1853 matches found
CVE-2009-4599
Multiple SQL injection vulnerabilities in the JS Jobs comjsjobs component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via 1 the md parameter in an employer viewcompany action to index.php or 2 the oi parameter in an employer viewjob action to index.php...
CVE-2009-4599
CVE-2009-4599 affects the Joomla! JS Jobs component (com_jsjobs) version 1.0.5.6. The vulnerability is a SQL injection in two parameters: md in employer view_company and oi in employer view_job, potentially allowing remote attackers to execute arbitrary SQL commands. NVD reports a CVSS v2 base sc...
JS Jobs Component for Joomla! 'md' Parameter SQLi
The version of the JS Jobs component for Joomla! running on the remote host is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input to the 'md' parameter before using it to construct database queries. Regardless of the PHP 'magicquotesgpc' setting, an...
[SECURITY] Fedora 11 Update: condor-7.4.1-1.fc11
Condor is a specialized workload management system for compute-intensive jobs. Like other full-featured batch systems, Condor provides a job queueing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs to Condor,...
CVE-2009-4133
Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...
Joomla JS Jobs 1.0.5.6 SQL Injection
Joomla Component comjsjobs Multiple SQL injection vulnerability Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : December 9, 2009 Software Information + Vendor : http://www.joomshark.com/ + Download :...
DEBIAN-CVE-2009-3553
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...
CVE-2009-3553
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...
cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...
Guardian Jobs Site Hacked, Data Stolen
In what is being described as a “deliberate and sophisticated crime,” the Guardian newspaper in the U.K. says the careers section of its Web site was hacked, exposing sensitive data belonging to about half a million users. According to a note posted online by the Guardian: The police remain anxio...
Unrestricted file upload
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory...
CVE-2008-7021
Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory...
Mandriva Update for vixie-cron MDKSA-2007:234 (vixie-cron)
Check for the Version of vixie-cron OpenVAS Vulnerability Test Mandriva Update for vixie-cron MDKSA-2007:234 vixie-cron Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
Unfixed XSS vulnerability at www.bestbuy-jobs.com
Security researcher Azat Harutyunyan, has submitted on 03/05/2009 a cross-site-scripting XSS vulnerability affecting www.bestbuy-jobs.com, which at the time of submission ranked 32863 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/09/2009. ...
CVE-2008-6030
Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via 1 the job parameter to index.php in the search module or 2 the newsid parameter to index.php...
Sql injection
Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via 1 the job parameter to index.php in the search module or 2 the newsid parameter to index.php...
CVE-2008-6030
Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via 1 the job parameter to index.php in the search module or 2 the newsid parameter to index.php...
CVE-2008-6030
CVE-2008-6030 relates to multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 . The flaws allow remote attackers to execute arbitrary SQL commands via two parameters: (1) the job parameter in index.php (search module) and (2) the news_id parameter in index.php. The vulnerability’...
Escape the IDS-vulnerability warning-the black bar safety net
1. About openrowset and opendatasource May this tips earlier someone already, is the use of openrowset to send the local command. Usually our usage is including MSDN the liezi as follows: the select from openrowset'sqloledb','myserver';'sa';",'select from table' Visible even from the literal...
CVE-2008-4587
Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control ISDM.exe 6.1.100.61372 in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this...