267 matches found
IBM DB2 10.1 < Fix Pack 3 Multiple Vulnerabilities (credentialed check)
According to its version, the installation of IBM DB2 10.1 on the remote host is affected by the following vulnerabilities : - When a multi-node configuration is used, an error exists in the Fast Communications Manager FCM that could allow denial of service attacks. CVE-2013-4032 / IC94434 - An...
Cisco Identity Services Engine Blind SQL Injection Vulnerability
A vulnerability in the web framework of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to impact the integrity and availability of the affected system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate user-supplied input used i...
Cisco Unified Communications Domain Manager Blind SQL Injection Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Domain Manager could allow an authenticated, remote attacker to impact the integrity and availability of the affected system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate user-supplied inp...
[SECURITY] Fedora 18 Update: rubygem-activerecord-3.2.8-5.fc18
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...
[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-6.fc17
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...
[SECURITY] Fedora 18 Update: rubygem-activerecord-3.2.8-3.fc18
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...
[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-4.fc17
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...
WordPress FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
waraxe-2012-SA095 - Multiple Vulnerabilities in Wordpress FoxyPress Plugin =============================================================================== Author: Janek Vind "waraxe" Date: 30. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-95.html Description of vulnerab...
Tickets CAD 2.20G Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Tickets CAD 2.20G Multiple Vulnerabilities Exploit Author: chap0 @chap0 Vendor Homepage: http://www.ticketscad.org Software Link: http://www.ticketscad.org/downloads/Tickets06222012V220G.zip Version: 2.20G Tested on: Ubuntu...
Tickets CAD 2.20G - Multiple Vulnerabilities
Exploit Title: Tickets CAD 2.20G Multiple Vulnerabilities Date: Aug 4 2012 Exploit Author: chap0 @chap0 Vendor Homepage: http://www.ticketscad.org Software Link: http://www.ticketscad.org/downloads/Tickets06222012V220G.zip Version: 2.20G Tested on: Ubuntu Tickets CAD 2.20G is vulnerable to multip...
[SECURITY] Fedora 16 Update: rubygem-activerecord-3.0.10-2.fc16
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...
PicoPublisher 2.0 - SQL Injection
Exploit Title : PicoPublisher v2.0 Remote SQL injection Date : 29/03/2012 Author : ZeTH Contact : zeth/at/hacktheplan8/dot/com http://www.hacktheplan8.com Vendor : Pico Software Site : http://pico.no/ Version : 2.0 Price : $29,00 Dork : intext:"Drives med PicoPublisher"...
[SECURITY] Fedora 16 Update: rubygem-activerecord-3.0.10-1.fc16
Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...
Nepal Telecommunications Authority Hacked by w3bd3f4c3r
Nepal Telecommunications Authority Hacked by w3bd3f4c3r Hacker with name "w3bd3f4c3r" or "T34mT!g3R" today hack into the Nepal Telecommunications Authority website using SQL injection Vulnerability. The Vulnerability Information and screenshot is posted by hacker on pastebin : The Leaked info...
DEBIAN-CVE-2011-3265
popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter...
Design/Logic Flaw
popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter...
CVE-2011-3265
popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter...
Information disclosure in LightNEasy
Vulnerability ID: HTB22751 Reference: http://www.htbridge.ch/advisory/informationdisclosureinlightneasy.html Product: LightNEasy Vendor: Fernando Baptista http://www.lightneasy.org/ Vulnerable Version: 3.2.2 Vendor Notification: 15 December 2010 Vulnerability Type: Information disclosure Status:...
Information disclosure in IceBB
Vulnerability ID: HTB22687 Reference: http://www.htbridge.ch/advisory/informationdisclosureinicebb1.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Information Disclosure Status: Not Fixed, Vendo...
IceBB 1.0-rc10 Disclosure / SQL Injection
=================================== Vulnerability ID: HTB22686 Reference: http://www.htbridge.ch/advisory/informationdisclosureinicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Information...