phpliteadmin <= 1.9.3 Remote PHP Code Injection Vulnerability

PHP Lite Admin versions 1.9.3 and below suffer from a PHP code injection vulnerability. Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it...

PHP Lite Admin 1.9.3 Code Injection

Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in the directory you specified as the $directory...

PHPLiteAdmin 1.9.3 - Remote PHP Code Injection

PHPLiteAdmin 1.9.3 - Remote PHP Code Injection Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in t...

PHPLiteAdmin 1.9.3 - Remote PHP Code Injection

Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in the directory you specified as the $directory...

CMSQLite 1.3.2 - Multiple Vulnerabilities

CMSQLite 1.3.2 - Multiple Vulnerabilities Title: ====== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Date: ===== 2012-10-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=726 VL-ID: ===== 726 Common Vulnerability Scoring System: ==================================== 4...

CMSQLite 1.3.2 - Multiple Vulnerabilities

Title: ====== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Date: ===== 2012-10-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=726 VL-ID: ===== 726 Common Vulnerability Scoring System: ==================================== 4.3 Introduction: ============= CMSQLite is...

CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies

Document Title: =============== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=726 Release Date: ============= 2012-10-18 Vulnerability Laboratory ID VL-ID: ==================================== 726 Common...

CMSQLITE 1.3.2 LFI / XSS / Cross Site Request Forgery

CMSQLITE version 1.3.2 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities. CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Introduction: ============= CMSQLite is a small, fast, flexible and complete Content-Management-System CMS. It s perfect f...

FreeBSD : php5-sqlite -- open_basedir bypass (ec255bd8-02c6-11e2-92d1-000d601460a4)

MITRE CVE team reports : The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from th...

FreeBSD Ports: php5-sqlite

The remote host is missing an update to the system as announced in the referenced advisory. VID ec255bd8-02c6-11e2-92d1-000d601460a4 OpenVAS Vulnerability Test $ Description: Auto generated from VID ec255bd8-02c6-11e2-92d1-000d601460a4 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: php5-sqlite

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[SECURITY] Fedora 18 Update: jabberd-2.2.17-1.fc18

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

Mandriva Linux Security Advisory : freeradius (MDVSA-2012:047)

A vulnerability has been found and corrected in freeradius : The ocspcheck function in rlmeaptls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked...

Mandriva Linux Security Advisory : php (MDVSA-2012:108)

Multiple vulnerabilities has been discovered and corrected in php : Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow CVE-2012-2688. The SQLite...

Fedora Update for jabberd FEDORA-2012-12487

Check for the Version of jabberd OpenVAS Vulnerability Test Fedora Update for jabberd FEDORA-2012-12487 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 17 Update: jabberd-2.2.14-4.fc17

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

[SECURITY] Fedora 16 Update: jabberd-2.2.14-4.fc16

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

SuSE 10 Security Update : php5 (ZYPP Patch Number 8239)

This update fixes two security issues of PHP5 : - Potential overflow in phpstreamscandir. CVE-2012-2688 - openbasedir bypass via SQLite extension. CVE-2012-3365 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Android HTC Mail Insecure Password Management

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Android HTC Mail insecure password management Classification: =============== Level: low-MED-high-crit ID: HEXVIEW2012080501 URL: http://www.hexview.com/docs/20120805-1.txt Overview: ========= HTC is $9.5BUSD Taiwanese manufacturer of smartphones and...

PHP security vulnerabilities

phpstreamscandir overflow, SQLite functionality openbasedir protection bypass...