27 matches found
EUVD-2002-1027
Malware in sbrugna...
EUVD-2002-1026
Malware in sbrugna...
EUVD-2005-0889
Malware in sbrugna...
EUVD-2005-0888
Malware in sbrugna...
EUVD-2002-1028
Malware in sbrugna...
Double Choco Latte 0.9.3/0.9.4 main.php Arbitrary PHP Code Execution
No description provided by source. source: http://www.securityfocus.com/bid/12894/info Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting/HTML...
double094.txt
GulfTech Security Research April 8th, 2005 Vendor : Michael Dean URL : http://dcl.sourceforge.net/ Version : Double Choco Latte 0.9.4 .3 && Earlier Risk : Multiple Vulnerabilities Description: Double Choco Latte is a GNU Enterprise package that provides basic project management capabilities, time...
CVE-2005-0887
Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in 1 functions.inc.php or 2 main.php, which causes code to be injected into an eval statement...
CVE-2005-0887
Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in 1 functions.inc.php or 2 main.php, which causes code to be injected into an eval statement...
CVE-2005-0887
The CVE-2005-0887 issue affects Double Choco Latte prior to 0.9.4.3. Root cause: eval() executed with user-supplied input via the menuAction variable in functions.inc.php or main.php, enabling remote arbitrary PHP code execution. Impact: partial confidentiality, integrity, and availability depend...
CVE-2005-0887
Eval injection vulnerability in Double Choco Latte before 0.9.4.3 allows remote attackers to execute arbitrary PHP code via the menuAction variable in 1 functions.inc.php or 2 main.php, which causes code to be injected into an eval statement...
Double Choco Latte 0.9.3/0.9.4 - 'main.php' Arbitrary PHP Code Execution
source: https://www.securityfocus.com/bid/12894/info Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting/HTML injection attacks and execute arbitrary...
Double Choco Latte 0.9.30.9.4 - main.php Arbitrary PHP Code Execution
Double Choco Latte 0.9.30.9.4 - main.php Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/12894/info Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry...
[SA14688] Double Choco Latte Cross-Site Scripting and PHP Code Execution
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Double Choco Latte Cross-Site Scripting and PHP Code...
CVE-2002-1039
Directory traversal vulnerability in Double Choco Latte DCL before 20020706 allows remote attackers to read arbitrary files via .. dot dot sequences when downloading files from the Projects: Attachments feature...
CVE-2002-1039
Directory traversal vulnerability in Double Choco Latte DCL before 20020706 allows remote attackers to read arbitrary files via .. dot dot sequences when downloading files from the Projects: Attachments feature...
CVE-2002-1039
The vulnerability CVE-2002-1039 affects Double Choco Latte (DCL) prior to 20020706. A directory traversal in the Projects: Attachments feature lets remote attackers read arbitrary files by manipulating .. sequences during file download. The impact is described as partial confidentiality loss. No ...
CVE-2002-1039
Directory traversal vulnerability in Double Choco Latte DCL before 20020706 allows remote attackers to read arbitrary files via .. dot dot sequences when downloading files from the Projects: Attachments feature...
CVE-2002-1037
Cross-site scripting vulnerability in Double Choco Latte DCL before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the 1 Ticket Find, 2 Priorities, 3 Severities, 4 Projects, 5 WO Find, 6 Departments and 7 Users features...
CVE-2002-1038
Double Choco Latte DCL before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the 1 Projects: Upload File Attachment or 2 Work Orders: Import features...