8687 matches found
Besides the two ecshop background to get the shell methods-vulnerability warning-the black bar safety net
ecshop background to get the shell method, in addition to the oldjun large cattle that and the last said that, and found two. But each one of the restriction conditions, listen to me one by one. One: ecshop background a function is a sql Query, as shown: ! In fact, the feeling in a management...
Uploading large fonts for PDF export fails with XSRF error
When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...
Uploading large fonts for PDF export fails with XSRF error
When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...
Uploading large fonts for PDF export fails with XSRF error
When uploading souizhs.ttf font that we use due to its comprehensive UTF8 support, I'm getting XSRF validation error: quote Your request could not be processed because a required security token was not present in the request. You may need to re-submit the form or reload the page. quote I tried...
Open 3 3 8 9 unable to login the 5 types of reasons-vulnerability warning-the black bar safety net
1, The server in the internal network. 2, the tcp/ip filtering. First execute the following cmd command: cmd /c regedit-e c:\1.reg HKEYLOCALMACHINE\SYSTEM\ControlSet001\Services\Tcpip export the registry concerning the TCP/IP filtering in the first place cmd /c regedit-e c:\2.reg...
Php AdminPanel Free version 1.0.5 Remote File Disclosure Vuln
No description provided by source. Php AdminPanel Free version 1.0.5 Remote File Disclosure AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina...
Fedora 10 : phpMyAdmin-3.2.0.1-1.fc10 (2009-7340)
The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...
Fedora 9 : phpMyAdmin-3.2.0.1-1.fc9 (2009-7337)
The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...
[SECURITY] Fedora 10 Update: phpMyAdmin-3.2.0.1-1.fc10
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
GLSA-200906-03 : phpMyAdmin: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200906-03 phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been reported in phpMyAdmin: Greg Ose discovered that the setup script does not sanitize input properly, leading to the injection of arbitrary PHP code...
XSS in PDF screen
The "PDF Export Stylesheet" field is not encoded...
XSS in PDF screen
The "PDF Export Stylesheet" field is not encoded...
XSS in PDF screen
The "PDF Export Stylesheet" field is not encoded...
USN-791-1: Moodle vulnerabilities
Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. CVE-2007-3215 Nigel McNie discovered that fetching https URLs di...
dvbbs delete the upload. inc after the shell was a method-vulnerability warning-the black bar safety net
dvbbs delete the upload. inc after the shell was a method - the premise is to give the front Desk administrative privileges Into the background after Go to the user management Just change the personal e-mail address for %eval requestchr3 5%@163.com After saving Find the mail list export Then expo...
Oracle Outside In多个缓冲区溢出漏洞
Bugraq ID: 34994 CVE ID:CVE-2009-1009 CVE-2009-1010 CVE-2009-1011 CNCVE ID:CNCVE-20091009 CNCVE-20091010 CNCVE-20091011 Oracle Outside In是一款软件开发工具包套件SDK,为开发人员提供了一个访问、转换和控制 400 多种非结构化文件格式的内容的综合解决方案。 Oracle Outside In存在多个缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 -处理Microsoft...
Oracle存在多个安全漏洞
CNCAN ID:CNCAN-2009041604 多个Oracle产品存在漏洞,可导致SQL注入,泄漏敏感信息或使攻击者破坏系统: -Oracle Process Manager和Notification opmn守护程序存在格式串错误,提交特殊构建的POST请求给port 6000/TCP可导致任意代码执行。 -传递给"DBMSAQIN"的输入在使用前缺少过滤,可导致注入任意SQL代码。 -Oracle数据库包含的Application Express组件存在错误,非特权用户可以获得"LOWS030000.WWVFLOWUSER"中的APEX密码HASH。 目前还存在多个未知漏洞。...
Mandriva Update for totem-pl-parser MDVA-2008:152 (totem-pl-parser)
Check for the Version of totem-pl-parser OpenVAS Vulnerability Test Mandriva Update for totem-pl-parser MDVA-2008:152 totem-pl-parser Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute i...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...
CVE-2009-1150
Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...