MGASA-2022-0056 Updated php-adodb packages fix security vulnerability

Security hotfix release addressing a critical vulnerability in PostgreSQL connections CVE-2021-3850 Additional fixes: Fix usage of getmagic functions 619 657 Fix PHP warning in rs2rs function 679 pdo: Fix Fatal error in query 666 pdo: Fix undefined variable 678 pgsql: Fix Fatal error in close...

openSUSE Security Update : roundcubemail (openSUSE-2020-1516)

This update for roundcubemail fixes the following issues : roundcubemail was upgraded to 1.3.15 This is a security update to the LTS version 1.3. boo1175135 - Security: Fix cross-site scripting XSS via HTML messages with malicious svg content CVE-2020-16145 - Security: Fix cross-site scripting XS...

Fedora 31 : roundcubemail (2020-2a1a6a8432)

RELEASE 1.4.6 - Installer: Fix regression in SMTP test section 7417 ---- RELEASE 1.4.5 - Fix bug in extracting required plugins from composer.json that led to spurious error in log 7364 - Fix so the database setup description is compatible with MySQL 8 7340 - Markasjunk: Fix regression in jsevent...

Mail.ru: [allods.my.com] Full Path Disclosure

Возникает из-за передачи переменной username как массива. allods.my.com/forum/wcf/acp/index.php?form=Login POST packageID=1&password=1&s=1&url=&username=1 error message: PHP warning in file /opt/WWWRoot/allods.com/wwwroot/forum/wcf/lib/util/StringUtil.class.php 118: trim expects parameter 1 to be...

Fedora 22 : roundcubemail-1.1.2-1.fc22 (2015-11405)

Release 1.1.2 - Add new plugin hook 'identitycreateafter' providing the ID of the inserted identity 1490358 - Add option to place signature at bottom of the quoted text even in top-posting mode sigbelow - Fix handling of %-encoded entities in mailto: URLs 1490346 - Fix zipped messages downloads...

Twister Peer-To-Peer Microblogging Information Disclosure

======================================================================== TWISTER Peer-To-Peer microblogging Multiples Application Error Message and disclosing sensitive information ======================================================================== TIME-LINE VULNERABILITY Multiples Advisorie...

local file access in `Client:send` via manipulation of `$protocol` argument

security fix: hardened the Client::send method against misuse of the $method argument issue 81. Abusing its value, it was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url the one used in the Client constructor. This weakne...

Woltlab Burning Board 3.1.5 - Full Path Disclosure [2nd Party]

Document Title: =============== Woltlab Burning Board 3.1.5 - Full Path Disclosure 2nd Party References Source: ==================== http://www.exploit-db.com/exploits/17413/ Release Date: ============= 2011-06-18 Vulnerability Laboratory ID VL-ID: ==================================== 205 Product...

phpcms injection March New Year 0day-vulnerability warning-the black bar safety net

Affected versions: 2007SP5 SP6 Vulnerability file:/formguide/include/tag.func.php Author: backerhack small cockroaches Sources of information: the zero Client Network Security www.0kee.com I wish the National female compatriots happy holidays, concerned about the health of women... “she is good, ...