7221 matches found
Mantis Bug Tracker 1.2.17 PHP Code Injection
----------------------------------------------------------------------------- Mantis Bug Tracker $newId 108. $bugData = bugget $newId, true ; 109. 110. $bugLinkRegexp = '/^|^\w' . pregquote $this-source-issuelink, '/' . '\d+\b/e'; 111. $replacement = '"\1" . $this-getReplacementString "\2", "\3"...
CVE-2014-1905
Unrestricted file upload vulnerability in ls/vwsnapshots.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, and then accessing the file via a direct request to a...
Code injection
Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the siteurl parameter...
Woven dreams somewhere a design flaw resulting in a background address leak-vulnerability warning-the black bar safety net
Brief description: Somewhere a design flaw, the program for some of the things the filter is not strict, resulting in a background address the leakage, the test only had 5. 7 in. Visual other version of the same problem. Detailed description: ! QQ screenshot 2 0 1 4 0 9 1 8 2 1 4 4 2 6. png DEDEC...
Fedora 20 : mantis-1.2.17-4.fc20 (2014-15108)
fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 21 : mantis-1.2.17-4.fc21 (2014-15142)
fix CVE-2014-7146, CVE-2014-8598 1162046 fix CVE-2014-8554 1159295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
ThinkOX full version through the kill 0day-vulnerability warning-the black bar safety net
Affected versions: ThinkOX the full version of the pass to killonethink and thinkphp framework may be affected, particularly too lazy to do it, who are interested in your own analysis. Vulnerability description: Through a dynamic caching mechanism, the input illegal content. Malicious execution o...
CVE-2014-9280
The currentusergetbugfilter function in core/currentuserapi.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter...
CVE-2014-9280
The currentusergetbugfilter function in core/currentuserapi.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter...
Null pointer dereference
The currentusergetbugfilter function in core/currentuserapi.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter...
Code injection
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP createfunction...
CVE-2014-8877
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP createfunction...
CVE-2014-8877
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin before 2.0.4 for WordPress allows remote attackers to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by the PHP createfunction...
SQL Buddy 1.3.3 - Remote Code Execution
Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...
MantisBT <= 1.2.17 Multiple Vulnerabilities
MantisBT is prone to multiple vulnerabilities. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
WSS最新版某处SQL注入直接获取数据二(两处)
简要描述: WSS最新版某处SQL注入直接获取数据二(两处) 详细说明: WSS最新版1.3.2 文件defaultuser.php ?php $urlproject = $SERVER"QUERYSTRING" ; $currenturl = currentexplode"&sort",$urlproject; $currentPage = $SERVER"PHPSELF"; $maxRowsRecordset1 = getitem 'maxrowsuser' ; $pageNumRecordset1 = 0; if isset$GET'pageNumRecordset1'...
Mandriva Linux Security Advisory : php-smarty (MDVSA-2014:221)
An XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass the secure mode...
Updated php-smarty packages fix security vulnerabilities
Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass t...
Updated php-smarty packages fix security vulnerability
Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template CVE-2014-8350...
MGASA-2014-0468 Updated php-smarty packages fix security vulnerabilities
Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass t...