3858 matches found
ipa security, bug fix and enhancement update
3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...
CVE-2012-6515
eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers to obtain sensitive information via invalid coursesID parameter in the lessoninfo module to index.php, which reveals the installation path in an error message...
Twister Peer-To-Peer Microblogging Information Disclosure
======================================================================== TWISTER Peer-To-Peer microblogging Multiples Application Error Message and disclosing sensitive information ======================================================================== TIME-LINE VULNERABILITY Multiples Advisorie...
Information disclosure
wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message...
Information disclosure
The Web Client aka CQ Web in IBM Rational ClearQuest 7.1.2.x before 7.1.2.9 and 8.0.0.x before 8.0.0.5 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a SQL error message...
CVE-2012-5765
The Web Client aka CQ Web in IBM Rational ClearQuest 7.1.2.x before 7.1.2.9 and 8.0.0.x before 8.0.0.5 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a SQL error message...
Design/Logic Flaw
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via 1 a long string or 2 invalid characters in a cookie, which reveals the installation path in an error message...
CVE-2012-6049
Open Solution Quick.Cart 5.0 contains an information-disclosure flaw in cookie handling: remote attackers can trigger error messages that reveal the installation path via a long string or invalid characters in a cookie. The affected product/version is stated as Quick.Cart 5.0; the vulnerability a...
CVE-2012-3354
doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message...
CVE-2012-3354
doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message...
CVE-2012-4552
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...
Stack overflow
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...
CVE-2012-4552
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...
CVE-2012-4552
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...
Applicure dotDefender format string vulnerability
Format specificators are not escaped on error message generation...
Information disclosure
Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...
WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities
WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities waraxe-2012-SA093 - Multiple Vulnerabilities in Wordpress Social Discussions Plugin ====================================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012...
WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities
waraxe-2012-SA093 - Multiple Vulnerabilities in Wordpress Social Discussions Plugin ====================================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-93.html...
WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure
Exploit for php platform in category web applications Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-92.html Description of vulnerable target: Slideshow provides an easy way to integrate a slideshow for any WordPress installation. An...
Wordpress Social Discussions 6.1.1 File Inclusion / Path Disclosure
Exploit for php platform in category web applications Author: Janek Vind "waraxe" Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-93.html Description of vulnerable target: Enables Social Sharing of your blog posts to 30+ Social Networks. Plugin also enables you to Automatically Publis...