764 matches found
RedHat Update for mysql RHSA-2013:0772-01
Check for the Version of mysql OpenVAS Vulnerability Test RedHat Update for mysql RHSA-2013:0772-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Important: mysql55
Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. Affected Packages: mysql55 Issue Correction: Run yum update mysql55 or yum update --advisory ALAS-2013-187 to update your system. New...
CVE-2013-3221
The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...
CVE-2013-3221
The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attack...
MySQL 5.5 < 5.5.30 yaSSL Buffer Overflow
The version of MySQL 5.5 installed on the remote host is earlier than 5.5.30 and is, therefore, affected a buffer overflow related to 'yaSSL'. This error could possibly allow arbitrary code execution. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65734;...
LCG Disk Pool Manager SQL Injection
Name: Multiple SQL Injection vulnerabilities in Disk Pool Manager DPM Author: Adam Zabrocki Date: November 27, 2009 Yes, it's very old bug ;P Description: LCG Disk Pool Manager DPM has been developed as part of the LCG project to provide a light-weight implementation of an SRM compliant Storage...
Medium: mysql51
Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Affected Packages: mysql51 Issue Correction: Run yum update mysql51 or yum update --advisory ALAS-2013-152 to update your system. New Packages: i686: mysql51-5.1.67-1.60.amzn1.i686 ...
SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability
SEC Consult Vulnerability Lab Security Advisory 20130122-1 ======================================================================= title: SQL Injection product: F5 BIG-IP vulnerable version: =11.2.0 fixed version: 11.2.0 HF3 11.2.1 HF3 CVE number: CVE-2012-3000 impact: Medium homepage:...
USN-1658-1: MySQL vulnerability
It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code...
PHP Server Monitor Stored XSS Vulnerability
Exploit for php platform in category web applications Author: loneferret Product: PHP Server Monitor Version: 2.0.1 and maybe older versions Google Dork: intext="Powered by PHP Server Monitor v2.0.1" yes people have made this available on the web Software Download:...
PHP Server Monitor - Persistent Cross-Site Scripting
PHP Server Monitor - Persistent Cross-Site Scripting Author: loneferret of Offensive Security Product: PHP Server Monitor Version: 2.0.1 and maybe older versions Google Dork: intext="Powered by PHP Server Monitor v2.0.1" yes people have made this available on the web Software Download:...
CentOS Update for mysql CESA-2012:1462 centos6
Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2012:1462 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Traq admincp/common.php authenticate() Function Authentication Bypass Remote Code Execution
The version of Traq installed on the remote host contains a flaw that could allow a remote attacker to bypass the authentication mechanism and inject and execute arbitrary code. The flaw is caused by the application failing to properly restrict admin rights in the 'authenticate' function in...
CVE-2012-4501 : Critical vulnerability warned in Cloudstack
Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could...
Ezylog Photovoltaic Management SQL Injection / Command Injection
Multiple vulnerabilities in Ezylog photovoltaic management server ================================================================= ADVISORY INFORMATION Title: Multiple vulnerabilities in Ezylog photovoltaic management server Discovery date: 27/08/2012 Release date: 11/09/2012 Credits: Roberto...
[SECURITY] Fedora 17 Update: roundcubemail-0.7.3-1.fc17
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 15 Update: roundcubemail-0.7.2-2.fc15
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
mysql-query NSE Script
Runs a query against a MySQL database and returns the results as a table. Script Arguments mysql-query.noheaders do not display column headers default: false mysql-query.query the query for which to return the results mysql-query.username optional the username used to authenticate to the database...
myCare2x CMS - Multiple Web Vulnerabilities
Exploit for php platform in category web applications Title: ====== myCare2x CMS - Multiple Web Vulnerabilities Introduction: ============= myCare2x is an web application. All program modules and data accesses are processed in the server. User only need a web browser, in order to use the myCare2x...
myCare2x CMS - Multiple Web Vulnerabilities
Document Title: =============== myCare2x CMS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=524 Release Date: ============= 2012-05-02 Vulnerability Laboratory ID VL-ID: ==================================== 524 Common...