DEBIAN-CVE-2009-1150

Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...

CVE-2009-1150

Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...

CVE-2009-1150

CVE-2009-1150 affects phpMyAdmin: XSS in the export page (display_export.lib.php) via the pma_db_filename_template cookie. Vulnerable when using phpMyAdmin 2.11.x (before 2.11.9.5) or 3.x (before 3.1.3.1). Root cause is insufficient sanitization of cookie data on the Export page, enabling remote ...

CVE-2009-1150

Multiple cross-site scripting XSS vulnerabilities in the export page displayexport.lib.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allow remote attackers to inject arbitrary web script or HTML via the pmadbfilenametemplate cookie...

L0phtCrack password cracker set to return

More than two years after Symantec pulled the plug on L0phtCrack, the venerable password cracking tool is being prepped for a return to the spotlight. The original creators of L0phtCrack has reacquired the tool with plans to release a new version at next week’s SOURCE Boston conference. A teaser...

Information disclosure

Unspecified vulnerability in the Calendar export feature in Moodle 1.8 before 1.8.8 and 1.9 before 1.9.4 allows attackers to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors...

CVE-2009-0501

Unspecified vulnerability in the Calendar export feature in Moodle 1.8 before 1.8.8 and 1.9 before 1.9.4 allows attackers to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors...

CVE-2009-0501

CVE-2009-0501 affects Moodle’s Calendar Export feature in Moodle 1.8.x before 1.8.8 and 1.9.x before 1.9.4. The root cause is a Calendar Export flaw that allows an attacker to obtain usernames (sensitive information) and perform brute-force attacks on user accounts. Exploitation vectors are not d...

Thyme 1.3 - export_to Local File Inclusion

Thyme 1.3 - exportto Local File Inclusion | Theme Local File Inclusion / Registerglobals: off | | Version: = 1.3 | | Dork: Thyme 1. © 2006 eXtrovert Software LLC. All rights reserved | | Founded by: cheverokatgmail.com |...

Thyme 1.3 - 'export_to' Local File Inclusion

| Theme Local File Inclusion / Registerglobals: off | | Version: = 1.3 | | Dork: Thyme 1. © 2006 eXtrovert Software LLC. All rights reserved | | Founded by: cheverokatgmail.com | -------------------------------------------------------------------------------------- Intro: See info...

CVE-2009-0501

Unspecified vulnerability in the Calendar export feature in Moodle 1.8 before 1.8.8 and 1.9 before 1.9.4 allows attackers to obtain sensitive information and conduct "brute force attacks on user accounts" via unknown vectors...

Ability to grant Import/Export privileges to a group or a user

In our JIRA environment, we have several projects where each of the project admins uploads tasks from a CSV file into their respective project. Inorder for these project admins have the upload permissions, they need to be part of the JIRA System Administration group. This is unacceptable and is a...

Ability to grant Import/Export privileges to a group or a user

In our JIRA environment, we have several projects where each of the project admins uploads tasks from a CSV file into their respective project. Inorder for these project admins have the upload permissions, they need to be part of the JIRA System Administration group. This is unacceptable and is a...

Fedora 9 : phpMyAdmin-3.1.1-1.fc9 (2008-11208)

Improvements for 3.1.1.0: - core Navi panel server links wrong - core bad session.savepath not detected - core Re-login causes PMA to forget current table name - export do not include view name in export - display enable copying of auto increment by default - core do not bail out creating session...

[SECURITY] Fedora 8 Update: phpMyAdmin-3.1.1-1.fc8

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

Export the administrator password file-vulnerability warning-the black bar safety net

sa by default can be read in the sam key. Should. reg export HKLM\SAM\SAM\Domains\Account\Users\000001F4 c:\old.reg net user administrator test With the administrator login. Runs out the machine after reg import c:\test.reg There is no need to clone. Find the corresponding sid...

CVE-2008-4551

strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service daemon crash via an IKESAINIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpzexport function in the GNU Multiprecision...

Fedora 9 : phpMyAdmin-2.11.9.1-1.fc9 (2008-8370)

This update by upstream to phpMyAdmin 2.11.9.1 solves a not yet clearly specified code execution vulnerability. - auth Links to version number on login screen - core PMA does not start if iniset is disabled - bookmarks Saved queries greater than 1000 chars not displayed - export Export type...

SuSE 10 Security Update : IBM Java 1.5 (ZYPP Patch Number 5591)

IBM Java 5 was updated to SR8 to fix various security issues : - Multiple vulnerabilities with unsigned applets were reported. A remote attacker could misuse an unsigned applet to connect to localhost services running on the host running the applet. CVE-2008-3104 - A vulnerability in the XML...

OllyDBG/ImpREC Export名缓冲区溢出漏洞

BUGTRAQ ID: 30139 CNCAN ID：CNCAN-2008071001 OllyDBG是一款调试工具，ImpREC是一款脱壳常用工具。 OllyDBG/ImpREC处理export名存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建恶意的DLL，诱使用户使用OllyDBG/ImpREC处理，可触发此漏洞，可导致以应用程序权限执行任意指令。 OllyDbg OllyDbg 1.10 OllyDbg OllyDbg 1.10 MackT ImpREC 1.7 f 目前没有解决方案提供：...