[SECURITY] Fedora 9 Update: roundup-1.4.6-1.fc9

Roundup is a simple and flexible issue-tracking system with command line, web and email interfaces. It is based on the winning design from Ka-Ping Yee in the Software Carpentry "Track" design competition...

Trac Wiki引擎跨站脚本执行漏洞

BUGTRAQ ID: 30400 CVECAN ID: CVE-2008-3328 Trac是用Python编写的基于Web的事件跟踪系统。 Trac的Wiki引擎没有正确地验证某些参数便返回给了用户，远程攻击者可以通过向服务器提交恶意请求执行脚本注入或跨站脚本攻击。 Edgewall Software Trac 0.10.5 Edgewall Software ----------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://ftp.edgewall.com/pub/trac/trac-0.10.5.tar.gz...

Debian Security Advisory DSA 1554-2 (roundup)

The remote host is missing an update to roundup announced via advisory DSA 1554-2. OpenVAS Vulnerability Test $Id: deb15542.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1554-2 roundup Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

[SECURITY] Fedora 7 Update: bugzilla-3.0.4-1.fc7

Bugzilla is a popular bug tracking system used by multiple open source projects. It requires a database engine installed - either MySQL or PostgreSQL. Without one of these database engines, Bugzilla will not work...

[SECURITY] Fedora 8 Update: bugzilla-3.0.4-1.fc8

Bugzilla is a popular bug tracking system used by multiple open source projects. It requires a database engine installed - either MySQL or PostgreSQL. Without one of these database engines, Bugzilla will not work...

Security Advisory for Bugzilla 3.0.3, 3.1.3, 2.22.3, and 2.20.5

Summary ======= Bugzilla is a Web-based bug-tracking system, used by a large number of software projects. This advisory covers three security issues that have recently been fixed in the Bugzilla code: Users without the "canconfirm" privilege could enter a bug as NEW or ASSIGNED by using the XML-R...

DSA-1554-1 roundup - cross-site scripting vulnerability

Bulletin has no description...

[SECURITY] Fedora 7 Update: roundup-1.4.4-1.fc7

Roundup is a simple and flexible issue-tracking system with command line, web and email interfaces. It is based on the winning design from Ka-Ping Yee in the Software Carpentry "Track" design competition...

DSA-1467-1 mantis - several vulnerabilities

Bulletin has no description...

Debian Security Advisory DSA 173-1 (bugzilla)

The remote host is missing an update to bugzilla announced via advisory DSA 173-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-230)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 944-1 (mantis)

The remote host is missing an update to mantis announced via advisory DSA 944-1. Several security related problems have been discovered in Mantis, a web-based bug tracking system. For details on the issues resolved, please visit the referenced advisories. The old stable distribution woody does no...

Debian: Security Advisory (DSA-778-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

rPSA-2007-0257-1 rsync

rPath Security Advisory: 2007-0257-1 Published: 2007-12-04 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Remote Deterministic Unauthorized Access Updated Versions: rsync=conary.rpath.com@rpl:1/2.6.8-1.2-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-1989...

rPSA-2007-0242-1 php5 php5-cgi php5-mysql php5-pear php5-pgsql php5-soap php5-xsl

rPath Security Advisory: 2007-0242-1 Published: 2007-11-19 Products: rPath Appliance Platform Linux Service 1 rPath Linux 1 Rating: Minor Exposure Level Classification: Remote Deterministic Denial of Service Updated Versions: php5=conary.rpath.com@rpl:1/5.2.5-1-1...

Bugzilla多个远程安全漏洞

BUGTRAQ ID: 25420 Bugzilla是很多软件项目都在使用的基于Web的bug跟踪系统。 Bugzilla的实现上存在多个远程安全漏洞，远程攻击者可能利用这些漏洞在服务器上执行恶意命令或导致信息泄露。 在归档bug的时候Bugzilla没有正确地转义指导表单中的buildid字段，这可能允许用户通过向enterbug.cgi提交恶意URL覆盖User-Agent字符串，执行跨站脚本攻击。...

tyger-sqlxss.txt

-=--------------------ADVISORY-------------------=- Tyger Bug Tracking System Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Tyger Bug Tracking System -=+ Version: 1.1.3 -=+ Vendor's URL: http://uk.homeunix.org/tyger/cms/ -=+ Platform:...

CVE-2007-1289

CVE-2007-1289 affects Tyger Bug Tracking System (TygerBT) 1.1.3. The vulnerability is an SQL injection in ViewBugs.php exploitable via the s parameter, enabling remote attackers to execute arbitrary SQL commands. This relates to a flaw in input handling (unsanitized user input) in that component,...

CVE-2007-1290

CVE-2007-1290 is a confirmed SQL injection in Tyger Bug Tracking System (TygerBT) 1.1.3. The vulnerability resides in ViewReport.php and allows remote attackers to modify or execute arbitrary SQL via the bug parameter. This is documented in the NVD entry and corroborated by multiple connected rec...

Tyger Bug Tracking System Multiple Vulnerability

-=--------------------ADVISORY-------------------=- Tyger Bug Tracking System Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Tyger Bug Tracking System -=+ Version: 1.1.3 -=+ Vendor's URL: http://uk.homeunix.org/tyger/cms/ -=+ Platform:...