CVE-2013-4634

Summary: TYPO3’s jQuery autocomplete for indexed_search (rzautocomplete) extension is vulnerable to SQL injection in all versions before 0.0.9, as described in CVE-2013-4634. Impact: Remote attackers could execute arbitrary SQL commands via unspecified vectors. Affected component: rzautocomplete ...

CVE-2013-4634

SQL injection vulnerability in the jQuery autocomplete for indexedsearch rzautocomplete extension before 0.0.9 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

PHP-Fusion: source code security analysis report

Several vulnerabilities were discovered in PHP-Fusion 'PHP-Fusion' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Insufficiently...

Fedora Update for python-tw2-jquery FEDORA-2013-1286

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for python-tw2-jquery FEDORA-2013-1286

Check for the Version of python-tw2-jquery OpenVAS Vulnerability Test Fedora Update for python-tw2-jquery FEDORA-2013-1286 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for python-tw2-jquery FEDORA-2013-1277

Check for the Version of python-tw2-jquery OpenVAS Vulnerability Test Fedora Update for python-tw2-jquery FEDORA-2013-1277 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for python-tw2-jquery FEDORA-2013-1277

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 17 : python-tw2-jquery-2.0.3-5.fc17 (2013-1286)

Remove old bundled versions of jquery. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

Fedora 18 : python-tw2-jquery-2.0.3-5.fc18 (2013-1277)

Remove old bundled versions of jquery. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...

[SECURITY] Fedora 18 Update: python-tw2-jquery-2.0.3-5.fc18

toscawidgets2 tw2 aims to be a practical and useful widgets framework that helps people build interactive websites with compelling features, fast er and easier. Widgets are re-usable web components that can include a templat e, server-side code and JavaScripts/CSS resources. The library aims to b...

[SECURITY] Fedora 17 Update: python-tw2-jquery-2.0.3-5.fc17

toscawidgets2 tw2 aims to be a practical and useful widgets framework that helps people build interactive websites with compelling features, fast er and easier. Widgets are re-usable web components that can include a templat e, server-side code and JavaScripts/CSS resources. The library aims to b...

AZL-44421 CVE-2011-4969 affecting package python-genshi 0.7.9-1

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

CVE-2011-4969

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

CVE-2011-4969

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

Cross site scripting

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

CVE-2011-4969

CVE-2011-4969 : XSS in jQuery prior to 1.6.3 when using location.hash to select elements. A remote attacker could inject arbitrary script/HTML into a page. Affected: jQuery versions before 1.6.3. Remediation: upgrade to 1.6.3 or later (patches/fixes cited by IBM and vendor advisories). Public ref...

CVE-2011-4969

Cross-site scripting XSS vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag...

CVE-2011-4969

Removed by vendor...

PolarBear CMS PHP File Upload Vulnerability

This module exploits a file upload vulnerability found in PolarBear CMS By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution. This module requires Metasploit: https://metasploit.com/download Curren...

XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery

Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in...