CVE-2014-7192

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...

CVE-2014-7192

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...

UBUNTU-CVE-2014-7192

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...

CVE-2014-7192

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to execute arbitrary code via a crafted file...

CVE-2014-7192

CVE-2014-7192 affects the syntax-error npm module (before 1.1.1) used with Node.js 0.10.x, including in IBM Rational Application Developer and related IBM/RSA products. The vulnerability stems from improper input handling in the syntax-error/index.js file, enabling remote attackers to execute arb...

Localize: PHP PDOException and Full Path Disclosure

hi phrasekey , agian! in phraseChange action if set to array pdo quote show error! line 755 index.php Warning: PDO::quote expects parameter 1 to be string, array given in /srv/data/web/vhosts/www.localize.im/htdocs/classes/Database.php on line 30 Fatal error: Uncaught exception 'PDOException' wit...

ACC IMoveis 4.0 - SQL Injection Vulnerability

No description provided by source. Exploit Title : iMoveis SQL Injection Vulnerability Date : 26/10/2010 Author : EraGoN Software link : http://baixar7.com/download/acc-imoveis-script-php.rar/3d1e7bf4b9 Version : 1.1 Tested on : Linux / Windows XP Dork : inurl:imoveis.php?id= Error You have an...

ZeroCMS 1.0 SQL Injection Vulnerability

ZeroCMS version 1.0 suffers from a remote SQL injection vulnerability. ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 -...

Khan Academy: Full Path Disclosure on [smarthistory.khanacademy.org]

Hello, I have found a full path disclosure on a website that runs a wordpress installation. There isn't much to explain about this bug, as it's pretty self explanatory. What an attack can do with this bug is identify the full path, and the user the site is running under. If the attacker finds a...

SUSE-RU-2015:0779-1 Recommended update for ibutils

This update for InfiniBand Diagnostic Tools ibutils fixes a syntax error that affected the ibdiagnet, ibdiagpath and ibdiagui utilities...

phpwind9. 0 Cloud Platform is a plug-in arbitrary code execution-vulnerability warning-the black bar safety net

phpwind9. 0 drags finally released, looks very NB look, but is actually who with who knows ,all kinds of bugs everywhere, a variety of error...this is an example, pass to kill type..., the official does not fix on my own with the new version possibly?.. Detailed description: ! Sign of the times, ...

Network job recruitment website system official version of the vulnerability-vulnerability warning-the black bar safety net

The vulnerability appears in the Educate/BookInfo. asp Here the injection point while filtering out some of the keywords but we can still blind you can use sqlmap to run out exp: the following Query management accounts: The+aNd+0=selEct+toP+1+suSupperName+frOm+pHWebSupper Query management...

Edimestre Plus 2.0 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Seditio Build 161 Cross Site Scripting / Information Disclosure

========================================================== Vulnerable Software: seditio-build161 ========================================================== Downloaded from:http://neocrome.net/page.php?id=2447&a=dl md5sum sed.rar aad96010a15f0c38e5cc321f8a91dd1b seditio-build161.rar...

phxEventManager 2.0 Beta 5 SQL Injection

Exploit Title: phxEventManager 2.0 beta 5 search.php searchterms SQL Injection Vulnerability Date: 01/03/2012 Author: skysbsb Software Link: http://sourceforge.net/projects/phxeventmanager/ Version: Web Application Tested on: Apache/nix Dork: intext: "Powered by phxEventManager" Code : Exploited...

vixie-cron security, bug fix, and enhancement update

4:4.1-81 - 455664 adoptions of crontab orphans, forgot add buffer for list of orphans - Related: rhbz455664 4:4.1-80 - 654961 crond process ignores the changes of user's home directory needs bigger changes of code. The fix wasn't applied, detail in comment11. - Related: rhbz249512 4:4.1-79 -...

Nginx Code Execution with Null Bytes to several hidden points and critical points-vulnerability warning-the black bar safety net

Last night, the Black pot on the microblogging made a foreigner explosion Nginx vulnerability, the beginning and few people pay attention, the ego immediately frame environmental testing to verify that my product is good handy online and tried the two sites also verify this vulnerability, so...

Mandriva Update for freeradius MDVA-2010:203 (freeradius)

Check for the Version of freeradius OpenVAS Vulnerability Test Mandriva Update for freeradius MDVA-2010:203 freeradius Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Joomla! Component cinema - SQL Injection

Joomla! Component cinema - SQL Injection ========================================================= Exploit Title: joomla component cinema SQL injection Vulnerability Date: 09 juny 2010 Author: Suddendeath [email protected] Software Link: N/A Tested on: Windows XP 2 Platform / Tested on:...

phpaaCMS V0. 3 the presence of injection oday vulnerability-vulnerability warning-the black bar safety net

Accidentally passing a php the station, due to the own very little of PHP with the Institute to sloppy looked at is phpaaCMS, not large-scale CMS, habitual later added a“'”, I did not expect the explosion wrong! You have an error in your SQL syntax; check the manual that corresponds to your MySQL...