Mandriva Linux Security Advisory : php (MDVSA-2008:126)

A number of vulnerabilities have been found and corrected in PHP : PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being...

Mandriva Update for php MDVSA-2008:126 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:127 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:127 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for php MDVSA-2008:126 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:126 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

CentOS Update for php CESA-2008:0544 centos3 x86_64

Check for the Version of php OpenVAS Vulnerability Test CentOS Update for php CESA-2008:0544 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

social-sql.txt

HACKATTACK Advisory 2008-11-20Social Engine 2.7 CRLF Injection + SQL injection Details Product: Social Engine Security-Risk: moderate Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Vieira-Kurz of...

FlexCMS <= 2.5 Cross Site Scripting Vulnerability

---------------------------------------------------------------- Script : FlexCMS = 2.5 Type : Cross Site Scripting Vulnerability Alert : Low ---------------------------------------------------------------- Download From : http://www.flexcms.com/...

flexcms-xss.txt

---------------------------------------------------------------- Script : FlexCMS alertdocument.cookie Attacker can hijack admin cookie with this vulnerability .... Solution for patch : filter PreviousColorsString variable with htmlspecialchars function...

Xampp Linux 1.6.7 Multiple Cross Site Scripting Vulnerabilities

---------------------------------------------------------------- Program : Xampp Linux 1.6.7 Type : Multiple Cross Site Scripting Vulnerabilities Alert : Medium ---------------------------------------------------------------- Download From :...

xampp-xss.txt

---------------------------------------------------------------- Program : Xampp Linux 1.6.7 Type : Multiple Cross Site Scripting Vulnerabilities Alert : Medium ---------------------------------------------------------------- Download From :...

mjguest68-xss.txt

---------------------------------------------------------------- Script : MJGuest 6.8 GT Type : Cross Site Scripting Vulnerability Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Our Team : IRCRASH My Official Website :...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : php5 vulnerabilities (USN-628-1)

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

USN-628-1: PHP vulnerabilities

It was discovered that PHP did not properly check the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function. CVE-2007-4782 Maksymilian Arciemowicz discovered a flaw in t...

php htmlentities/htmlspecialchars multibyte sequences

The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...

maranphp-xss.txt

---------------------------------------------------------------- Script : Maran PHP Blog Type : XSS Pasive Method : GET Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani a.k.a. Dr.Crash My Offical Website : HTTP://FEREIDANI.IR...

php htmlentities/htmlspecialchars multibyte sequences

The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...

php htmlentities/htmlspecialchars multibyte sequences

The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...

php htmlentities/htmlspecialchars multibyte sequences

The 1 htmlentities and 2 htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465...

VistaReseller Panel BETA Xss Vulnerability

VistaReseller Panel BETA Xss Vulnerability Discovered By Khashayar Fereidani Or Ircrash Our Team : IRCRASH IRCRASH Team Members : Dr.Crash Or Khashayar Fereidani - Hadi Kiamarsi - Malc0de - R3d.w0rm - Rasool Nasr Risk : Low Xss Address : http://Example/panel/index.php?option=forums Variable :...