8689 matches found
Fedora 14 : phpMyAdmin-3.4.1-1.fc14 (2011-7702)
Welcome to phpMyAdmin 3.4, presenting a new default theme. This release contains new features, especially : - User preferences - Relation schema export to multiple formats - ENUM/SET editor - Simplified interface for export/import - AJAXification of some parts - Charts - Visual query builder and...
Fedora 15 : phpMyAdmin-3.4.1-1.fc15 (2011-7684)
Welcome to phpMyAdmin 3.4, presenting a new default theme. This release contains new features, especially : - User preferences - Relation schema export to multiple formats - ENUM/SET editor - Simplified interface for export/import - AJAXification of some parts - Charts - Visual query builder and...
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.1-1.fc15
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
DEBIAN-CVE-2011-1925
nbd-server.c in Network Block Device nbd-server 2.9.21 allows remote attackers to cause a denial of service NULL pointer dereference and crash by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export...
CVE-2011-1925
nbd-server.c in Network Block Device nbd-server 2.9.21 allows remote attackers to cause a denial of service NULL pointer dereference and crash by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export...
CVE-2011-1925
nbd-server.c in Network Block Device nbd-server 2.9.21 allows remote attackers to cause a denial of service NULL pointer dereference and crash by causing a negotiation failure, as demonstrated by specifying a name for a non-existent export...
Multiple ZyWALL USG Products Remote Security Bypass Vulnerability - Active Check
Multiple ZyWALL USG products are prone to a security bypass vulnerability. Note: Reportedly, the firmware is also prone to a weakness that allows password-protected upgrade files to be decrypted with a known plaintext attack. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might ...
[RT-SA-2011-003] Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances
Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...
ZyWALL USG Appliance Arbitrary File Read / Write
Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...
JspRun!论坛管理后台注入漏
JspRun!论坛管理后台的export变量没有过滤,直接进入查询语句,导致进行后台,可以操作数据库,获取系统权限。 在处理后台提交的文件中ForumManageAction.java第1940行 String export = request.getParameter"export";//直接获取,没有安全过滤 ifexport!=null ListMapString,String styles=dataBaseService.executeQuery"SELECT s.name, s.templateid, t.name AS tplname, t.directory,...
CVE-2011-0791
Unspecified vulnerability in the Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Data Export...
Code injection
Unspecified vulnerability in the Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Data Export...
CVE-2011-0791
Unspecified vulnerability in the Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Data Export...
Path traversal
Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in 1 Crm/Controller.php, 2 Crm/Export/Csv.php, or 3 Calendar/Model/Attender.php, which reveal the full installation path...
Fedora 13 : subversion-1.6.16-1.fc13 (2011-2698)
A NULL pointer dereference flaw was found in the way the moddavsvn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. CVE-2011-0715 The Fedora Project would lik...
Cross-Site Scripting vulnerabilities in Icinga
Advisory: Cross-Site Scripting vulnerabilities in Icinga Advisory ID: SSCHADV2011-001 Author: Stefan Schurtz Affected Software: Successfully tested on: icinga-1.3.0 / icinga-1.2.1 Vendor URL: http://www.icinga.org Vendor Status: fixed csv export link to make it XSS save IE 1275 CVE-ID: -...
Icinga 1.3.0 / 1.2.1 Cross Site Scripting
Advisory: Cross-Site Scripting vulnerabilities in Icinga Advisory ID: SSCHADV2011-001 Author: Stefan Schurtz Affected Software: Successfully tested on: icinga-1.3.0 / icinga-1.2.1 Vendor URL: http://www.icinga.org Vendor Status: fixed csv export link to make it XSS save IE 1275 CVE-ID: -...
CVE-2010-4506
CVE-2010-4506 concerns Passlogix v-GO Self-Service Password Reset (SSPR) and OEM prior to version 7.0A. The flaw enables physically proximate attackers to run arbitrary programs without authentication by abusing an invalid SSL certificate and using Internet Explorer to navigate the filesystem via...
Oracle Document Capture Multiple Vulnerabilities
The Oracle Document Capture client installed on the remote host is potentially affected by multiple vulnerabilities : - An unspecified vulnerability exists in the Import Export utility. An attacker can exploit this to affect integrity. CVE-2010-3598 - An information disclosure vulnerability exist...
B.C. dating website hacked !
A hacker bankrupt into the online dating website Plenty of Fish aftermost week, auspiciously exporting hundreds of accounts. Markus Frind, CEO of the Vancouver-based company, said Monday all passwords accept been displace back the Jan. 18 aegis breach. He additionally said all annual users accept...