Lucene search
K

34 matches found

Check Point Advisories
Check Point Advisories
added 2009/11/16 12:0 a.m.30 views

Oracle Database Server ctxsys.driload Access Validation (CVE-2004-0637)

Stored procedures are a powerful feature of an Oracle database server. They are essentially a set of SQL statements that are stored server-side, which are called by name and optionally passed a set of parameters. Stored procedures provide improved performance, because only data specific to the...

6.5CVSS7.1AI score0.17824EPSS
Exploits0
Fedora
Fedora
added 2008/12/13 2:57 p.m.11 views

[SECURITY] Fedora 9 Update: phpMyAdmin-3.1.1-1.fc9

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

1.7AI score
Exploits0
myhack58
myhack58
added 2008/11/15 12:0 a.m.43 views

Oracle password file use and maintenance tips-vulnerability warning-the black bar safety net

Source: ctocio In the Oracle database system, a user if you want to the privilege identity of the userINTERNAL/SYSDBA/SYSOPERlog Oracle database can have two authentication methods: If used withoperating systemIntegrated Authentication or using the Oracle database password file for authentication...

0.6AI score
Exploits0
Fedora
Fedora
added 2008/09/25 12:27 a.m.10 views

[SECURITY] Fedora 9 Update: phpMyAdmin-2.11.9.1-1.fc9

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

1.7AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2008/03/09 12:0 a.m.38 views

phpMyAdmin: SQL injection vulnerability

Background phpMyAdmin is a free web-based database administration tool. Description Richard Cunningham reported that phpMyAdmin uses the $REQUEST variable of $GET and $POST as a source for its parameters. Impact An attacker could entice a user to visit a malicious web application that sets an...

5.1CVSS7.3AI score0.00912EPSS
Exploits0
Fedora
Fedora
added 2007/11/01 9:23 p.m.41 views

[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2-1.fc7

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

4.3CVSS1.7AI score0.03326EPSS
Exploits0
NVD
NVD
added 2007/04/22 7:19 p.m.15 views

CVE-2007-2159

Multiple cross-site scripting XSS vulnerabilities in the Database Administration dba module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors relating to 1 direct display of data from the database...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4
Prion
Prion
added 2007/04/22 7:19 p.m.18 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Database Administration dba module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476...

7.5CVSS7.4AI score0.01767EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2007/04/22 7:19 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Database Administration dba module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors relating to 1 direct display of data from the database...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2007/04/22 7:0 p.m.20 views

CVE-2007-2159

Multiple cross-site scripting XSS vulnerabilities in the Database Administration dba module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified vectors relating to 1 direct display of data from the database...

5.8AI score0.01033EPSS
Exploits0References4
Cvelist
Cvelist
added 2007/04/22 7:0 p.m.27 views

CVE-2007-2160

Multiple cross-site request forgery CSRF vulnerabilities in the Database Administration dba module 4.6.x-, and before 4.7.x-1.2 in the 4.7.x-1. series, for Drupal allow remote attackers to perform unauthorized actions as an arbitrary user, a related issue to CVE-2006-5476...

7.1AI score0.01359EPSS
Exploits0References4
Drupal
Drupal
added 2007/04/11 12:0 a.m.13 views

Multiple vulnerabilities in Database Administration (dba) module

The Database Administration dba module allows site administrators with sufficient privileges to view and directly modify the Drupal database tables for a site. Numerous cross-site scripting XSS vulnerabilities were discovered when the administrator runs queries to display data from the database,...

6.2AI score
Exploits0References4
securityvulns
securityvulns
added 2006/05/18 12:0 a.m.39 views

SAP sapdba for Informix database administration utility privilege escalation

Improper environment cariables validation allows to run any command with informix rights...

3.7AI score
Exploits0References1Affected Software1
NVD
NVD
added 2004/03/20 5:0 a.m.13 views

CVE-2004-1833

The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges...

7.5CVSS6.6AI score0.0215EPSS
Exploits1References6
Rows per page
Query Builder