Secure Auditor Directory Traversal Vulnerability

Secure Auditor suite is a unified digital risk management solution for auditing windows, oracle, sql databases and Cisco devices. A directory traversal vulnerability exists in Secure Auditor V3.0. An attacker can exploit this vulnerability to read arbitrary files via the pathname in the . /...

Narilam malware target Iran Financial SQL Databases

Symantec recently identified a database-corrupting piece of malware targeting systems mostly in Iran, but despite early speculation that it could be related to the likes of Stuxnet and Flame, it appears to be targeting small businesses rather than the country's infrastructure. Malware Dubbed...

Symantec Warns of New Malware Targeting SQL Databases

Symantec is warning of a new bit of malware that appears to be modifying corporate databases, particularly in the Middle East, though its showing up elsewhere in the world too. W32.Narilam, first discovered Nov. 15, follows a similar pattern of other worms by copying itself onto infected machines...

Fedora Update for python-sqlalchemy0.5 FEDORA-2012-3373

Check for the Version of python-sqlalchemy0.5 OpenVAS Vulnerability Test Fedora Update for python-sqlalchemy0.5 FEDORA-2012-3373 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Scientific Linux Security Update : python-sqlalchemy on SL6.x (20120307)

SQLAlchemy is an Object Relational Mapper ORM that provides a flexible, high-level interface to SQL databases. It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these...

[SECURITY] Fedora 17 Update: python-sqlalchemy0.5-0.5.8-9.fc17

SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled, allowing both sides maximum flexibility and power. SQLAlchemy provides a powerful mapping layer that can work as automatically or as manu all...

Fedora Update for python-sqlalchemy0.5 FEDORA-2012-3412

Check for the Version of python-sqlalchemy0.5 OpenVAS Vulnerability Test Fedora Update for python-sqlalchemy0.5 FEDORA-2012-3412 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[SECURITY] Fedora 16 Update: python-sqlalchemy0.5-0.5.8-9.fc16

SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled, allowing both sides maximum flexibility and power. SQLAlchemy provides a powerful mapping layer that can work as automatically or as manu all...

RHEL 6 : python-sqlalchemy (RHSA-2012:0369)

An updated python-sqlalchemy package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Hack Of PBS.org: 0Day Or Patch Forensics?

A high-profile attack on PBS, the U.S. Public Broadcasting System, was made possible by a previously unknown hole in the MoveableType content management software, according to the hacking group that claimed responsibility for the hack. However, security experts say that the hole may have been...

Hacker Pleads Guilty To Theft of 600K Credit Cards, Could Get 10 Years

A 26 year-old Georgia man pleaded guilty in federal court in Virginia to the theft of hundreds of thousands of credit cards and a years-long fraud scheme that netted him more than $100,000 in illicit profits – money he used to buy himself a BMW and luxury clothing. Rogelio Hackett of Lithonia,...

MantisBT <=1.2.3 (db_type) Cross-Site Scripting & Path Disclosure

Exploit for php platform in category web applications Vendor: MantisBT Group Product web page: http://www.mantisbt.org Version affected: 1.2.4 Summary: MantisBT is a free popular web-based bugtracking system. It is written in the PHP scripting language and works with MySQL, MS SQL, and PostgreSQL...

CVE-2010-1230

Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security STS state, which has unspecified impact and attack vectors...

CVE-2010-1230

Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL Databases and clear the Strict Transport Security STS state, which has unspecified impact and attack vectors...

CVE-2010-1230

CVE-2010-1230 affects Google Chrome prior to 4.1.249.1036. The issue concerns incorrect behavior when attempting to delete Web SQL Databases and clear STS state. The impact is described as unspecified; no exploit vectors are provided in the documents. Severity is CVSS v2 base score 10.0 (HIGH). N...

phpMyAdmin: Information disclosure

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description Cezary Tomczak reported that an undefined UploadDir variable exposes an information disclosure vulnerability when running on shared hosts. Impact A remote attack...

LightBlog 9.5 cp_upload_image.php Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ================================================================== LightBlog 9.5 cpuploadimage.php Remote File Upload Vulnerability ================================================================== LightBlog 9.5 - REMOTE FILE UPLOAD...

LightBlog Remote File Upload Vulnerability

LightBlog 9.5 - REMOTE FILE UPLOAD VULNERABILITY by Omni 1 Infos --------- Date : 2008-01-30 Product : LightBlog Version : v 9.5 Vendor : http://www.publicwarehouse.co.uk/ Vendor Status : 2008-01-31 Informed! 2008-01-31 Patch received from vendor! 2008-02-01 Published! Description : Lightblog...