240 matches found
CVE-2016-8323
Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications subcomponent: Core. Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
Unspecified Vulnerability in Oracle Sun Systems Products Suite Solaris Component
Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in the Kernel Zones subcomponent of the Solaris component of Oracle Sun Systems Products Suite, version 11.3. An...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that update data...
CVE-2016-2998
Cross-site request forgery CSRF vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 before CR4, and 5.5 before CR1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that update data...
MGASA-2016-0267 Updated php/xmlrpc-epi/timezone packages fix security vulnerability
Stack-based buffer overflow vulnerability in virtualfileex CVE-2016-6289. Use After Free in unserialize with Unexpected Session Deserialization CVE-2016-6290. Out of bound read in exifprocessIFDinMAKERNOTE CVE-2016-6291. NULL Pointer Dereference in exifprocessusercomment CVE-2016-6292...
Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools Component (CNVD-2016-02559)
Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle.PeopleSoft Enterprise HCM Candidate Gateway is a self-service front-end to the Oracle PeopleSoft Enterprise Recruiting solution component. An unspecified vulnerability in the Activity Guide subcomponent of t...
Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools Component (CNVD-2016-02561)
Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle.PeopleSoft Enterprise HCM Candidate Gateway is a self-service front-end to the Oracle PeopleSoft Enterprise Recruiting solution component. An unspecified vulnerability exists in the Portal subcomponent of th...
Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools Component Denial of Service Vulnerability (CNVD-2016-02555)
Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation, and PeopleSoft Enterprise PeopleTools is one of the tools and technology components that transforms the way organizations manage, use, and maintain their PeopleSoft software. PeopleSoft...
Unspecified Vulnerability in Oracle E-Business Suite Application Object Library Component
Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. Oracle Application Object Library AOL, Application Object Library is one of the system management components. An unspecified vulnerability exists in t...
Oracle MySQL Server: Federated Subcomponent Denial of Service Vulnerability
Oracle MySQL is an open source relational database management system from Oracle. A security vulnerability exists in the Server: Federated subcomponent of Oracle MySQL, which can be exploited by an attacker to update, insert, or delete data, and may also cause a denial of service. The integrity a...
WordPress WP Invoice Plugin <= 4.1.0 - Multiple Vulnerabilities
This plugin is prone to unauthorized setting changes, retrieving invoices of arbitrary users, updating previously invoiced users meta data and privilege escalation of logged in users. Solution Update the plugin...
Vulnerability in Oracle Fusion Middleware WebCenter Content component (CNVD-2015-06854)
Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platform for enterprise and cloud environments from Oracle. The platform provides middleware, software collections and other features. oracle WebCenter Content is one of the enterprise content management solution...
Vulnerability in Oracle Fusion Middleware WebCenter Sites Component
Oracle Fusion Middleware is a suite of business innovation platforms for enterprise and cloud environments from Oracle Corporation. Oracle WebCenter Sites is a web experience management component that enables marketers and business users to create and manage interactive social online experiences ...
DESTOON前台getshell
简要描述: 如题。。 详细说明: \module\know\answer.inc.php 143 - 161行 case 'raise': //这个功能是 "知道功能" 悬赏的次数更新,因为默认只允许2次提高悬赏的次数 if$credit $credit dalert$L'lackcredit', 'goback'; $couldraise = $couldadmin;//是否是 "知道"发布的作者. if$item'process' != 1 $couldraise = false; if$item'raise' = $MOD'maxraise' $couldraise = false...
Cicada-known Enterprise Portal system v2. 5 sql injection to admin-vulnerability warning-the black bar safety net
The problem is when the user modifies the information of the place /system/module/user/control.php public function edit$account = " if!$ account or RUNMODE == 'front' $account = $this-app-user-account; if$this-app-user-account == 'guest' $this-locateinlink'login'; if! empty$POST...
SUSE-SU-2015:0928-1 Recommended update for sm-ncc-sync-data
This update for sm-ncc-sync-data contains the following changes: Add SUSE Cloud 4 channels. bnc883057 Fix parent label of the LTSS channel for SLMS...
JaManaGe enterprise built Station system v2. 0 injection vulnerability and fix-vulnerability warning-the black bar safety net
By:Mr. DzY aManaGe the enterprise built Station system with perfect enterprise website background management functions, can through the background simple operation to achieve a large amount of information updated. Finished Good system, products, news, talent, and customer service features and mor...
psipuss 1.0 (editusers.php) Remote Change Admin Password Exploit
Exploit for unknown platform in category web applications ================================================================ psipuss 1.0 editusers.php Remote Change Admin Password Exploit ================================================================ ?php / '/ -.-...
May 2010 cumulative time zone update for Windows operating systems
None None...
December 2010 cumulative time zone update for Windows operating systems
None None...