14 matches found
CVE-2024-22204
Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The config function in app/routes.py does not validate the user-controlled name variable on line 447 and configdata variable o...
CURL-CVE-2022-32207 Non-preserved file permissions
When curl saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target filename. In that rename operation, it might accidentally widen the permissions for the target file, leaving the updated...
GHSA-C6FG-99PR-25M9 Uncapped length of skin data fields submitted by players
Impact Some skin data fields e.g. skinID, geometryName are not capped in length. These fields are typically saved in the NBT data of a player when the player quits the server, or during an autosave. This is problematic due to the 32767 byte limit on TAGStrings. If any of these fields exceeds 3276...
Code injection
An issue was discovered in the viewstatistics aka View frontend statistics extension before 2.0.1 for TYPO3. It saves all GET and POST data of TYPO3 frontend requests to the database. Depending on the extensions used on a TYPO3 website, sensitive data e.g., cleartext passwords if ext:felogin is...
Cumulative Update 25 for Microsoft Dynamics NAV 2017 (Build 26396)
Cumulative Update 25 for Microsoft Dynamics NAV 2017 Build 26396 This article applies to Microsoft Dynamics NAV 2017 for all countries and all language locales. Overview This cumulative update includes all hotfixes and regulatory features that have been released for Microsoft Dynamics NAV 2017,...
Google Android N Preview — 6 Cool Features That You Should Know
Android N Developer Preview, an early beta of Google’s new mobile operating system that was expected to launch on Google I/O in mid-May, is unexpectedly launching right now. Android N Developer Preview for the Nexus 6P, Nexus 5X, Nexus 6, Pixel C Nexus 9, the Nexus Player and the General Mobile 4...
yourplace <= 1.0.2 - Multiple Vulnerabilities + rce exploit
No description provided by source. START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account...
calligra: security and bugfix update. (important)
Fix buffer overflow in MS Word ODF filter among other non-security related bugs. Also a version update to 2.4.3 happened: Words: - Always show vertical scroll bar to avoid race condition kde301076 - Do not save with an attribue that makes LibreOffice and OpenOffice crash kde298689 Kexi: - Fixed...
DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable
DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable DarkComet-RAT v4.0 Change log - DarkComet-RAT is now compiled on Delphi XE instead of Delphi 2010. - Synthax highlighter added in remote keylogger. - Multithreading is now more efficient, no more freezing, using a new powerfull and stable...
YourPlace 1.0.2 Command Execution / Database Disclosure
START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account Author : Osirys Contact :...
yourplace 1.0.2 - Multiple Vulnerabilities / Remote Code Execution
START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account Author : Osirys Contact :...
YourPlace <= 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit
Exploit for unknown platform in category web applications ================================================================ YourPlace = 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit ================================================================ START 0x01 Informations: Script : YourPlace 0...
yourplace 1.0.2 - Multiple Vulnerabilities Remote Code Execution
yourplace 1.0.2 - Multiple Vulnerabilities Remote Code Execution START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo...
YourPlace <= 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit
No description provided by source. START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account...