CVE-2013-0306

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of service memory consumption or trigger server errors via a modified maxnum parameter...

Nonexistent Page (404) Physical Path Disclosure

The remote web server reveals the physical path of the webroot when a nonexistent page is requested. While printing errors to the output is useful for debugging applications, this feature should be disabled on production servers. C Tenable Network Security, Inc. Vulnerable servers: Pi3Web/2.0.0...

XOOPS 2.0 XoopsOption - Information Disclosure

source: https://www.securityfocus.com/bid/7149/info XOOPS has been reported vulnerable to an information disclosure vulnerability. According to the report, path information and other sensitive data may be output in server error messages. Information obtained in this manner may be used by an...

Дырки в mutt (format string, GSSAPI)

Ошибки форматной строки при работе с сервером imap...