12 matches found
Server-side Request Forgery (SSRF)
github.com/go-gitea/gitea is vulnerable to server-side request forgery. The vulnerability exists in the SignInOpenIDPost function of authopenid.go as it does not properly hide error information and logs, allowing an attacker to gain sensitive information about the local network...
SUSE-SU-2021:3352-1 Security update for apache2-mod_auth_openidc
This update for apache2-modauthopenidc fixes the following issues: - CVE-2021-32785: format string bug via hiredis bsc1188638 - CVE-2021-32786: open redirect in logout functionality bsc1188639 - CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption bsc1188849 -...
PT-2020-10464 · Apache +5 · Mod Auth Openidc +5
Name of the Vulnerable Software and Affected Versions: mod auth openidc versions prior to 2.4.1 Description: A flaw exists in the handling of URLs with a slash and backslash at the beginning, leading to an open redirect issue. Recommendations: For versions prior to 2.4.1, update to version 2.4.1 ...
Fedora Update for php-pear-Auth-OpenID FEDORA-2013-15258
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for php-pear-Auth-OpenID FEDORA-2013-15253
Check for the Version of php-pear-Auth-OpenID OpenVAS Vulnerability Test Fedora Update for php-pear-Auth-OpenID FEDORA-2013-15253 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for php-pear-Auth-OpenID FEDORA-2013-15253
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : php-pear-Auth-OpenID-2.2.2-7.fc19 (2013-15258)
Fix for CVE-2013-4701 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 18 : php-pear-Auth-OpenID-2.2.2-7.fc18 (2013-15253)
Fix for CVE-2013-4701 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora Update for php-pear-Auth-OpenID FEDORA-2013-15258
Check for the Version of php-pear-Auth-OpenID OpenVAS Vulnerability Test Fedora Update for php-pear-Auth-OpenID FEDORA-2013-15258 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
CVE-2008-4529
Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the ENVasicmspath parameter to 1 Association.php, 2 BigMath.php, 3 DiffieHellman.php, 4 DumbStore.php, 5 Extension.php, 6 FileStore.php, 7 HMAC.php, 8...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the ENVasicmspath parameter to 1 Association.php, 2 BigMath.php, 3 DiffieHellman.php, 4 DumbStore.php, 5 Extension.php, 6 FileStore.php, 7 HMAC.php, 8...
CVE-2008-4529
Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the ENVasicmspath parameter to 1 Association.php, 2 BigMath.php, 3 DiffieHellman.php, 4 DumbStore.php, 5 Extension.php, 6 FileStore.php, 7 HMAC.php, 8...