113 matches found
PT-2016-4567 · Php +3 · Phpmailer +3
Name of the Vulnerable Software and Affected Versions: PHPMailer versions prior to 5.2.20 Description: The issue is related to the isMail transport in PHPMailer, where improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP might allow...
Multiple F5 Products Certificate Validation Forgery Spoofing Vulnerability
F5 BIG-IP LTM is a local traffic manager; APM is a suite of solutions that provide secure unified access to business-critical applications and networks. A checksum forgery spoofing vulnerability exists in multiple F5 product certificates. Failure to properly validate the server certificate when t...
Upgrading to 5.5.1 from 5.4.3 didn't update xwork from 1.13 to 1.17
We recently upgraded our instance following your security advisory. It was discovered shortly after the upgrade that the xwork file that was vulnerable 1.13 was not upgraded to the safe version 1.17. This could have just been specific to our instance but you should check your upgrade process and...
RHEL 3 / 4 : redhat-release (EOL Notice) (RHSA-2011:0002)
This is the End Of Life notification for RHN Proxy Server 4. On December 31st, 2010, per the life cycle support policy, the version 4 series of Satellite and Proxy products exited Production Phase 2 marking the end of their support by Red Hat. Please reference the support policy here :...
Z-blog 1.8 web path information disclosure vulnerability and fix-vulnerability warning-the black bar safety net
Affected version: Z-blog 1.8 Vulnerability description: Z-blog is based on Asp platform Blog blogweblogprogram Z-blog using the default editor there is a path information disclosure vulnerability Test method:...
CVE-2010-4348
Cross-site scripting XSS vulnerability in admin/upgradeunattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the dbtype parameter, related to an unsafe call by MantisBT to a function in the ADOdb Library for PHP...
Linux Kernel “install_special_mapping()”local bypass security restrictions vulnerability-vulnerability warning-the black bar safety net
Affected system: Linux kernel 2.6.11.11 - 2.6.37 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 4 5 3 2 3 The Linux Kernel is open sourceOSLinux the kernel. The Linux Kernel in the realization of the presence of the vulnerability, an...
DeluxeBB 1.3 newpost. php page SQL injection vulnerability-vulnerability warning-the black bar safety net
DeluxeBB is a PHP-based Forum application. DeluxeBB of newpost. php page does not properly filter user submitted the SQL query parameters: //inserting thread $db-unbufferedquery"INSERT INTO ".$ prefix."threads VALUES NULL, ’$infofid’, ’".$ COOKIE’memberid’."’, ’$subject’, ’$posticon’, ’0’, ’0’,...
Firefox Sage extension RSS feeds cross-domain scripting vulnerability-vulnerability warning-the black bar safety net
Affected version: Mozilla Sage 1.4.3 vulnerability description: BUGTRAQ ID: 3 7 1 2 0 CVECAN ID: CVE-2 0 0 9-4 1 0 2 Sage is a Firefox the use of lightweight RSS and Atom aggregator Controller extension. Sage does not correctly filter the RSS feeds in the description tag input will be used to...
Mandriva Update for mdkonline MDVA-2008:138 (mdkonline)
Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:138 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for mdkonline MDVA-2008:138 (mdkonline)
Check for the Version of mdkonline OpenVAS Vulnerability Test Mandriva Update for mdkonline MDVA-2008:138 mdkonline Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Microsoft SQL Server 2008 Service Pack 3 (KB2546951)
SQL Server 2008 Service Pack 3 upgrades all builds of SQL Server 2008 and the components installed by SQL Server 2008 setup. The service pack may be applied to all editions of SQL Server 2008 and can upgrade any instances of SQL Server 2008 resident in your local system. If additional installatio...
Microsoft SQL Server 2008 R2 Service Pack 3 (KB2979597)
Service Pack 3 for Microsoft SQL Server 2008 R2 upgraded all Microsoft SQL Server 2008 R2 instances and components installed through the SQL Server setup. Service Pack 3 can upgrade all editions of Microsoft SQL Server 2008 R2 to Service Pack 3 level. For customers in need of additional...