Mandriva Update for openldap MDVSA-2008:058 (openldap)

Check for the Version of openldap OpenVAS Vulnerability Test Mandriva Update for openldap MDVSA-2008:058 openldap Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CVE-2007-6723

TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration...

Femitter FTP Server 1.x Multiple Vulnerabilities (post auth)

No description provided by source. / Femitter Server FTP 1.x Multiple Vulnerability ---------------------------------------------------- Arbitrary: ---------- The vulnerability is caused due to an input validation error when processing FTP requests. This can be exploited to read, modify, or delet...

Ubuntu: Security Advisory (USN-493-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TinX CMS 'rss.php' SQL Injection Vulnerability

TinX CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

Design/Logic Flaw

GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus 1 modify and 2 delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and atconsole...

CVE-2009-0578

GNOME NetworkManager before 0.7.0.99 does not properly verify privileges for dbus 1 modify and 2 delete requests, which allows local users to change or remove the network connections of arbitrary users via unspecified vectors related to org.freedesktop.NetworkManagerUserSettings and atconsole...

Design/Logic Flaw

The Proxim Wireless Tsunami MP.11 2411 with firmware 3.0.3 has public as its default SNMP read/write community, which makes it easier for remote attackers to obtain sensitive information or modify SNMP variables...

AutositePHP 2.0.3 (LFI/CSRF/Edit File) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ====================================================================== AutositePHP 2.0.3 LFI/CSRF/Edit File Multiple Remote Vulnerabilities ====================================================================== + AutositePHP v2.0.3...

ASP-DEV XM Events Diary - 'cat' SQL Injection

source: https://www.securityfocus.com/bid/32809/info ASP-DEV XM Events Diary is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access...

Ocean12 (Multiple Products) - 'Admin_ID' SQL Injection

source: https://www.securityfocus.com/bid/32527/info Multiple Ocean12 products are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit...

SpitFire Photo Pro - pages.php SQL Injection

SpitFire Photo Pro - pages.php SQL Injection source: https://www.securityfocus.com/bid/32012/info SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...

Webscene eCommerce - 'productlist.php' SQL Injection

source: https://www.securityfocus.com/bid/31755/info Webscene eCommerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

ASP Indir Iltaweb Alisveris Sistemi - 'xurunler.asp' SQL Injection

source: https://www.securityfocus.com/bid/31740/info ASP Indir Iltaweb Alisveris Sistemi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or...

Gentoo Security Advisory GLSA 200507-12 (bugzilla)

The remote host is missing updates announced in advisory GLSA 200507-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

FipsCMS 2.1 - 'neu.asp' SQL Injection

source: https://www.securityfocus.com/bid/30712/info fipsCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data,...

Willoughby TriO 2.1 - SQL Injection

Willoughby TriO 2.1 - SQL Injection source: https://www.securityfocus.com/bid/30384/info Willoughby TriO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

CVE-2008-2771

The Node Hierarchy module 5.x before 5.x-1.1 and 6.x before 6.x-1.0 for Drupal does not properly implement access checks, which allows remote attackers with "access content" permissions to bypass restrictions and modify the node hierarchy via unspecified attack vectors...

JustPORTAL 1.0 - 'site' Multiple SQL Injections

source: https://www.securityfocus.com/bid/29426/info JustPORTAL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...

WordPress Plugin Upload File - wp-uploadfile.php SQL Injection

WordPress Plugin Upload File - wp-uploadfile.php SQL Injection source: https://www.securityfocus.com/bid/29352/info The Upload File plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...