JForum - 'jforum.page' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/58164/info JForum is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of t...

PHPmyGallery <= 1.51.010 Multiple Vulnerabilities - Active Check

PHPmyGallery is prone to multiple cross-site scripting XSS vulnerabilities and a local file inclusion LFI vulnerability because it fails to sanitize user-supplied input. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

Oracle Java SE Multiple Vulnerabilities (October 2012 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is earlier than 7 Update 9 / 6 Update 37 / 5.0 Update 38 / 1.4.240 and is, therefore, potentially affected by security issues in the following components : - 2D - Beans - Concurrency - Deployment - Hotspo...

BlackNova Traders - news.php SQL Injection

BlackNova Traders - news.php SQL Injection source: https://www.securityfocus.com/bid/57910/info BlackNova Traders is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

MiniUPnP Multiple Denial of Service Vulnerabilities (TCP)

MiniUPnP is prone to multiple denial of service DoS vulnerabilities. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

libupnp Multiple Buffer Overflow Vulnerabilities

Updates are available. Please see the references for more information. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

libupnp Multiple Buffer Overflow Vulnerabilities (TCP)

Updates are available. Please see the references for more information. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

MiniUPnP < 1.4 Multiple DoS Vulnerabilities

MiniUPnP is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DataLife Engine 'catlist' Parameter PHP Code Injection Vulnerability

DataLife Engine is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system. Other attacks are also...

Buffalo TeraStation Multiple Security Vulnerabilities (Jan 2013)

Buffalo TeraStation is prone to an arbitrary file download and an arbitrary command-injection vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

ownCloud <= 4.0.10, 4.5.x <= 4.5.5 Multiple Vulnerabilities - Active Check

ownCloud is prone to an arbitrary-code execution vulnerability, multiple HTML-injection vulnerabilities and multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be...

PHP 'openssl_encrypt()' Function Information Disclosure Vulnerability - Windows

PHP is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

php-Charts <= 1.0 RCE Vulnerability - Active Check

php-Charts is prone to an arbitrary PHP code execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Prizm Content Connect - Arbitrary File Upload

Prizm Content Connect - Arbitrary File Upload source: https://www.securityfocus.com/bid/57242/info Prizm Content Connect is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them. An attacker may leverage this issue to upload arbitrary...

Schmid Watson Management Console - Directory Traversal

source: https://www.securityfocus.com/bid/57237/info Schmid Watson Management Console is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary files within the context of the...

Wordpress Pingback Locator

This module will scan for wordpress sites with the Pingback API enabled. By interfacing with the API an attacker can cause the wordpress site to port scan an external target and return results. Refer to the wordpresspingbackportscanner module. This issue was fixed in wordpress 3.5.1 This module...

Novell eDirectory Multiple Vulnerabilities (Jan 2013)

Novell eDirectory is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netiq:edirectory";...

LibreOffice Graphic Object Loading Buffer Overflow Vulnerability - Windows

LibreOffice is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Omni-Secure 5, 6, 7 Multiple File Disclosure Vulnerabilities - Active Check

Omni-Secure is prone to multiple file disclosure vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

WordPress Theme Nest - codigo SQL Injection

WordPress Theme Nest - codigo SQL Injection source: https://www.securityfocus.com/bid/56792/info The Nest theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue...