CentOS 4 : mysql (CESA-2006:0544)

Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a serve...

Usenet Script v0.5

Usenet Script v0.5 Homepage: http://www.metalhead.ws/usenet Description: "Those scripts allow you to mirror a Newsgroup in an SQL database. The development database was Postgresql, but it uses dbx and should therefore be able to work with other database systems, too. Furthermore, a frontend is...

RHEL 4 : mysql (RHSA-2006:0544)

Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a serve...

mysql security update

CentOS Errata and Security Advisory CESA-2006:0544 Updated mysql packages that fix multiple security flaws are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a...

[SECURITY] [DSA 1079-1] New MySQL 4.0 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1079-1 [email protected] http://www.debian.org/security/ Martin Schulze May 29th, 2006 http://www.debian.org/security/faq -...

DSA-1071-1 mysql - several vulnerabilities

Bulletin has no description...

MySQL: Information leakage

Background MySQL is a popular multi-threaded, multi-user SQL database server. Description The processing of the COMTABLEDUMP command by a MySQL server fails to properly validate packets that arrive from the client via a network socket. Impact By crafting specific malicious packets an attacker cou...

PHPList <= 2.10.2 GLOBALS[] Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "PHPList = 2.10.2 GLOBALS remote cmmnds xctn \r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "- this works against registerglobals=On \r\n"; echo "a dork:...

phpList 2.10.2 - 'GLOBALS[]' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on this works against registerglobals=On \r\n"; echo "a dork: inurl:"lists/?p=subscribe" | inurl:"lists/index.php?p=subscribe"\r\n"; echo " -ubbi phplist\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host path cmd OPTIONS\r\n"; echo "host: target server...

PHPList <= 2.10.2 GLOBALS[] Remote Code Execution Exploit

Exploit for unknown platform in category web applications ========================================================= PHPList this works against registerglobals=On \r\n"; echo "a dork: inurl:"lists/?p=subscribe" | inurl:"lists/index.php?p=subscribe"\r\n"; echo " -ubbi phplist\r\n\r\n"; if $argc4...

Calendar Express Multiple Flaws

The remote web server is using Calendar Express which is vulnerable to a cross site scripting and SQL injection vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Calendar Express Multiple Flaws

The remote web server contains a PHP script which is vulnerable to a cross site scripting and SQL injection vulnerability. Description : The remote host is using Calendar Express, a PHP web calendar. A vulnerability exists in this version which may allow an attacker to execute arbitrary HTML and...

linpha_10_local.txt

------------- Linpha = 1.0 multiple arbitrary local inclusion ----------------- software: site: http://linpha.sourceforge.net/nuke/ description: " LinPHA is an easy to use, multilingual, flexible photo / image archive / album / gallery written in PHP. It uses a SQL database to store information...

DSA-963-1 mydns - missing input sanitising

Bulletin has no description...

CVE-2005-4353

SQL injection vulnerability in index.php in toendaCMS 0.6.2.1, when configured to use a SQL database, allows remote attackers to execute arbitrary SQL commands via the id parameter...

aRCHILLES Newsworld &lt; 1.5.0-rc1 Multiple Vulnerabilities

aRCHILLES Newsworld 1.5.0-rc1 Multiple Vulnerabilities Software: aRCHILLES Newsworld Vulnerable versions: = 1.5.0-rc1 Type: Information Disclosure, Login Bypass Risk: Critical Date: 21st October 2005 Vendor: aRCHILLES http://www.scriptworld.kh-webcenter.de Credit: ======= These vulnerabilities we...

RHEL 3 : mysql-server (RHSA-2005:348)

Updated mysql-server packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL...

phpMyChat 0.14.5 - Remote Improper File Permissions

| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. phpMyChat remote sploit by sysbug C:\Perl\binperl pmc.pl www.kublooddrive.com /chat / Mysql dump : CDBHOST : localhost CDBNAME : jhawkpchat1 CDBUSER : jhawkpchat1 CDBPASS : vvejTjeLgB Adding Admin .... login:jhawk pwd:owned /...

Debian DSA-562-1 : mysql - several vulnerabilities

Several problems have been discovered in MySQL, a commonly used SQL database on Unix servers. The following problems have been identified by the Common Vulnerabilities and Exposures Project : - CAN-2004-0835 Oleksandr Byelkin noticed that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the...

CVE-1999-1520

The CVE-1999-1520 issue is a configuration problem in the Ad Server Sample directory (AdSamples) of Microsoft Site Server 3.0. The root cause is misconfiguration that allows an attacker to obtain the SITE.CSC file, exposing sensitive SQL database information. Affected software: Microsoft Site Ser...