1002 matches found
Debian Security Advisory DSA 159-2 (python)
The remote host is missing an update to python announced via advisory DSA 159-2. OpenVAS Vulnerability Test $Id: deb1592.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 159-2 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 198-1 (nullmailer)
The remote host is missing an update to nullmailer announced via advisory DSA 198-1. OpenVAS Vulnerability Test $Id: deb1981.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 198-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 779-2 (mozilla-firefox)
The remote host is missing an update to mozilla-firefox announced via advisory DSA 779-2. We experienced that the update for Mozilla Firefox from DSA 779-1 unfortunately was a regression in several cases. Since the usual praxis of backporting apparently does not work, this update is basically...
Ruby/Gnome2 0.16.0 Format String Vulnerability
RubyGnome2 0.16.0 Format String Vulnerability In Gtk::MessageDialog http://em386.blogspot.com Ruby Gnome2 is a project to provide GTK2 bindings to ruby scripts so you can write GUI code in less time. There is a format string vulnerability in Gtk::MessageDialog. This design flaw does not allow for...
GWExtranet 3.0 - 'Scp.dll' Multiple HTML Injection Vulnerabilities
source: https://www.securityfocus.com/bid/26582/info GWExtranet is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. Attacker-supplied HTML and script code could execut...
GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities
GWExtranet 3.0 - Scp.dll Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/26582/info GWExtranet is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically...
MySpace Scripts Poll Creator - index.php HTML Injection
MySpace Scripts Poll Creator - index.php HTML Injection source: https://www.securityfocus.com/bid/26544/info MySpace Scripts Poll Creator is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated...
Hackish 1.1 - 'Blocco.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...
Hackish 1.1 - Blocco.php Cross-Site Scripting
Hackish 1.1 - Blocco.php Cross-Site Scripting source: https://www.securityfocus.com/bid/26167/info Hackish is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this iss...
SNewsCMS 2.1 - 'News_page.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25963/info SNewsCMS is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage this issue to execute arbitrary script code in the...
IT!CMS 0.2 - 'titletext-ed.php?wndtitle' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code ...
IT!CMS 0.2 - menu-ed.php?wndtitle Cross-Site Scripting
IT!CMS 0.2 - menu-ed.php?wndtitle Cross-Site Scripting source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...
IT!CMS 0.2 - lang-en.php?wndtitle Cross-Site Scripting
IT!CMS 0.2 - lang-en.php?wndtitle Cross-Site Scripting source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may...
IT!CMS 0.2 - 'menu-ed.php?wndtitle' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute arbitrary script code ...
ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities
ETicket 1.5.5 - Open.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24681/info eTicket is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input before using it in dynamically...
[MajorSecurity Advisory #49]Calimero.CMS - Session fixation Issue
MajorSecurity Advisory 49Calimero.CMS - Session fixation Issue Details ======= Product: Calimero.CMS Affected version: 3.3.1232 and prior Remote-Exploit: yes Vendor-URL: http://www.calimero-cms.de Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David...
[MajorSecurity Advisory #48]eggblog - Session fixation Issue
MajorSecurity Advisory 48eggblog - Session fixation Issue Details ======= Product: eggblog Affected version: 3.1.0 and prior Remote-Exploit: yes Vendor-URL: http://www.eggblog.net Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz...
Ruby on Rails 1.2.3 To_JSON - Script Injection
Ruby on Rails 1.2.3 ToJSON - Script Injection source: https://www.securityfocus.com/bid/24161/info Ruby on Rails is prone to a script-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied...
Ruby on Rails 1.2.3 To_JSON - Script Injection
source: https://www.securityfocus.com/bid/24161/info Ruby on Rails is prone to a script-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied script code would run in the context of the...
ClonusWiki 0.5 - index.php HTML Injection
ClonusWiki 0.5 - index.php HTML Injection source: https://www.securityfocus.com/bid/24101/info ClonusWiki is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and...