4 matches found
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20160823)
Security Fixes : It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then...
CVE-2014-3992
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow remote authenticated users to execute arbitrary SQL commands via the 1 entity parameter in an update action to user/fiche.php or 2 sortorder parameter to user/group/index.php...
PT-2014-5659 · Dolibarr · Dolibarr Erp/Crm
Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 3.5.3 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the entity parameter in an update action to "user/fiche.php" or the sortorder parameter to...
Sql injection
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 sortfield, 2 sortorder, and 3 sall parameters to user/index.php and b user/group/index.php; the id parameter to 4 info.php, 5 perms.php, 6...