492 matches found
CVE-2011-0701
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read 1 draft posts or 2 private posts via a modified attachmentid parameter...
Code injection
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read 1 draft posts or 2 private posts via a modified attachmentid parameter...
CVE-2011-0701
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read 1 draft posts or 2 private posts via a modified attachmentid parameter...
DEBIAN-CVE-2011-0701
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read 1 draft posts or 2 private posts via a modified attachmentid parameter...
CVE-2011-0701
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read 1 draft posts or 2 private posts via a modified attachmentid parameter...
WordPress <= 3.0.4 - Multiple Security Vulnerabilities
Because of these vulnerabilities, remote authenticated users can read draft posts or private posts via a modified "attachmentid" parameter. Solution Update WordPress...
Debian DSA-899-1 : egroupware - programming errors
Several vulnerabilities have been discovered in egroupware, a web-based groupware suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-0870 Maksymilian Arciemowicz discovered several cross site scripting problems in phpsysinfo, which are also...
GLSA-200508-20 : phpGroupWare: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200508-20 phpGroupWare: Multiple vulnerabilities phpGroupWare improperly validates the 'mid' parameter retrieved via a forum post. The current version of phpGroupWare also adds several safeguards to prevent XSS issues, and disable...
phpGroupWare: Multiple vulnerabilities
Background phpGroupWare is a multi-user groupware suite written in PHP. Description phpGroupWare improperly validates the "mid" parameter retrieved via a forum post. The current version of phpGroupWare also adds several safeguards to prevent XSS issues, and disables the use of a potentially...
CVE-2005-2600
FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter...
CVE-2005-2600
CVE-2005-2600 is described in connected sources as a vulnerability in the tree view of FUD Forum Bulletin Board Software (also present in phpgroupware/egroupware imports) that allows remote attackers to read private posts by modifying the mid parameter. The OpenVAS entries reference this CVE with...
CVE-2005-2600
FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter...