WordPress Calculated Fields Form Plugin SQL Injection

An SQL injection vulnerability exists in the WordPress Calculated Fields Form Plugin. It allows an authenticated remote attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data...

IBM Spectrum Scale (GPFS) Hadoop Connector Vulnerable

IBM Spectrum Scale and General Parallel File System GPFS is a scalable data and file management solution based on IBM GPFS an enterprise file management system optimized for petabyte-scale storage management from IBM, USA. The solution helps customers reduce storage costs while improving security...

Google Chrome < 47.0.2526.80 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 47.0.2526.80. It is, therefore, affected by multiple vulnerabilities : - A type confusion error exists related to extensions that allows an attacker to have an unspecified impact. CVE-2015-6788 - A use-after-free error...

FreeBSD : flash -- multiple vulnerabilities (547fbd98-8b1f-11e5-b48b-bcaec565249c)

Adobe reports : These updates resolve a type confusion vulnerability that could lead to code execution CVE-2015-7659. These updates resolve a security bypass vulnerability that could be exploited to write arbitrary data to the file system under user permissions CVE-2015-7662. These updates resolv...

destoon最新版注入(绕过过滤出任意数据)

简要描述： 我会告诉你是三次注入么. 详细说明： destoon最新版 漏洞文件:/module/club/mygroup.inc.php case 'add': if$MG'clubgrouplimit' && $limitused = $MG'clubgrouplimit' dalertlang$L'infolimit', array$MG'clubgrouplimit', $limitused, $MODULE2'linkurl'.$DT'filemy'.'?mid='.$mid.'&job='.$job; $needcaptcha = $MOD'captchagroup' == ...

TeamSpeak Client 3.0.18.1 - Remote File Inclusion Remote Code Execution

TeamSpeak Client 3.0.18.1 - Remote File Inclusion Remote Code Execution Exploit Title: "PwnSpeak" a 0day Exploit for TeamSpeak Client / 0x6FB30B11 my pgp keyid Vendor Homepage: https://www.teamspeak.com/ Application: TeamSpeak 3 Version: TeamSpeak3 Client 3.0.0 - 3.0.18.1 Platforms: Windows, Mac ...

Advantech WebAccess < 7.0-2011.12.20 Multiple Vulnerabilities

Binary data scadaadvantechwebaccess7020111220.nbin...

Netsweeper Multiple Vulnerabilities (Aug 2015)

Netsweeper is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netsweeper:netsweeper";...

Symantec Endpoint Protection Manager 11.x / 12.x < 12.1 RU6 MP1 Multiple Vulnerabilities (SYM15-007)

The version of Symantec Endpoint Protection Manager SEPM installed on the remote host is prior to 12.1 RU6 MP1. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the password reset functionality that allows a remote attacker, using a crafted password reset action, t...

DESTOON sql注入漏洞

简要描述： DESTOON sql注入漏洞 详细说明： 一枚二次注入,因为使用了dhtmlspecialchars导致防注入失效。可以任意数据。 先来看留言模块： \module\extend\comment.inc.php $item = $db-getone"SELECT title,linkurl,username,status FROM ".gettable$mid." WHERE itemid=$itemid"; //从数据库中取出对于模块的发布数据 $item or exit; $item'status' 2 or exit; $linkurl =...

Cisco Unified MeetingPlace Unspecified SQLi (CSCuu54037)

According to its self-reported version number, the Cisco Unified MeetingPlace application hosted on the remote web server is potentially affected by a SQL injection vulnerability due to a failure to properly sanitize user-supplied input. An authenticated, remote attacker can exploit this to...

Koha 3.20.1 - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Koha Open Source ILS - Unauthenticated SQL Injection in OPAC Google Dork: Date: 25/06/2015 Exploit Author: Raschin Tavakoli, Bernhard Garn, Peter Aufner and Dimitris Simos - Combinatorial Security Testing Group of SBA Research...

WP Symposium Plugin for WordPress forum.php 'show' Parameter SQL Injection (Version Check)

The WordPress WP Symposium Plugin installed on the remote host is affected by a SQL injection vulnerability due to a failure to properly sanitize user-supplied input to the 'show' parameter of the forum.php script. An unauthenticated, remote attacker can exploit this issue to launch a SQL injecti...

Adobe Flash Player Authentication Bypass Arbitrary Data Write Vulnerability (CNVD-2015-03207)

Adobe Flash Player is a Flash file processing program.Adobe AIR is a cross-operating system runtime library produced by Adobe, through which developers can take advantage of existing Web development technology. A vulnerability exists in Adobe Flash Player/AIR's handling of swf content, which can ...

Adobe Flash Player Authentication Bypass Arbitrary Data Write Vulnerability (CNVD-2015-03208)

Adobe Flash Player is a Flash file processing program.Adobe AIR is a cross-operating system runtime library produced by Adobe, through which developers can take advantage of existing Web development technology. A vulnerability exists in Adobe Flash Player/AIR's handling of swf content, which can ...

Adobe Flash Player Authentication Bypass Arbitrary Data Write Vulnerability (CNVD-2015-03209)

Adobe Flash Player is a Flash file processing program.Adobe AIR is a cross-operating system runtime library produced by Adobe, through which developers can take advantage of existing Web development technology. A vulnerability exists in Adobe Flash Player/AIR's handling of swf content, which can ...

With Misfortune-Cookies-doom cookies to ROM-0 Bug patch-vulnerability warning-the black bar safety net

This article is just for fun, especially to those who like to adjust the system's embedded hack. So this is not a legitimate fix ROM-0 Bugs means fun is by one bug to fix another bug. Let's open thebeginning to find our fun. As I an article the Misfortune Cookie decryption of the write, we can be...

[ MDVSA-2015:090 ] libpng

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:090 http://www.mandriva.com/en/support/security/ Package : libpng Date : March 28, 2015 Affected: Business Server 2.0 Problem Description: Updated libpng package fixes security vulnerabilities: The...

Joomla Gallery WD Component Multiple Parameter SQLi Vulnerability

The Joomla Gallery WD component is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection

------------------------------------------------------------------------ EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection ------------------------------------------------------------------------ Han Sahin, November 2014...