[SECURITY] [DSA 2611-1] movabletype-opensource security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2611-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez January 22, 2013 http://www.debian.org/security/faq -...

Debian DSA-2611-1 : movabletype-opensource - several vulnerabilities

An input sanitation problem has been found in upgrade functions of movabletype-opensource, a web-based publishing platform. Using carefully crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS command and SQL queries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[SECURITY] [DSA 2611-1] movabletype-opensource security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2611-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez January 22, 2013 http://www.debian.org/security/faq -...

DSA-2611-1 movabletype-opensource - several

Bulletin has no description...

Debian Security Advisory DSA 2611-1 (movabletype-opensource - several vulnerabilities)

An input sanitation problem has been found in upgrade functions of movabletype-opensource, a web-based publishing platform. Using carefully crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS command and SQL queries. OpenVAS Vulnerability Test $Id: deb2611.nasl 6611...

Debian: Security Advisory (DSA-2611-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SQLSentinel] OpenSource tool for sql injection security testing

SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. SQLSentinel includes a spider web and sql errors finder. You give in input a site and SQLSentinel crawls and try to exploit parameters validation error for you. When job is finished, it can...

Fedora Update for plib FEDORA-2012-17482

Check for the Version of plib OpenVAS Vulnerability Test Fedora Update for plib FEDORA-2012-17482 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[SECURITY] Fedora 17 Update: plib-1.8.5-8.fc17

This is a set of OpenSource LGPL libraries that will permit programmers to write games and other realtime interactive applications that are 100% portable across a wide range of hardware and operating systems. Here is what you need - it's all free and available with LGPL'ed source code on the web...

TestLink 1.9.3 Cross Site Request Forgery Vulnerability

Exploit for php platform in category web applications Product: TestLink Vendor: teamst.org Vulnerable Versions: 1.9.3 and probably prior Tested Version: 1.9.3 Vendor Notification: April 18, 2012 Public Disclosure: September 5, 2012 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE...

Clipbucket 2.5 Blind SQL Injection

Author: loneferret of Offensive Security Product: ClipBucket Version: 2.5 and maybe older versions Vendor Site: http://clip-bucket.com/ Software Download: http://sourceforge.net/projects/clipbucket/ Software description: ClipBucket is an OpenSource Multimedia Management Script Provided Free to th...

Clipbucket 2.5 Directory Traversal

Author: loneferret of Offensive Security Product: ClipBucket Version: 2.5 and maybe older versions Vendor Site: http://clip-bucket.com/ Software Download: http://sourceforge.net/projects/clipbucket/ Software description: ClipBucket is an OpenSource Multimedia Management Script Provided Free to th...

Clipbucket 2.5 - Blind SQL Injection

Clipbucket 2.5 - Blind SQL Injection Author: loneferret of Offensive Security Product: ClipBucket Version: 2.5 and maybe older versions Vendor Site: http://clip-bucket.com/ Software Download: http://sourceforge.net/projects/clipbucket/ Software description: ClipBucket is an OpenSource Multimedia...

MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities

Advisory: MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities Advisory ID: SSCHADV2012-017 Author: Stefan Schurtz Affected Software: Successfully tested on MGB OpenSource Guestbook 0.6.9.1 Vendor URL: http://www.m-gb.org Vendor Status: fixed ========================== Vulnerability...

MGB OpenSource Guestbook 0.6.9.1 Cross Site Scripting / SQL Injection

Exploit for php platform in category web applications Advisory: MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities Author: Stefan Schurtz Affected Software: Successfully tested on MGB OpenSource Guestbook 0.6.9.1 Vendor URL: http://www.m-gb.org Vendor Status: fixed...

MGB OpenSource Guestbook 0.6.9.1 Cross Site Scripting / SQL Injection

Advisory: MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities Advisory ID: SSCHADV2012-017 Author: Stefan Schurtz Affected Software: Successfully tested on MGB OpenSource Guestbook 0.6.9.1 Vendor URL: http://www.m-gb.org Vendor Status: fixed ========================== Vulnerability...

Schoolhos - Multiple Vulnerability

Exploit for php platform in category web applications 1=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1...

Fedora Update for plib FEDORA-2012-0100

Check for the Version of plib OpenVAS Vulnerability Test Fedora Update for plib FEDORA-2012-0100 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Debian: Security Advisory (DSA-2423-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2423-1 : movabletype-opensource - several vulnerabilities

Several vulnerabilities were discovered in Movable Type, a blogging system : Under certain circumstances, a user who has 'Create Entries' or'Manage Blog' permissions may be able to read known files on the local file system. The file management system contains shell command injection...