CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies

Document Title: =============== CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=726 Release Date: ============= 2012-10-18 Vulnerability Laboratory ID VL-ID: ==================================== 726 Common...

CMSQLITE 1.3.2 LFI / XSS / Cross Site Request Forgery

CMSQLITE version 1.3.2 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities. CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies Introduction: ============= CMSQLite is a small, fast, flexible and complete Content-Management-System CMS. It s perfect f...

FreeBSD : php5-sqlite -- open_basedir bypass (ec255bd8-02c6-11e2-92d1-000d601460a4)

MITRE CVE team reports : The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from th...

FreeBSD Ports: php5-sqlite

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: php5-sqlite

The remote host is missing an update to the system as announced in the referenced advisory. VID ec255bd8-02c6-11e2-92d1-000d601460a4 OpenVAS Vulnerability Test $ Description: Auto generated from VID ec255bd8-02c6-11e2-92d1-000d601460a4 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

[SECURITY] Fedora 18 Update: jabberd-2.2.17-1.fc18

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

Mandriva Linux Security Advisory : php (MDVSA-2012:108)

Multiple vulnerabilities has been discovered and corrected in php : Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow CVE-2012-2688. The SQLite...

Mandriva Linux Security Advisory : freeradius (MDVSA-2012:047)

A vulnerability has been found and corrected in freeradius : The ocspcheck function in rlmeaptls.c in FreeRADIUS 2.1.11, when OCSP is enabled, does not properly parse replies from OCSP responders, which allows remote attackers to bypass authentication by using the EAP-TLS protocol with a revoked...

Fedora Update for jabberd FEDORA-2012-12487

Check for the Version of jabberd OpenVAS Vulnerability Test Fedora Update for jabberd FEDORA-2012-12487 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 17 Update: jabberd-2.2.14-4.fc17

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

[SECURITY] Fedora 16 Update: jabberd-2.2.14-4.fc16

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

SuSE 10 Security Update : php5 (ZYPP Patch Number 8239)

This update fixes two security issues of PHP5 : - Potential overflow in phpstreamscandir. CVE-2012-2688 - openbasedir bypass via SQLite extension. CVE-2012-3365 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

Android HTC Mail Insecure Password Management

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Android HTC Mail insecure password management Classification: =============== Level: low-MED-high-crit ID: HEXVIEW2012080501 URL: http://www.hexview.com/docs/20120805-1.txt Overview: ========= HTC is $9.5BUSD Taiwanese manufacturer of smartphones and...

PHP security vulnerabilities

phpstreamscandir overflow, SQLite functionality openbasedir protection bypass...

PHP 5.3.x 'open_basedir'安全限制绕过漏洞

BUGTRAQ ID: 54612 CVE ID: CVE-2012-3365 PHP 是一种 HTML 内嵌式的语言，PHP与微软的ASP颇有几分相似，都是一种在服务器端执行的嵌入HTML文档的脚本语言，语言的风格有类似于C语言，现在被很多的网站编程人员广泛的运用。 PHP 5.3.15之前版本在SQLite扩展中存在错误，可被利用绕过"openbasedir"功能。 0 PHP 5.3.x 厂商补丁： PHP --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.php.net...

CVE-2012-3365

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors...

Design/Logic Flaw

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors...

CVE-2012-3365

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors...

CVE-2012-3365

The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors...

CVE-2012-3365

According to the Nessus plugin JSA10804, CVE-2012-3365 affects the PHP component bundled with Juniper Junos devices. The report states there is an unspecified flaw in the SQLite extension that allows an unauthenticated, remote attacker to bypass the open_basedir protection. This description confi...