802 matches found
HTB22839: SQL Injection in Z-Vote wordpress plugin
Vulnerability ID: HTB22839 Reference: http://www.htbridge.ch/advisory/sqlinjectioninzvotewordpressplugin.html Product: Z-Vote wordpress plugin Vendor: 140hours http://wordpress.org/extend/plugins/z-vote/ Vulnerable Version: 1.1 Vendor Notification: 08 February 2011 Vulnerability Type: SQL Injecti...
RedaxScript 0.3.2 - Multiple Vulnerabilities
RedaxScript 0.3.2 - Multiple Vulnerabilities ================================== Vulnerability ID: HTB22805 Reference: http://www.htbridge.ch/advisory/pathdisclosureinredaxscript.html Product: Redaxscript Vendor: http://redaxscript.com/ http://redaxscript.com/ Vulnerable Version: 0.3.2 Vendor...
Redaxscript 0.3.2 Path Disclosure / SQL Injection
================================== Vulnerability ID: HTB22805 Reference: http://www.htbridge.ch/advisory/pathdisclosureinredaxscript.html Product: Redaxscript Vendor: http://redaxscript.com/ http://redaxscript.com/ Vulnerable Version: 0.3.2 Vendor Notification: 18 January 2011 Vulnerability Type:...
SQL Injection in Pixie
Vulnerability ID: HTB22786 Reference: http://www.htbridge.ch/advisory/sqlinjectioninpixie1.html Product: Pixie Vendor: Lucid Crew http://www.getpixie.co.uk/ Vulnerable Version: 1.04 Vendor Notification: 06 January 2011 Vulnerability Type: SQL Injection Status: Awaiting Vendor Response Risk level:...
GLSA-201101-07 : Prewikka: password disclosure
The remote host is affected by the vulnerability described in GLSA-201101-07 Prewikka: password disclosure The permissions of the prewikka.conf file are set world readable. Impact : A local attacker could obtain the SQL database password used by Prewikka. Workaround : There is no known workaround...
LightNEasy 3.2.2 Multiple Vulnerabilities
Exploit for php platform in category web applications Product: LightNEasy Vendor: Fernando Baptista http://www.lightneasy.org/ Vulnerable Version: 3.2.2 Vendor Notification: 15 December 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level:...
Injader CMS Multiple Vulnerabilities
Exploit for php platform in category web applications Vulnerability ID: HTB22745 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityininjadercms1.html Product: Injader CMS Vendor: http://www.injader.com/ http://www.injader.com/ Vulnerable Version: 2.4.4 Vendor Notification: 07 December 20...
Hycus CMS - Multiple Vulnerabilities
Hycus CMS - Multiple Vulnerabilities Vulnerability ID: HTB22737 Reference: http://www.htbridge.ch/advisory/lfiinhycuscms.html Product: Hycus CMS Vendor: Hycus Web Development Team http://www.hycus.com/ Vulnerable Version: 1.0.3 Vendor Notification: 07 December 2010 Vulnerability Type: LFI Status:...
Etomite 1.1 Multiple Vulnerabilities
Exploit for php platform in category web applications ==================================== Etomite 1.1 Multiple Vulnerabilities ==================================== Product: Etomite Vendor: http://www.etomite.org/ http://www.etomite.org/ Vulnerable Version: 1.1 Vendor Notification: 18 November 20...
Fedora Update for mysql FEDORA-2010-15147
Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-15147 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
DynPG 4.2.0 - Multiple Vulnerabilities
Vulnerability ID: HTB22703 Reference: http://www.htbridge.ch/advisory/lfiindynpg.html Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor Risk level: Medium Credit:...
DynPG 4.2.0 Local File Inclusion / Path Disclosure / SQL Injection
Vulnerability ID: HTB22703 Reference: http://www.htbridge.ch/advisory/lfiindynpg.html Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor Risk level: Medium Credit:...
GetSimple CMS 2.01 / 2.02 Credential Disclosure
Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548 download svn for 2.02beta: svn...
DBHcms 1.1.4 - dbhcms_userSearchString SQL Injection
DBHcms 1.1.4 - dbhcmsuserSearchString SQL Injection Vulnerability ID: HTB22651 Reference: http://www.htbridge.ch/advisory/sqlinjectionindbhcms.html Product: DBHcms Vendor: drbenhur.com http://www.drbenhur.com/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October...
4Site CMS 2.6 Cross Site Scripting
Vulnerability ID: HTB22639 Reference: http://www.htbridge.ch/advisory/sqlinjectionin4sitecms.html Product: 4site CMS Vendor: Method Lab http://www.4site.ru/ Vulnerable Version: 2.6 and probably prior versions Vendor Notification: 05 October 2010 Vulnerability Type: XSS Cross Site Scripting Status...
Fedora Update for mysql FEDORA-2010-15166
Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-15166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
[SECURITY] Fedora 12 Update: mysql-5.1.47-2.fc12
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
[SECURITY] Fedora 13 Update: mysql-5.1.48-2.fc13
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...
CMSQLite Cross Site Scripting / SQL Injection
================================================= Vulnerability ID: HTB22464 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincmsqlite.html Product: CMSQLite Vendor: CMSQLite-Team Vulnerable Version: 1.3 and Probably Prior Versions Vendor Notification: 29 June 2010 Vulnerability Type:...
Directory traversal
Multiple directory traversal vulnerabilities in the a Local Storage and b Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involvi...