51 matches found
CVE-2020-15478
The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors...
CVE-2020-15478
CVE-2020-15478 affects the Journal theme for OpenCart prior to 3.1.0. The vulnerability allows exposure of sensitive data through errors surface when handling SQL in the page parameter (the exact root cause described across sources indicates improper handling that leads to data exposure). Affecte...
CVE-2020-15478
The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors...
NetScaler MAS Reports High Memory Utilization
User receives alerts related to high memory usagehowever they do not observe any latency or performance related issue. From var/log ns.log we see logs related to high memory and from mpsservice.log we see messages related to out of shared memory. Tuesday, 20 Mar 18 14:26:18.845 +1100 Debug Main...
openSUSE Security Update : cacti and cacti-spine (openSUSE-2017-1173)
This update for cacti and cacti-spine fixes the following issues : Build version 1.1.26 - issue841: --input-fields variable not working with addgraphs.php cli - issue986: Resolve minor appearance problem on Modern theme - issue989: Resolve issue with data input method commands loosing spaces on...
MariaDB Denial Of Service Vulnerability (Feb 2017) - Linux
MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb";...
Centreon Web Interface 2.5.3 Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon Web Useralias Command Execution', 'Description' = %q Centreon Web Interface 'h00die ', module 'Nicolas CHATELAIN '...
Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
Exploit for python platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon Web Useralias Command Execution', 'Description' = %q Centreon...
Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon Web Useralias Command Execution', 'Description' = %q Centreon Web Interface 'h00die ', module 'Nicolas CHATELAIN '...
Centreon Web Useralias Command Execution
Centreon Web Interface 'Centreon Web Useralias Command Execution', 'Description' = %q Centreon Web Interface 'h00die ', module 'Nicolas CHATELAIN ' discovery , 'References' = 'EDB', '39501' , 'License' = MSFLICENSE, 'Platform' = 'python', 'Privileged' = false, 'Arch' = ARCHPYTHON, 'Targets' =...
sqli
This plugin finds SQL injections. To find this vulnerabilities the plugin sends the string dz"0 to every injection point, and searches for SQL errors in the response body. Plugin type Audit Options This plugin doesnt have any user configured options. Source For more information about this plugin...
MySQL Handler Multiple Denial Of Service Vulnerabilities
MySQL is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...
Mandriva Update for mysql MDVSA-2010:155-1 (mysql)
Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:155-1 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
MySQL Community Server 5.1 < 5.1.49 Multiple Denial of Service Vulnerabilities
Binary data 5646.prm...
Mandriva Linux Security Advisory : mysql (MDVSA-2010:155-1)
Multiple vulnerabilities has been found and corrected in mysql : MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service server crash and database loss via an ALTER DATABASE command with a mysql50 string followed by a . dot, .. dot dot, .....
Joomla! Component My Car 1.0 - Multiple Vulnerabilities
Joomla! Component My Car 1.0 - Multiple Vulnerabilities Exploit Title: Joomla Component My Car Multiple Vulnerabilities Date: 28th May 2010 Author: Valentin Category: webapps/0day Version: 1.0 Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::...
Joomla! Component VirtueMart Module Customers_who_bought - SQL Injection
...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Module Customerswhobought... SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TYPE: COMMERCIAL PRICE: 14,95€ TESTED...
Joomla! Component VirtueMart Module Customers_who_bought - SQL Injection
Joomla! Component VirtueMart Module Customerswhobought - SQL Injection ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Module Customerswhobought... SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT:...
wagora-multi.txt
vendor website: http://www.w-agora.com/ bug: multiples file upload,xss,full path disclosure,error sql global risk: critical file upload : there's actually 2 ways to upload a file on w-agora : 1on the forum you can post some attached file with your message and you can upload any kind of file then...
CentOS 3 / 4 : freeradius (CESA-2006:0271)
Updated freeradius packages that fix an authentication weakness are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized...