4243 matches found
GLSA-201209-06 : Expat: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201209-06 Expat: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially...
CVE-2012-5000
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action...
CVE-2012-5000
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action...
CVE-2012-5000
CVE-2012-5000 describes an SQL injection in jokes/index.php of the Witze addon 0.9 for deV!L'z Clanportal. The vulnerability arises from unsafely handling the id parameter in the show action, enabling remote attackers to inject and execute arbitrary SQL commands. Impact details in the provided da...
CVE-2011-5130
dev/less.php in Family Connections CMS FCMS 2.5.0 - 2.7.1, when registerglobals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv1 parameter...
ASP-DEv XM Forums RC 3 SQL Injection
. \ || \ \ \ / \ /\ \ |/ \ | / \ | | / | Y Y / \ | \ \ /|| |||| / /| / / / / / Exploit Title: ASP-DEv XM Forums RC 3 Remote Post Sql Injection Vulnerability Google Dork: Intext:"Powered by ASP-DEv XM Forums RC 3" Date: 08/29/2012 Author: Crim3R Site : Http://Ajaxtm.com/ Download Link :...
CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
DEBIAN-CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
CVE-2012-3410
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
Stack overflow
Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled when expanding the /dev/fd prefix...
Gentoo Security Advisory GLSA 201206-13 (mono mono-debugger)
The remote host is missing updates announced in advisory GLSA 201206-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Tickets CAD 2.20G Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Tickets CAD 2.20G Multiple Vulnerabilities Exploit Author: chap0 @chap0 Vendor Homepage: http://www.ticketscad.org Software Link: http://www.ticketscad.org/downloads/Tickets06222012V220G.zip Version: 2.20G Tested on: Ubuntu...
Scientific Linux Security Update : ecryptfs-utils on SL5.x i386/x86_64
These updated ecryptfs-utils packages have been upgraded to upstream version 75, which provides a number of bug fixes and enhancements over the previous version. In addition, these packages provide a graphical program to help configure and use eCryptfs. To start this program, run the command :...
Scientific Linux Security Update : kvm on SL5.x x86_64
A flaw was found in the way QEMU-KVM handled the reloading of fs and gs segment registers when they had invalid selectors. A privileged host user with access to '/dev/kvm' could use this flaw to crash the host denial of service. CVE-2010-3698 The following procedure must be performed before this...
CVE-2012-4061
Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to diaryview.asp or 2 viewdate parameter to default.asp...
CVE-2012-4060
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 profile.asp, 2 forum.asp, or 3 topic.asp...
Sql injection
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 profile.asp, 2 forum.asp, or 3 topic.asp...
Sql injection
Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to diaryview.asp or 2 viewdate parameter to default.asp...
CVE-2012-4061
Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to diaryview.asp or 2 viewdate parameter to default.asp...
CVE-2012-4060
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to profile.asp, forum.asp, or topic.asp. The connected records confirm the affected component and vectors, but no exploitation details or patch/remediation...