1196 matches found
Ubuntu: Security Advisory (USN-1042-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-1042-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1042-2: PHP5 regression
USN-1042-1 fixed vulnerabilities in PHP5. The fix for CVE-2010-3436 introduced a regression in the openbasedir restriction handling code. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that attackers might be able to bypass...
Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : php5 vulnerabilities (USN-1042-1)
It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting XSS protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. CVE-2009-5016 It was discovered that the XML UTF-8 decoding code did not...
USN-1042-1: PHP vulnerabilities
It was discovered that an integer overflow in the XML UTF-8 decoding code could allow an attacker to bypass cross-site scripting XSS protections. This issue only affected Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10. CVE-2009-5016 It was discovered that the XML UTF-8 decoding code did not...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 7221)
The following issues have been fixed : - Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site scripting XSS attacks. CVE-2010-3870 - php5 could also consume large amounts of memory and crash if a long mail address was passed to...
SuSE 11 / 11.1 Security Update : PHP5 (SAT Patch Numbers 3489 / 3490)
The following issues have been fixed : - Insufficient handling of certain character sequences in the utf8decode function could be leveraged to conduct cross-site scripting XSS attacks. CVE-2010-3870 - php5 could also consume large amounts of memory and crash if a long mail address was passed to...
openSUSE Security Update : php5-pear-mail (openSUSE-SU-2010:0909-1)
Passing specially crafted $from and $recepient arguments to php5-pear-mail's sendmail.php allowed attackers to inject shell code CVE-2009-4023, CVE-2009-4111. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
DBHcms 1.1.4 SQL Injection Vulnerability
Exploit for php platform in category web applications ======================================== DBHcms 1.1.4 SQL Injection Vulnerability ======================================== Exploit Title: DBHcms 1.1.4 SQL Injection Vulnerability Date: 24-10-2010 Author: ZonTa Mail: zontahackersatgmaildotcom I...
DBHcms 1.1.4 SQL Injection
DBHcms 1.1.4 SQL Injection Vulnerability Exploit Title: DBHcms 1.1.4 SQL Injection Vulnerability Date: 24-10-2010 Author: ZonTa Mail: zontahackersatgmaildotcom IM : zontahackersatlivedotcom Software Link: http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html Version: 1.1.4 Tested on:...
DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection
DBHcms 1.1.4 SQL Injection Vulnerability Exploit Title: DBHcms 1.1.4 SQL Injection Vulnerability Date: 24-10-2010 Author: ZonTa Mail: zontahackersatgmaildotcom IM : zontahackersatlivedotcom Software Link: http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html Version: 1.1.4 Tested on:...
OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability
Exploit for php platform in category web applications ==================================================== OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability ==================================================== Exploit Title: OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability Date: 11-10-2010...
OrangeHRM 2.6.0.1 - Local File Inclusion
Exploit Title: OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability Date: 11-10-2010 Author: ZonTa - LkHackerZ - Mail: zontahackersatgmaildotcom Software Link: http://www.orangehrm.com/product-download.php?type=stable-zip...
OrangeHRM 2.6.0.1 - Local File Inclusion
OrangeHRM 2.6.0.1 - Local File Inclusion Exploit Title: OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability Date: 11-10-2010 Author: ZonTa - LkHackerZ - Mail: zontahackersatgmaildotcom Software Link: http://www.orangehrm.com/product-download.php?type=stable-zip...
OrangeHRM 2.6.0.1 Local File Inclusion
Exploit Title: OrangeHRM 2.6.0.1 Local File Inclusion Vulnerability Date: 11-10-2010 Author: ZonTa Mail: zontahackersatgmaildotcom Software Link: http://www.orangehrm.com/product-download.php?type=stable-zip http://sourceforge.net/projects/orangehrm/files/stable/2.6/orangehrm-2.6.0.1.zip/download...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6847)
This update of PHP5 fixes : - CVE-2008-5625: CVSS v2 Base Score: 7.5 HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P: Permissions, Privileges, and Access Control CWE-264 CVE-2008-5814: CVSS v2 Base Score: 2.6 LOW AV:N/AC:H/Au:N/C:N/I:P/A:N: Cross-Site Scripting XSS CWE-79 CVE-2009-2626: CVSS v2 Base Score: 6.4...
SuSE 10 Security Update : PHP5 (ZYPP Patch Number 6536)
Multiple issues have been fixed in php5 : - phpopensslapplyverificationpolicy fails to verify certificate. CVE-2009-3291 - 'missing sainity checks around exif'. CVE-2009-3292 - unspecified vulnerability in the imagecolortransparent. CVE-2009-3293 - denial of service in exif module CVE-2009-2687...
[USN-989-1] PHP vulnerabilities
=========================================================== Ubuntu Security Notice USN-989-1 September 20, 2010 php5 vulnerabilities CVE-2010-0397, CVE-2010-1128, CVE-2010-1129, CVE-2010-1130, CVE-2010-1866, CVE-2010-1868, CVE-2010-1917, CVE-2010-2094, CVE-2010-2225, CVE-2010-2531, CVE-2010-2950,...
OvBB 0.16a Local File Inclusion
OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by cOndemned Tested on Linux Debian apache + php5 + mysql download at http://sourceforge.net/projects/ovbb/ source of /skins/default/addevent.tpl.php 1. ?php 2. // Header. 3. $strPageTitle = " :: Calendar :. New$strType Event"; 4...
OvBB v0.16a Multiple Local File Inclusion Vulnerabilities
Exploit for php platform in category web applications ========================================================= OvBB v0.16a Multiple Local File Inclusion Vulnerabilities ========================================================= OvBB v0.16a Multiple Local File Inclusion Vulnerabilities Found by...