SysCP WebFTP local file inclusion vulnerability

SYSCP WEBFTP LOCAL FILE INCLUSION VULNERABILITY Thomas Henlich DESCRIPTION Thomas Henlich has discovered a vulnerability in WebFTP, which can be used by remote attackers to disclose potentially sensitive information and to compromise a vulnerable system. Input passed to the "webftplanguage"...

[SECURITY] [DSA 919-1] New curl packages fix potential security problem

-------------------------------------------------------------------------- Debian Security Advisory DSA 919-1 [email protected] http://www.debian.org/security/ Martin Schulze December 12th, 2005 http://www.debian.org/security/faq -...

SQL injection in mediabox404 v1.2

Product: mediabox404 WebRadio & WebTV manager Version: 1.2 Release and previous URL: http://www.mediabox404.org VULNERABILITY CLASS: SQL injection PRODUCT DESCRIPTION This is a group of modulesadministration, client, programmation, diffusion in PHP/MySQL database that allows a webradio to manage...

mediabox404.txt

Product: mediabox404 WebRadio & WebTV manager Version: 1.2 Release and previous URL: http://www.mediabox404.org VULNERABILITY CLASS: SQL injection PRODUCT DESCRIPTION This is a group of modulesadministration, client, programmation, diffusion in PHP/MySQL database that allows a webradio to manage...

PHPNews SQL injection vulnerability

Product: PHPNews Version: 1.2.5 Release, bugfix 1.2.6 and previous URL: http://newsphp.sourceforge.net/ VULNERABILITY CLASS: SQL injection PRODUCT DESCRIPTION PHPNews is a popular script for news posting written in PHP MySQL based. VULNERABILITY Vulnerable script: auth.php code else...

[Full-disclosure] Advisory 08/2005: PunBB SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PunBB SQL Injection Vulnerability Release Date: 2005/08/05 Last Modified: 2005/08/05 Author: Stefan Esser [email protected] Application: PunBB = 1.2.5 Severity: An...

[BuHa Security] Wordpress SQL-Injection

--------------------------------------------------- | BuHa Security-Advisory 1 | May 17th, 2005 | --------------------------------------------------- | Vendor | Wordpress | | URL | http://wordpress.org/ | | Version | = Wordpress 1.5 | | Risk | Moderate SQL-Injection |...

Mac OS X Java JRE Plug-in Capability Arbitrary Package Access (Security Update 2005-002)

The remote host is missing Security Update 2005-002. This security update contains a security bugfix for Java 1.4.2. A vulnerability in the Java Plug-in may allow an untrusted applet to escalate privileges, through JavaScript calling into Java code, including reading and writing files with the...

Postfix session log memory exhaustion bugfix

The Postfix SMTP server maintains a record of SMTP conversations for debugging purposes. Depending on local configuration details this record is mailed to the postmaster whenever an SMTP session terminates with errors. During code maintenance, a stupid error was introduced into the code due to...