationContext.setUser missing during getIssue SOAP service call. Service call will fail silently if there are custom fields with explicit secutity checking for attributes derived from current user. In my case I try to verify existance of an issue using getIssue SOAP service...
CVE-2007-3544
CVE-2007-3544 describes an unrestricted file upload in WordPress 2.2.1 and WordPress MU 1.2.3 affecting (1) wp-app.php and (2) app.php. The issue allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, with possible linkage to the wp_postmeta table and ...
CVE-2005-2468
Multiple SQL injection vulnerabilities in MySQL Eventum 1.5.5 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 isCorrectPassword or 2 userExist function in class.auth.php, getCustomFieldReport function in 4 customfields.php, 5 customfieldsgraph.php, or 6...