ACVSWS Transport.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23603/info acvswsphp5 is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

webgrind 1.0 (file param) Local File Inclusion Vulnerability

No description provided by source. webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5...

Ubuntu: Security Advisory (USN-2254-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EnterpriseGS <= 1.0 rc4 Remote Commands Execution Exploit

No description provided by source. ?php ---egs10rc4php5inclxpl.php 17.57 13/02/2006 EGS Enterprise Groupware System =1.0 rc4 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5 usage: launch from Apache, fill in requested fields, then go!...

joomla component ozio gallery 2 - Multiple Vulnerabilities

No description provided by source. !-- Exploit Title: Joomla Component Ozio Gallery 2 Multiple Vulnerabilities Date: 28 May 2010 Author: jdc Software Link: http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883 Version: 2.4 Tested on: PHP5, MySQL5 -- h2Ozio Gallery 2/h2...

BPStudent 1.0 - Blind SQL Injection

No description provided by source. x========================================================================================================================================x | AntiSecuritydotorg |...

Lunar CMS 3.3 - CSRF And Stored XSS Vulnerability

No description provided by source. ?!-- Lunar CMS 3.3 CSRF And Stored XSS Vulnerability Vendor: Lunar CMS Product web page: http://www.lunarcms.com Affected version: 3.3 Summary: Lunar CMS is a freely distributable open sourcecontent management system written for use on servers running the ever s...

Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit

No description provided by source. ?!/usr/bin/env python Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit Vendor: Lunar CMS Product web page: http://www.lunarcms.com Affected version: 3.3 Summary: Lunar CMS is a freely distributable open source content management system written for...

Ubuntu: Security Advisory (USN-2254-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

php5 security update

Package : php5 Version : 5.3.3-7+squeeze20 CVE ID : CVE-2014-4049 It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle...

php5 security update

Package : php5 Version : 5.3.3-7+squeeze20 CVE ID : CVE-2014-4049 It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle...

DLA-0010-1 php5 - security update

Bulletin has no description...

Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit

Exploit for php platform in category web applications !/usr/bin/env python Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit Vendor: Lunar CMS Product web page: http://www.lunarcms.com Affected version: 3.3 Summary: Lunar CMS is a freely distributable open source content management...

openSUSE Security Update : php5 (openSUSE-SU-2014:0841-1)

php5 was updated to prevent insecure DNS TXT record parsing. This security issue was fixed : - Heap-based buffer overflow in DNS TXT record parsing CVE-2014-4049 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...

USN-2254-2 php5 updates

USN-2254-1 fixed vulnerabilities in PHP. The fix for CVE-2014-0185 further restricted the permissions on the PHP FastCGI Process Manager FPM UNIX socket. This update grants socket access to the www-data user and group so installations and documentation relying on the previous socket permissions...

Lunar CMS 3.3 - Remote Command Execution

!/usr/bin/env python Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit Vendor: Lunar CMS Product web page: http://www.lunarcms.com Affected version: 3.3 Summary: Lunar CMS is a freely distributable open source content management system written for use on servers running the ever so...

Lunar CMS 3.3 - CSRF And Stored XSS Vulnerability

Exploit for php platform in category web applications CSRF Add Admin =============== inpu...

USN-2254-1: PHP vulnerabilities

Christian Hoffmann discovered that the PHP FastCGI Process Manager FPM set incorrect permissions on the UNIX socket. A local attacker could use this issue to possibly elevate their privileges. This issue only affected Ubuntu 12.04 LTS, Ubuntu 13.10, and Ubuntu 14.04 LTS. CVE-2014-0185 Francisco...

Lunar CMS 3.3 CSRF / Cross Site Scripting

CSRF Add Admin =============== input type="hidden" name="email" v...

Lunar CMS 3.3 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

CSRF Add Admin =============== input type="hid...