Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.41 views

Oracle Solaris Third-Party Patch Update : modsecurity (cve_2012_2751_improper_input)

The remote Solaris system is missing necessary patches to address security updates : - ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data...

7.5CVSS5.3AI score0.04208EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.44 views

openSUSE Security Update : apache2-mod_security2 (openSUSE-SU-2013:1331-1)

complete overhaul of this package, with update to 2.7.5. - ruleset update to 2.2.8-0-g0f07cbb. - new configuration framework private to modsecurity2: /etc/apache2/conf.d/modsecurity2.conf loads /usr/share/apache2-modsecurity2/rules/modsecuritycrs1 0setup.conf, then...

7.5CVSS6.2AI score0.13719EPSS
Exploits8References10
OpenVAS
OpenVAS
added 2012/12/26 12:0 a.m.34 views

Mandriva Update for apache-mod_security MDVSA-2012:182 (apache-mod_security)

Check for the Version of apache-modsecurity OpenVAS Vulnerability Test Mandriva Update for apache-modsecurity MDVSA-2012:182 apache-modsecurity Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

5CVSS0.1AI score0.12507EPSS
Exploits3References2
Prion
Prion
added 2012/07/22 4:55 p.m.20 views

Cross site scripting

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform...

4.3CVSS6AI score0.03303EPSS
Exploits2References16Affected Software4
CVE
CVE
added 2012/07/22 4:0 p.m.62 views

CVE-2009-5031

CVE-2009-5031 affects ModSecurity before 2.5.11. It mishandles single quotes in request parameter values in the Content-Disposition header of multipart/form-data requests, allowing remote attackers to bypass filtering and perform other attacks such as XSS. A fix is available in ModSecurity 2.5.11...

4.3CVSS5.6AI score0.0293EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder