WordPress Answer My Question Plugin SQL Injection

An SQL injection vulnerability exists in the WordPress Answer My Question Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...

RHEL 6 : bind (RHSA-2016:2871)

"An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6...

WordPress Plugin Answer My Question SQL Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the id parameter of the modal.php page of the Wordpress plugin Answer My Question...

WordPress Plugin Answer My Question 1.3 - SQL Injection

WordPress Plugin Answer My Question 1.3 - SQL Injection Exploit Title: Answer My Question 1.3 Plugin for WordPress – Sql Injection Date: 10/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/answer-my-question/ Software Link:...

Wordpress Answer My Question 1.3 Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Answer My Question 1.3 Plugin for WordPress – Sql Injection Date: 10/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/answer-my-question/ Software Link:...

openSUSE Security Update : bind (openSUSE-2016-1272)

This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829. %NASLMINLEVEL 70300 C Tenable...

MGASA-2016-0365 Updated bind packages fix security vulnerability

Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...

Updated bind packages fix security vulnerability

Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...

SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2016:2697-1)

This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829. - Fix BIND to return a valid...

ISC BIND Denial of Service Vulnerability

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if description...

BIND -- Remote Denial of Service vulnerability

ISC reports: A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c...

[ASA-201611-3] bind: denial of service

Arch Linux Security Advisory ASA-201611-3 ========================================= Severity: High Date : 2016-11-01 CVE-ID : CVE-2016-8864 Package : bind Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package bind before version...

Should I Answer? - Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Should I Answer? published at the 'play' market has multiple vulnerabilities...

The vulnerabilities in the Moodle learning management system allow a hacker to inject arbitrary Web or HTML code.

Multiple vulnerabilities exist in the Moodle learning management system module, due to the lack of measures taken to protect the website structure. Exploitation of these vulnerabilities allows attackers to inject arbitrary Web or HTML code, through the use of the “student” role and a specially...

WordPress DW Question Answer 1.4.2.2 Cross Site Scripting

FULL DISCLOSURE Product : DW Question Answer Exploit Author : Rahul Pratap Singh Version : 1.4.2.2 Home page Link : https://wordpress.org/plugins/dw-question-answer/ Website : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Date : 11/3/2016 XSS Vulnerability:...

WordPress DW Question & Answer Plugin <= 1.4.2.2 - Stored XSS

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

DW Question & Answer <= 1.4.2.2 - Stored Cross-Site Scripting (XSS)

The DW Question & Answer WordPress plugin was affected by a Stored Cross-Site Scripting XSS security vulnerability...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

CVE-2015-5336

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

tipask注入漏洞

简要描述： sql注入漏洞（2次注入） 详细说明： 官方最新源码测试 在control中answer.php中 追问模块---追问 / function onappend $this-load"message"; $qid = intval$this-get2 ? $this-get2 : intval$this-post'qid'; $aid = intval$this-get3 ? $this-get3 : intval$this-post'aid'; $question = $ENV'question'-get$qid; $answer = $ENV'answer'-get$aid...