Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. myPHPNuke: crossite scripting, automation protection bypass...

Extmail安全漏洞

ExtMail Project 是一个活跃的开源邮件系统项目，目前由ExtMail...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. FireStats WordPress plugin: crossite scripting, automation protection bypass, DoS, information leak, unauthorized access...

[SECURITY] Fedora 9 Update: perl-5.10.0-27.fc9

Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Nucleus: information leak, SQL injection, crossite scripting, automation protection bypass...

Many master elevated skill-vulnerability warning-the black bar safety net

The present article combines many of the master elevated tips When we get a webshell when next you want to do is elevate privileges Personal summary as follows: 1: C:\Documents and Settings\All Users\Application Data\Symantec\pcAnywhere see if you can jump to this directory, if the line that is t...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: crossite scripting, automation protection bypass...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. Contrexx CMS: crossite scripting, registration automation...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. CNCat: crossite scripting...

CGI::Session File Driver CGISESSID Cookie Traversal Authentication Bypass

The remote host appears to be using the CGI::Session PERL module to manage file-based sessions. The version of this module hosted by the remote web server fails to properly sanitize input to the session cookie of directory traversal sequences. An unauthenticated, remote attacker can leverage this...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. phpWebSite: automated registration, crossite scripting...

CentOS 3 : ruby (CESA-2008:0562)

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

RHEL 2.1 / 3 : ruby (RHSA-2008:0562)

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

irb, ruby security update

CentOS Errata and Security Advisory CESA-2008:0562 Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting...

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

ruby security update

1.6.8-12.el3 - ruby-1.6.8-string-CVE-2008-2664.patch: wrong patch. Fix a segfault. 1.6.8-11.el3 - CVE-2008-2376: Integer overflow in rbaryfill. 1.6.8-10.el3 - security fixes. 451931 - CVE-2006-6303: Fix the infinite loop issue with the malformed multipart data in cgi.rb. - CVE-2008-2663: Fix the...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. RavenNuke: CAPTCHA bypass...

Fedora 8 : ruby-1.8.6.230-4.fc8 (2008-6094)

Tue Jul 1 2008 Akira TAGOH - 1.8.6.230-4 - Backported from upstream SVN to fix a segfault issue with Arrayfill. - Mon Jun 30 2008 Akira TAGOH - 1.8.6.230-3 - Backported from upstream SVN to fix a segfault issue. 452825 - Backported from upstream SVN to fix an integer overflow in rbaryfill. - Wed...

Sun Java ASP Server Default Admin Password

The remote host is running Sun Java ASP server. It is possible to access the remote server with default admin credentials. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid33437; scriptversion"1.13";...