3467 matches found
Novell iManager eDirectory plugin buffer overflow
Buffer overflow on schema parsing...
Novell iManager eDirectory Plugin Remote Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Novell iManager. Authentication is not required to exploit this vulnerability. The flaw exists in an application called by the iManager in order to handle importing/exporting of schema information. While...
phpMyAdmin SQL注入和跨站脚本漏洞
BUGTRAQ ID: 36658 CVE ID: CVE-2009-3697,CVE-2009-3696 phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。 phpMyAdmin没有正确地过滤对MySQL表格名称所提交的输入参数,远程攻击者可以通过提交恶意请求执行存储式跨站脚本攻击,并在用户浏览恶意数据时执行所注入的HTML和脚本代码;此外phpMyAdmin还没有正确地过滤提交给PDF schema生成器功能的各种参数,远程攻击者可以通过提交恶意请求执行SQL注入攻击。 phpMyAdmin 3.x phpMyAdmin 2.11.x 厂商补丁:...
DEBIAN-CVE-2009-3697
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...
Sql injection
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...
CVE-2009-3697
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...
CVE-2009-3697
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters...
phpmyadmin -- XSS and SQL injection vulnerabilities
phpMyAdmin Team reports: Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted MySQL table name. SQL injection vulnerability allows remote attackers to inject SQL via various interface parameters of the PDF schema generator feature...
EMO Breader Manager (video.php movie) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= EMO Breader Manager video.php movie SQL Injection Vulnerability ================================================================= Remote SQL Injection Vulnerability video.ph...
Camfrog.com SQL Injection
Camfrog.com suffers from a remote SQL injection vulnerability Millions of accounts are exposed Vulnerable parameter: popular.php?orderby=&st=dir&r=&cg= Available database: informationschema, cf, cfgift, cfimage, cfonline Users password are in CLEAR TEXT !!! More on...
EMO Breader Manager - 'video.php?movie' SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability video.php movie EMO Breader Manager http://www.emophp.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :-...
CVE-2009-0897
IBM WebSphere Partner Gateway WPG 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive aka the archiver script...
Information disclosure
IBM WebSphere Partner Gateway WPG 6.1.0 before 6.1.0.1 and 6.1.1 before 6.1.1.1 allows remote authenticated users to obtain sensitive information via vectors related to the "schema DB2 instance id" and the bcgarchive aka the archiver script...
glFusion 1.1.2 - COM_applyFilter()order SQL Injection
glFusion 1.1.2 - COMapplyFilterorder SQL Injection = 4.1 php.ini independent our site: http://retrogod.altervista.org/ software site: http://www.glfusion.org/ google dork: "Page created in" "seconds by glFusion" +RSS Vulnerability, sql injection in 'order' and 'direction' arguments: look...
Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1
Ubuntu Update for Linux kernel vulnerabilities USN-454-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4541.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for postgresql-8.1, postgresql-8.2 vulnerability USN-454-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks...
Gentoo Security Advisory GLSA 200903-19 (xerces-c)
The remote host is missing updates announced in advisory GLSA 200903-19. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
Rarlab.com SQL Injection
MurderSkillz rarlab.com Home of winrar! = Here is your sql injection =P exposes tableschema - tablename - columnname I am NOT responsible for any stupidity or damage! Learn skiddies! = Fix your shit winrar...
DorsaCms (ShowPage.aspx) Remote SQL Injection Vulnerability
No description provided by source. --------------------------------------------------------- Portal Name: Dorsa CMS Vendor : http://www.dorsacms.com Description : A CMS written by iranian programmers which uses by governmental websites. Vulnerable File : ShowPage.aspx Dork: Powered by DorsaCms...
CVE-2008-4482
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...
Design/Logic Flaw
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...