68 matches found
CVE-2015-5185
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty className in a packet...
CVE-2015-5185
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty className in a packet...
Symantec Data Center Security Server 'WCUnsupportedClass.jsp' XSS
The remote Symantec Data Center Security Server running on the remote host is affected by a reflected cross-site scripting vulnerability due to improper validation of input to the 'classname' parameter in the 'WCUnsupportedClass.jsp' script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Security fix for the ALT Linux 10 package glpi version 0.83.9.1-alt1
July 21, 2013 Pavel Zilke 0.83.9.1-alt1 - Security fixes: + CVE-2013-2225 + CVE-2013-2227 : Security fix serialize + filter classname for autoload ALT 29189...
VBulletin 4.1.7多个远程文件包含漏洞
BUGTRAQ ID: 50455 vBulletin是一个强大灵活并可完全根据自己的需要定制的论坛程序套件。 vBulletin在实现上存在多个远程文件包含漏洞,攻击者可利用这些漏洞获取敏感信息或在服务器进程中执行任意脚本代码,控制应用程序或计算机。 VBulletin 4.1.7 厂商补丁: VBulletin --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.vbulletin.com/ http://www.example.com/vB1/api.php?apiscript=RFI...
CVE-2010-1153
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable...
Remote file inclusion
PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable...
Design/Logic Flaw
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service application crash via a long string in 1 the domain parameter to the dgettext function, the message parameter to the 2 dcgettext or 3 gettext function, the msgid1 parameter to the 4 dngettext or 5 ngettext...