Debian DSA-1557-1 : phpmyadmin - insufficient input sanitising

Several remote vulnerabilities have been discovered in phpMyAdmin, an application to administrate MySQL over the WWW. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-1924 Attackers with CREATE table permissions were allowed to read arbitrary files...

Fedora 7 : phpMyAdmin-2.11.5.1-1.fc7 (2008-2874)

This update addresses PMASA-2008-2 / CVE-2008-1567: phpMyAdmin upstream received an advisory from Jim Hermann: It saves sensitive information like the MySQL username and password and the Blowfish secret key in session data, which might be unprotected on a shared host...

Credentials disclosure on shared hosts via session data

PMASA-2008-2 Announcement-ID: PMASA-2008-2 Date: 2008-03-29 Summary Credentials disclosure on shared hosts via session data Description We received an advisory from Jim Hermann, and we wish to thank him for his work. phpMyAdmin saves sensitive information like the MySQL username and password and...

seamonkey security update

CentOS Errata and Security Advisory CESA-2008:0104 Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open...

CVE-2007-4124

Cosminexus Component Container (Hitachi products) is affected for Cosminexus 6, 6.7, and 7 prior to 20070731. The session failover function may mishandle session data so one user’s session data could be used for another user, enabling remote authenticated access to sensitive information, possible...

security flaw

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

security flaw

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

CVE-2007-1700

The session extension in PHP 4 before 4.4.5, and PHP 5 before 5.2.1, calculates the reference count for the session variables without considering the internal pointer from the session globals, which allows context-dependent attackers to execute arbitrary code via a crafted string in the...

Double free

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

CVE-2007-1711

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

CVE-2007-1701

PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when registerglobals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling sessiondecode on a string beginning with...

CVE-2007-1711

Double free vulnerability in the unserializer in PHP 4.4.5 and 4.4.6 allows context-dependent attackers to execute arbitrary code by overwriting variables pointing to 1 the GLOBALS array or 2 the session data in SESSION. NOTE: this issue was introduced when attempting to patch CVE-2007-1701...

CVE-2007-1701

Technical details for CVE-2007-1701 are not publicly provided in the supplied documents. The materials reference PHP-related advisories and multiple PHP issues but do not describe affected versions, root cause, impact, or remediation for this specific CVE. Monitor for updates.

Debian DSA-1264-1 : php4 - several vulnerabilities

Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-0906 It was discovered that an integer...

W-Agora 4.2 - BBCode Script Injection

W-Agora 4.2 - BBCode Script Injection source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora...

W-Agora 4.2 - BBCode Script Injection

source: https://www.securityfocus.com/bid/17751/info W-Agora is prone to a script-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before including it in dynamically generated content. W-Agora can be configured to send all user...

PT-2006-1576 · Blackboard · Blackboard Academic Suite

Name of the Vulnerable Software and Affected Versions: Blackboard Academic Suite versions 6.0 and earlier Description: The issue arises when the software does not properly clear session information after a user has been idle and then de-authenticates. This allows subsequent users to log in as the...

[Full-disclosure] Session data pollution vulnerabilities in web applications

In web applications I've tested recently I have stumbled upon something that seems to be new class of bugs. Quick googling did not turn up any reference to this kind of vulnerabilities, so I thought I should describe it. The problem boils down to the application reusing the same session variable...

CVE-2001-1505

The CVE-2001-1505 entry covers tinc versions 1.0pre3 and 1.0pre4, where remote attackers can inject data into user sessions by sniffing and replaying packets. Affected component: tinc (specific versions cited). Underlying issue: packet sniffing/replay enables session data modification (integrity ...

cubecart206.txt

Hello All, I have discovered a number of remote vulnerabilities in: CubeCart 2.0.6. Authors Site: http://www.cubecart.com CubeCart is described by its authors as: 'What is CubeCart? CubeCart is an eCommerce script written with PHP & MySQL. With CubeCart you can setup a powerful online store as lo...