222 matches found
Low: Red Hat Security Advisory: gnome-vfs2 security and bug fix update
Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 5 : gnome-vfs2 (RHSA-2013:0131)
Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
SquirrelMail: CSRF in the empty trash feature and in Index Order page
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
BETTELBOT v1.0 - We are the Robots
Document Title: =============== BETTELBOT v1.0 - We are the Robots References: =========== Download: http://www.vulnerability-lab.com/resources/videos/356.wmv View: http://www.youtube.com/watch?v=e0BKp9e8iec Release Date: ============= 2011-12-14 Vulnerability Laboratory ID VL-ID:...
Microsoft Research Proposes E-Voting Attack Mitigation
Microsoft Research has proposed a mitigation for a known potential attack against verifiable electronic voting machines that could help prevent insiders from being able to alter votes after the fact. The countermeasure to the “trash attack” involves adding a cryptographic hash to the receipts tha...
Unfixed XSS vulnerability at trash-mail.com
Security researcher livinskull, has submitted on 13/09/2011 a cross-site-scripting XSS vulnerability affecting trash-mail.com, which at the time of submission ranked 76964 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/01/2012. It is...
CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
UBUNTU-CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
gpEasy 1.6.1 Cross Site Request Forgery
============================================= gpEasy Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/ Version: 1.6.1...
CVE-2010-0682
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...
Design/Logic Flaw
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...
DEBIAN-CVE-2010-0682
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...
CVE-2010-0682
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...
CVE-2010-0682
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...
CVE-2010-0682
WordPress 2.9.x is affected: before 2.9.2, remote authenticated users could read trash posts from other authors via a direct request using a modified p parameter (CVE-2010-0682). Fedora/OpenVAS advisories document this issue and indicate that upgrading to upstream WordPress 2.9.2 fixes it (with C...
CVE-2010-0682
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter...
WordPress Core 2.9 - Failure to Restrict URL Access
WordPress = 2.9 Failure to Restrict URL Access http://www.thomasmackenzie.co.uk/ 1. Advisory Information Title: WordPress = 2.9 Failure to Restrict URL Access Date published: 2. Vulnerability Information Class: Failure to Restrict URL Access Remotely Exploitable: Yes Locally Exploitable: Yes 3...
WordPress 2.9 - Failure to Restrict URL Access
WordPress 2.9 - Failure to Restrict URL Access WordPress = 2.9 Failure to Restrict URL Access http://www.thomasmackenzie.co.uk/ 1. Advisory Information Title: WordPress = 2.9 Failure to Restrict URL Access Date published: 2. Vulnerability Information Class: Failure to Restrict URL Access Remotely...
Mandriva Update for gnome-vfs2 MDKA-2007:060 (gnome-vfs2)
Check for the Version of gnome-vfs2 OpenVAS Vulnerability Test Mandriva Update for gnome-vfs2 MDKA-2007:060 gnome-vfs2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...
Mandriva Update for gnome-vfs2 MDKA-2007:060 (gnome-vfs2)
Check for the Version of gnome-vfs2 OpenVAS Vulnerability Test Mandriva Update for gnome-vfs2 MDKA-2007:060 gnome-vfs2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...