3751 matches found
Mambo/Joomla Component rsgallery <= 2.0b5 (catid) SQL Injection Vuln
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV86$2007 ----------------------------------------------------------------------------------------- ECHOADV86$2007 Mambo/Joomla Component rsgallery = 2.0 beta 5 catid Remote...
Oreon 1.4 / Centreon 1.4.1 - Multiple RFI Vulnerabilties
No description provided by source. By Michael Brooks Vulnerability Type: Multiple Remote File Inclusion. Software: Oreon and Centreon Homepage:http://www.oreon-project.org/ or http://www.centreon.com/ Versions: 1.4Oreon and 1.4.1Centreon The vulnerable file is:...
Magic List Pro view_archive.cfm ListID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15774/info CFMagic Products are prone to multiple input validation vulnerabilities. These are due to a lack of proper sanitization of user-supplied input. These vulnerabilities allow an attacker to inject malicious SQL co...
Magic Photo Storage Website user/user_membership_password.php _config[site_path] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
Magic Photo Storage Website user/login.php _config[site_path] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
Magic Book Professional 2.0 Book.CFM Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15805/info Magic Book Professional is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...
Magic Photo Storage Website user/couple_milestone.php _config[site_path] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
XBrite Members <= 1.1 (id) Remote SQL Injection Exploit
No description provided by source. ?php / |=================================================================================================| | .. . .. . | | / || \ | | / \ | | / || | | | | || \ | | | ----| | | / ^ \ ---| |----| ,----'| || | | | | | | | | \ \ | . | / /\ \ | | | | | | | | | / | |...
Anserv Auction XL (viewfaqs.php cat) - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV92$2008 ----------------------------------------------------------------------------------------- ECHOADV92$2008 Anserv Auction XL viewfaqs.php cat Blind Sql Injection...
w3blabor CMS <= 3.3.0 (Admin Bypass) SQL Injection Vulnerability
No description provided by source. '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo8 | -------------------------------------------------- | w3blabor CMS =...
openSUSE Security Update : file (openSUSE-SU-2014:0435-1)
The file magic scanning tool/library was updated to fix a off-by-one error in the last security fixes. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-255. The text description o...
Senior PHP application vulnerability auditing techniques-vulnerability warning-the black bar safety net
Senior PHP application vulnerability auditing techniques Foreword Traditional code auditing techniques PHP version and application code audit Other factors and application code audit The expansion of our dictionary The variable itself is the key Variable coverage Traverse initialize variables...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
DEBIAN-CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
Double free
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
DSA-2861-1 file - denial of service
Bulletin has no description...
file -- denial of service
The Fine Free file project reports: file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
RHEL 5 : php53 (RHSA-2013:1307)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1307 advisory. - php: paths with NULL character were considered valid CVE-2006-7243 - PHP: sapiheaderop %0D sequence handling security bypass CVE-2011-1398...