DynPG 4.2.0 Local File Inclusion / Path Disclosure / SQL Injection

Vulnerability ID: HTB22703 Reference: http://www.htbridge.ch/advisory/lfiindynpg.html Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor Risk level: Medium Credit:...

GetSimple CMS 2.01 / 2.02 Credential Disclosure

Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548 download svn for 2.02beta: svn...

DBHcms 1.1.4 - dbhcms_userSearchString SQL Injection

DBHcms 1.1.4 - dbhcmsuserSearchString SQL Injection Vulnerability ID: HTB22651 Reference: http://www.htbridge.ch/advisory/sqlinjectionindbhcms.html Product: DBHcms Vendor: drbenhur.com http://www.drbenhur.com/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October...

4Site CMS 2.6 Cross Site Scripting

Vulnerability ID: HTB22639 Reference: http://www.htbridge.ch/advisory/sqlinjectionin4sitecms.html Product: 4site CMS Vendor: Method Lab http://www.4site.ru/ Vulnerable Version: 2.6 and probably prior versions Vendor Notification: 05 October 2010 Vulnerability Type: XSS Cross Site Scripting Status...

Fedora Update for mysql FEDORA-2010-15166

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-15166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

[SECURITY] Fedora 12 Update: mysql-5.1.47-2.fc12

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

[SECURITY] Fedora 13 Update: mysql-5.1.48-2.fc13

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

CMSQLite Cross Site Scripting / SQL Injection

================================================= Vulnerability ID: HTB22464 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincmsqlite.html Product: CMSQLite Vendor: CMSQLite-Team Vulnerable Version: 1.3 and Probably Prior Versions Vendor Notification: 29 June 2010 Vulnerability Type:...

Directory traversal

Multiple directory traversal vulnerabilities in the a Local Storage and b Web SQL database implementations in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allow remote attackers to create arbitrary database files via vectors involvi...

CVE-2010-1391

Removed by vendor...

Fedora Update for mysql FEDORA-2010-9061

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-9061 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

CVE-2010-2058

setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password...

Design/Logic Flaw

setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password...

CVE-2010-2058

setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password...

CVE-2010-2058

setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password...

CVE-2010-2058

setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password...

DSA-2051-1 postgresql-8.3 - several

Bulletin has no description...

Fedora Update for mysql FEDORA-2010-7355

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-7355 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

phpvidz Administrative Password Disclosure

Original Advisory:http://blog.sitewat.ch/2010/05/phpvidz-administrative-password.html Affecting: phpvidz 0.9.5 Vulnerability: Administrative Password Disclosure Vendor's Homepage: http://sourceforge.net/projects/phpvidz/ Date: May 15th 2010 Researcher: Michael Brooks phpvidz does not use a SQL...

[SECURITY] Fedora 13 Update: mysql-5.1.46-1.fc13

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...