970 matches found
Debian Security Advisory DSA 1652-1 (ruby1.9)
The remote host is missing an update to ruby1.9 announced via advisory DSA 1652-1. OpenVAS Vulnerability Test $Id: deb16521.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1652-1 ruby1.9 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
SA-2008-056 - Simplenews - Cross site scripting
Simplenews publishes and sends newsletters to lists of subscribers. Newsletter categories are not always properly escaped. This allows users with the "administer taxonomy" permission to add arbitrary HTML and script code to the site. Wikipedia has more information about such cross site scripting...
TYPO3 Security Bulletin
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 3.3.0 and all versions below Vulnerability Type: Cross-Site...
Airkiosk/formlib application is XSS vuln
In the last week I've found a XSS vuln into the Sutra's Airkiosk application for the realtime distribution of flights/booking and check-in interface www.airkiosk.com. The XSS is possible because they are using a VULN/OLD formlib.pl in their application that permits to execute any JavaScript you...
sqlledger.txt
Hi all; I have received many requests from security professions responsible for the security of Linux distros to move the full disclosure ahead. Now that I am reasonably sure that the full scope of the problem is known and fixed in the fix that Chris Murtagh and myself put together, it has been...
fortinetBackdoor.txt
If you have console access to this box, you are able to get root access or more by using the Username: maintainer Password: pbcpbnhere should you type the serialnr. of the box, the characters should be in Capital letters. FortiOS: 2.x Regards Johan Andersson Atea Security, Sweden Phone: +46-709-1...
Fortinet Fortigate firewall backdoor account
maintainer/pbcpbnserial number account has local root access to device...
Backdoor in Fortinet's firewall Fortigate
If you have console access to this box, you are able to get root access or more by using the Username: maintainer Password: pbcpbnhere should you type the serialnr. of the box, the characters should be in Capital letters. FortiOS: 2.x Regards Johan Andersson Atea Security, Sweden Phone: +46-709-1...
man-db 2.4.1 open_cat_stream() Local uid=man Exploit
Exploit for linux platform in category local exploits ==================================================== man-db 2.4.1 opencatstream Local uid=man Exploit ==================================================== !/bin/bash xmandb.sh: shell command file. man-dbv2.4.1-: local uid=man exploit. by:...
[SECURITY] [DSA 150-1] New interchange packages fix illegal file exposition
-------------------------------------------------------------------------- Debian Security Advisory DSA 150-1 [email protected] http://www.debian.org/security/ Martin Schulze August 13th, 2002 - -------------------------------------------------------------------------- Package : interchange...