Cross site scripting

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The CVE-2012-0216 entry concerns the Debian Apache2 package: when using mod_php or mod_rivet, the default config exposes example scripts under doc/ that can enable local XSS, privilege escalation, or information disclosure via localhost HTTP requests. Affected releases include Debian Squeeze (&lt...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

Debian DSA-2452-1 : apache2 - insecure default configuration

Niels Heinen noticed a security issue with the default Apache configuration on Debian if certain scripting modules like modphp or modrivet are installed. The problem arises because the directory /usr/share/doc, which is mapped to the URL /doc, may contain example scripts that can be executed by...

[SECURITY] [DSA 2452-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2452-1 [email protected] http://www.debian.org/security/ Stefan Fritsch April 15, 2012 http://www.debian.org/security/faq -...

DSA-2452-1 apache2 - insecure default configuration

Bulletin has no description...

Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: MyBB Password Reset Weak Random Numbers Vulnerability Release Date: 2010/04/13 Last Modified: 2010/04/13 Author: Stefan Esser stefan.esseratsektioneins.de Application: MyBB = 1.4.11 Severity: Usage of weak random number...

SLES9: Security update for PHP4

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: php4-servlet php4-mysql php4-fastcgi php4-exif apache2-modphp4 modphp4-servlet apache-modphp4 modphp4-core php4 php4-session php4-imap php4-devel php4-sysvsh...

Fedora Update for php FEDORA-2007-287

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2007-287 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

Fedora Update for php FEDORA-2007-455

Check for the Version of php OpenVAS Vulnerability Test Fedora Update for php FEDORA-2007-455 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of th...

Mandrake Security Advisory MDVSA-2009:045 (php)

The remote host is missing an update to php announced via advisory MDVSA-2009:045. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-on...

Gentoo Security Advisory GLSA 200509-19 (PHP)

The remote host is missing updates announced in advisory GLSA 200509-19. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200407-13 (PHP)

The remote host is missing updates announced in advisory GLSA 200407-13. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200504-15 (PHP)

The remote host is missing updates announced in advisory GLSA 200504-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php -- readfile() DoS vulnerability

The remote host is missing an update to the system as announced in the referenced advisory. VID 07f3fe15-a9de-11d9-a788-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

php -- multiple vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. VID 7fcf1727-be71-11db-b2ec-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

php -- php_variables memory disclosure

The remote host is missing an update to the system as announced in the referenced advisory. VID ad74a1bd-16d2-11d9-bc4a-000c41e2cdad OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

PHP -- multiple vulnerabilities

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...