Lucene search
+L

1853 matches found

cvelist
cvelist
added 2010/01/12 5:0 p.m.22 views

CVE-2009-4599

Multiple SQL injection vulnerabilities in the JS Jobs comjsjobs component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via 1 the md parameter in an employer viewcompany action to index.php or 2 the oi parameter in an employer viewjob action to index.php...

8.5AI score0.02007EPSS
Exploits1References4
cve
cve
added 2010/01/12 5:0 p.m.48 views

CVE-2009-4599

CVE-2009-4599 affects the Joomla! JS Jobs component (com_jsjobs) version 1.0.5.6. The vulnerability is a SQL injection in two parameters: md in employer view_company and oi in employer view_job, potentially allowing remote attackers to execute arbitrary SQL commands. NVD reports a CVSS v2 base sc...

7.5CVSS8.8AI score0.02007EPSS
Exploits1References4Affected Software1
nessus
nessus
added 2010/01/11 12:0 a.m.31 views

JS Jobs Component for Joomla! 'md' Parameter SQLi

The version of the JS Jobs component for Joomla! running on the remote host is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input to the 'md' parameter before using it to construct database queries. Regardless of the PHP 'magicquotesgpc' setting, an...

7.5CVSS5.9AI score0.02007EPSS
Exploits1References2
fedora
fedora
added 2010/01/07 12:57 a.m.38 views

[SECURITY] Fedora 11 Update: condor-7.4.1-1.fc11

Condor is a specialized workload management system for compute-intensive jobs. Like other full-featured batch systems, Condor provides a job queueing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs to Condor,...

6.5CVSS2.1AI score0.02078EPSS
Exploits1
ubuntucve
ubuntucve
added 2009/12/23 6:30 p.m.28 views

CVE-2009-4133

Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...

6.5CVSS6AI score0.02078EPSS
Exploits1References1
packetstorm
packetstorm
added 2009/12/10 12:0 a.m.37 views

Joomla JS Jobs 1.0.5.6 SQL Injection

Joomla Component comjsjobs Multiple SQL injection vulnerability Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : December 9, 2009 Software Information + Vendor : http://www.joomshark.com/ + Download :...

0.3AI score
Exploits0
osv
osv
added 2009/11/20 2:30 a.m.3 views

DEBIAN-CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...

7.5CVSS7.3AI score0.03913EPSS
Exploits1References1
osv
osv
added 2009/11/20 2:30 a.m.7 views

CVE-2009-3553

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...

7.5CVSS7.4AI score
Exploits0References31
redhat
redhat
added 2009/11/18 12:47 p.m.6 views

cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface

Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service daemon crash or hang via a client disconnection during listin...

7.5CVSS7.2AI score0.03913EPSS
Exploits1References4
threatpost
threatpost
added 2009/10/26 4:34 p.m.10 views

Guardian Jobs Site Hacked, Data Stolen

In what is being described as a “deliberate and sophisticated crime,” the Guardian newspaper in the U.K. says the careers section of its Web site was hacked, exposing sensitive data belonging to about half a million users. According to a note posted online by the Guardian: The police remain anxio...

1.1AI score
Exploits0References2
prion
prion
added 2009/08/21 2:30 p.m.14 views

Unrestricted file upload

Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory...

6CVSS7.9AI score0.02735EPSS
Exploits0References4
nvd
nvd
added 2009/08/21 2:30 p.m.13 views

CVE-2008-7021

Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory...

6CVSS7.3AI score0.02735EPSS
Exploits0References4
openvas
openvas
added 2009/04/09 12:0 a.m.20 views

Mandriva Update for vixie-cron MDKSA-2007:234 (vixie-cron)

Check for the Version of vixie-cron OpenVAS Vulnerability Test Mandriva Update for vixie-cron MDKSA-2007:234 vixie-cron Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

2.1CVSS6.4AI score0.00383EPSS
Exploits0References2
xssed
xssed
added 2009/03/05 12:0 a.m.20 views

Unfixed XSS vulnerability at www.bestbuy-jobs.com

Security researcher Azat Harutyunyan, has submitted on 03/05/2009 a cross-site-scripting XSS vulnerability affecting www.bestbuy-jobs.com, which at the time of submission ranked 32863 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/09/2009. ...

0.1AI score
Exploits0References1
nvd
nvd
added 2009/02/03 11:30 a.m.12 views

CVE-2008-6030

Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via 1 the job parameter to index.php in the search module or 2 the newsid parameter to index.php...

7.5CVSS8.5AI score0.00973EPSS
Exploits1References4
prion
prion
added 2009/02/03 11:30 a.m.11 views

Sql injection

Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via 1 the job parameter to index.php in the search module or 2 the newsid parameter to index.php...

7.5CVSS9.3AI score0.00973EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2009/02/03 11:0 a.m.21 views

CVE-2008-6030

Multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 allow remote attackers to execute arbitrary SQL commands via 1 the job parameter to index.php in the search module or 2 the newsid parameter to index.php...

8.5AI score0.00973EPSS
Exploits1References4
cve
cve
added 2009/02/03 11:0 a.m.43 views

CVE-2008-6030

CVE-2008-6030 relates to multiple SQL injection vulnerabilities in NetArtMedia Jobs Portal 1.3 . The flaws allow remote attackers to execute arbitrary SQL commands via two parameters: (1) the job parameter in index.php (search module) and (2) the news_id parameter in index.php. The vulnerability’...

7.5CVSS8.8AI score0.00973EPSS
Exploits1References4Affected Software1
myhack58
myhack58
added 2008/12/20 12:0 a.m.15 views

Escape the IDS-vulnerability warning-the black bar safety net

1. About openrowset and opendatasource May this tips earlier someone already, is the use of openrowset to send the local command. Usually our usage is including MSDN the liezi as follows: the select from openrowset'sqloledb','myserver';'sa';",'select from table' Visible even from the literal...

7.6AI score
Exploits0
attackerkb
attackerkb
added 2008/10/15 10:45 p.m.2 views

CVE-2008-4587

Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control ISDM.exe 6.1.100.61372 in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFile and RunScheduledJobs methods. NOTE: this...

9.3CVSS6.4AI score0.10507EPSS
Exploits0References7
Rows per page
Query Builder