39 matches found
EUVD-2007-3184
Malware in sbrugna...
Vulnerabilities of the Debian GNU/Linux operating system, which allow a remote attacker to compromise the confidentiality and integrity of protected information
The multiple vulnerabilities in the jffnms package of the Debian GNU/Linux operating system may lead to violations of privacy and the integrity of protected information. These vulnerabilities can be exploited remotely...
JFFNMS 0.8.3 auth.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
JFFNMS 0.8.3 admin/adm/test.php PHP Information Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
JFFNMS 0.8.3 admin/setup.php Direct Request Authentication Bypass
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
JFFNMS 0.8.3 auth.php user Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/24414/info Just For Fun Network Management and Monitoring System JFFNMS is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure...
Debian: Security Advisory (DSA-1374-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1374-1 (jffnms)
The remote host is missing an update to jffnms announced via advisory DSA 1374-1. OpenVAS Vulnerability Test $Id: deb13741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1374-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian DSA-1374-1 : jffnms - several vulnerabilities
Several vulnerabilities have been discovered in jffnms, a web-based Network Management System for IP networks. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3189 Cross-site scripting XSS vulnerability in auth.php, which allows a remote attacker to...
[SECURITY] [DSA 1374-1] New jffnms packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA 1374-1 [email protected] http://www.debian.org/security/ Steve Kemp September 11, 2007 http://www.debian.org/security/faq -...
CVE-2007-3190
Multiple SQL injection vulnerabilities in auth.php in Just For Fun Network Management System JFFNMS 0.8.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 user and 2 pass parameters...
CVE-2007-3191
Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...
Design/Logic Flaw
admin/setup.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to read and modify configuration settings via a direct request...
Sql injection
SQL injection vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this...
CVE-2007-3204
SQL injection vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this...
CVE-2007-3191
Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...
CVE-2007-3190
Multiple SQL injection vulnerabilities in auth.php in Just For Fun Network Management System JFFNMS 0.8.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 user and 2 pass parameters...
CVE-2007-3204
SQL injection vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this...
CVE-2007-3189
Cross-site scripting XSS vulnerability in auth.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter...
Information disclosure
Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...