1417 matches found
Joomla! Component AutoArticles 3000 - SQL Injection
Joomla! Component AutoArticles 3000 - SQL Injection source: https://www.securityfocus.com/bid/44694/info The AutoArticles 3000 component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...
Online Work Order Suite - Login SQL Injection
source: https://www.securityfocus.com/bid/44608/info Online Work Order Suite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access...
[SECURITY] Fedora 14 Update: sepostgresql-9.0.1-20101007.fc14
Security Enhanced PostgreSQL is an extension of PostgreSQL based on SELinux security policy, that applies fine grained mandatory access control to many objects within the database, and takes advantage of user authorization integrated within the operating system. SE-PostgreSQL works as a userspace...
Information disclosure in BloofoxCMS
Vulnerability ID: HTB22659 Reference: http://www.htbridge.ch/advisory/informationdisclosureinbloofoxcms.html Product: BloofoxCMS Vendor: bloofox.com http://bloofox.com/ Vulnerable Version: 0.3.5 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability Type: Information...
BloofoxCMS v0.3.5 Information Disclosure Vulnerabilities
Exploit for php platform in category web applications ======================================================== BloofoxCMS v0.3.5 Information Disclosure Vulnerabilities ======================================================== Reference:...
Pub-Me CMS - Blind SQL Injection
| | | | |.' | | | | | ||| |||| Pub-Me CMS Blind SQL Injection Vulnerability Name: Pub-Me CMS Vendor: http://www.pub-me.com/ Versions Affected: //unknown, all current affected - devel. homepage & 33 clients web pages Software Link: Not aviable, Demo can be requested by e-mail from vendor Found by:...
Pub-Me CMS Blind SQL Injection
| | | | |.' | | | | | ||| |||| Pub-Me CMS Blind SQL Injection Vulnerability Name: Pub-Me CMS Vendor: http://www.pub-me.com/ Versions Affected: //unknown, all current affected - devel. homepage & 33 clients web pages Software Link: Not aviable, Demo can be requested by e-mail from vendor Found by:...
Information disclosure in BloofoxCMS
Vulnerability ID: HTB22660 Reference: http://www.htbridge.ch/advisory/informationdisclosureinbloofoxcms1.html Product: BloofoxCMS Vendor: bloofox.com http://bloofox.com/ Vulnerable Version: 0.3.5 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability Type: Information...
BloofoxCMS 0.3.5 Information Disclosure
=================================== Vulnerability ID: HTB22660 Reference: http://www.htbridge.ch/advisory/informationdisclosureinbloofoxcms1.html Product: BloofoxCMS Vendor: bloofox.com http://bloofox.com/ Vulnerable Version: 0.3.5 and probably prior versions Vendor Notification: 13 October 2010...
BloofoxCMS 0.3.5 - Information Disclosure
BloofoxCMS 0.3.5 - Information Disclosure Vulnerability ID: HTB22660 Reference: http://www.htbridge.ch/advisory/informationdisclosureinbloofoxcms1.html Product: BloofoxCMS Vendor: bloofox.com http://bloofox.com/ Vulnerable Version: 0.3.5 and probably prior versions Vendor Notification: 13 October...
BloofoxCMS 0.3.5 - Information Disclosure
Vulnerability ID: HTB22660 Reference: http://www.htbridge.ch/advisory/informationdisclosureinbloofoxcms1.html Product: BloofoxCMS Vendor: bloofox.com http://bloofox.com/ Vulnerable Version: 0.3.5 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability Type: Information...
IBM Informix Dynamic Server DBINFO关键字远程栈溢出漏洞
BUGTRAQ ID: 44190 IBM Informix Dynamic Server为企业提供运行业务所需的任务关键型数据基础设施。 Informix Dynamic Server没有正确地处理用户在SQL查询中提交给DBINFO关键词的参数,远程攻击者可以通过提交恶意查询请求触发栈溢出,导致以数据库服务器的权限执行任意代码。 IBM Informix Dynamic Server 11.50.xC3 IBM Informix Dynamic Server 11.10.xC3 IBM Informix Dynamic Server 10.00.xC10 厂商补丁: IBM ---...
phpCheckZ 1.1.0 - Blind SQL Injection
phpCheckZ 1.1.0 - Blind SQL Injection phpCheckZ 1.1.0 Blind SQL Injection Vulnerability Name phpCheckZ Vendor http://www.phpcheckz.com Versions Affected 1.1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-19 X...
phpCheckZ 1.1.0 Blind SQL Injection
phpCheckZ 1.1.0 Blind SQL Injection Vulnerability Name phpCheckZ Vendor http://www.phpcheckz.com Versions Affected 1.1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-19 X. INDEX I. ABOUT THE APPLICATION II...
IBM Informix Dynamic Server DBINFO Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Informix Database Server. SQL query execution privileges are required to exploit this vulnerability. The specific flaw exists when processing the arguments to the DBINFO keyword in a SQL query...
Particle Wiki Index.PHP SQL Injection Vulnerability
Particle Wiki is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user- supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit...
ASP Nuke SQL Injection Vulnerability
Exploit for asp platform in category web applications ==================================== ASP Nuke SQL Injection Vulnerability ==================================== Title : ASP Nuke Sql Injection Vulnerability Affected Version : AspNuke 0.80 Discovery : www.abysssec.com Vendor :...
ASP Nuke - SQL Injection
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub11-asp-nuke-sql-injection-vulnerability/ ''' Abysssec Inc Public Advisory Title : ASP Nuke Sql Injection Vulnerability Affected Version :...
Nagios XI < 2009R1.3 multiple vulnerabilities
Nagios XI is prone to multiple vulnerabilities. 1. Nagios XI is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
TTVideo 1.0 Joomla Component SQL Injection Vulnerability
TTVideo 1.0 Joomla Component SQL Injection Vulnerability Name TTVideo Vendor http://www.toughtomato.com Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-27 X. INDEX I. ABOUT THE APPLICATION II...