Sql injection

Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the 1 aktion or 2 callurl parameter to modules/patient/mycare2xpatinfo.php; 3 deptnr or 4 pid parameter to modules/importer/mycare2ximporter.php; 5 myOpsEintrag or 6 keyword parameter i...

Scientific Linux Security Update : ndiswrapper on SL5.x i386/x86_64

This release is corresponding with the first kernel security update with the new 2.6.18-92 kernel. We have built new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

Scientific Linux Security Update : openafs on SL5.x i386/x86_64

This release is corresponding with the SL 5.5 update. We have build new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Scientific Linux Security Update : openafs on SL5.x i386/x86_64

This release is corresponding with the kernel security update with the new 2.6.18-164 kernel. We have build new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...

Scientific Linux Security Update : ndiswrapper on SL5.x i386/x86_64

This release is corresponding with the kernel security update with the new 2.6.18-164 kernel. We have build new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...

Scientific Linux Security Update : openafs on SL5.x i386/x86_64

This release is corresponding with the first kernel security update with the new 2.6.18-92 kernel. We have build new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

Scientific Linux Security Update : kvm on SL5.x x86_64

A data structure field in kvmvcpuioctlx86getvcpuevents in QEMU-KVM was not initialized properly before being copied to user-space. A privileged host user with access to '/dev/kvm' could use this flaw to leak kernel stack memory to user-space. CVE-2010-4525 These updated packages also fix several...

Potential remote code execution due to embedding of old django-piston

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/CONFCLOUD-46819. panel The exposed atlassian api for forummodules found under forummodules/atlassian/api uses an outdated version of...

Barracuda Application Validation Filter Bypass

Exploit for php platform in category web applications Barracuda Appliances - Validation Filter Bypass Vulnerability Details: ======== A filter bypass vulnerability is detected in the Barracuda Networks Appliances Applications. Remote attackers with privileged user accounts bypass the application...

DEBIAN-CVE-2011-3148

Stack-based buffer overflow in the assembleline function in modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 allows local users to cause a denial of service crash and possibly execute arbitrary code via a long string of white spaces at the beginning of the /.pamenvironment file...

CVE-2012-3998

Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the 1 paste id in admin/modules/modpastes.php or 2 show.php, 3 user id to admin/modules/modusers.php, 4 project to list.php, or 5 session id to show.php...

Check Point Abra Bypass / Command Execution

Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V., Komarov A. Group-IB Summary: Check Point Abra allow...

Check Point Abra Bypass / Command Execution

Exploit for php platform in category web applications Check Point Abra Vulnerabilities Vendor: Check Point Software Technologies Ltd Product web page: http://rus.checkpoint.com/products/abra/index.html; http://www.checkpoint.com/products/go/ Platforms: Windows XP, Vista, 7 32 bit Authors: Belov V...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 groupname parameter in a savecategory in the users module; 2 virtualfilename, 3 branch, 4 contactperson, 5 street, 6 city, 7 province, 8 postal, 9...

Python-wrapper Untrusted Search Path / Code Execution

python-wrapper untrusted search path/code execution vulnerability Python-wrapper executes any test.py script within the current working directory, when supplied with help'modules'. A non-priviledged user may gain code execution by tricking root to help'modules' or help and then modules from withi...

rsyslog security, bug fix, and enhancement update

5.8.10-2 - add patch to update information on debugging in the man page Resolves: 820311 - add patch to prevent debug output to stdout after forking Resolves: 820996 - add patch to support ssl certificates with domain names longer than 128 chars Resolves: 822118 5.8.10-1 - rebase to rsyslog 5.8.1...

Drupal Drag And Drop 6.x-1.5 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Drupal Modules - Drag & Drop Gallery Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Silverstripe Modules - Pixlr Image Editor Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Design/Logic Flaw

The imalsmruleinit function in security/integrity/ima/imapolicy.c in the Linux kernel before 2.6.37, when the Linux Security Modules LSM framework is disabled, allows local users to bypass Integrity Measurement Architecture IMA rules in opportunistic circumstances by leveraging an administrator's...