Design/Logic Flaw

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the 1 list, 2 display, and 3 set methods...

CVE-2008-1475

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the 1 list, 2 display, and 3 set methods...

PYSEC-2008-10

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the 1 list, 2 display, and 3 set methods...

CVE-2008-1475

The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the 1 list, 2 display, and 3 set methods...

CVE-2008-1475

CVE-2008-1475 concerns the xml-rpc server in Roundup 1.4.4, which does not check property permissions, allowing attackers to bypass restrictions and read or edit restricted properties via the (1) list, (2) display, and (3) set methods. The connected documents corroborate the same description and ...

CVE-2008-0664

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

CVE-2008-0664

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

Information disclosure

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

CVE-2008-0664

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

CVE-2008-0664

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

CVE-2008-0664

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

CVE-2008-0664

WordPress before 2.3.3 with registration enabled is vulnerable through the XML-RPC implementation (xmlrpc.php), allowing remote attackers to edit posts of other blog users. This CVE (CVE-2008-0664) is documented in multiple sources (e.g., Debian DSA-1601-1) with a base CVSS v2 score of 6.4 (Mediu...

WordPress < 2.3.3 XML-RPC Unauthenticated Post Modification

Binary data 4364.prm...

Debian Security Advisory DSA 789-1 (php4)

The remote host is missing an update to php4 announced via advisory DSA 789-1. Several security related problems have been found in PHP4, the server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1751 Eric Roman...

Debian: Security Advisory (DSA-840-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 842-1 (egroupware)

The remote host is missing an update to egroupware announced via advisory DSA 842-1. Stefan Esser discovered a vulnerability in the XML-RPC libraries which are also present in egroupware, a web-based groupware suite, that allows injection of arbitrary PHP code into eval statements. The old stable...

Debian Security Advisory DSA 666-1 (python2.2)

The remote host is missing an update to python2.2 announced via advisory DSA 666-1. OpenVAS Vulnerability Test $Id: deb6661.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 666-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 798-1 (phpgroupware)

The remote host is missing an update to phpgroupware announced via advisory DSA 798-1. Several vulnerabilities have been discovered in phpgroupware, a web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-2498 Stefa...

GLSA-200712-18 : Multi-Threaded DAAP Daemon: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200712-18 Multi-Threaded DAAP Daemon: Multiple vulnerabilities nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contains a format string vulnerability, as it does not...

Multi-Threaded DAAP Daemon: Multiple vulnerabilities

Background Multi-Threaded DAAP Daemon mt-daapd, also known as the Firefly Media Server, is a software to serve digital music to the Roku Soundbridge and Apple's iTunes. Description nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contai...