208 matches found
[SECURITY] Fedora 17 Update: mantis-1.2.14-1.fc17
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.14...
[SECURITY] Fedora 18 Update: mantis-1.2.14-1.fc18
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.14...
Fedora Update for mantis FEDORA-2012-18299
Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2012-18299 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for mantis FEDORA-2012-18294
Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2012-18294 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
[SECURITY] Fedora 18 Update: mantis-1.2.12-1.fc18
Mantis is a free popular web-based issue tracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL databases and a web server. Almost any web browser should be able to function as a client. Documentation can be found in: /usr/share/doc/mantis-1.2.12...
netOffice Dwins <= 1.4p3 SQL Injection Vulnerability
Exploit for php platform in category web applications Discovered by dun \ posdubatgmail.com 2012-11-08 netOffice Dwins openWorkHours$tmpquery; //5 SQL ..cut.. users/exportuser.php?id=-1 union select 0,0,0,0,0,1,1,1,0,1,1,1,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0-- File:...
NetOffice Dwins 1.4p3 - SQL Injection
NetOffice Dwins 1.4p3 - SQL Injection :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-11-08 netOffice Dwins openWorkHours$tmpquery; //5 SQL ..cut...
Debian: Security Advisory (DSA-2567-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
JIRA 4.4.3, GreenHopper < 5.9.8 Multiple Vulnerabilities
Exploit for jsp platform in category web applications CVE-2012-1500, Stored XSS in JIRA v4.4.3663-r165197, GreenHopper Resolved in Version 5.9.8, Proof of Concept External References: CVE-2112-1500 CVE-2112-1500 XSS.Cx Blog GHS-5642 Reported to Vendor on Mar 7, 2012, Resolved 8/22/2012 XSS.Cx...
Debian DSA-2500-1 : mantis - several vulnerabilities
Several vulnerabilities were discovered in Mantis, an issue tracking system. - CVE-2012-1118 Mantis installation in which the privatebugviewthreshold configuration option has been set to an array value do not properly enforce bug viewing restrictions. - CVE-2012-1119 Copy/clone bug report actions...
DSA-2500-1 mantis - several
Bulletin has no description...
Liferay Portal 6.0.x < 6.1 - Privilege Escalation
Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user can assign hem or her self to any...
Several REST interfaces vulnerable to XSRF
Several REST web services are vulnerable to XSRF|https://www.owasp.org/index.php/Cross-SiteRequestForgeryCSRF, allowing malicious web pages to execute them under the context of a logged in users browser. It's understood that JIRA REST interfaces are typically protected against XSRF based on the...
Fedora Update for mantis FEDORA-2011-12336
Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2011-12336 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for mantis FEDORA-2011-12369
Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2011-12369 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
MySQL Eventum Detection
The remote host is running MySQL Eventum, an open source web-based issue tracking system written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid52053; scriptversion"1.6"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...
Eventum Issue Tracking System 2.3.1 stored XSS
Exploit for php platform in category web applications Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info:...
Eventum Issue Tracking System 2.3.1 stored cross site scripting vulnerability-vulnerability warning-the black bar safety net
Eventum Issue Tracking System is a user-friendly interface and flexible bug tracking system, it can help the development team to quickly organize tasks and bugs. Eventum Issue Tracking System 2.3.1 the presence of the stored cross site scripting vulnerability that could cause users to...
Eventum 2.3.1 Stored Cross Site Scripting
Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: download link if available Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking system th...
eventum issue tracking system 2.3.1 - Persistent Cross-Site Scripting
Exploit Title: Eventum 2.3.1 stored XSS Date: 19-2-2011 Author: Saif El-Sherei Software Link: https://code.launchpad.net/eventum Version: Eventum 2.3.1 Tested on: FF 3.0.15, IE 8 Vendor notification: vendor notified, awaiting response Info: Eventum is a user-friendly and flexible issue tracking...