Drupal Administration Views Module Access Bypass Vulnerability

Drupal is a free and open source content management system developed in PHP. An access bypass vulnerability exists in the Drupal Administration Views module, which allows an attacker to obtain sensitive information...

OpenCart 1.5.6.1 SQL Injection Vulnerability

OpenCart versions 1.5.6.1 and below suffer from a remote SQL injection vulnerability. Exploit Title : OpenCart log'getEbayItemId - Product ID: '.$productid; $qry = $this-db-query"SELECT ebayitemid FROM " . DBPREFIX . "ebaylisting WHERE productid = '".$productid."' AND status = '1' LIMIT 1";...

OpenCart 1.5.6.1 - openbay Multiple SQL Injections

OpenCart 1.5.6.1 - openbay Multiple SQL Injections Exploit Title : OpenCart log'getEbayItemId - Product ID: '.$productid; $qry = $this-db-query"SELECT ebayitemid FROM " . DBPREFIX . "ebaylisting WHERE productid = '".$productid."' AND status = '1' LIMIT 1"; .............. Function is called on man...

MGASA-2014-0031 Updated drupal package fixes security vulnerabilities

Christian Mainka and Vladislav Mladenov reported a vulnerability in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack their accounts CVE-2014-1475. Matt Vance and Damien Tournoud reported an access bypass vulnerability in the...

PT-2013-1192 · Moonchild Productions +4 · Pale Moon +4

Name of the Vulnerable Software and Affected Versions: Pale Moon versions prior to 15.4 libpixman version 0.26.2 Description: The issue is related to a stack-based buffer overflow in libpixman, which may have unspecified impact and context-dependent attack vectors. It might be resultant from an...

ShopperPress v2.7 Wordpress - SQL Injection Vulnerability

Document Title: =============== ShopperPress v2.7 Wordpress - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=669 Release Date: ============= 2012-07-31 Vulnerability Laboratory ID VL-ID: ==================================== 6...

SA-CONTRIB-2012-101 - Protected Node - Access Bypass

The Protected Node module enables users to use a password to restrict access to an individual node or all nodes of a node type. The module doesn't sufficiently protect node access when nodes are accessed outside of the standard node view i.e. node/1 is protected but other lists are not. CVE:...

[SECURITY] Fedora 12 Update: libsmi-0.4.8-5.fc12

Libsmi is a C library to access MIB module information through a well defined API that hides the nasty details of locating and parsing SMIv1/v2 MIB modules. This package contains tools to check, dump, and convert MIB definitions and a steadily maintained and revised archive of all IETF and IANA...