470 matches found
[SECURITY] [DLA-152-1] postgresql-8.4 update
Package : postgresql-8.4 Version : 8.4.22lts1-0+deb6u1 CVE ID : CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244 Several vulnerabilities were discovered in PostgreSQL, a relational database server system. The 8.4 branch is EOLed upstream, but still present in Debian squeeze. This new LTS...
[SECURITY] [DSA 3155-1] postgresql-9.1 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3155-1 [email protected] http://www.debian.org/security/ Luciano Bello February 06, 2015 http://www.debian.org/security/faq -...
Debian DSA-3155-1 : postgresql-9.1 - security update
Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. - CVE-2014-8161: Information leak A user with limited clearance on a table might have access to information in columns without SELECT rights on through server error messages. - CVE-2015-0241: Out of boundaries...
[SECURITY] [DSA 3155-1] postgresql-9.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3155-1 [email protected] http://www.debian.org/security/ Luciano Bello February 06, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3155-1 (postgresql-9.1 - security update)
Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. CVE-2014-8161: Information leak A user with limited clearance on a table might have access to information in columns without SELECT rights on through server error messages. CVE-2015-0241: Out of boundaries read/writ...
DSA-3155-1 postgresql-9.1 - security update
Bulletin has no description...
JVN#70490316: DBD::PgPP vulnerable to SQL injection
DBD::PgPP is a pure-Perl client interface for the PostgreSQL database. DBD::PgPP contains a SQL injection vulnerability. Impact If DBD::PgPP is used in a program, a remote attacker may execute an arbitrary SQL command. Solution Update the software Update to the latest version according to the...
ArticleFR 11.06.2014 - 'data.php' Privilege Escalation
Advisory ID: HTB23219 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 11.06.2014 and probably prior Tested Version: 11.06.2014 Advisory Publication: June 11, 2014 without technical details Vendor Notification: June 11, 2014 Public Disclosure: July 30, 2014 Vulnerability Type:...
Joomla RSfiles Component (cid param) - SQL Injection Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '78538' ssvid version = '1.0' author = 'kikay' vulDate = '2013-03-18' createDate ...
RadioCMS 2.2 (menager.php, playlist_id param) - SQL Injection Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = 'SSV-79381' vul ID version = '1' author = 'hh' vulDate = '2013-05-26' createDate =...
Graugon Forum 1 - (id) SQL Command Injection Exploit
No description provided by source. !/usr/bin/perl |--------------------------------------------------------------------------------------------------------------------------------------------| | INFORMATIONS |...
Bloginator 1a - SQL Command Injection via Cookie Bypass Exploit
No description provided by source. Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotatautisticidotorg / osirysatautisticidotorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...
phpLiteAdmin v1.8.x->1.9.x (SQLi/FD) <= Multiple Vulnerabilities
phpLiteAdmin is suffer from multiple vulnerabilities / bugs in v1.8.x to- 1.9.x , the attacker can use some bug in the Script to inject some remote SQL command/code , and Disclosure the Full Path. Bugs : Authentication Bypass SQL Injection/Exec Full Path Disclosure...
PT-2012-6157 · Sinapsi +1 · Sinapsi Esolar Light Photovoltaic System Monitor +3
Name of the Vulnerable Software and Affected Versions: Sinapsi eSolar Light Photovoltaic System Monitor aka Schneider Electric Ezylog photovoltaic SCADA management server versions prior to 2.0.2870 2.2.12 Sinapsi eSolar versions prior to 2.0.2870 2.2.12 Sinapsi eSolar DUO versions prior to 2.0.28...
2Point Solutions XSS / SQL Injection / Local File Inclusion
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
VICOM STUDIO Local File Inclusion / SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
kesionCMS 8.0 background holding shell vulnerability-vulnerability warning-the black bar safety net
Some time ago Ghost brother, made a kesion arbitrary download vulnerability on the holding shell further generations. In fact, take the shell was very simple. Method of much is. Just a brother to me get a shell, I just made a to get the shell methods for your reference. The point of sql command...
CentOS Update for postgresql84 CESA-2012:0678 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-2418-1 : postgresql-8.4 - several vulnerabilities
Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-0866 It was discovered that the permissions of a function called by a trigger are not checked. This...
DSA-2418-1 postgresql-8.4 - several
Bulletin has no description...