GYM-MANAGEMENT-SYSTEM 安全漏洞

GYM-MANAGEMENT-SYSTEM is a gym management system by Abhishek S Individual Developer. A security vulnerability exists in GYM-MANAGEMENT-SYSTEM version 1.0, which stems from the name, email, and comment parameters in submitcontact.php, username and passkey parameters in securelogin.php, and changes...

PT-2024-41008 · Colord · Colord

Name of the Vulnerable Software and Affected Versions: colord affected versions not specified Description: The issue is related to a potential local privilege escalation. This could be achieved by exploiting a script in the specfile that changes the ownership of /var/lib/colord. There is no...

PT-2024-7392

Name of the Vulnerable Software and Affected Versions: Webmin Usermin version 2.100 Description: A discrepancy in error messages for invalid login attempts in Webmin Usermin allows attackers to enumerate valid user accounts. This issue is related to shortcomings in the error reporting mechanism,...

Privilege escalation

An elevation of privilege in Vesta Control Panel through 0.9.8-26 allows an attacker to gain root system access from the admin account via v-change-user-password aka the user password change script...

Exploit for OS Command Injection in Webmin

It is an exploit module for CVE-2019-15107, a vulnerability in Webmin. The target product/service is Webmin, a web-based interface for system administration. The vulnerability class/vector is a remote command execution RCE vulnerability. The probable entry point is the "passwordchange.cgi" script...

CVE-2012-5500

The batch id change script renameObjectsByPaths.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request...

CentOS Update for dnsmasq CESA-2013:0277 centos6

Check for the Version of dnsmasq OpenVAS Vulnerability Test CentOS Update for dnsmasq CESA-2013:0277 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

dnsmasq security, bug fix and enhancement update

2.48-13 - Fix the DHCP RELEASE problem when two or more dnsmasq instances are running rhbz887156 2.48-12 - Fixing initscript restart stop functions rhbz850944 2.48-11 - Revert previous changes because of many problems with --bind-dynamic option backport. - Dropping...

RHEL 6 : dnsmasq (RHSA-2013:0277)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0277 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. It was...

another format string bug

There is a format string bug in 'pwc' ftp://ftp.media-com.com.pl/pub/other/pwc.tar.gz. This CGI script is used to change users password via www blah!. writelog call syslog function, which 'eats' ; characters and log it to system logs. But you can paste shellcode into buffers512 and syslog will ru...