1492 matches found
CVE-2011-4634
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...
CVE-2011-4634
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted database name, related to the Database Synchronize panel; 2 a crafted database name, related to the Database rename panel; 3 a crafted S...
phpMyAdmin -- Multiple XSS
The phpMyAdmin development team reports: Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produce XSS when editing a query on a table overview panel or when using the vie...
Multiple Vulnerabilities in OrangeHRM
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in OrangeHRM, which can be exploited to perform Cross-Site Scripting XSS and SQL Injection attacks. 1 Cross-Site Scripting XSS vulnerabilities in OrangeHRM 1.1 Input passed via the "uniqcode" GET parameter to...
GLSA-201110-22 : PostgreSQL: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201110-22 PostgreSQL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : A remote authenticated attacker could send a...
PostgreSQL: Multiple vulnerabilities
Background PostgreSQL is an open source object-relational database management system. Description Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact A remote authenticated attacker could send a specially crafted SQL...
NexusPHP 1.5 - SQL Injection
NexusPHP 1.5 - SQL Injection Exploit Title: Nexusphp.v1.5 SQL injection Vulnerability Google Dork: intitle:nexusphp Date: 2011-10-08 Author: flyh4t Software Link: http://sourceforge.net/projects/nexusphp/ Version: nexusphp.v1.5 Tested on: linux+apache CVE : CVE-2011-4026 Nexusphp is BitTorrent...
How to change URL in Enterprise Manager notification email
Purpose This article documents how to change the URL listed in the Veeam Backup Enterprise Manager notification email. Example of Backup Enterprise Manager Notification Solution Back Up Database Before Making Changes Before making changes to the VeeamBackupReporting database, create a backup of t...
Traq 2.2 Cross Site Scripting / SQL Injection
Vulnerability ID: HTB23046 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesintraq.html Product: Traq Vendor: Jack Polgar http://traqproject.org/ Vulnerable Version: 2.2 and probably prior Tested Version: 2.2 Vendor Notification: 07 September 2011 Vulnerability Type: XSS, SQL...
Mambo Component N-Gallery - SQL Injection
Mambo Component N-Gallery - SQL Injection source: https://www.securityfocus.com/bid/49418/info The Mambo CMS N-Gallery component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could all...
Web Professional - default.php SQL Injection
Web Professional - default.php SQL Injection source: https://www.securityfocus.com/bid/49399/info Web Professional is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker...
WordPress Profiles plugin <= 2.0 RC1 SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Profiles plugin = 2.0 RC1 SQL Injection Vulnerability Date: 2011-08-28 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/profiles.2.0.RC1.zip Version: 2.0 RC1 tested Note:...
VicBlog - 'tag' SQL Injection
source: https://www.securityfocus.com/bid/49304/info VicBlog is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modif...
Code Widgets DataBound Collapsible Menu - main.asp SQL Injection
Code Widgets DataBound Collapsible Menu - main.asp SQL Injection source: https://www.securityfocus.com/bid/49209/info Code Widgets DataBound Collapsible Menu is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...
Code Widgets Multiple Question - Multiple Choice Online Questionnaire SQL Injections
source: https://www.securityfocus.com/bid/49210/info Code Widgets Multiple Question - Multiple Choice Online Questionaire is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
PhpMyadmin XSRF Vuln (Execute SQL Query)
Exploit for php platform in category web applications ===================================================================== . . . . | | ||/ | || | / / \ / /\ | | / | \ \ | |/ | \ / | || | // | / // | \ /\ | /|//|||| |\ | / /|| / Exploit-ID is the Exploit Information Disclosure Web :...
CentOS Update for postgresql84 CESA-2011:0198 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Joomla Xeslidegalf Component SQL Injection Vulnerability
This host is running Joomla Xeslidegalf component and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomxeslidegalfsqlinjvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ Joomla Xeslidegalf Component SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright ...
MyBB MyTabs Plugin - tab SQL Injection
MyBB MyTabs Plugin - tab SQL Injection source: https://www.securityfocus.com/bid/48952/info The MyTabs plugin for MyBB is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow ...
IBM Informix Dynamic Server RCE Vulnerability (Feb 2011) - Windows
IBM Informix Dynamic Server is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...