Lucene search
K

250 matches found

Packet Storm
Packet Storm
added 2008/10/09 12:0 a.m.21 views

gforge4519-sql.txt

Gforge = 4.5.19 Multiple Sql Injections Vendor Notified: 2008-10-06 Note: should work regardless magicquotesgpc setting. http://gforgesite.xxx/new/?groupid=&limit=50&offset=50;select 1 as id,CURRENTUSER as forumid, version as summary...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/10/09 12:0 a.m.20 views

Gforge <= 4.5.19 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. Gforge = 4.5.19 Multiple Sql Injections Vendor Notified: 2008-10-06 Note: should work regardless magicquotesgpc setting. http://gforgesite.xxx/new/?groupid=&limit=50&offset=50;select 1 as id,CURRENTUSER as forumid, version as summary...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/09 12:0 a.m.11 views

Gforge <= 4.6 rc1 (skill_edit) SQL Injection Vulnerability

No description provided by source. Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/09 12:0 a.m.26 views

Gforge 4.6 rc1 - 'skill_edit' SQL Injection

Gforge = 4.6 rc1 skilledit SQL injection Vendor Notified: 2008-10-06 Impact: zomg! Note: should work regardless magicquotesgpc setting. Requires: Creating an account and be logged in Vulnerable function: handlemultiedit$skillids on /www/people/skillsutils.php...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/09 12:0 a.m.22 views

GForge 4.5.19 - Multiple SQL Injections

Gforge = 4.5.19 Multiple Sql Injections Vendor Notified: 2008-10-06 Note: should work regardless magicquotesgpc setting. http://gforgesite.xxx/new/?groupid=&limit=50&offset=50;select 1 as id,CURRENTUSER as forumid, version as summary...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.25 views

FreeBSD Ports: gforge

The remote host is missing an update to the system as announced in the referenced advisory. VID d7cd5015-08c9-11da-bc08-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS6.4AI score0.0273EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.21 views

FreeBSD Ports: gforge

The remote host is missing an update to the system as announced in the referenced advisory. VID fe903533-ff96-4c7a-bd3e-4d40efa71897 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

5CVSS6.6AI score0.01713EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.18 views

FreeBSD Ports: gforge

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS7.1AI score0.01713EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.35 views

FreeBSD Ports: gforge

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.6AI score0.0273EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/05/27 12:0 a.m.28 views

Debian Security Advisory DSA 1577-1 (gforge)

The remote host is missing an update to gforge announced via advisory DSA 1577-1. OpenVAS Vulnerability Test $Id: deb15771.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1577-1 gforge Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

4.6CVSS0.00729EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/05/27 12:0 a.m.21 views

Debian: Security Advisory (DSA-1577-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS7.2AI score0.00729EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2008/05/19 12:0 a.m.30 views

Debian DSA-1577-1 : gforge - insecure temporary files

Stephen Gran and Mark Hymers discovered that some scripts run by GForge, a collaborative development tool, open files in write mode in a potentially insecure manner. This may be exploited to overwrite arbitrary files on the local system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

4.6CVSS5.4AI score0.00729EPSS
Exploits0References2
Prion
Prion
added 2008/05/18 2:20 p.m.16 views

Design/Logic Flaw

The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...

4.6CVSS7.5AI score0.00729EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2008/05/18 2:20 p.m.18 views

CVE-2008-0167

The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...

4.6CVSS6.9AI score0.00729EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2008/05/18 2:20 p.m.25 views

CVE-2008-0167

The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...

4.6CVSS5.9AI score0.00729EPSS
Exploits0References1
Cvelist
Cvelist
added 2008/05/18 2:0 p.m.27 views

CVE-2008-0167

The writearrayfile function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances...

6.8AI score0.00729EPSS
Exploits0References7
CVE
CVE
added 2008/05/18 2:0 p.m.64 views

CVE-2008-0167

CVE-2008-0167 affects GForge 4.5.14 (Debian: etch) where scripts open configuration files in write mode, truncating them before writing new data, potentially allowing local attackers to overwrite files or bypass access restrictions. Debian DSA-1577-1 confirms the issue and provides fixed package ...

4.6CVSS6.8AI score0.00729EPSS
Exploits0References7Affected Software1
Debian
Debian
added 2008/05/14 3:33 p.m.21 views

[SECURITY] [DSA 1577-1] New gforge packages fix insecure temporary files

------------------------------------------------------------------------ Debian Security Advisory DSA-1577-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 14, 2008 http://www.debian.org/security/faq -...

4.6CVSS6.2AI score0.00729EPSS
Exploits0
OSV
OSV
added 2008/05/14 12:0 a.m.18 views

DSA-1577-1 gforge - insecure temporary files

Bulletin has no description...

4.6CVSS6.4AI score0.00729EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/01/31 12:0 a.m.20 views

Debian Security Advisory DSA 1459-1 (gforge)

The remote host is missing an update to gforge announced via advisory DSA 1459-1. OpenVAS Vulnerability Test $Id: deb14591.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1459-1 gforge Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.2AI score0.02092EPSS
Exploits0
Rows per page
Query Builder