8689 matches found
Portal: remote unauthenticated site import
The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly check authentication when importing Zip files, which allows remote attackers to modify site contents, remove the site, or alter the access controls for portlets...
Multiple CSRF vulnerabilities - ownCloud
Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.6 and 4.0.11 and all prior versions before allows remote attackers to hijack the authentication for users via the “lat” and “lng” POST parameters to guesstimezone.php in /apps/calendar/ajax/settings/ CVE-2013-0299 Commits:...
CVE-2012-0204
Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges MBB in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current...
Input validation
InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges MBB in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors...
Design/Logic Flaw
Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges MBB in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current...
CVE-2012-0705
CVE-2012-0705 affects IBM InfoSphere Information Server Import Export Manager (in the MBB/bridges component) across 8.1, 8.5 (pre-FP3), 8.7 and 9.1. Root cause: lack of input validation on unspecified data, enabling remote authenticated users to execute arbitrary commands via unknown vectors. Doc...
CVE-2012-0204
Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges MBB in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 allows local users to gain privileges via a Trojan horse DLL in the current...
CVE-2012-0705
InfoSphere Import Export Manager in InfoSphere Information Server MetaBrokers & Bridges MBB in IBM InfoSphere Information Server 8.1, 8.5 before FP3, 8.7, and 9.1 does not validate unspecified input data, which allows remote authenticated users to execute arbitrary commands via unknown vectors...
CVE-2012-0204
CVE-2012-0204 describes an untrusted search path (DLL preloading) vulnerability in IBM InfoSphere Information Server Import Export Manager. The root cause is a Trojan horse DLL in the current working directory enabling local privilege escalation when the Import Export Manager is installed on IBM ...
WSO manager edition 1.0
Сделан на основе WSO manager на файлах | WSO web-shells manager edition files - no MySql & etc. Данная утилита предназначенна для системных администраторов для удаленного управления своими серверами. Любое незаконное использование скрипта преследуется по закону. было: 1. Добавление шеллов по...
[WS_FTP Password Decryptor] Recover FTP login passwords stored by WS_FTP
WSFTP Password Decryptor is the FREE software to instantly recover FTP login passwords stored by WSFTP - one of the popular FTP client application. WSFTP stores the password for all the past FTP sessions in the "wsftp.ini" file so that user don't have to enter it every time. WSFTP Password...
[WiFi Password Decryptor] Free Wireless Password Recovery Software
| WiFi Password Decryptor is the FREE software to instantly recover Wireless account passwords stored on your system. --- It automatically recovers all type of Wireless Keys/Passwords WEP/WPA/WPA2 etc stored by Windows Wireless Configuration Manager. For each recovered WiFi account, it displays...
More VMware ESX Source Code Posted Online
For the third time this year, VMware ESX source code has been posted online. A hacker known as Stun claiming to be affiliated with Anonymous tweeted a link to a torrent site hosting the stolen VMkernel source code. VMware director of platform security Iain Mulholland acknowledged the breach on...
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.3-1.fc17
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
CVE-2012-3217
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability, related to Outside In HTML Export SDK...
Buffer overflow
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability, related to Outside In HTML Export SDK...
CVE-2012-3217
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7.0 allows context-dependent attackers to affect availability, related to Outside In HTML Export SDK...
[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.3-1.fc18
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
PT-2012-1866 · WordPress · Backwpup
Name of the Vulnerable Software and Affected Versions: BackWPup plugin versions prior to 1.7.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter in the wp xml export.php file. Recommendations: For versions prior to 1.7.2, update to versi...
Information disclosure
Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0, does not properly restrict access to resources, which allows remote attackers to obtain sensitive information via unspecified vectors related to 1 "web pages," 2 "export functionality," and 3 "image viewin...