250 matches found
gforge4519-sql.txt
Gforge = 4.5.19 Multiple Sql Injections Vendor Notified: 2008-10-06 Note: should work regardless magicquotesgpc setting. http://gforgesite.xxx/new/?groupid=&limit=50&offset=50;select 1 as id,CURRENTUSER as forumid, version as summary...
Gforge <= 4.5.19 Multiple Remote SQL Injection Vulnerabilities
No description provided by source. Gforge = 4.5.19 Multiple Sql Injections Vendor Notified: 2008-10-06 Note: should work regardless magicquotesgpc setting. http://gforgesite.xxx/new/?groupid=&limit=50&offset=50;select 1 as id,CURRENTUSER as forumid, version as summary...
Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability
No description provided by source. Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...
Gforge 4.6 rc1 - 'skill_edit' SQL Injection
Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...
GForge 4.5.19 - Multiple SQL Injections
Gforge = 4.5.19 Multiple Sql Injections Vendor Notified: 2008-10-06 Note: should work regardless magicquotesgpc setting. http://gforgesite.xxx/new/?groupid=&limit=50&offset=50;select 1 as id,CURRENTUSER as forumid, version as summary...
FreeBSD Ports: gforge
The remote host is missing an update to the system as announced in the referenced advisory. VID d7cd5015-08c9-11da-bc08-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: gforge
The remote host is missing an update to the system as announced in the referenced advisory. VID fe903533-ff96-4c7a-bd3e-4d40efa71897 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: gforge
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: gforge
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 1577-1 (gforge)
The remote host is missing an update to gforge announced via advisory DSA 1577-1. OpenVAS Vulnerability Test $Id: deb15771.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1577-1 gforge Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Debian: Security Advisory (DSA-1577-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1577-1 : gforge - insecure temporary files
Stephen Gran and Mark Hymers discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner. This may be exploited to overwrite arbitrary files on the local system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Design/Logic Flaw
The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...
CVE-2008-0167
The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...
CVE-2008-0167
The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...
CVE-2008-0167
The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...
CVE-2008-0167
CVE-2008-0167 affects GForge 4.5.14 (Debian: etch) where scripts open configuration files in write mode, truncating them before writing new data, potentially allowing local attackers to overwrite files or bypass access restrictions. Debian DSA-1577-1 confirms the issue and provides fixed package ...
[SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files
------------------------------------------------------------------------ Debian Security Advisory DSA-1577-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 14, 2008 http://www.debian.org/security/faq -...
DSA-1577-1 gforge - insecure temporary files
Bulletin has no description...
Debian Security Advisory DSA 1459-1 (gforge)
The remote host is missing an update to gforge announced via advisory DSA 1459-1. OpenVAS Vulnerability Test $Id: deb14591.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1459-1 gforge Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...