625 matches found
OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...
OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...
OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...
Critical: Red Hat Security Advisory: flash-plugin - End Of Life
This update disables Adobe Flash Player 9 on Red Hat Enterprise Linux 4, as it contains multiple security flaws and should no longer be used. The Red Hat Security Response Team has rated this update as having critical security impact. The flash-plugin package contains a Mozilla Firefox compatible...
MY-CCMS All Ver File Upload 0day-vulnerability warning-the black bar safety net
The vulnerability is located in: manage/upload.php code province ! ! 111.jpg Download 22.49 KB 4 hours ago Also you can create new“. asp”directory, there is a skip directory vulnerability, etc. EXP: the form id="frmUpload" enctype="multipart/form-data" action="http://chemlg.com/manage/upload.php"...
Cross site scripting
Cross-site scripting XSS vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Sql injection
SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-1908
Cross-site scripting XSS vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-1909
SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2009-1908
Cross-site scripting XSS vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-1908
CVE-2009-1908 is a cross-site scripting (XSS) vulnerability in SKIP up to version 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC. The vulnerability page confirms that an arbitrary script could be injected and executed in affected SKIP web interfaces. The JVN entries (JVNDB-2009-000025 and JVN432...
CVE-2009-1909
CVE-2009-1909 affects SKIP from SKIP User Group; versions 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC contain a SQL injection vulnerability that allows remote execution of arbitrary SQL via unspecified vectors. Root cause is improper input handling in SKIP’s SQL paths. Impact includes potenti...
CVE-2009-1909
SQL injection vulnerability in Skip 1.0.2 and earlier, and 1.1RC2 and earlier 1.1RC versions, allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
SQL injection vulnerability in SKIP from SKIP User Group
Overview SKIP from SKIP User Group contains a SQL injection vulnerability. SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a SQL injection vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA...
Cross-site scripting vulnerability in SKIP from SKIP User Group
Overview SKIP from SKIP User Group contains a cross-site scripting vulnerability. SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a cross-site scripting vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this...
JVN#43233160 Cross-site scripting vulnerability in SKIP from SKIP User Group
SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on certain web browsers. Solution Update the software Update to the latest version according to the information provid...
JVN#03114223 SQL injection vulnerability in SKIP from SKIP User Group
SKIP from SKIP User Group is an open source SNS Social Networking Service software. SKIP contains a SQL injection vulnerability. Impact Contents created by SKIP can be altered or information saved by SKIP can be obtained by a user that can login to SKIP. Solution Update the software Update to the...
CVE-2006-7108
login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok...
CVE-2007-1226
McAfee VirusScan for Mac Virex before 7.7 patch 1 has weak permissions 0666 for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files...
Mandrake Linux Security Advisory : MySQL (MDKSA-2006:149)
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy CVE-2006-4031. The update allows the local admin to...