EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities

Document Title: =============== EmbryoCore CMS v1.03 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=503 Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID: ==================================== 503...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 5958)

This update of PHP5 fixes multiple security flaws : - missing checks of return values could allow remote attackers to cause a denial of service NULL pointer dereference. CVE-2011-4153 - specially crafted XSLT stylesheets could allow remote attackers to create arbitrary files with arbitrary conten...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 8009)

This update of php5 fixes multiple security flaws : - missing checks of return values could allow remote attackers to cause a denial of service NULL pointer dereference. CVE-2011-4153 - denial of service via hash collisions. CVE-2011-4885 - specially crafted XSLT stylesheets could allow remote...

Debian: Security Advisory (DSA-2408-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

webgrind 1.0 Local File Inclusion

webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5. Desc: webgrind suffers from a file...

webgrind 1.0 - file Local File Inclusion

webgrind 1.0 - file Local File Inclusion webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in...

webgrind 1.0 (file param) Local File Inclusion Vulnerability

Exploit for php platform in category web applications webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling we...

webgrind 1.0 (file param) Local File Inclusion Vulnerability

Summary Webgrind is an Xdebug profiling web frontend in PHP5. Description webgrind suffers from a file inclusion vulnerability LFI when input passed thru the 'file' parameter to index.php is not properly verified before being used to include files. This can be exploited to include files from loca...

Ubuntu Update for php5 USN-1358-2

Ubuntu Update for Linux kernel vulnerabilities USN-1358-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN13582.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for php5 USN-1358-2 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Webgrind 1.0 Cross Site Scripting

webgrind 1.0 dataFile Remote Reflected XSS Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 Summary: Webgrind is an Xdebug profiling web frontend in PHP5. Desc: webgrind suffers from a XSS vulnerability when parsing...

webgrind 1.0 (dataFile) Remote Reflected XSS Vulnerability

Summary Webgrind is an Xdebug profiling web frontend in PHP5. Description webgrind suffers from a XSS vulnerability when parsing user input to the 'dataFile' parameter via GET method in the index.php script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : php5 regression (USN-1358-2)

USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magicquotesgpc setting was not correctly reflected when calling the iniget function. We apologize for the inconvenience. It was discovered that PHP computed hash values for...

Debian DSA-2408-1 : php5 - several vulnerabilities

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2011-1072 It was discovered that insecure handling of temporary files in the PEAR installer could lead to denial of service. -...

[SECURITY] [DSA 2408-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2408-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 13, 2012 http://www.debian.org/security/faq -...

Ubuntu Update for php5 USN-1358-1

Ubuntu Update for Linux kernel vulnerabilities USN-1358-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN13581.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for php5 USN-1358-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

DSA-2408-1 php5 - several

Bulletin has no description...

Debian Security Advisory DSA 2399-1 (php5)

The remote host is missing an update to php5 announced via advisory DSA 2399-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Debian: Security Advisory (DSA-2399-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2403-1 (php5)

The remote host is missing an update to php5 announced via advisory DSA 2403-1. OpenVAS Vulnerability Test $Id: deb24031.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2403-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2403-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...