1909 matches found
phpMyAdmin 3.3.x/3.4.x - Local File Inclusion via XML External Entity Injection (Metasploit)
Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link: http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/ Tested on: Windows and Linux - phpmyadmin versions: 3.3.6, 3.3.10, 3.4.0...
Mandriva Update for phpmyadmin MDVSA-2011:198 (phpmyadmin)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
DEBIAN-CVE-2011-4107
The simplexmlloadstring function in the XML import plug-in libraries/import/xml.php in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity XXE injection...
Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Local file inclusion. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.11.8 and below Vulnerability Type: Local file inclusion...
Local file inclusion.
PMASA-2011-17 Announcement-ID: PMASA-2011-17 Date: 2011-11-10 Summary Local file inclusion. Description Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file limited by the privileges of the user running the web server. Severity We consider...
phpmyadmin -- Local file inclusion
Jan Lieskovsky reports: Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file limited by the privileges of the user running the web server...
TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server
Trustwave's SpiderLabs Security Advisory TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt Published: 2011-09-23 Version: 1.0 Vendor: IceWarp http://www.icewarp.com Product: IceWarp Mail Server Version affected: 10.3.2 a...
IceWarp Mail Server Injection / Information Disclosure
Trustwave's SpiderLabs Security Advisory TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt Published: 2011-09-23 Version: 1.0 Vendor: IceWarp http://www.icewarp.com Product: IceWarp Mail Server Version affected: 10.3.2 a...
Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities
No description provided by source. Multiple Adobe Products XML External Entity And XML Injection Vulnerabilities CVE: CVE-2009-3960 Adobe PSIRT: APSB10-05 - http://www.adobe.com/support/security/bulletins/apsb10-05.html Link:...