129 matches found
CVE-2015-4306
The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authenticated users to bypass intended login-session read restrictions, and impersonate administrators of arbitrary tenant domains, by discovering a session identifier and constructing a crafted URL, aka...
Default credentials
EMC PowerPath Virtual Appliance aka vApp before 2.0 has default passwords for the 1 emcupdate and 2 svcuser accounts, which makes it easier for remote attackers to obtain potentially sensitive information via a login session...
[SECURITY] Fedora 21 Update: mingw-dbus-1.8.12-1.fc21
D-BUS is a system for sending messages between applications. It is used both for the system wide message bus service, and as a per-user-login-session messaging facility...
[SECURITY] Fedora 20 Update: dbus-1.6.28-1.fc20
D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...
FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:25.setlogin Security Advisory The FreeBSD Project Topic: Kernel stack disclosure in setlogin2 / getlogin2 Category: core Module: kernel Announced: 2014-11-04...
Fedora Update for dbus FEDORA-2012-14157
Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2012-14157 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Fedora Update for dbus FEDORA-2010-19166
Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2010-19166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Clixint DPI Image Hosting Script Cross Site Scripting Vulnerability
This host is running Flashlight Free Edition and is prone to Cross Site Scripting Vulnerability. OpenVAS Vulnerability Test $Id: gbimagehostingscriptdpixssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Clixint DPI Image Hosting Script Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyrigh...
openSUSE 10 Security Update : squirrelmail (squirrelmail-6242)
Multiple vulnerabilities have been fixed in SquirrelMail: an XSS and input sanitization bug both CVE-2009-1578, a server-side code execution CVE-2009-1579, a login session hijacking bug CVE-2009-1580 and another bug that allowed phishing and XSS attacks CVE-2009-1581. %NASLMINLEVEL 70300 C Tenabl...
Fedora Update for dbus FEDORA-2008-2070
Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2008-2070 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for dbus FEDORA-2008-10733
Check for the Version of dbus OpenVAS Vulnerability Test Fedora Update for dbus FEDORA-2008-10733 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt...
Improper access control
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt...
CVE-2008-5855
myPHPscripts Login Session 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to discover usernames, e-mail addresses, and password hashes via a direct request for users.txt...
CVE-2008-5855
The CVE-2008-5855 entry concerns myPHPscripts Login Session 2.0, where sensitive data is stored under the web root with insufficient access control. The underlying issue is exposure of a users.txt file, which can allow remote attackers to discover usernames, e-mail addresses, and password hashes ...
myPHPscripts Login Session 2.0 XSS / Database Disclosure
START 0x01 Informations: Script : myPHPscripts Login Session 2.0 Download : http://www.hotscripts.com/jump.php?listingid=69881&jumptype=1 Vulnerability : XSS / Database Disclosure Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org Notes : Proud to be Italian Greets: : XaDoS,...
myPHPscripts Login Session 2.0 XSS/Database Disclosure Vulns
Exploit for unknown platform in category web applications ============================================================ myPHPscripts Login Session 2.0 XSS/Database Disclosure Vulns ============================================================ START 0x01 Informations: Script : myPHPscripts Login...
myPHPscripts Login Session 2.0 - Cross-Site Scripting Database Disclosure
myPHPscripts Login Session 2.0 - Cross-Site Scripting Database Disclosure START 0x01 Informations: Script : myPHPscripts Login Session 2.0 Download : http://www.hotscripts.com/jump.php?listingid=69881&jumptype=1 Vulnerability : XSS / Database Disclosure Author : Osirys Contact : osirysatlivedotit...
myPHPscripts Login Session 2.0 - Cross-Site Scripting / Database Disclosure
START 0x01 Informations: Script : myPHPscripts Login Session 2.0 Download : http://www.hotscripts.com/jump.php?listingid=69881&jumptype=1 Vulnerability : XSS / Database Disclosure Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org Notes : Proud to be Italian Greets: : XaDoS,...
[SECURITY] Fedora 9 Update: dbus-1.2.6-1.fc9
D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility...