852 matches found
iBoutique.MALL - Directory Traversal
iBoutique.MALL Homepage: http://www.netartmedia.net/mall/ Description: Based on iBoutique 4.0, iBoutique.MALL is a powerful multi user mall software solution. It makes possible for the new vendors to signup and create their own customized online stores with ease. Effected files: index.php Directo...
DSA-1056-1 webcalendar - verbose error message
Bulletin has no description...
PhpGroupWare Main Screen Message Script Injection Flaw
The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
[SECURITY] [DSA 1002-1] New webcalendar packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1002-1 [email protected] http://www.debian.org/security/ Martin Schulze March 15th, 2006 http://www.debian.org/security/faq -...
PluggedOut-1.9.9c.txt
PluggedOut Blog SQL INJECTION and XSS PluggedOut Blog is an open source script you can run on your web server to give you an online multi-user journal or diary. It can be used equally well for any kind of calendar application.Rather than give you a thousand things you don't really want...
PluggedOut Blog SQL vuln.
PluggedOut Blog SQL vuln. Vuln. dicovered by : r0t Date: 5 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/pluggedout-blog-sql-vuln.html vendor:www.pluggedout.com/index.php?pk=devblog affected version:1.9.4 , 1.9.5 and prior Product Description: Blog is an open source script you ca...
saralblog v1 SQL inj. vuln.
saralblog v1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/saralblog-v1-sql-inj-vuln.html vendor:http://www.saralblog.org/ affected version:v.1 and prior Product Description: saralblog is a very simple to use blog, which has some ve...
PhpGroupWare arbitrary command execution
The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
PhpGroupWare XSS
The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
bsod in win32k.sys(Multi-User Win32 Driver)
Hello vuln, OS: Microsoft Windows XP, SP2, other not tested VULNERABILITY: file : win32k.sys version : 5.1.2600.2180 xpspsp2rtm.040803-2158 description : Multi-User Win32 Driver author : 6star aka mg BUG DESCRIPTION: When you try HOW TO CHECK: 1. Click on Desktop to call Context Menu. 2. Then...
PhpMyFAQ 1.5.1 multiple vulnerabilities
2.31 23/09/2005 PhpMyFaq 1.5.1 SQL injection / board takeover / user info disclosure / path disclosure remote code / commands execution software: site: http://www.phpmyfaq.de/ description: "phpMyFAQ is a multilingual, completely database-driven FAQ-system. It supports various databases to store a...
[SECURITY] [DSA 766-1] New webcalendar package fixes information disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 766-1 [email protected] http://www.debian.org/security/ Martin Schulze July 26th, 2005 http://www.debian.org/security/faq -...
DSA-766-1 webcalendar - authorisation failure
Bulletin has no description...
[Full-disclosure] [ZH2005-16SA] Insecure temporary file creation in Skype for Linux
ZH2005-16SA Insecure temporary file creation in Skype for Linux Application: Skype for Linux Version affected: = 1.1.0.20 Vendor website : http://www.skype.com Author: Giovanni Delvecchio e-mail: [email protected] About Skype ======== Skype is a free program that uses the latest P2P technolog...
FreeBSD : wine -- information disclosure due to insecure temporary file handling (48a59c96-9c6e-11d9-a040-000a95bc6fae)
Due to insecure temporary file creation in the Wine Windows emulator, it is possible for any user to read potentially sensitive information from temporary registry files. When a Win32 application is launched by wine, wine makes a dump of the Windows registry in /tmp with name regxxxxyyyy.tmp ,...
Horde Nag Detection
The remote host is running Nag, an open source PHP-based multi-user task list manager from the Horde Project. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18135; scriptversion"1.23"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...
RHEL 3 : mysql-server (RHSA-2005:348)
Updated mysql-server packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL...
ZH2005-02SA.txt
ZH2005-02SA Insecure tmp file creation in Wine 03/13/2005 Title: Insecure tmp file creation in Wine Author: Giovanni Delvecchio e-mail: [email protected] Version affected : Wine 20050211 and previous releases About Wine ======== from http://www.winehq.org/site/docs/wine-faq/index : Wine is a...
[Full-disclosure] [ZH2005-02SA] Insecure tmp file creation in Wine
Title: Insecure tmp file creation in Wine Author: Giovanni Delvecchio e-mail: [email protected] Version affected : Wine 20050211 and previous releases About Wine ======= from http://www.winehq.org/site/docs/wine-faq/index : Wine is a program which allows the operation of DOS and MS Windows...
wine -- information disclosure due to insecure temporary file handling
Due to insecure temporary file creation in the Wine Windows emulator, it is possible for any user to read potentially sensitive information from temporary registry files. When a Win32 application is launched by wine, wine makes a dump of the Windows registry in /tmp with name regxxxxyyyy.tmp ,...