11 matches found
SUSE CVE-2012-0471
Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set...
CVE-2012-0471
Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set...
Cross site scripting
Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set...
CVE-2012-0471
Cross-site scripting XSS vulnerability in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9 allows remote attackers to inject arbitrary web script or HTML via a multibyte character set...
Fedora 13 : mod_auth_mysql-3.0.0-12.fc13 (2011-0114)
This update fixes a security issue in modauthmysql. A flaw was found in the way modauthmysql escaped certain multibyte-encoded strings. If modauthmysql was configured to use a multibyte character set that allowed a backslash '' as part of the character encodings, a remote attacker could inject...
RHEL 6 : mod_auth_mysql (RHSA-2010:1002)
An updated modauthmysql package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...
Sql injection
SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...
CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...
CVE-2008-6741
SQL injection vulnerability in Load.php in Simple Machines Forum SMF 1.1.4 and earlier allows remote attackers to execute arbitrary SQL commands by setting the dbcharacterset parameter to a multibyte character set such as big5, which causes the addslashes PHP function to produce a "" backslash...
CVE-2008-2384
SQL injection vulnerability in modauthmysql.c in the mod-auth-mysql aka libapache2-mod-auth-mysql module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ backslash as part of the character encoding, allows remote attackers to execute arbitrary SQL...
openSUSE 10 Security Update : dovecot (dovecot-1987)
Dovecot might have been affected by the multibyte character set SQL injection issues for instance described in CVE-2006-2314. This patch fixes the MySQL and PostgreSQL backend to use the correct quoting methods when passing user-supplied strings. %NASLMINLEVEL 70300 C Tenable Network Security, In...