6 matches found
EUVD-2013-6225
Malware in sbrugna...
CVE-2013-6404
Quassel core server daemon in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in 1 16/selectbufferbyid.sql, 2 16/selectbufferbyid.sql, and 3 16/selectbufferbyid.sql i...
Code injection
Quassel core server daemon in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in 1 16/selectbufferbyid.sql, 2 16/selectbufferbyid.sql, and 3 16/selectbufferbyid.sql i...
CVE-2013-6404
Quassel core server daemon in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in 1 16/selectbufferbyid.sql, 2 16/selectbufferbyid.sql, and 3 16/selectbufferbyid.sql i...
CVE-2013-6404
Affected software : Quassel IRC – Quassel core (server daemon) prior to version 0.9.2. Vulnerability : Improper verification of the user ID when accessing user backlogs, allowing remote authenticated users to read other users’ backlogs via the bufferid in specific SQL queries (core/SQL/PostgreSQL...
CVE-2013-6404
Quassel core server daemon in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in 1 16/selectbufferbyid.sql, 2 16/selectbufferbyid.sql, and 3 16/selectbufferbyid.sql i...