[SECURITY] Fedora 14 Update: mod_auth_mysql-3.0.0-12.fc14

modauthmysql can be used to limit access to documents served by a web server by checking data in a MySQL database...

Rootkit.com database leaked by Anonymous Hackers, Available for Download !

On February 6, 2011, as part of their attack on HBGary, the Anonymous group social engineered administrator of rootkit.com, Jussi Jaakonaho, to gain root access to rootkit.com. The entire MySQL database backup was then released by Anonymous and announced using HBGary's CEO Twitter account,...

LocatePC 1.05 (Ligatt Version + Others) - SQL Injection

Affected Software: LocatePC 1.05 Consequences: Arbitrary SELECT queries against the LocatePC and "mysql" database. The LocatePC database contains enough information to stalk all users of the software. It may be possible to instruct the software to upload arbitrary files from each user's computer ...

LocatePC 1.05 (Ligatt Version + Others) - SQL Injection

LocatePC 1.05 Ligatt Version + Others - SQL Injection Affected Software: LocatePC 1.05 Consequences: Arbitrary SELECT queries against the LocatePC and "mysql" database. The LocatePC database contains enough information to stalk all users of the software. It may be possible to instruct the softwar...

WordPress Mingle Forum Plugin <= 1.0.26 - Multiple Vulnerabilities

There exist multiple vulnerabilities in Mingle Forum plugin for WordPress: 1. There is a SQL injection that reads application data. It is in the RSS feed generator. An attacker can retrieve information from the MySql database by crafting specific URLs. 2. SQL injection is in the edit post...

RHEL 6 : mod_auth_mysql (RHSA-2010:1002)

An updated modauthmysql package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Moderate: Red Hat Security Advisory: mod_auth_mysql security update

An updated modauthmysql package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

MySQL: crash when loading data into geometry function PolyFromWKB() (MySQL Bug#51875)

The Gislinestring::initfromwkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of service server crash by calling the PolyFromWKB function with Well-Known Binary WKB data containing a crafted number of 1 line strings or 2 line points...

Xlrstats 2.0.1 - SQL Injection

Xlrstats 2.0.1 - SQL Injection ---------------------------------------------------------------------------- Sql injection vulnerability ---------------------------------------------------------------------------- Exploit Title: Xlrstats Big Brother Bot Game SQL injection 2.0.1...

Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability

Exploit for php platform in category web applications ================================================================ Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability ================================================================ Vendor: Zen Ventures, LLC Product web page:...

Zen Cart 1.3.9f Local File Inclusion

Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for...

Snort Report Detection

This host is running Snort Report. Snort Report is an add-on module for the Snort Intrusion Detection System. It provides realtime reporting from the MySQL database generated by Snort. OpenVAS Vulnerability Test $Id: gbsnortreportdetect.nasl 5736 2017-03-27 13:36:24Z cfi $ Snort Report Detection...

Onpub web content management Multiple Vulnerabilty

Exploit for php platform in category web applications ================================================== Onpub web content management Multiple Vulnerabilty ================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\...

TCW PHP Album - Multiple Vulnerabilities

TCW PHP Album - Multiple Vulnerabilities 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: TCW PHP Album Multiple Vulnerability Vendor...

NinkoBB 1.3RC5 Cross Site Request Forgery

Title: NinkoBB CSRF Vulnerability Author: ADEO Security Published: 30/06/2010 Version: 1.3RC5 Possible all versions Vendor: http://ninkobb.com Download: http://ninkobb.com/releases/?NinkoBB-1.3RC5.zip Description: "NinkoBB is an open source forum script written in the PHP language and uses a MySQ...

[SECURITY] [DSA 2057-1] New mysql-dfsg-5.0 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2057-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 07, 2010 http://www.debian.org/security/faq -...

Webiz SQL Injection / SHELL Upload Vulnerability

Exploit for php platform in category web applications ================================================ Webiz SQL Injection / SHELL Upload Vulnerability ================================================ ============================================================================ INFORMATIONS...

[SECURITY] Fedora 13 Update: cacti-0.8.7f-1.fc13

Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain graphs, data sources, and round robin archives in a database, Cacti also...

MySQL COM_FIELD_LIST命令远程溢出漏洞

BUGTRAQ ID: 40106 CVE ID: CVE-2010-1850 MySQL是一款使用非常广泛的开放源代码关系数据库系统，拥有各种平台的运行版本。 远程攻击者可以通过向MySQL数据库提交包含有超长表格名称参数的COMFIELDLIST命令触发缓冲区溢出，导致执行任意代码。 MySQL 5.1/5.0 厂商补丁： Oracle ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://bugs.mysql.com/bug.php?id=53237...

CVE-2010-1865

Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...