CVE-2008-6591

LightNEasy "no database" aka flat version 1.2.2, and possibly SQLite version 1.2.2, allows remote attackers to create arbitrary files via the page parameter to 1 index.php and 2 LightNEasy.php...

CVE-2008-6589

CVE-2008-6589 affects LightNEasy “no database” (flat) 1.2.2 (and possibly SQLite 1.2.2). The issue is multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script or HTML via the page parameter to (1) index.php and (2) LightNEasy.php. The connected documents provide the vul...

CVE-2008-6590

LightNEasy has directory traversal flaws in version 1.2.2 (and possibly SQLite 1.2.2) where a crafted .. in the page parameter to index.php or LightNEasy.php allows remote attackers to read arbitrary files. Root cause appears to be inadequate validation of the page parameter, enabling traversal t...

CVE-2008-6589

Multiple cross-site scripting XSS vulnerabilities in LightNEasy "no database" aka flat version 1.2.2, and possibly SQLite version 1.2.2, allow remote attackers to inject arbitrary web script or HTML via the page parameter to 1 index.php and 2 LightNEasy.php...

Fedora Update for mono FEDORA-2007-067

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for rubygem-rails FEDORA-2008-8282

Check for the Version of rubygem-rails OpenVAS Vulnerability Test Fedora Update for rubygem-rails FEDORA-2008-8282 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Fedora Update for dbmail FEDORA-2008-3371

Check for the Version of dbmail OpenVAS Vulnerability Test Fedora Update for dbmail FEDORA-2008-3371 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

ClearBudget 0.6.1 Insecure Cookie Handling / LFI Vulnerabilities

Exploit for unknown platform in category web applications ================================================================ ClearBudget 0.6.1 Insecure Cookie Handling / LFI Vulnerabilities ================================================================ + Dork : ClearBudget v0.6.1 + Homepage :...

[SECURITY] Fedora 8 Update: rubygem-rails-2.1.1-2.fc8

Rails is a framework for building web-application using CGI, FCGI, modruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates...

[SECURITY] Fedora 9 Update: rubygem-rails-2.1.1-2.fc9

Rails is a framework for building web-application using CGI, FCGI, modruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates...

php -- multiple vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. VID f5e52bf5-fc77-11db-8163-000e0c2e438a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

php -- multiple vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. VID 7fcf1727-be71-11db-b2ec-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

php -- multiple vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

[SECURITY] Fedora 9 Update: dbmail-2.2.9-1.fc9

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

[SECURITY] Fedora 7 Update: dbmail-2.2.9-1.fc7

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

[SECURITY] Fedora 8 Update: dbmail-2.2.9-1.fc8

Dbmail is the name of a group of programs that enable the possiblilty of storing and retrieving mail messages from a database. Currently dbmail supports the following database backends: MySQL PostgreSQL SQLite Please see /usr/share/doc/dbmail-/README.fedora for specific information on installatio...

DBMail空LDAP口令绕过认证漏洞

BUGTRAQ ID: 28849 CVECAN ID: CVE-2007-6714 Dbmail是一个程序集，允许从数据库检索和存储邮件，可使用MySQL、PostgreSQL和SQLite作为数据库后端。 Dbmail的认证过程存在安全漏洞，如果启用了authldap模块且LDAP服务器允许匿名登录，则任何用户都可以使用空口令字符串登录到任意帐号。 h000 telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^'. OK dbmail imap protocol...

LightNEasy SQLite / no database <= 1.2.2 Multiple Remote Vulnerabilities

No description provided by source. Author: GiReX mySite: girex.altervista.org Date: 14/04/08 CMS: LightNEasy SQLite / no database = 1.2.2 Site: lightneasy.org Advisory: Multiple Remote Vulnerabilities Need: magicquotesgpc = Off magicquotesgpc = On / Off for SQL Injections Bug 1: Remote File...

lightneasy-multi.txt

Author: GiReX mySite: girex.altervista.org Date: 14/04/08 CMS: LightNEasy SQLite / no database = 1.2.2 Site: lightneasy.org Advisory: Multiple Remote Vulnerabilities Need: magicquotesgpc = Off magicquotesgpc = On / Off for SQL Injections Bug 1: Remote File Disclosure Affected: SQLite / no databas...

LightNEasy SQLite / no database <= 1.2.2 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================== LightNEasy SQLite / no database = 1.2.2 Multiple Remote Vulnerabilities ======================================================================== Author: GiReX Date:...