CVE-2008-3094

The CVE affects the Drupal Organic Groups (OG) module, specifically 5.x prior to 5.x-7.3 and 6.x prior to 6.x-1.0-RC1. The vulnerability enables remote attackers to disclose sensitive information (private group names) via unspecified vectors. The description does not detail a fixed patch or remed...

CVE-2008-3095

Cross-site scripting XSS vulnerability in the Organic Groups OG module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote authenticated users, with group owner permissions, to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-3094

The Organic Groups OG module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal, allows remote attackers to obtain sensitive information private group names via unspecified vectors...

SA-2008-040 - Organic Groups - Cross site scripting and information disclosure

Organic groups enables users to create and manage their own 'groups'. Each group can be subscribed to, and includes a group home page where subscribers can communicate amongst themselves. Two vulnerabilities were found in the module. Cross site scripting The module displays certain values without...

Riddles Complete Website 1.2.1 - riddleid SQL Injection

Riddles Complete Website 1.2.1 - riddleid SQL Injection || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | |...

netbios-sql.txt

Viva IslaM Viva IslaM rEm0te sql injction VulnErability Net bios script AuTh0r : security fears team H0ME : WwW.alsonaa.CoM members: HeB4RieH , germayax Script Name : netBIOS d0rk :: "Powered by netBIOS" -:: sql Code ::- showNews.php?newsid=sql...

Cybozu Office 6 information disclosure vulnerability

Overview A vulnerability exists in Cybozu Office 6 allowing the disclosure of registered users or groups information. Cybozu Office 6 provides several login methods. One of the methods, meant to be used in the Internet, allows direct entry of a username. However, even when this method is used,...

dovecot: insecure mail_extra_groups option

Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...

PHP Jokesite 2.0 - 'cat_id' SQL Injection

|| || | || o,7 || . o7 || 4||| ow, : / / . ================================ ========================== ==================== |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings...

ajhyip-sql.txt

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

CVE-2008-1594

The kernel in IBM AIX 5.2 and 5.3 does not properly handle resizing JFS2 filesystems on concurrent volume groups spread across multiple nodes, which allows local users of one node to cause a denial of service remote node crash by using chfs or lreducelv to reduce a filesystem's size...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

PYSEC-2008-14

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

CVE-2008-0164

Multiple cross-site request forgery CSRF vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to 1 add arbitrary accounts via the joinform page and 2 change the privileges of arbitrary groups via the prefsgroupsoverview page...

DEBIAN-CVE-2008-1199

Dovecot before 1.0.11, when configured to use mailextragroups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack...

Powered by Pagetool Ver (1.04-05-06-07)

Google arama : www.1923turk.org Turkishwariorr Powered by Pagetool Ver 1.04 Powered by Pagetool Ver 1.07 Powered by Pagetool Ver 1.05 Powered by Pagetool Ver 1.06 Site sonuna :...

ManageEngine Applications Manager Invalid URL Remote Information Disclosure

The version of ManageEngine Applications Manager installed on the remote host is affected by an information disclosure vulnerability due to the application returning a summary of monitor groups and alerts in response to a request with an invalid URL. A remote attacker, using a URL with an invalid...

OpenBSD 4.2 - rtlabel_id2name() Local Null Pointer Dereference Denial of Service

OpenBSD 4.2 - rtlabelid2name Local Null Pointer Dereference Denial of Service / OpenBSD 4.2 rtlabelid2name SIOCGIFRTLABEL ioctl Null Pointer Dereference local Denial of Service Exploit by Hunger Advisory: http://marc.info/?l=openbsd-security-announce&m=120007327504064 FOR TESTING PURPOSES ONLY! $...

Debian Security Advisory DSA 173-1 (bugzilla)

The remote host is missing an update to bugzilla announced via advisory DSA 173-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EkinBoard <= 1.1.0 Remote File Upload / Auth Bypass Vulnerabilities

No description provided by source. ---- EkinBoard Remote File Upload / Auth Bypass ... ITDefence.ru Antichat.ru EkinBoard = 1.1.0 Remote File Upload / Auth Bypass Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // / / / / &nb...