Velocity does not automatically escape HTML entities when substituting variables

Velocity should automatically escape encode HTML entities in variables it interpolates in markup. This would remove the need for explicitly escaping variables using $generalUtil.htmlEncode, and fix lots of XSS bugs including ones we haven't discovered yet. This affects all versions of Confluence...

Velocity does not automatically escape HTML entities when substituting variables

Velocity should automatically escape encode HTML entities in variables it interpolates in markup. This would remove the need for explicitly escaping variables using $generalUtil.htmlEncode, and fix lots of XSS bugs including ones we haven't discovered yet. This affects all versions of Confluence...

Velocity does not automatically escape HTML entities when substituting variables

Velocity should automatically escape encode HTML entities in variables it interpolates in markup. This would remove the need for explicitly escaping variables using $generalUtil.htmlEncode, and fix lots of XSS bugs including ones we haven't discovered yet. This affects all versions of Confluence...

ASP Product catalog SQL injection vulnerability

ASP Product catalog SQL injection vulnerability. A nice little SQL injection vulnerability exists within ASP Product Catalog. The application fails to check for bad input from GET'd variables used in SQL query operations. In this case, the variable cid can be used for SQL injection queries...

aspcatalog-sql.txt

ASP Product catalog SQL injection vulnerability. A nice little SQL injection vulnerability exists within ASP Product Catalog. The application fails to check for bad input from GET'd variables used in SQL query operations. In this case, the variable cid can be used for SQL injection queries...

CVE-2007-4727

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

ACG News 1.0 (aid/catid) Remote SQL Injection Vulnerabilities

No description provided by source. ACG News SQL Injection Software: ACG News 1.0 Vendor link: http://www.altercoder.com Vendor Demo link: http://acgnews.uw.hu/index.php Attack: SQL Injection Original Advisory: http://14house.blogspot.com/2007/08/acg-news-sql-injection.html Discovered by: David...

DSA-1362-1 lighttpd - several vulnerabilities

Bulletin has no description...

acg-sql.txt

ACG News SQL Injection Software: ACG News 1.0 Vendor link: http://www.altercoder.com Vendor Demo link: http://acgnews.uw.hu/index.php Attack: SQL Injection Original Advisory: http://14house.blogspot.com/2007/08/acg-news-sql-injection.html Discovered by: David Sopas Ferreira a.k.a SmOk3 SQL...

ACG News 1.0 (aid/catid) Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ============================================================= ACG News 1.0 aid/catid Remote SQL Injection Vulnerabilities ============================================================= ACG News SQL Injection Software: ACG News 1.0 Vendor...

[SECURITY] Fedora 7 Update: pam_ssh-1.92-2.fc7

This PAM module provides single sign-on behavior for UNIX using SSH keys. Users are authenticated by decrypting their SSH private keys with the password provided. In the first PAM login session phase, an ssh-agent process is started and keys are added. The same agent is used for the following PAM...

CVE-2007-4432

Untrusted search path vulnerability in the wrapper scripts for the 1 rug, 2 zen-updater, 3 zen-installer, and 4 zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified a LDLIBRARYPATH and b MONOGACPREFIX environment variables...

Design/Logic Flaw

Untrusted search path vulnerability in the wrapper scripts for the 1 rug, 2 zen-updater, 3 zen-installer, and 4 zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified a LDLIBRARYPATH and b MONOGACPREFIX environment variables...

CVE-2007-4432

CVE-2007-4432 affects the wrapper scripts for rug, zen-updater, zen-installer, and zen-remover on SUSE Linux 10.1 and SUSE Linux Enterprise 10. The issue is an untrusted search path vulnerability caused by environment variables LD_LIBRARY_PATH and MONO_GAC_PREFIX, allowing local privilege escalat...

Stack overflow

Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer...

iDefense Security Advisory 08.16.07: IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability

IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability iDefense Security Advisory 08.16.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 16, 2007 I. BACKGROUND IBM Corp.'s DB2 Universal Database product is a large database server product commonly used for high end...

Mozilla Firefox information leak

It's possible to read value of any internal variables...

joblister-sql.txt

JobLister3 by SkilMatch Staffing Systems, Inc. Multiple SQL injection vulnerabilities http://www.dubdubdub.com/ http://www.skilmatch.com/ The search form filed doesnt strip special characters that have special meanings. A single quote makes the application spit out a number of errors. This is not...

JobLister3 SQL injection vulnerabilities

JobLister3 by SkilMatch Staffing Systems, Inc. Multiple SQL injection vulnerabilities http://www.dubdubdub.com/ http://www.skilmatch.com/ The search form filed doesnt strip special characters that have special meanings. A single quote makes the application spit out a number of errors. This is not...

Dora Emlak Script v1.0 (tr) Admin Login ByPass

Dora Emlak Script v1.0 tr Admin Login ByPass ilker kandemir ilkerkandemiratmynet.com Download: http://aspindir.com/goster/5027 TnX.: Ajann, Dumenci, H0tTurk, Str0ke Bug in ../dora/administartor/yonetim/patron/default.asp cookFirstLevel = Session"FirstLevelSecurity" 'Ilk Gьvenlik Session...