Django Account Hijacking Vulnerability - Linux

Django is prone to an account hijacking vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django";...

Temporary DoS for Traps Agent

A vulnerability exists with the Traps ESM Console that could allow an attacker to cause a temporary Denial of Service DoS to a Traps agent. The ESM Console does not properly validate requests to revoke a Traps agent license. Ref CYV-11547 / CVE-2017-7408 Successfully exploiting this issue revokes...

Iatek Knowledge Base 'content_by_cat.asp' - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28376/info Iatek Knowledge Base is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

TorrentTrader Classic 1.x - 'scrape.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29451/info TorrentTrader Classic is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

ToendaCMS 1.0.4 Media.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20170/info toendaCMS is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to access sensitive information that cou...

AutoIndex PHP Script 2.2.2/2.2.3 Index.PHP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26410/info AutoIndex PHP Script is prone to a remote denial-of-service vulnerability because the application fails to properly handle unexpected input. Successfully exploiting this issue allows remote attackers to consume...

Content Builder 0.7.5 postComment.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25914/info ContentBuilder CB is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

EasyMoblog 0.5.1 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22369/info EasyMoblog is prone to multiple input-validation vulnerabilities, including SQL-injection issues and a cross-site scripting issue, because the application fails to sufficiently sanitize user-supplied input...

Pre Classified Listings 1.0 'detailad.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32566/info Pre Classified Listings is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

PHP Content Architect 0.9 pre 1.2 MFA_Theme.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23843/info PHP Content Architect is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and...

MyBlog 1.x Games.PHP ID Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26987/info MyBlog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying...

NewsHOWLER 1.03 Cookie Data SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30732/info NewsHOWLER is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

Microsoft Class Package Export Tool 5.0.2752 0 Clspack.exe Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20561/info Microsoft Class Package Export Tool 'clspack.exe' is prone to a local buffer-overflow vulnerability because the application fails to properly size attacker-supplied data before copying it into an insuficiently...

Pyplate - 'addScript.py' Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/67610/info Pyplate is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Pyplate 0.08 Beta is vulnerable; other versions may als...

OrangeHRM - 'sortField' SQL Injection

source: https://www.securityfocus.com/bid/56417/info OrangeHRM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

Lasernet CMS <= 1.5 SQLi Vulnerability - Active Check

Lasernet CMS is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CygniCon CyViewer - ActiveX Control &#039;SaveData()&#039; Insecure Method

source: https://www.securityfocus.com/bid/48483/info CygniCon CyViewer ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to create or overwrite files within the context of the affected application typically Internet...

Joomla! Component com_morfeoshow - idm SQL Injection

Joomla! Component commorfeoshow - idm SQL Injection source: https://www.securityfocus.com/bid/48452/info The 'commorfeoshow' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting th...

CMS WebManager-Pro - &#039;c.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/42951/info CMS WebManager-Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

cPanel 11.25 - Cross-Site Request Forgery

cPanel 11.25 - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/41391/info cPanel is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions. This may lead to further attacks. cPanel 11.25...