verbb/formie Server-Side Template Injection for variable-enabled settings

Impact Users with access to a form's settings can include malicious Twig code into fields that support Twig. These might be the Submission Title or the Success Message. This code will then be executed upon creating a submission, or rendering the text. This is listed as low-medium severity due to...

FreeBSD : jenkins -- multiple vulnerabilities (6905f05f-a0c9-11e8-8335-8c164535ad80)

Jenkins Security Advisory : DescriptionLow SECURITY-637 Jenkins allowed deserialization of URL objects with host components Medium SECURITY-672 Ephemeral user record was created on some invalid authentication attempts Medium SECURITY-790 Cron expression form validation could enter infinite loop,...

Joomla (com_jbpublishdownfp) SQL Injection Vulnerability

No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...

Joomla Component (com_virtuemart) order_status_id SQL Injection Vulnerability

No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comvirtuemart SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...

WebAssist PowerCMS PHP - Multiple Web Vulnerabilities

Document Title: =============== WebAssist PowerCMS PHP - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1098 Release Date: ============= 2013-09-27 Vulnerability Laboratory ID VL-ID: ==================================== 1098...

Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities

Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities Sense of Security - Security Advisory - SOS-11-010 Release Date. 19-Sep-2011 Last Update. - Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected versions. C = TC4.1.2, MXP = F9.1 Severity Rating...

Cisco TelePresence Multiple Vulnerabilities - SOS-11-010

Exploit for hardware platform in category web applications Sense of Security - Security Advisory - SOS-11-010 Release Date. 19-Sep-2011 Last Update. - Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected versions. C = TC4.1.2, MXP = F9.1 Severity Ratin...

Joomla Autartitarot Directory Traversal

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comautartitarot Directory Traversal Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS:...

Joomla CCNewsLetter Blind SQL Injection

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comccnewsletter BLIND SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS:...

Joomla! Component com_virtuemart - order_status_id SQL Injection

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comvirtuemart SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS: Privileged us...

Joomla Component (com_virtuemart) order_status_id SQL Injection

Exploit for unknown platform in category web applications ============================================================================= Joomla Component comvirtuemart orderstatusid SQL Injection Vulnerability ============================================================================= ...BEGIN...

Joomla! Component com_virtuemart - order_status_id SQL Injection

Joomla! Component comvirtuemart - orderstatusid SQL Injection ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comvirtuemart SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT:...

Joomla JBPublishdownfp SQL Injection

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS: Privileg...

Joomla Casino SQL Injection

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comcasino SQL Injection Vulnerabilities LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS: Privileged user...

Joomla! Component com_jbpublishdownfp - SQL Injection

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS: Privileg...

Joomla! Component com_jbpublishdownfp - SQL Injection

Joomla! Component comjbpublishdownfp - SQL Injection ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT:...

XOOPS 2.3.3 - .htaccess Remote File Disclosure

XOOPS 2.3.3 - .htaccess Remote File Disclosure ======================================================================== XOOPS = 2.3.3 Remote Arbitrary File Retrieval ======================================================================== Affected Software : XOOPS = 2.3.3 Author : Luca "daath" De...

[Full-disclosure] Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability

================================================== Layered Defense Advisory 1 December 2006 ================================================== 1 Affected Software Novell Client 4.91 SP2 Novell Client 4.91 SP2 Patch Kit Novell Client 4.91 SP3 Earlier versions may also be vulnerable...

format string vulnerability in Gnats

Zone-h Security Advisory Date of discovery : 21 june 2004 Date of release : 24 june 2004 Bug found by Khan Shirani [email protected] http://www.zone-h.org --------------------------------------- Software : GNU Gnats 4.00 Bugs : formats string bugs Risk : low/medium Platform : nix...

[Full-Disclosure] Ph0rum phorum_uriauth replay attack

Arhont Ltd.- Information Security Arhont Advisory by: Konstantin Gavrilenko http://www.arhont.com Advisory: Ph0rum phorumuriauth replay attack Class: design bug ? Version: 4.3.7 Model Specific: Other version might have the same bug Contact Date: 11/05/2004 email sent to [email protected] PD releas...