1694 matches found
httpd security update
2.0.46-73.0.1.ent - use oracle index page oracleindex.html - remove logos in poweredby.gif and poweredbyrh.png - add apr-configure.patch 2.0.46-73.ent - forcibly disable SCTP support in APR 2.0.46-72.ent - add security fixes for CVE-2009-0023, CVE-2009-1955, and CVE-2009-1956 apr-util 504562...
Unrestricted file upload
Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in MemberAdmin/logo/...
CVE-2008-6684
Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in MemberAdmin/logo/...
Availscript Jobs Portal Script File Upload Vulnerability (auth)
No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...
Availscript Jobs Portal Script File Upload Vulnerability (auth)
Exploit for unknown platform in category web applications =============================================================== Availscript Jobs Portal Script File Upload Vulnerability auth ===============================================================...
CVE-2008-1790
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability...
RichStrong CMS (showproduct.asp?cat=) Remote SQL Injection Exploit
Info: Software: RichStrong CMS HomePage: http://www.hzrich.cn Exploit: Remote Sql Injection High Where: showproduct.asp?cat= Bug Found By: Jose Luis Gуngora Fernбndez|JosS Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com Dork: "Power by:RichStrong CMS" Dork2: Priv8, xD! +...
Moderate: httpd security update
2.0.46-70.ent.0.1 - use oracle index page oracleindex.html and logo removal - add apr-configure.patch 2.0.46-70.ent - add security fix for CVE-2007-6388 427235 - add security fix for modproxyftp UTF-7 XSS 427742 2.0.46-69.ent - add security fix for CVE-2007-3847 250759 - add security fixes for...
Important: libxml2 security update
2.5.10-8.0.1 - Add patch libxml2-enterprise.patch, and other logo changes in tarball 2.5.10-8 - Patch to fix UTF-8 decoding problem CVE-2007-6284 - Resolves: rhbz425930...
[SECURITY] Fedora 7 Update: kdeedu-3.5.8-2.fc7
Educational/Edutainment applications, including: blinken: Simon Says Game kalzium: Periodic Table of Elements kanagram: Letter Order Game kbruch: Exercise Fractions keduca: Tests and Exams kgeography: Geography Trainer khangman: Hangman Game kig: Interactive Geometry kiten: Japanese Reference/Stu...
Buffer overflow
Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter...
Moderate: httpd security update
2.0.46-67.ent.0.1 - index.html cleanup and logo removal 2.0.46-67.ent - rebuild 2.0.46-66.ent - modcache: follow upstream max-stale handling in CVE-2007-1863 fix 244662 2.0.46-65.ent - add security fixes for CVE-2007-1863 and CVE-2006-5752 244662 2.0.46-64.ent - fix ProxyErrorOverride to only...
CVE-2005-3552
Multiple cross-site scripting XSS vulnerabilities in PHPKIT 1.6.1 R2 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple vectors in 1 login/profile.php, 2 login/userinfo.php, 3 admin/admin.php, 4 imcenter.php, and the 5 referer statistics, the 6 HTML title eleme...
Template Seller Pro 3.25
AlstraSoft Template Seller Pro 3.25 =================================== Software: AlstraSoft Template Seller Pro 3.25 Severity: Arbitrary code execution, SQL Injections Risk: High Author: Robin Verton [email protected] Date: Nov. 15 2005 Vendor: www.alstrasoft.com Description: Ever thought of...