13 matches found
[SECURITY] Fedora 40 Update: php-8.3.19-1.fc40
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
[SECURITY] Fedora 41 Update: php-8.3.19-1.fc41
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
SAP BusinessObjects Business Intelligence Platform Multiple Vulnerabilities (May 2024)
The version of SAP BusinessObjects Business Intelligence Platform installed on the remote Windows host is potentially affected by the following vulnerabilities: - A cross-site scripting XSS vulnerability exists in the Opendocument URL due to improper validation of user-supplied input before...
CVE-2024-33004
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...
CVE-2024-33004 Insecure Storage vulnerability in SAP BusinessObjects Business Intelligence Platform (Webservices)
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...
CVE-2024-33004
CVE-2024-33004 affects SAP Business Objects Business Intelligence Platform. The issue is insecure storage: dynamic web pages are cached after logout, allowing an attacker to view cached pages and open them, with a limited impact on confidentiality, integrity and availability. The initial descript...
Newtelligence DasBlog 1.x Request Log HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11086/info DasBlog is reportedly susceptible to an HTML injection vulnerability in its request log. This vulnerability is due to a failure of the application to properly sanitize user-supplied input data before using it i...
OpenBB 1.0 Board.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9303/info OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI parameters. This...
[SECURITY] Fedora 20 Update: php-5.5.11-1.fc20
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
[SECURITY] Fedora 17 Update: php-5.4.3-1.fc17
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
PHP Calendar Extension “SdnToJulian()”远程整数溢出漏洞
BUGTRAQ ID: 46967 CVE ID: CVE-2011-1466 PHP是一种在电脑上运行的脚本语言,主要用途是在于处理动态网页,包含了命令行运行接口或者产生图形用户界面程序。 PHP 5.3.6之前版本的Calendar扩展中的SdnToJulian函数在实现上存在整数溢出漏洞,可使攻击者通过calfromjd函数的首个参数造成拒绝服务 0 PHP 5.3.x 厂商补丁: PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.php.net...
Debian: Security Advisory (DSA-523)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
error_log() Safe Mode Bypass PHP 5.1.4 and 4.4.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 errorlog Safe Mode Bypass PHP 5.1.4 and 4.4.2 Author: Maksymilian Arciemowicz cXIb8O3 Date: - -Written: 10.6.2006 - -Public: 26.06.2006 from SECURITYREASON.COM CVE-2006-3011 - --- 0.Description --- PHP is an HTML-embedded scripting language. Much of i...