39 matches found
EUVD-2008-4387
Malware in sbrugna...
EUVD-2012-2896
Malware in sbrugna...
EUVD-2014-4777
Malware in sbrugna...
EUVD-2002-1175
Malware in sbrugna...
sssd bug fix update
An update is available for sssd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...
CVE-2024-6559
The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 4.7.3. This is due the plugin utilizing sabre without preventing direct access to the files. This makes it possible for...
PT-2024-37716 · WordPress · Xcloner Plugin
Name of the Vulnerable Software and Affected Versions: XCloner Plugin versions up to, and including, 4.7.3 Description: The XCloner Plugin for WordPress is vulnerable to Full Path Disclosure due to its utilization of sabre without preventing direct access to the files. This allows unauthenticated...
Forever 21 Says PoS Systems Exposed Customer Data for 8 Months
Fashion retailer Forever 21 confirmed a breach made public in November resulted in the theft of credit card data belonging to an undisclosed number of customers. The company had stated that a lack of encryption used on some of its point-of-sales payment terminals could have resulted in unauthoriz...
Trump Hotels Hit By 3rd Card Breach in 2 Years
Maybe some of you missed this amid all the breach news recently I know I did, but Trump International Hotels Management LLC last week announced its third credit-card data breach in the past two years. I thought it might be useful to see these events plotted on a timeline, because it suggests that...
Hard Rock, Loews Hotels Among Sabre Corp Hospitality Breach Victims
For the second time in the past year the Hard Rock Hotels and Casinos franchise is encouraging guests to keep tabs on their bank account statements for suspicious activity. The hotel, resort, and casino chain on Thursday said it was alerted on June 6 that its systems were impacted by a security...
Sabre Corp. Investigating Breach of Reservation System
Travel services company Sabre Corp., acknowledged this week that it’s in the middle of investigating a data breach in its Hospitality Solutions reservation system that may have spilled personally identifiable information and payment card data belonging to its customers. The Texas-based company...
Breach at Sabre Corp.’s Hospitality Unit
Breaches involving major players in the hospitality industry continue to pile up. Today, travel industry giant Sabre Corp. disclosed what could be a significant breach of payment and customer data tied to bookings processed through a reservations system that serves more than 32,000 hotels and oth...
[SECURITY] Fedora 19 Update: php-sabredav-Sabre_CalDAV-1.7.9-1.fc19
CalDAV plugin for Sabre, adds support for CalDAV in SabreDAV...
SABRE <= 1.2.0 - Cross Site Scripting
The Sabre WordPress plugin was affected by a Cross Site Scripting security vulnerability...
CVE-2014-4858
Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password field...
Sql injection
Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password field...
CVE-2014-4858
CVE-2014-4858; Sabre AirCentre Crew solutions (version 2010.2.12.20008 and earlier) contain SQL injection vulnerabilities in CWPLogin.aspx, exploitable via the username or password fields. Underlying issue: CWE-89 Improper Neutralization of SQL commands. Impact: remote attacker may bypass authent...
CVE-2014-4858
Multiple SQL injection vulnerabilities in CWPLogin.aspx in Sabre AirCentre Crew products 2010.2.12.20008 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password field...
Sabre AirCentre Crew solutions contain a SQL injection vulnerability
Overview Sabre AirCentre Crew solutions version 2010.2.12.20008 and earlier contain an SQL injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' Sabre AirCentre Crew solutions version 2010.2.12.20008 and earlier are...
Fedora Update for php-sabre-dav FEDORA-2014-3401
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...