7790 matches found
Kongreg8 1.7.3 Cross Site Scripting
Exploit Title: Kongreg8 1.7.3 Mutiple XSS Date: 02/24/12 Author: G13 Software Link: https://sourceforge.net/projects/kongreg8/ Version: 1.7.3 Category: webapps php Vulnerability Kongreg8 1.7.3 has multiple XSS vulnerabilites. These vulnerabilities are in the Add Member and Add Group functions...
CreateVision CMS Database injection
Exploit for php platform in category web applications !/usr/local/bin/perl Exploit Title: CreateVision CMS Database injection. Description: Virtually none of the variables are not filtered. Google Dork: inurl:artykulprint.php Date: 2012/02/24 Author : Zwierzchowski Oskar Software Link:...
CreateVision CMS SQL Injection
!/usr/local/bin/perl Exploit Title: CreateVision CMS Database injection. Description: Virtually none of the variables are not filtered. Google Dork: inurl:artykulprint.php Date: 2012/02/24 Author : Zwierzchowski Oskar Software Link: http://www.createvision.pl/ Version: All Version Security Risk:...
Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: LimeSurvey Blind SQL injection Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC ------------------------------------------------------------------------- TorTukiTu - Killing...
LimeSurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection
LimeSurvey PHPSurveyor 1.91+ stable - Blind SQL Injection Exploit Title: LimeSurvey Blind SQL injection Date: 20/02/2012 Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC -------------------------------------------------------------------------...
LimeSurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection
Exploit Title: LimeSurvey Blind SQL injection Date: 20/02/2012 Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC ------------------------------------------------------------------------- TorTukiTu - Killing Tortoise ,-"""-. oo./ / \ /\ /// \...
RedHat Update for cups RHSA-2012:0302-03
Check for the Version of cups OpenVAS Vulnerability Test RedHat Update for cups RHSA-2012:0302-03 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
EMC RSA enVision information leakage
It's possible to obtain environment variables values...
Debian Security Advisory DSA 2327-1 (libfcgi-perl)
The remote host is missing an update to libfcgi-perl announced via advisory DSA 2327-1. OpenVAS Vulnerability Test $Id: deb23271.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2327-1 libfcgi-perl Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft In...
Debian: Security Advisory (DSA-2326-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-2327-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2012-0831
PHP before 5.3.10 does not properly perform a temporary change to the magicquotesgpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/phpvariables.c, sapi/cgi/cgimain.c, and...
Sql injection
PHP before 5.3.10 does not properly perform a temporary change to the magicquotesgpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/phpvariables.c, sapi/cgi/cgimain.c, and...
CVE-2012-0831
PHP before 5.3.10 does not properly perform a temporary change to the magicquotesgpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/phpvariables.c, sapi/cgi/cgimain.c, and...
PT-2012-2893 · Php +3 · Php +3
Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.3.10 Description: The issue makes it easier for remote attackers to conduct SQL injection attacks via a crafted request. This is related to the improper handling of the magic quotes gpc directive during the importing o...
PHP < 5.3.10 Security Bypass Vulnerability - Windows
PHP is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
CVE-2012-0830
The phpregistervariableex function in phpvariables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885...
CVE-2012-0830
The CVE-2012-0830 entry documents a memory corruption/remote code execution issue in PHP 5.3.9 related to an incorrect fix for CVE-2011-4885, caused by improper handling of a large number of input variables in php_register_variable_ex() within PHP’s php_variables.c. The vulnerability permits a re...
CVE-2012-0830
The phpregistervariableex function in phpvariables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885...
php: remote code exec flaw introduced in the CVE-2011-4885 hashdos fix
The phpregistervariableex function in phpvariables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885...