Design/Logic Flaw

The Websense Reporter Module in Websense Enterprise 6.3.2 stores the SQL database system administrator password in plaintext in CreateDbInstall.log, which allows local users to gain privileges to the database...

CVE-2008-4646

The CVE concerns the Websense Reporter Module in Websense Enterprise 6.3.2. Affected component: Websense Reporter Module; vulnerability: the SQL database system administrator password is stored in plaintext in CreateDbInstall.log. Root cause: credentials are written to a log file, exposing the pa...

reddot-sql.txt

RedDot CMS SQL injection vulnerability CVE Number: CVE-2008-1613 http://www.irmplc.com/index.php/167-Advisory-026 Vulnerability Type/Importance: SQL injection/Critical Problem Discovered: 12 February 2008 Vendor Contacted: 19 February 2008 Advisory Published: 21 April 2008 Abstract: The RedDot CM...

Debian Security Advisory DSA 1079-1 (mysql-dfsg)

The remote host is missing an update to mysql-dfsg announced via advisory DSA 1079-1. OpenVAS Vulnerability Test $Id: deb10791.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1079-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 1073-1 (mysql-dfsg-4.1)

The remote host is missing an update to mysql-dfsg-4.1 announced via advisory DSA 1073-1. OpenVAS Vulnerability Test $Id: deb10731.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1073-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1079-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-1463-1 postgresql-7.4 - several

Bulletin has no description...

Design/Logic Flaw

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...

CVE-2008-0191

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...

CVE-2008-0191

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...

CVE-2008-0191

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...

CVE-2008-0191

WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...

mysql security update

CentOS Errata and Security Advisory CESA-2007:1222-001 Updated mysql packages that fix several security issues are now available for Red Hat Application Stack v1 and v2. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user,...

[SECURITY] Fedora 7 Update: mysql-5.0.45-6.fc7

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

DEBIAN-CVE-2007-4575

HSQLDB before 1.8.0.9, as used in OpenOffice.org OOo 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."...

vigilecms-exec.txt

Opencosmo Security http://www.opencosmo.com http://www.opencosmo.com/news.php?readmore=15 VigileCMS = 1.8 Stealth Remote Command Execution Exploit Crediti: The:Paradox Applicazione: VigileCMS Versione: 1.8 Impatto: Remote Command Execution Rischio: 3/5 Exploit: !/usr/bin/python -- coding:...

cisco-sql.txt

SUMMARY ======= A SQL injection vulnerability exists in the Log On page of the web interface for Cisco CallManager AKA Unified Communications Manager. An unauthenticated attacker who is able to access the Log On page could exploit this vulnerability to run arbitrary SQL commands as the logged in...

Breakthrough space limitations-vulnerability warning-the black bar safety net

About spaces, there are many alternatives, such as TAB spaces, SQL database//, but I found another alternative, has been published in the hacker manual 2006.7 period, here pick its essence, now! For the SQL statement, we also are accustomed to its spaces, such as select id from name, if no...

CentOS 4 : mysql (CESA-2007:0152)

Updated mysql packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation...

EQdkp <= 1.3.1 Referer Spoof to access to SQL Database

Title: EQdkp = 1.3.1 Referer Spoof to access to SQL Database URL: http://www.eqdkp.com Hook: "Powered by EQdkp" Author: Eight10 Contact: [email protected] -------------------------------------------------------------------------------------------------------- Background: EQdkp is the largest DKP...