Lucene search
K

8687 matches found

myhack58
myhack58
added 2009/08/16 12:0 a.m.19 views

Besides the two ecshop background to get the shell methods-vulnerability warning-the black bar safety net

ecshop background to get the shell method, in addition to the oldjun large cattle that and the last said that, and found two. But each one of the restriction conditions, listen to me one by one. One: ecshop background a function is a sql Query, as shown: ! In fact, the feeling in a management...

6.7AI score
Exploits0
Atlassian
Atlassian
added 2009/08/12 6:33 p.m.18 views

Uploading large fonts for PDF export fails with XSRF error

When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/08/12 6:33 p.m.22 views

Uploading large fonts for PDF export fails with XSRF error

When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...

0.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/08/12 6:33 p.m.15 views

Uploading large fonts for PDF export fails with XSRF error

When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...

0.2AI score
Exploits0
myhack58
myhack58
added 2009/07/19 12:0 a.m.18 views

Open 3 3 8 9 unable to login the 5 types of reasons-vulnerability warning-the black bar safety net

1, The server in the internal network. 2, the tcp/ip filtering. First execute the following cmd command: cmd /c regedit-e c:\1.reg HKEYLOCALMACHINE\SYSTEM\ControlSet001\Services\Tcpip export the registry concerning the TCP/IP filtering in the first place cmd /c regedit-e c:\2.reg...

2.3AI score
Exploits0
seebug.org
seebug.org
added 2009/07/13 12:0 a.m.13 views

Php AdminPanel Free version 1.0.5 Remote File Disclosure Vuln

No description provided by source. Php AdminPanel Free version 1.0.5 Remote File Disclosure AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/07/06 12:0 a.m.28 views

Fedora 10 : phpMyAdmin-3.2.0.1-1.fc10 (2009-7340)

The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...

4.3CVSS5.6AI score0.0198EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2009/07/06 12:0 a.m.22 views

Fedora 9 : phpMyAdmin-3.2.0.1-1.fc9 (2009-7337)

The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...

4.3CVSS5.6AI score0.0198EPSS
Exploits1References3
Fedora
Fedora
added 2009/07/03 7:42 p.m.10 views

[SECURITY] Fedora 10 Update: phpMyAdmin-3.2.0.1-1.fc10

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

1.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/06/30 12:0 a.m.41 views

GLSA-200906-03 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200906-03 phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been reported in phpMyAdmin: Greg Ose discovered that the setup script does not sanitize input properly, leading to the injection of arbitrary PHP code...

9.8CVSS8.8AI score0.95438EPSS
Exploits16References3
Atlassian
Atlassian
added 2009/06/26 2:5 a.m.14 views

XSS in PDF screen

The "PDF Export Stylesheet" field is not encoded...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/06/26 2:5 a.m.19 views

XSS in PDF screen

The "PDF Export Stylesheet" field is not encoded...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/06/26 2:5 a.m.24 views

XSS in PDF screen

The "PDF Export Stylesheet" field is not encoded...

1.6AI score
Exploits0
Ubuntu
Ubuntu
added 2009/06/24 8:0 p.m.105 views

USN-791-1: Moodle vulnerabilities

Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. CVE-2007-3215 Nigel McNie discovered that fetching https URLs di...

10CVSS8.3AI score0.54003EPSS
Exploits23
myhack58
myhack58
added 2009/05/28 12:0 a.m.12 views

dvbbs delete the upload. inc after the shell was a method-vulnerability warning-the black bar safety net

dvbbs delete the upload. inc after the shell was a method - the premise is to give the front Desk administrative privileges Into the background after Go to the user management Just change the personal e-mail address for %eval requestchr3 5%@163.com After saving Find the mail list export Then expo...

0.3AI score
Exploits0
seebug.org
seebug.org
added 2009/05/20 12:0 a.m.69 views

Oracle Outside In多个缓冲区溢出漏洞

Bugraq ID: 34994 CVE ID:CVE-2009-1009 CVE-2009-1010 CVE-2009-1011 CNCVE ID:CNCVE-20091009 CNCVE-20091010 CNCVE-20091011 Oracle Outside In是一款软件开发工具包套件SDK,为开发人员提供了一个访问、转换和控制 400 多种非结构化文件格式的内容的综合解决方案。 Oracle Outside In存在多个缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 -处理Microsoft...

4.4CVSS6.3AI score0.00434EPSS
Exploits2
seebug.org
seebug.org
added 2009/04/21 12:0 a.m.24 views

Oracle存在多个安全漏洞

CNCAN ID:CNCAN-2009041604 多个Oracle产品存在漏洞,可导致SQL注入,泄漏敏感信息或使攻击者破坏系统: -Oracle Process Manager和Notification opmn守护程序存在格式串错误,提交特殊构建的POST请求给port 6000/TCP可导致任意代码执行。 -传递给"DBMSAQIN"的输入在使用前缺少过滤,可导致注入任意SQL代码。 -Oracle数据库包含的Application Express组件存在错误,非特权用户可以获得"LOWS030000.WWVFLOWUSER"中的APEX密码HASH。 目前还存在多个未知漏洞。...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.12 views

Mandriva Update for totem-pl-parser MDVA-2008:152 (totem-pl-parser)

Check for the Version of totem-pl-parser OpenVAS Vulnerability Test Mandriva Update for totem-pl-parser MDVA-2008:152 totem-pl-parser Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute i...

7.4AI score
Exploits0References2
Prion
Prion
added 2009/03/26 2:30 p.m.24 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...

4.3CVSS5.9AI score0.01604EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2009/03/26 2:30 p.m.28 views

CVE-2009-1150

Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...

4.3CVSS5.6AI score0.01604EPSS
Exploits0References11
Rows per page
Query Builder