Helpdesk Pilot Knowledge Base SQL injection vulnerability

No description provided by source. Helpdesk Pilot Knowledge Base SQL injection vulnerability - articleid Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : Desember 29, 2009 Software Information + Vendor : http://www.helpdeskpilot.com/ + Download : - + version :...

Helpdesk Pilot Knowledge Base 4.4.0 - SQL Injection

Helpdesk Pilot Knowledge Base 4.4.0 - SQL Injection Helpdesk Pilot Knowledge Base SQL injection vulnerability - articleid Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : Desember 29, 2009 Software Information + Vendor : http://www.helpdeskpilot.com/ + Download...

Helpdesk Pilot Knowledge Base 4.4.0 - SQL Injection

Helpdesk Pilot Knowledge Base SQL injection vulnerability - articleid Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : Desember 29, 2009 Software Information + Vendor : http://www.helpdeskpilot.com/ + Download : - + version : 4.4.0 or lower maybe also affected ...

EasyMail SMTP ActiveX Control AddAttachment buffer overflow

Added: 12/10/2009 BID: 36440 OSVDB: 59939 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A stack buffer overflow vulnerability in the...

Directory traversal

Directory traversal vulnerability in dialog/filemanager.php in Interspire Knowledge Manager 5 allows remote attackers to read arbitrary files via a .. dot dot in the p parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-4192

Interspire Knowledge Manager 5 contains a directory traversal vulnerability in dialog/file_manager.php that allows remote attackers to read arbitrary files by manipulating the p parameter (".." traversal). The issue is documented across multiple feeds (NVD, Red Hat, CVE lists) with the same root ...

MediaWiki Language Option PHP Code Execution (CVE-2005-4031)

MediaWiki is a web-based enterprise collaboration platform developed in the PHP scripting language. The software is a set of CGI programs that are loaded and executed by an HTTP server. It typically runs as a document management system, or a knowledge base. The web content of a MediaWiki...

Tips for Diminishing Botnet Attacks

Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use — unbeknownst to the machine’s owner — for online crimes including sending out spam or launching a denial of service attack. The black-hat techniques employed to snare users into a botne...

HP LoadRunner XUpload ActiveX control MakeHttpRequest file download

Added: 10/21/2009 CVE: CVE-2009-3693 BID: 36550 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the XUpload.ocx ActiveX control for performing file exchanges. Problem The MakeHttpRequest method in the XUpload.ocx ActiveX control can be used to download...

EMC Captiva QuickScan Pro KeyHelp ActiveX Control JumpURL buffer overflow

Added: 10/02/2009 BID: 36546 OSVDB: 58423 Background EMC Captiva QuickScan Pro is a document capture solution. It includes KeyHelp, a free ActiveX control used for enhancing HTML help systems. Problem A buffer overflow vulnerability in the KeyHelp ActiveX Control allows command execution when a...

EMC Captiva QuickScan Pro KeyHelp ActiveX Control JumpURL buffer overflow

Added: 10/02/2009 BID: 36546 OSVDB: 58423 Background EMC Captiva QuickScan Pro is a document capture solution. It includes KeyHelp, a free ActiveX control used for enhancing HTML help systems. Problem A buffer overflow vulnerability in the KeyHelp ActiveX Control allows command execution when a...

Interspire Knowledge Manager 5 - p Directory Traversal

Interspire Knowledge Manager 5 - p Directory Traversal source: https://www.securityfocus.com/bid/36541/info Interspire Knowledge Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker t...

Interspire Knowledge Manager 5 - 'p' Directory Traversal

source: https://www.securityfocus.com/bid/36541/info Interspire Knowledge Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in furthe...

Microsoft Security Bulletin MS09-048 - Critical Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723)

Microsoft Security Bulletin MS09-048 - Critical Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution 967723 Published: September 08, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in Transmission...

XEmacs Version Detection (Windows)

This script detects the installed version of XEmacs and sets the result in KB. OpenVAS Vulnerability Test $Id: gbxemacsdetectwin.nasl 5372 2017-02-20 16:26:11Z cfi $ XEmacs Version Detection Windows Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net...

Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability

Added: 07/14/2009 CVE: CVE-2009-1136 BID: 35642 OSVDB: 55806 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A memory corruption vulnerability allows command execution when a web page passes a specially crafted parameter to the...

Microsoft Security Bulletin MS09-022 - Critical Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

Microsoft Security Bulletin MS09-022 - Critical Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution 961501 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities in Windows Print...

SAP Cfolders Multiple Stored XSS Vulnerabilies

Digital Security Research Group DSecRG Advisory DSECRG-09-014 Original advisory: http://dsecrg.com/pages/vul/show.php?id=114 Application: SAP Cfolders included in: SAP SRM, SAP ECC, SAP Knowledge Management and SAP NetWeaver cRooms Vendor URL: http://SAP.com Bugs: Multiple Stored XSS Risk: Hight...

In weak economy, IT pros could turn to e-crime

By Jeremy Kirk, IDG News Service Enterprises increasingly feel their employees will be more willing to steal data or sell insider knowledge due to the poor economy, according to an annual security survey infoworld.com conducted by KPMG. Sixty-six percent of respondents felt that out-of-work IT...

CVE-2008-6525

SQL injection vulnerability in the Admin Panel in Nice PHP FAQ Script Knowledge base Script allows remote attackers to execute arbitrary SQL commands via the Password parameter aka the pass field...