188 matches found
Airport Koeln/Bonn - Blind SQL Injection Vulnerabilities
Document Title: =============== Airport Koeln/Bonn - Blind SQL Injection Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=174 Release Date: ============= 2012-01-20 Vulnerability Laboratory ID VL-ID: ==================================== 17...
VolksBank ZU Application - Auth Bypass Vulnerability
Document Title: =============== VolksBank ZU Application - Auth Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=382 Release Date: ============= 2012-01-20 Vulnerability Laboratory ID VL-ID: ==================================== 382...
NATO INT RTO - File Include Web Vulnerability
Document Title: =============== NATO INT RTO - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=307 Release Date: ============= 2011-11-01 Vulnerability Laboratory ID VL-ID: ==================================== 307 Common...
[SECURITY] Fedora 13 Update: postgresql-8.4.7-1.fc13
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
CVE-2011-0736
Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file. NOTE: the vendor disputes the significance of this issue because the...
CVE-2011-0736
Adobe ColdFusion 9.0.1 CHF1 and earlier: when a web app uses a DBMS, remote attackers can cause information disclosure of database structure via an id=- query to a .cfm file. The vendor disputes severity; mitigation advised by ColdFusion Lockdown guide is proper Site-wide Error Handler and Debug ...
Update : Havij v1.13 automated SQL Injection tool - New version
Update : Havij v1.13 automated SQL Injection tool - New version "Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform...
[SECURITY] Fedora 14 Update: postgresql-8.4.5-1.fc14
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
SIDA University System - SQL Injection
SIDA University System - SQL Injection Author: K053 Vendor : SIDA Version: All below 1389 are vulberable ==================================================================================== Note: Seems vendor patched this vulnerability in newest update 1389 so we decide to public it now. Maybe mo...
SIDA University System SQL Injection Vulnerability
Exploit for asp platform in category web applications ================================================== SIDA University System SQL Injection Vulnerability ================================================== Author: K053 Vendor : SIDA Version: All below 1389 are vulberable...
SIDA University System - SQL Injection
Author: K053 Vendor : SIDA Version: All below 1389 are vulberable ==================================================================================== Note: Seems vendor patched this vulnerability in newest update 1389 so we decide to public it now. Maybe more in future ;...
[SECURITY] Fedora 11 Update: postgresql-8.3.11-1.fc11
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
[SECURITY] Fedora 12 Update: postgresql-8.4.2-1.fc12
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
[SECURITY] Fedora 11 Update: postgresql-8.3.9-1.fc11
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
[SECURITY] Fedora 11 Update: postgresql-8.3.8-1.fc11
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
[SECURITY] Fedora 9 Update: postgresql-8.3.7-1.fc9
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability
Oracle is a widely-deployed Database Management System DBMS that supports a variety of applications. Many multi-tier applications are designed to use proxy authentication, restricting a middle tier to establish the database connection on behalf of the users. The standard authentication mechanism...
[SECURITY] Fedora 7 Update: postgresql-8.2.6-1.fc7
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
Buffer overflow
IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service divide-by-zero error and DBMS crash, related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related...
Ingres Data Access Server Detection
The remote service is an Ingres Data Access Server, which translates requests from the JDBC driver and .NET Data Provider into an internal format and forwards them to the appropriate DBMS server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...