68 matches found
Discourse < 2.5.0.beta5 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
Discourse < 2.5.0.beta4 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
Discourse < 2.4.0.beta5 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...
Unsafe Dependency Resolution
Overview org.testng:testng is a testing framework for the JVM. Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a malicious user could have perform a...
Discourse < 2.2.0.beta4 Multiple Vulnerabilities
Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; if...
Ubiquiti Inc.: Privilege escalation in the client impersonation functionality
In UCRM 2.3.0-beta4 and prior, consequence of a lack of validation in Client Impersonation functionality, an attacker with access to an Read-Only account can escalate privileges to Admin. The vulnerability was fixed in UCRM 2.3.0...
paFaq beta4 search.php search_item Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/12582/info paFaq is reportedly affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...
openengine <= 2.0 beta4 - Remote File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl openEngine = 2.0 beta4 Remote File Inclusion Vulnerability Script: Open Source Web Content Management...
paFaq beta4 comment.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/12582/info paFaq is reportedly affected by an SQL injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation...
Dawn of Time 1.69 MUD Server Multiple Format String Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25944/info Dawn of Time MUD server is prone to multiple format-string vulnerabilities. Exploiting these issues will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed...
Nagios 'status.cgi' Information Disclosure Vulnerability (Jul 2013) - Active Check
Nagios is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nagios:nagios";...
WordPress Plugin CiviCRM '_value' Parameter SQL Injection Vulnerability
CiviCRM is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...
[SECURITY] Fedora 13 Update: mingw32-openssl-1.0.0-0.7.beta4.fc13
The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This package contains Windows MinGW libraries and development tools...
CVE-2008-6403
The CVE-2008-6403 issue affects OpenRat 0.8-beta4 and earlier, where a PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php allows an attacker to execute arbitrary PHP code via a URL parameter (tpl_dir). The underlying cause is improper handling of the tpl_dir par...
Remote file inclusion
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oeclasspath parameter...
CVE-2008-4329
PHP remote file inclusion vulnerability in cms/system/openengine.php in openEngine 2.0 beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the oeclasspath parameter...
openEngine <= 2.0 beta4 Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications =========================================================== openEngine = 2.0 beta4 Remote File Inclusion Vulnerability =========================================================== :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$,...
openEngine 2.0 beta4 - Remote File Inclusion
openEngine 2.0 beta4 - Remote File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl openEngine = 2.0 beta4 Remote File Inclusion Vulnerability Script: "Open Source Web...
Dawn of Time 1.69 MUD Server - Multiple Format String Vulnerabilities
Dawn of Time 1.69 MUD Server - Multiple Format String Vulnerabilities source: https://www.securityfocus.com/bid/25944/info Dawn of Time MUD server is prone to multiple format-string vulnerabilities. Exploiting these issues will allow attackers to execute arbitrary code with the permissions of a...
Dawn of Time 1.69 MUD Server - Multiple Format String Vulnerabilities
source: https://www.securityfocus.com/bid/25944/info Dawn of Time MUD server is prone to multiple format-string vulnerabilities. Exploiting these issues will allow attackers to execute arbitrary code with the permissions of a user running the application. Failed attacks will likely cause...