760 matches found
NEC UNIVERGE UM4730 < 11.8 - SQL Injection
Exploit Title: NEC UNIVERGE UM4730 11.8 SQL injection Vulnerbility: SQL injection login bypass Date: 15-12-2016 Exploit Author: b0x41s Author web: https://www.xrayit.nl Vendor Homepage: https://www.nec-enterprise.com Category: webapps Version: 11.6.0.31 Tested on: Windows server 2008 Description:...
bind: assertion failure while handling responses containing a DNAME answer
A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response...
QWIKIA 1.1.1 - SQL Injection
QWIKIA 1.1.1 - SQL Injection Exploit Title: QWIKIA - Ask And Answer Platform 1.1.1 - SQL Injection Google Dork: N/A Date: 10.02.2017 Vendor Homepage: http://xandr.co/ Software Buy: http://xandr.co/portfolio/qwikia Demo: http://qwikia.xandr.co/ Version: 1.1.1 Tested on: Win7 x64, Kali Linux x64...
USN-3119-1: Bind vulnerability | Cloud Foundry
USN-3119-1: Bind vulnerability Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description Bind could be made to crash if it received specially crafted network traffic. Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a...
WordPress Answer My Question Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress Answer My Question Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...
RHEL 6 : bind (RHSA-2016:2871)
"An update for bind is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 Telco Extended Update Support, Red Hat Enterprise Linux 6.6...
WordPress Plugin Answer My Question SQL Injection Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the id parameter of the modal.php page of the Wordpress plugin Answer My Question...
WordPress Plugin Answer My Question 1.3 - SQL Injection
WordPress Plugin Answer My Question 1.3 - SQL Injection Exploit Title: Answer My Question 1.3 Plugin for WordPress – Sql Injection Date: 10/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/answer-my-question/ Software Link:...
Wordpress Answer My Question 1.3 Plugin - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Answer My Question 1.3 Plugin for WordPress – Sql Injection Date: 10/11/2016 Exploit Author: Lenon Leite Vendor Homepage: https://wordpress.org/plugins/answer-my-question/ Software Link:...
openSUSE Security Update : bind (openSUSE-2016-1272)
This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829. %NASLMINLEVEL 70300 C Tenable...
MGASA-2016-0365 Updated bind packages fix security vulnerability
Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...
Updated bind packages fix security vulnerability
Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service CVE-2016-8864...
SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2016:2697-1)
This update for bind fixes the following issues : - A defect in BIND's handling of responses containing a DNAME answer had the potential to trigger assertion errors in the server remotely, thereby facilitating a denial-of-service attack. CVE-2016-8864, bsc1007829. - Fix BIND to return a valid...
ISC BIND Denial of Service Vulnerability
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if description...
BIND -- Remote Denial of Service vulnerability
ISC reports: A defect in BIND's handling of responses containing a DNAME answer can cause a resolver to exit after encountering an assertion failure in db.c or resolver.c...
[ASA-201611-3] bind: denial of service
Arch Linux Security Advisory ASA-201611-3 ========================================= Severity: High Date : 2016-11-01 CVE-ID : CVE-2016-8864 Package : bind Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package bind before version...
Should I Answer? - Customized SSL, Dangerous filesystem permissions vulnerabilities
HackApp vulnerability scanner discovered that application Should I Answer? published at the 'play' market has multiple vulnerabilities...
The vulnerabilities in the Moodle learning management system allow a hacker to inject arbitrary Web or HTML code.
Multiple vulnerabilities exist in the Moodle learning management system module, due to the lack of measures taken to protect the website structure. Exploitation of these vulnerabilities allows attackers to inject arbitrary Web or HTML code, through the use of the “student” role and a specially...
WordPress DW Question Answer 1.4.2.2 Cross Site Scripting
FULL DISCLOSURE Product : DW Question Answer Exploit Author : Rahul Pratap Singh Version : 1.4.2.2 Home page Link : https://wordpress.org/plugins/dw-question-answer/ Website : 0x62626262.wordpress.com Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 Date : 11/3/2016 XSS Vulnerability:...
WordPress DW Question & Answer Plugin <= 1.4.2.2 - Stored XSS
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...