Tugux CMS 1.0_final Multiple Vulnerabilities

Exploit for php platform in category web applications Vulnerable Web-App : Tugux CMS 1.0final Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email : email protected Google-Dork : "Copyright 2010-2011 Tugux CMS" Tested on : Ubuntu 10.04 Web-App :...

CVE-2011-1088

Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application...

Design/Logic Flaw

Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application...

CVE-2011-1088

Apache Tomcat 7.x before 7.0.10 does not follow ServletSecurity annotations, which allows remote attackers to bypass intended access restrictions via HTTP requests to a web application...

CVE-2011-1419

Affected software: Apache Tomcat 7.x before 7.0.11. Component/behavior: ServletSecurity handling; when web.xml has no security constraints, Tomcat does not follow ServletSecurity annotations, enabling a remote bypass of access controls via HTTP requests. Root cause: incomplete fix for CVE-2011-10...

Hiawatha WebServer 7.4 Denial of Service Vulnerability

Exploit for multiple platform in category dos / poc Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January...

RedHat Update for seamonkey RHSA-2011:0313-01

Check for the Version of seamonkey OpenVAS Vulnerability Test RedHat Update for seamonkey RHSA-2011:0313-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CentOS Update for seamonkey CESA-2011:0313 centos4 i386

Check for the Version of seamonkey OpenVAS Vulnerability Test CentOS Update for seamonkey CESA-2011:0313 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Hiawatha WebServer 7.4 Denial Of Service

Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...

CentOS Update for seamonkey CESA-2011:0313 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for seamonkey RHSA-2011:0313-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

seamonkey security update

CentOS Errata and Security Advisory CESA-2011:0313 Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS ba...

Critical: Red Hat Security Advisory: seamonkey security update

Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

Critical: Red Hat Security Advisory: firefox security and bug fix update

Updated firefox packages that fix several security issues and one bug are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

SAP Crystal Reports 2008 Directory Traversal

SAP Crystal Reports is a business intelligence application which is used to design and generate reports from various data sources. These sources include databases, spreadsheets, text files, XML files, etc. SAP Crystal Reports installation includes Tomcat Web server and various servlet components ...

Ubuntu Update for python-django vulnerabilities USN-1066-1

Ubuntu Update for Linux kernel vulnerabilities USN-1066-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10661.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for python-django vulnerabilities USN-1066-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

USN-1066-1: Django vulnerabilities

It was discovered that Django did not properly validate HTTP requests that contain an X-Requested-With header. An attacker could exploit this vulnerability to perform cross-site request forgery CSRF attacks. CVE-2011-0696 It was discovered that Django did not properly sanitize its input when...

HP Power Manager Cross Site Request Forgery (CSRF) and XSS Vulnerability

This host is running HP Power Manager and is prone to cross site request forgery and cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbhppowermanagercsrfvuln.nasl 7006 2017-08-25 11:51:20Z teissa $ HP Power Manager Cross Site Request Forgery CSRF and XSS Vulnerability Authors:...

CVE-2011-0447

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...

CVE-2011-0447

Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...