4775 matches found
Design/Logic Flaw
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements...
CVE-2013-6986
The CVE-2013-6986 issue affects ZippyYum Subway CA Kiosk iOS app (3.4). The vulnerability stems from cleartext storage of sensitive data in SQLite cache files (Cache.db / Cache.db-wal) under ../Caches/com.ZippyYum.SubwayOC/, allowing local attackers with access to read unencrypted data. Exposed e...
CVE-2013-6986
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements...
firefox security update
24.2.0-1.0.1.el64 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat one - Build with nspr-devel = 4.10.0 to fix build failure 24.2.0-1 - Update to 24.2.0 ESR 24.1.0-4 - Fixed mozbz938730 - avoid mix of memory allocators crashes when using system sqlite 24.1.0-3 - Fixed...
ZippyYum 3.4 Insecure Data Storage
Title: CVE-2013-6986 Insecure Data Storage in Subway Ordering for California ZippyYum 3.4 iOS mobile application Published: DATE Reported to Vendor: May 2013 CVE Reference: CVE-2013-6986 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6986 CVSS v2 Base Score: 4.9 CVSS v2 Vector...
[Cansina] Web Content Discovery Application
It takes general available lists of common path and files used by web applications and make URL requests looking back to the server response code. Cansina stores the information in a sqlite database omitting 404 responses. One for every new url think this as a kind of projects feature and the sam...
[SECURITY] Fedora 20 Update: roundcubemail-0.9.5-1.fc20
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 19 Update: roundcubemail-0.9.5-1.fc19
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 20 Update: roundcubemail-0.9.4-1.fc20
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 18 Update: roundcubemail-0.9.4-1.fc18
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 19 Update: roundcubemail-0.9.4-1.fc19
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
Fedora Update for roundcubemail FEDORA-2013-15223
Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2013-15223 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
[SECURITY] Fedora 18 Update: roundcubemail-0.9.3-2.fc18
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[SECURITY] Fedora 19 Update: roundcubemail-0.9.3-2.fc19
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
[Introspy] Monitor app in your iDevice
The Problem In 2013, assessing the security of iOS applications still involves a lot of manual, time-consuming tasks - especially when performing a black-box assessment. Without access to source code, a comprehensive review of these application currently requires in-depth knowledge of various API...
Gnew 2013.1 - Multiple Vulnerabilities (1)
Gnew 2013.1 - Multiple Vulnerabilities 1 Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with PHP language and using a database server MySQL,...
Gnew 2013.1 - Multiple Vulnerabilities (1)
Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with PHP language and using a database server MySQL, PostgreSQL or SQLite for storage. Desc:...
Gnew 2013.1 Cross Site Scripting / SQL Injection Vulnerabilities
Gnew 2013.1 suffers from cross site scripting and remote SQL injection vulnerabilities. Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with...
Gnew 2013.1 Cross Site Scripting / SQL Injection
Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with PHP language and using a database server MySQL, PostgreSQL or SQLite for storage. Desc:...
Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities
Summary Gnew is a simple Content Management System written with PHP language and using a database server MySQL, PostgreSQL or SQLite for storage. Description Input passed via several parameters is not properly sanitised before being returned to the user or used in SQL queries. This can be exploit...