6335 matches found
Gentoo Security Advisory GLSA 200311-01 (kdebase)
The remote host is missing updates announced in advisory GLSA 200311-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200509-05 (net-snmp)
The remote host is missing updates announced in advisory GLSA 200509-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2008-4155
Multiple directory traversal vulnerabilities in EasySite 2.3 allow remote attackers to read arbitrary files or list directories via a .. dot dot in the 1 module or 2 action parameter in a www/index.php; the 3 module, 4 ssmodule, or 5 ssaction parameter in b modules/Module/index.php or c...
Kasseler CMS 1.1.0/1.2.0 Lite Remote SQL Injection Vulnerabilities
No description provided by source. Kasseler CMS 1.1.0, 1.2.0 Lite SQL Injection Author: !DoktOR! Date found: 13.09.08 Product: Kasseler CMS Version: 1.1.0, 1.2.4 URL: www.kasseler-cms.net Vulnerability Class: SQL Injection...
drupal-xss.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Date: Sept 12, 2008 Security risk: medium Exploitable from: Remote Vulnerability: Cross site scripting Description Drupal is a robust content management system CMS that provides extensibility through hundreds of third party modules. While the security...
K-Rate (SQL/XSS) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ================================================ K-Rate SQL/XSS Multiple Remote Vulnerabilities ================================================ ================================================================================ || K-Rate...
Directory traversal
Multiple directory traversal vulnerabilities in Freeway 1.4.1.171, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 includes/eventsapplicationtop.php; 2 english/account.php, 3 french/account.php, a...
CVE-2008-3575
PHP remote file inclusion vulnerability in modules/calendar/minicalendar.php in ezContents CMS allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSgsLanguage parameter, a different vector than CVE-2006-4477 and CVE-2004-0132...
Design/Logic Flaw
Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown impact and attack vectors, related to modules/admin.php and "a few files."...
/etc/pam.d/su is wrong in RHEL-4.6
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a 1 locked or 2 expired account by entering the account name on the command line, related to improper use of the pamsucceedif.so module...
boonexdolphin-rfi.txt
Name Of Script : Dolphin PHP Version : 6.1.2 Download From : http://heanet.dl.sourceforge.net/sourceforge/boonex-dolphin/Dolphin-v.6.1.2-Free.zip Found By : RoMaNcYxHaCkEr RoMaNTiC-TeaM My Home Page : WwW.4RxH.CoM We Will Be Back Soon & Tryag.cc/cc Member From Tryag Forum Type Of Exploit : RFI In...
Boonex Dolphin 6.1.2 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications =================================================================== Boonex Dolphin 6.1.2 Multiple Remote File Inclusion Vulnerabilities =================================================================== Name Of Script : Dolphin PHP Versio...
Boonex Dolphin 6.1.2 - Multiple Remote File Inclusions
Boonex Dolphin 6.1.2 - Multiple Remote File Inclusions Name Of Script : Dolphin PHP Version : 6.1.2 Download From : http://heanet.dl.sourceforge.net/sourceforge/boonex-dolphin/Dolphin-v.6.1.2-Free.zip Found By : RoMaNcYxHaCkEr RoMaNTiC-TeaM My Home Page : WwW.4RxH.CoM We Will Be Back Soon &...
Improper access control
The Aggregation module 5.x before 5.x-4.4 for Drupal, when node access modules are used, does not properly implement access control, which allows remote attackers to bypass intended restrictions...
tomcat directory traversal
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 "/" slash, 2 "" backslash, and...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Orlando CMS 0.6 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALSpreloc parameter to 1 modules/core/logger/init.php and 2 AJAX/newscat.php...
Important: Red Hat Security Advisory: sblim security update
Updated sblim packages that resolve a security issue are now available for Red Hat Enterprise Linux 4 and Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SBLIM stands for Standards-Based Linux Instrumentation for...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.101 allow remote attackers to inject arbitrary web script or HTML via the 1 propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, 2...
CVE-2008-2708
Unspecified vulnerability in the Sun 1 UltraSPARC T2 and 2 UltraSPARC T2+ kernel modules in Sun Solaris 10, and OpenSolaris before snv93, allows local users to cause a denial of service panic via unspecified vectors, probably related to core files...
CVE-2008-2708
CVE-2008-2708 affects Sun Solaris 10 and OpenSolaris (pre-sn v_93) on UltraSPARC T2 and UltraSPARC T2+ kernel modules. The vulnerability is an unspecified local issue that can cause a denial of service (panic) via unspecified vectors, likely related to core files. Connected documents confirm the ...