737 matches found
Fobuc Guestbook 0.9 - SQL Injection
Fobuc Guestbook 0.9 - SQL Injection Exploit Title : Fobuc Guestbook 0.9 SQL Injection Date : 11 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://sourceforge.net/projects/fobuc/ Software Link :...
Fobuc Guestbook 0.9 - SQL Injection
Exploit Title : Fobuc Guestbook 0.9 SQL Injection Date : 11 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://sourceforge.net/projects/fobuc/ Software Link : http://jaist.dl.sourceforge.net/project/fobuc/0.9/Release/FOBUC0.9.zip Version : 0.9 Tested on :...
Invision Power Board 1.x?2.x3.x - Admin Takeover
Invision Power Board 1.x?2.x3.x - Admin Takeover IPB Invision Power Board all versions 1.x? / 2.x / 3.x Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN @johnjean on twitter Affected application: Invision Power Board = 3.4.4 Type ...
ECSHOP website program can bypass the permission to upload the word Trojan horse-vulnerability warning-the black bar safety net
Brief description: You can bypass the permissions to upload the word Trojan Detailed description: ! The front Desk left a note, content is our word on Trojans:? php eval$POSTcmd;?& gt; ! Then in the background the system==Database Management== Data Backup==select custom backup, selecting...
[SECURITY] Fedora 19 Update: postgresql-9.2.4-1.fc19
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
Fedora Update for postgresql FEDORA-2013-2123
Check for the Version of postgresql OpenVAS Vulnerability Test Fedora Update for postgresql FEDORA-2013-2123 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
PostgreSQL Patches DOS Vulnerability, Other Security Issues
PostgreSQL, a database management system for Linux, FreeBSD and other platforms patched a hole today that could have opened the system up to a denial-of-service DOS vulnerability in addition to a slew of other security flaws. An attacker could have leveraged the DOS vulnerability CVE-2013-0255 as...
phpLiteAdmin 'phpliteadmin.php'远程PHP代码注入漏洞
phpLiteAdmin是一款基于web的SQLite数据库管理工具 phpLiteAdmin 'phpliteadmin.php'创建新数据库时不正确过滤用户提交的数据,允许攻击者利用漏洞注入恶意文件,并以WEB权限执行 0 phpLiteAdmin =1.9.3 厂商解决方案 目前没有详细解决方案提供: http://code.google.com/p/phpliteadmin/...
PHPDrive privilege elevation vulnerability and the Fix-vulnerability warning-the black bar safety net
PHPDrive is set to run in the PHP environment file management system, can be applied to a network disk, enterprise document management, schools, team management, software, file, CMS, etc. includes/user.lib.php Row 8 7 function getip ifisset$SERVER"HTTPXFORWARDEDFOR"&&$SERVER"HTTPXFORWARDEDFOR" $i...
Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities
Exploit for php platform in category web applications ======================================================================= title: Multiple vulnerabilities in Oracle WebCenter Sites product: Oracle WebCenter Sites former FatWire Content Server vulnerable version: 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0....
JVN#56373673: myLittleAdmin for SQL Server 2000 vulnerable to arbitrary script execution
myLittleAdmin for SQL server 2000 from myLittleTools is a web-based database management software.The management screen in myLittleAdmin for SQL server 2000 contains a vulnerability that may allow arbitrary script execution. Impact When a user accesses a malicious database entry through the...
RedHat Update for postgresql and postgresql84 RHSA-2012:1263-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:1263)
Updated postgresql84 and postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...
RHEL 5 : postgresql (RHSA-2012:1264)
Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Moderate: Red Hat Security Advisory: postgresql security update
Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
7sepehr CMS 2012 - Multiple SQL Injection Vulnerabilities
Title: ====== 7sepehr CMS 2012 - Multiple SQL Injection Vulnerabilities Date: ===== 2012-08-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=679 VL-ID: ===== 680 Common Vulnerability Scoring System: ==================================== 8.3 Abstract: ========= The...
Fedora Update for postgresql FEDORA-2012-12156
Check for the Version of postgresql OpenVAS Vulnerability Test Fedora Update for postgresql FEDORA-2012-12156 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[SECURITY] Fedora 16 Update: phpMyAdmin-3.5.2.2-1.fc16
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
[SECURITY] Fedora 17 Update: postgresql-9.1.5-1.fc17
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
PostgreSQL 'xslt_process()'任意文件创建或覆盖漏洞
Bugtraq ID:55072 CVE ID: CVE-2012-3488 PostgreSQL是一款对象关系型数据库管理系统,支持扩展的SQL标准子集。 PostgreSQL解析XSLT样式表时"xsltprocess"函数存在错误,允许攻击者利用漏洞创建或覆盖任意文件。 0 PostgreSQL 8.x PostgreSQL 9.x 厂商解决方案 PostgreSQL 9.1.5, 9.0.9, 8.4.13或8.3.20已经修复此漏洞,建议用户下载使用: http://www.postgresql.org...