7790 matches found
Design/Logic Flaw
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak setting of the Domain variable...
CVE-2013-3985
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict application cookies, which allows remote attackers to read session variables by leveraging a weak setting of the Domain variable...
php: PG(magic_quote_gpc) was not restored on shutdown
PHP before 5.3.10 does not properly perform a temporary change to the magicquotesgpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/phpvariables.c, sapi/cgi/cgimain.c, and...
Passwords from variables are visible in plaintext in release versioning preview
Hey Atlassians! You can see the contents of masked variables the ones with "password" in their key when you click on "Add variable to version" in release versioning configuration screen for deployment project. Steps to reproduce: 1. Create a global variable with key: "testpassword" and value "abc...
Passwords from variables are visible in plaintext in release versioning preview
Hey Atlassians! You can see the contents of masked variables the ones with "password" in their key when you click on "Add variable to version" in release versioning configuration screen for deployment project. Steps to reproduce: 1. Create a global variable with key: "testpassword" and value "abc...
Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers
Hackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including many big website i.e. Facebook and Wikipedia. PHP has several predefined variables that are called SuperGlobals i.e. POST, GET, COOKIES, FILES etc. Imperva...
Call for Ban on Vulnerable PHP SuperGlobal Variables
The ease with which PHP applications can be subverted should be pretty apparent by now given the number of botnets supported by compromised sites hosting PHP code. The biggest culprit in the PHP universe may be a set of nine variables called SuperGlobals that provide programmers with development...
Web Application Security : PHP SuperGlobal Variables are vulnerable to Hackers
Hackers are focusing on vulnerabilities in the PHP web application development platform threatening 80% websites in the world, including many big website i.e. Facebook and Wikipedia. PHP has several predefined variables that are called SuperGlobals i.e. POST, GET, COOKIES, FILES etc. Imperva...
[SECURITY] Fedora 19 Update: php-symfony2-HttpFoundation-2.2.5-1.fc19
The HttpFoundation Component defines an object-oriented layer for the HTTP specification. In PHP, the request is represented by some global variables $GET, $POST, $FILE, $COOKIE, $SESSION... and the response is generated by some funct ions echo, header, setcookie, .... The Symfony2 HttpFoundation...
PHP < 5.3.11 Multiple Vulnerabilities
Binary data 6995.prm...
DVWA learn PHP Common Vulnerabilities and repair method-vulnerability warning-the black bar safety net
“Security is a whole, to ensure that security is not to powerful where there is more powerful and that the real weakness of the place where the”--Kenshin From a lot of the penetration of large enterprises within the network of cases of view, the intruder most from on the Web to find the...
phpMyAdmin 3.5.x < 3.5.8.1 / 4.x < 4.0.0-rc3 Multiple Vulnerabilities
Binary data 6933.prm...
Scanner Env. Variables Setup
Binary data setup.nbin...
One dedecms variable coverage holes of the wretched use of the method-vulnerability warning-the black bar safety net
The most recent dedecms variable coverage holes, and finally can control the global variables, but can not completely control $GLOBALS$v1 .= $v2; Note that there is a sliding scale, is in an initialized global variable content on a sliding scale the content. It has now been disclosed the exploit...
PHP file include vulnerability attack and Defense combat-vulnerability warning-the black bar safety net
Summary PHP is a very popular Web development language on the Internet many Web applications are using PHP development. And in the use of PHP development of Web applications, PHP file include vulnerability is a Common Vulnerability. The use of PHP file include vulnerabilities intrusion website is...
ecshop存储xss一枚,可打管理
简要描述: 中午不睡觉就为rank到100 成为普通白帽子,于是乎又看了一遍ec代码,话说后台漏洞不重视,咱就来前台把!最近有几个xss还看不到希望不要和我一样。。 详细说明: 说明一下啊 我下载的最新版本 而且打上了最新的所有补丁! 你要再说是部分版本存在 我就要抓狂了啊! xss产生的位置 includes/init.php 206行 if !isset$SESSION'userid' / 获取投放站点的名称 / $sitename = isset$GET'from' ? $GET'from' : addslashes$LANG'selfsite'; $fromad =...
Wireshark ASN.1 BER Dissector DoS Vulnerability - May 13 (Mac OS X)
This host is installed with Wireshark and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbwiresharkdosvulnmay13macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Wireshark ASN.1 BER Dissector DoS Vulnerability - May 13 Mac OS X Authors: Arun Kallavi Copyright: Copyright...
Kernel: crypto: algif - suppress sending source address information in recvmsg
The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hashrecvmsg function in crypto/algifhash.c and the...
The establishment of the station star sitestar v2. 5 the file that contains the exploit and fix-vulnerability warning-the black bar safety net
Inadvertently found that the establishment of the station star sitestar a tasteless file contains vulnerabilities, WVS scan a friends website, find the prompt with the following file include vulnerability index. php? a=fullist&m=../../../../../../../../../../etc/passwd%00.jpg admin/index. php?...
[Process PEB Finder] Tool to find and display PEB Address of running Processes
Process PEB Finder is the console based tool to find and display PEB Address of running Processes on your system. PEB Process Environment Block is the part of Process memory where is stores important information including loaded modules, startup paramenters, environment variables, debug informati...