Lucene search
K

88 matches found

Friends Of PHP
Friends Of PHP
added 2014/12/29 1:23 p.m.16 views

Header injection in NativeMailerHandler

Hopefully attacker controlled data is never used to set the encoding or content type, but just in case, prevent: $nmh = new NativeMailerHandler$to, $subject, $from; $nmh-setEncoding "utf-8\r\nFrom: [email protected]"; Since the injection happened in send, there doesn't seem to be a good way to a...

0.8AI score
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 2014/12/29 1:23 p.m.11 views

Header injection in NativeMailerHandler

Hopefully attacker controlled data is never used to set the encoding or content type, but just in case, prevent: $nmh = new NativeMailerHandler$to, $subject, $from; $nmh-setEncoding "utf-8\r\nFrom: [email protected]"; Since the injection happened in send, there doesn't seem to be a good way to a...

7.2AI score
Exploits0Affected Software1
Fedora
Fedora
added 2014/11/01 4:22 p.m.54 views

[SECURITY] Fedora 21 Update: python-oauth2-1.5.211-8.fc21

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS
Exploits0
Fedora
Fedora
added 2014/10/28 6:45 a.m.19 views

[SECURITY] Fedora 20 Update: python-oauth2-1.5.211-8.fc20

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS
Exploits0
Fedora
Fedora
added 2014/09/27 9:51 a.m.22 views

[SECURITY] Fedora 21 Update: python-oauth2-1.5.211-7.fc21

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS
Exploits0
Fedora
Fedora
added 2014/09/26 9:6 a.m.23 views

[SECURITY] Fedora 20 Update: python-oauth2-1.5.211-7.fc20

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS
Exploits0
Fedora
Fedora
added 2014/09/26 9:4 a.m.25 views

[SECURITY] Fedora 19 Update: python-oauth2-1.5.211-7.fc19

Oauth2 was originally forked from Leah Culver and Andy Smith's oauth.py code. Some of the tests come from a fork by Vic Fryzel, while a revamped Request class and more tests were merged in from Mark Paschal's fork. A number of notable differences exist between this code and its forefathers: - 100...

5.8CVSS6.6AI score0.0243EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/23 12:0 a.m.28 views

Fedora 20 : mediawiki-1.21.2-1.fc20 (2013-15937)

SECURITY: Fix extension detection with 2 .'s - SECURITY: Support for the 'gettoken' parameter to action=block and action=unblock, deprecated since 1.20, has been removed. - SECURITY: Sanitize ResourceLoader exception messages - Purge upstream caches when deleting file assets. - Unit test suite...

6.1CVSS6AI score0.02084EPSS
Exploits2References5
Rows per page
Query Builder