9767 matches found
Code injection
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
CVE-2014-8598
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
CVE-2014-8598
CVE-2014-8598 affects MantisBT 1.2.x via the XML Import/Export plugin, which could allow unauthorized attackers to upload arbitrary XML files or obtain sensitive information due to insufficient access restrictions. This is explicitly stated in connected documents as part of multiple vulnerabiliti...
CVE-2014-8598
The XML Import/Export plugin in MantisBT 1.2.x does not restrict access, which allows remote attackers to 1 upload arbitrary XML files via the import page or 2 obtain sensitive information via the export page. NOTE: this issue can be combined with CVE-2014-7146 to execute arbitrary PHP code...
RHEL 5 : vdsm (RHSA-2010:0473)
Updated vdsm packages that fix one security issue, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...
CVE-2014-0228
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for 1 import and 2 export statements, which allows remote authenticated users to obtain sensitive information via a crafted URI...
mantisbt: arbitrary code execution and unrestricted access
CVE-2014-7146 arbitrary code execution When importing data with the plugin, user input passed through the "description" field and the "issuelink" attribute of the uploaded XML file isn't properly sanitized before being used in a call to the pregreplace function which uses the 'e' modifier. This...
MGASA-2014-0433 Updated zabbix package fixes security vulnerability
It was reported that the Zabbix frontend supported an XML data import feature, where on the server it used DOMDocument to parse the XML. By default, DOMDocument also parses the external DTD, which could allow a remote attacker to use a crafted XML file causing Zabbix to read an arbitrary local...
openSUSE Security Update : bash (openSUSE-SU-2014:1308-1) (Shellshock)
Replace patches bash-4.2-heredoc-eof-delim.patch and bash-4.2-parse-exportfunc.patch with the official upstream patch levels bash42-052 and bash42-053 - Replace patch bash-4.2-CVE-2014-7187.patch with upstream patch level bash42-051 - Make bash-4.2-extra-import-func.patch an optional patch due...
Information disclosure
The PRIX IMPORT aka com.myapphone.android.myapppriximport application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7530
CVE-2014-7530 : The PRIX IMPORT app (com.myapphone.android.myapppriximport) for Android, version 1.0, does not verify X.509 certificates from SSL servers. This flaw enables man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. Documentation does ...
AOL 9.5 Phobos.Playlist Import() Stack-based 缓冲区溢出漏洞
No description provided by source...
Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation
Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation Vendor: Telefonica S.A. Product web page: http://www.telefonica.com | http://www.o2.co.uk Affected version: 8.7.6.792 Summary: O2 Connection Manager will help you to manage your internet connections by getting you...
Telefonica O2 Connection Manager 8.7 Service Trusted Path Privilege Escalation
Summary O2 Connection Manager will help you to manage your internet connections by getting you connected to the fastest available network. Automatically connect you to the fastest available network including your home broadband if you have a wireless router. Description The O2 Connection Manager'...
CuuMall最新版任意文件包含
简要描述: CuuMall免费网上商城系统基于企业级MVC技术架构,安全、稳定,可保证同时在线人数达10000人左右,能适应不同领域的公司企业,文件缓存机制、数据库缓存机制,保证系统稳定运行,多种功能以满足不同客户网上开店的需求。 详细说明: //执行应用程序 static public function exec // 是否开启标签扩展 $tagOn = C'APPPLUGINON'; // 项目运行标签 if$tagOn tag'apprun'; //创建Action控制器实例 $group = defined'GROUPNAME' ? GROUPNAME.C'APPGROUPDEP...
Discuz!旗下产品统一存在一个csrf+sql批量执行风险(dz3.x,dz7.x,SupeSite7.x等等)
简要描述: Discuz!旗下产品统一存在一个sql批量执行风险(dz3.x,dz7.x,SupeSite7.x等等) 详细说明: 今天看dz的SupeSite7.x产品的时候,发现一个dz统一存在的脱裤风险: 直接看代码,我们在做数据库还原的时候,抓到一个链接:...
[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.8.1-2.fc19
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.8.1-2.fc21
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
openSUSE Security Update : LibreOffice (openSUSE-SU-2014:1126-1)
This update fixes memory corruption vulnerability in DOCM import and data exposure using crafted OLE objects. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-540. The text...
CVE-2014-6072: CSRF vulnerability in the Web Profiler
Affected Versions All 2.0.X, 2.1.X, 2.2.X, 2.3.X, 2.4.X, and 2.5.X versions of the Symfony WebProfiler bundle are affected by this security issue. This issue has been fixed in Symfony 2.3.19, 2.4.9, and 2.5.4. Note that no fixes are provided for Symfony 2.0, 2.1, and 2.2 as they are not maintaine...