EUVD-2010-4694

Malware in sbrugna...

PostNuke Module pnAddressbook SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PostNuke Module pnAddressbook SQL Injection Vulnerability Date: 1/18/2012 Author: Robert Cooper Robert.Cooper at areyousecure.net Tested on: Linux/Windows 7 Vulnerable parameter: id= PoC:...

CVE-2010-4729

Zikula before 1.2.3 does not use the authid protection mechanism for 1 the lostpassword form and 2 mailpasswd processing, which makes it easier for remote attackers to generate a flood of password requests and possibly conduct cross-site request forgery CSRF attacks via multiple form submissions...

CVE-2010-4729

Zikula

CVE-2010-4729

Zikula before 1.2.3 does not use the authid protection mechanism for 1 the lostpassword form and 2 mailpasswd processing, which makes it easier for remote attackers to generate a flood of password requests and possibly conduct cross-site request forgery CSRF attacks via multiple form submissions...

CVE-2010-3738

The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT events by using a USERID and an AUTHID value corresponding to the instance owner, instead of a USERID and an AUTHID value corresponding to the logged-in user account, which makes it easier for remote authenticated users to execute...

CVE-2007-2109

Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and remote authenticated attack vectors related to 1 Rules Manager and Expression Filter components DB02 and 2 Oracle Streams DB06. Note: as of 20070424, Oracle has not disputed reliable claims that DB02 is for a...