26 matches found
EUVD-2011-0024
Malware in sbrugna...
GHSA-69VW-JFQ7-935G PyWebDAV SQL Injection vulnerability
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
PyWebDAV SQL Injection vulnerability
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
Fedora Update for pywebdav FEDORA-2011-2460
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for pywebdav FEDORA-2011-2460
Check for the Version of pywebdav OpenVAS Vulnerability Test Fedora Update for pywebdav FEDORA-2011-2460 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for pywebdav FEDORA-2011-2470
Check for the Version of pywebdav OpenVAS Vulnerability Test Fedora Update for pywebdav FEDORA-2011-2470 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for pywebdav FEDORA-2011-2470
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
PYSEC-2011-7
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
DEBIAN-CVE-2011-0432
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
CVE-2011-0432
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
CVE-2011-0432
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
Sql injection
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
PYSEC-2011-7
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
CVE-2011-0432
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
CVE-2011-0432
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
CVE-2011-0432
Multiple SQL injection vulnerabilities in the getuserinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the 1 user or 2 pw argument. NOTE: some of these details are obtained from third party...
CVE-2011-0432
PyWebDAV vulnerability CVE-2011-0432 affects the PyWebDAV package prior to version 0.9.4.1. In DAVServer/mysqlauth.py, the get_userinfo method contains SQL injection flaws that allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw parameters. This originates from a f...
Fedora 13 : pywebdav-0.9.4.1-1.fc13 (2011-2470)
The server affected by the CVE is distributed only as documentation, not as a directly runnable component. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...
Fedora 15 : pywebdav-0.9.4.1-1.fc15 (2011-2427)
The server affected by the CVE is distributed only as documentation, not as a directly runnable component. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...
Fedora 14 : pywebdav-0.9.4.1-1.fc14 (2011-2460)
The server affected by the CVE is distributed only as documentation, not as a directly runnable component. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as muc...