CVE-2016-1154

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Sql injection

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2016-1154

SQL injection vulnerability in the Help plug-in 1.3.5 and earlier in Cuore EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2016-1154

Cuore EC-CUBE Help plug-in (version 1.3.5 and earlier) contains an SQL injection (CWE-89) vulnerability. Remote attackers can execute arbitrary SQL via unspecified vectors, potentially exposing or altering database information. The affected component is the Help plug-in for EC-CUBE created by Cuo...

RHEL 7 : sos (RHSA-2016:0188)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:0188 advisory. The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be...

RedHat Update for sos RHSA-2016:0188-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : sos on SL7.x (noarch) (20160216)

An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the...

CentOS Update for sos CESA-2016:0152 centos6

Check the version of sos SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882390";...

RHEL 6 : sos (RHSA-2016:0152)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:0152 advisory. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used...

Moderate: Red Hat Security Advisory: sos security and bug fix update

An updated sos package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160120) (SLOTH)

An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox...

Google browser plug-in AVG Web TuneUp aeration multiple high-risk vulnerabilities, affect 9 0 0 million users-vulnerability warning-the black bar safety net

This year 8 month 1 5 days, from project zero members Tavis submit a Google browser plug-in AVG Web TuneUp multiple vulnerabilities, since the plug-in active users of about 9 0 0 million, so the impact range is very wide. This plugin adds a lot of api used to operate Google Chrome, for example, c...

emlog automatic backup plug-in leaked the entire Station database backup vulnerability-vulnerability warning-the black bar safety net

This is my third time in your blog to find the fatal flaw. The first is a third-party Storage, the solution is to delete. The second is"EMLOG album", which is this article:is. The third time is this time, I wrote one using the script, directly to your blog, the whole site backup file down under,...

sssd: memory leak in the sssd_pac_plugin

It was found that SSSD's Privilege Attribute Certificate PAC responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon...

Flash is too dangerous, the report said the hack attack front 1 0 vulnerabilities Flash representing 8-vulnerability warning-the black bar safety net

! Hacking tools the use of Pre 1 0 vulnerabilities in Flash accounted for 8 According to technology news site Network World reports that cyber Threat Intelligence research firm, Recorded Future issued the latest report shows that in the hacking toolEKthe use of the top 1 0 largest vulnerability,...

Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x, SL7.x i386/x86_64 (20151021)

Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860,...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Design/Logic Flaw

Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service improper plug-in and tool installation via crafted update center data...

RHEL 6 : flash-plugin (RHSA-2015:1893)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Wordpress Amazonify Plug-in XSS/CSRF Vulnerabilities

Exploit for php platform in category web applications Exploit Title : Wordpress Amazonify Plug-in XSS/CSRF Exploit Author : Ashiyane Digital Security Team Vendor Homepage : https://wordpress.org/plugins/amazonify/ Date: 2015-08-20 Tested On : Windows7 Software Link :...