9887 matches found
CVE-2009-0816
Multiple cross-site scripting XSS vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields...
[SECURITY] [DSA 1730-1] New proftpd-dfsg packages fix SQL injection vulnerabilites
------------------------------------------------------------------------ Debian Security Advisory DSA-1730-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 02, 2009 http://www.debian.org/security/faq -...
Fedora Update for evolution-data-server FEDORA-2007-484
Check for the Version of evolution-data-server OpenVAS Vulnerability Test Fedora Update for evolution-data-server FEDORA-2007-484 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for evolution-data-server FEDORA-2007-0464
Check for the Version of evolution-data-server OpenVAS Vulnerability Test Fedora Update for evolution-data-server FEDORA-2007-0464 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for evolution-data-server FEDORA-2007-595
Check for the Version of evolution-data-server OpenVAS Vulnerability Test Fedora Update for evolution-data-server FEDORA-2007-595 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
CVE-2009-0440
IBM WebSphere Partner Gateway WPG 6.0.0 through 6.0.0.7 does not properly handle failures of signature verification, which might allow remote authenticated users to submit a crafted RosettaNet aka RNIF document to a backend application, related to 1 "altered service content" and 2 "digital...
CVE-2008-6158
Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...
Design/Logic Flaw
Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...
CVE-2008-6158
Technical details (affected product/versions, root cause, exploit vectors, or impact specifics) are not publicly available in the provided documents. Monitor for updates.
CVE-2008-6158
Multiple unspecified vulnerabilities in the admin backend in w3bcms aka w3blabor CMS before 3.2.0 have unknown impact and remote attack vectors...
Sun Java System Directory Server 6.x < 6.3.1 LDAP JDBC Backend DoS
Binary data 4934.prm...
typo3 -- cross-site scripting and information disclosure
Secunia reports: Some vulnerabilities have been reported in Typo3, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. Input passed via unspecified fields to the backend user interface is not properly sanitised before being return...
w3bcms <= v3.5.0 Multiple Remote Vulnerabilities Exploit
Exploit for unknown platform in category web applications ======================================================== w3bcms = v3.5.0 Multiple Remote Vulnerabilities Exploit ======================================================== !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST;...
w3bcms 3.5.0 - Multiple Vulnerabilities
w3bcms 3.5.0 - Multiple Vulnerabilities !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security...
w3bcms 3.5.0 - Multiple Vulnerabilities
!/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use Getopt::Long; '/ -.- -------------------oOO------OOo------------------ | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...
DreamPics PhotoVideo Gallery - Blind SQL Injection
DreamPics PhotoVideo Gallery - Blind SQL Injection xoron 1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge ...
CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to 1 frontend and 2 backend authentication...
CVE-2009-0256
Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to 1 frontend and 2 backend authentication...
Ganglia Web Backend Version Detection
Binary data 4815.prm...
CVE-2008-5860
Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the editfile parameter...