Lucene search
K

182 matches found

myhack58
myhack58
added 2009/03/31 12:0 a.m.22 views

Discuz! Forum the wap function module coding injection vulnerability-vulnerability warning-the black bar safety net

Information source: evil octal information security team www.eviloctal.com) Author: ainideX Affected version: Discuz! 4.0.0 Discuz! 4.1.0 Discuz! 5.0.0 Discuz! 5.5.0 Discuz! 6.0.0 Discuz! 6.1.0 Description: Discuz! The forum system is a PHP and MySQL such as a variety of other databases to build...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/02/12 12:0 a.m.14 views

IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Vulnerabilities

Binary data 4929.prm...

10CVSS7.3AI score0.03302EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2009/02/12 12:0 a.m.24 views

IBM WebSphere Application Server 6.1 < Fix Pack 21 Multiple Flaws

IBM WebSphere Application Server 6.1 before Fix Pack 21 appears to be running on the remote host. As such, it is reportedly affected by multiple flaws : - Provided Performance Monitoring Infrastructure PMI is enabled, it may be possible for a local attacker to obtain sensitive information through...

1.9CVSS5.5AI score0.00321EPSS
Exploits0References5
exploitpack
exploitpack
added 2009/01/14 12:0 a.m.18 views

DMXReady Members Area Manager 1.2 - SQL Injection

DMXReady Members Area Manager 1.2 - SQL Injection Title : DMXReady Members Area Manager http://target/path/applications/MembersAreaManager/incmembersareamanager.asp Edit - http://target/path/admin/MembersAreaManager/components/SecurityLevelManager/uploadimagesecuritylevel.asp?cid=SQL Inject...

1.2AI score
Exploits0
Atlassian
Atlassian
added 2008/04/04 4:21 p.m.19 views

Change issue Security Level on Transition

We need a way to automatically change the Security Level of an issue when it is transitioned. Currently our project is has a default Security Level that only allows the assignee and management to see an issue, we would like to automatically open that issue up once it is fixed...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/04/04 4:21 p.m.19 views

Change issue Security Level on Transition

We need a way to automatically change the Security Level of an issue when it is transitioned. Currently our project is has a default Security Level that only allows the assignee and management to see an issue, we would like to automatically open that issue up once it is fixed...

2.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/01/10 3:35 a.m.21 views

Moving a subtask Issue Type will sometimes ask the user for a Security Level even though this value is inherited from the Parent Issue.

When you move a subtask from an Issue Type where Security Level is a hidden field, to one where Security Level is no longer hidden, the system can mistakenly ask the User for a new Security Level. This is only a minor issue, as then the subtask will not actually take on the chosen value - it will...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/01/10 3:35 a.m.21 views

Moving a subtask Issue Type will sometimes ask the user for a Security Level even though this value is inherited from the Parent Issue.

When you move a subtask from an Issue Type where Security Level is a hidden field, to one where Security Level is no longer hidden, the system can mistakenly ask the User for a new Security Level. This is only a minor issue, as then the subtask will not actually take on the chosen value - it will...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2008/01/10 3:35 a.m.19 views

Moving a subtask Issue Type will sometimes ask the user for a Security Level even though this value is inherited from the Parent Issue.

When you move a subtask from an Issue Type where Security Level is a hidden field, to one where Security Level is no longer hidden, the system can mistakenly ask the User for a new Security Level. This is only a minor issue, as then the subtask will not actually take on the chosen value - it will...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2007/11/12 3:22 a.m.22 views

Bulk Move does not update the Security Level of subtasks

When doing a bulk move, Parent issues moved to a new project must take any subtasks with them. If the new project has a different Issue Security scheme, then issues should get the default issue security in the new project. Currently a bulk move will change the security setting of parent issues, b...

1.2AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/11/12 3:22 a.m.24 views

Bulk Move does not update the Security Level of subtasks

When doing a bulk move, Parent issues moved to a new project must take any subtasks with them. If the new project has a different Issue Security scheme, then issues should get the default issue security in the new project. Currently a bulk move will change the security setting of parent issues, b...

1.2AI score
Exploits0
Atlassian
Atlassian
added 2007/10/24 6:4 a.m.21 views

Issues not shown in issue navigator that a user has permission for according to the issue security level

Users may not be able to see certain issues in the IssueNavigator, if they create an issue level security, where the permission depends on a user custom field where the customfield does not have a searcher set. Browsing the issue directly, works fine, however when running a search the issue wont ...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/24 6:4 a.m.27 views

Issues not shown in issue navigator that a user has permission for according to the issue security level

Users may not be able to see certain issues in the IssueNavigator, if they create an issue level security, where the permission depends on a user custom field where the customfield does not have a searcher set. Browsing the issue directly, works fine, however when running a search the issue wont ...

0.8AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/24 6:4 a.m.18 views

Issues not shown in issue navigator that a user has permission for according to the issue security level

Users may not be able to see certain issues in the IssueNavigator, if they create an issue level security, where the permission depends on a user custom field where the customfield does not have a searcher set. Browsing the issue directly, works fine, however when running a search the issue wont ...

0.8AI score
Exploits0
Atlassian
Atlassian
added 2007/10/15 12:17 a.m.111 views

IssueLevelSecurity permission check does not work with a DocumentIssueImpl if no security level has been set.

We need to be able to handle per issue permission checks, if no issue security level has been set. The problem is that if no issue level security is set, -1 gets indexed. The permissions code however expects a null value...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/15 12:17 a.m.72 views

IssueLevelSecurity permission check does not work with a DocumentIssueImpl if no security level has been set.

We need to be able to handle per issue permission checks, if no issue security level has been set. The problem is that if no issue level security is set, -1 gets indexed. The permissions code however expects a null value...

1.6AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/15 12:17 a.m.25 views

IssueLevelSecurity permission check does not work with a DocumentIssueImpl if no security level has been set.

We need to be able to handle per issue permission checks, if no issue security level has been set. The problem is that if no issue level security is set, -1 gets indexed. The permissions code however expects a null value...

1.6AI score
Exploits0
Atlassian
Atlassian
added 2007/08/16 7:19 p.m.17 views

Security level for attachments and screenshots

Discussing inside the team issues reported to JIRA by customers, we can hide from them our in-team comments, but cannot do it to attachments and screen-shots...

1.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/06/14 8:55 a.m.29 views

CommentService validation methods do not check user's security level

The validateCommentUpdate, hasPermissionToUpdate and hasPermissionToDelete methods on DefaultCommentService check the user's comment-related permissions but neglect to check whether they have a role/group security level viewable by the user attempting to delete a comment...

2.9AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/06/14 8:55 a.m.21 views

CommentService validation methods do not check user's security level

The validateCommentUpdate, hasPermissionToUpdate and hasPermissionToDelete methods on DefaultCommentService check the user's comment-related permissions but neglect to check whether they have a role/group security level viewable by the user attempting to delete a comment...

2.9AI score
Exploits0
Rows per page
Query Builder