7 matches found
SUSE CVE-2008-2025
Cross-site scripting XSS vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise SLE 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web scrip...
SQL Injection
Products.Pythonscripts is vulnerable to SQL injection. The vulnerability exists as there was insufficient SQL quoting in DTML or in connection objects, allowing \x00, ', ", \\, to be used to inject arbitrary SQL statements...
SuSE 11.1 Security Update : empathy (SAT Patch Number 5363)
The following bug has been fixed : - Insufficient quoting of nick names allowed attackers to inject arbitrary html CVE-2011-3635 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text...
openSUSE Security Update : moodle (moodle-445)
Insufficient quoting of wiki page titles allowed attackers to conduct cross site scripting XSS attacks CVE-2008-5432 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update moodle-445. The text...
Cross site scripting
Cross-site scripting XSS vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise SLE 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web scrip...
openSUSE 10 Security Update : moodle (moodle-5938)
Insufficient quoting of wiki page titles allowed attackers to conduct cross site scripting XSS attacks CVE-2008-5432 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update moodle-5938. The text...
DSA-1220 pstotext
Bulletin has no description...