6680 matches found
CVE-2016-9852
An issue in phpMyAdmin (CVE-2016-9852) allows PHP errors revealing the full installation path to be produced when calling certain scripts, and during export time, those errors can be written into the export file. Affected are all 4.6.x versions prior to 4.6.5 and 4.4.x versions prior to 4.4.15.9....
CVE-2016-9852
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9854
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9853
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9854
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
CVE-2016-9852
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...
egghead.io XSS vulnerability
Vulnerable URL: https://egghead.io/search?q=...
Sony IPELA ENGINE IP Cameras Backdoor Accounts Vulnerability
Sony IPELA ENGINE IP Cameras contain multiple backdoors that, among other functionality, allow an attacker to enable the Telnet/SSH service for remote administration over the network. Other available functionality may have undesired effects to the camera image quality or other camera functionalit...
Sony IPELA ENGINE IP Cameras Backdoor Accounts
We have published an accompanying blog post to this technical advisory with further information: http://blog.sec-consult.com/2016/12/backdoor-in-sony-ipela-engine-ip-cameras.html SEC Consult Vulnerability Lab Security Advisory ======================================================================...
pornoid.com XSS vulnerability
Vulnerable URL: http://www.pornoid.com/searchpages/?q=Search"...
euroline.cz XSS vulnerability
Vulnerable URL: http://www.euroline.cz/cz/vyhledavani.html?search=%3C%2Fscript%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%2FXSSPOSED%2F%29%3E&eurolineSearch.x;=0&eurolineSearch.y;=0 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerabili...
SUSE SLED12 / SLES12 Security Update : sudo (SUSE-SU-2016:2893-1)
This update for sudo fixes the following issues : - fix two security vulnerabilities that allowed users to bypass sudo's NOEXEC functionality : - noexec bypass via system and popen CVE-2016-7032, bsc1007766 - noexec bypass via wordexp CVE-2016-7076, bsc1007501 Note that Tenable Network Security h...
CVE-2016-9635
Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Mitigation This...
SUSE-SU-2016:2898-1 Security update for nodejs4
This update for nodejs4 fixes the following issues: Security issues fixed: - CVE-2016-5180: c-ares: Fix for single-byte buffer overwrite bsc1007728. Bug fixes: - bsc1009011: npm4 should provide versioned nodejs-npm and npm allowing nodejs-packaging to continue to function properly in Leap 42.2...
visahq.com XSS vulnerability
Vulnerable URL: https://www.visahq.com/search1.php?sa=Search=FORID:11alert'OPENBUGBOUNTY'...
depor.com XSS vulnerability
Vulnerable URL: http://depor.com/buscar/B4rtwashere...
depop.com XSS vulnerability
Vulnerable URL: https://www.depop.com/search/?q=...
foto.com.ng XSS vulnerability
Vulnerable URL: http://foto.com.ng/index.php?search=prompt/OPENBUGBOUNTY/...
codart.net XSS vulnerability
Vulnerable URL: http://www.codart.net/20/search/?query='"/alert"openbugbounty"...
SweetRice 1.5.1 - Cross-Site Request Forgery PHP Code Execution
SweetRice 1.5.1 - Cross-Site Request Forgery PHP Code Execution Hacked '; phpinfo; Code You Can Customize Exploit For Your Self . Exploit : -- Hacked '; phpinfo;? /textarea...