Fedora Update for rubygem-activerecord FEDORA-2013-0568

Check for the Version of rubygem-activerecord OpenVAS Vulnerability Test Fedora Update for rubygem-activerecord FEDORA-2013-0568 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Fedora Update for rubygem-activerecord FEDORA-2013-0185

Check for the Version of rubygem-activerecord OpenVAS Vulnerability Test Fedora Update for rubygem-activerecord FEDORA-2013-0185 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[SECURITY] Fedora 17 Update: rubygem-activerecord-3.0.11-4.fc17

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

[SECURITY] Fedora 16 Update: rubygem-activerecord-3.0.10-4.fc16

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

Fedora Update for rubygem-activerecord FEDORA-2013-0245

Check for the Version of rubygem-activerecord OpenVAS Vulnerability Test Fedora Update for rubygem-activerecord FEDORA-2013-0245 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Finecms1. 7 3 The code of audit summary of the defect packaged and fixed-vulnerability warning-the black bar safety net

FineCMS is a paragraph based on PHP+MySql development of content management system, using the MVC design pattern to implement business logic with the presentation layer of the appropriate separation, so that web designers can easily design the ideal template, plug-in development features...

SQL Injection framework: Seringa

Seringa – SQL Injection framework Seringa Romanian for seringe is an SQL injection framework featuring high customizability and a user-friendly interface. It is completely open source. Uses the .NET 4.0 framework and Windows Presentation FoundationWPF for the GUI. With regard to design it utilize...

CVE-2011-1096

CVE-2011-1096 affects the W3C XML Encryption usage in the JBoss Web Services CXF stack (jbossws-cxf) within JBoss Enterprise Portal Platform before 5.2.2 and other products. The root cause is CBC-mode block ciphers enabling a chosen-ciphertext attack on SOAP responses, allowing an attacker to rec...

CVE-2012-4950

Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...

Code injection

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...

CVE-2012-4935

Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...

CVE-2012-4937

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...

CVE-2012-4938

Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...

Session fixation

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...

CVE-2012-4936

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...

CVE-2012-4936

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...

CVE-2012-4950

CVE-2012-4950 is a reflected cross-site scripting vulnerability in the Keyword Search page of the Pattern Insight 2.3 web interface. The issue arises because certain characters in error-message construction are not properly escaped, allowing a remote attacker to inject arbitrary script/HTML via a...

CVE-2012-4936

CVE-2012-4936 concerns Pattern Insight 2.3, whose web interface is vulnerable to clickjacking via a FRAME element. The CVE description from NVD states that remote attackers can conduct clickjacking against the Pattern Insight web interface, with the effect of framing the application and potential...

CVE-2012-4937

CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...