PHPCMS 2 0 0 7 SQL injection, and variable overwrite vulnerability-vulnerability warning-the black bar safety net

PHPCMS is a PHP-based+Mysql architecture of the web content management system, it is an open-source PHP development platform. Phpcms uses a modular approach to the development, functional and easy to use to facilitate the expansion, for medium to large sites provide heavyweight website Building...

sudo security update

CentOS Errata and Security Advisory CESA-2010:0475 An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

PHPCMS 2007网站管理系统common.inc.php页面变量覆盖漏洞

PHPCMS是一款基于 PHP+Mysql 架构的网站内容管理系统，也是一个开源的 PHP 开发平台。Phpcms 采用模块化方式开发，功能易用便于扩展，可面向大中型站点提供重量级网站建设解决方案。 在文件incude/common.inc.php中： if!defined'INADMIN' //不是管理员则进入判断 if$CONFIG'dbiscache' $dbfile .= 'cache'; if$CONFIG'phpcache' == '2' $cachefileid = md5$PHPSELF.'?'.$PHPQUERYSTRING; $cachefiledir =...

CVE-2010-1252

Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability."...

Spoofing

Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel String Variable Vulnerability."...

CVE-2010-1646

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta 4.50, and possibly other versions, allow remote attackers to execute arbitrary PHP code via a URL in the csbasepath parameter to 1 docs.php and 2 include/admin/deviceadmin.php. NOTE: the header.php vector is already covered by...

List executable and writable-executable Files, list path variable

List executable and writable-executable files, list path variable over an SSH Connection. Check for executable Files outside /usr/local/bin:/usr/bin:/bin:/usr/bin/X11: /usr/games:/sbin:/usr/sbin:/usr/local/sbin:, check for user write permission on valid executables. SPDX-FileCopyrightText: 2010...

List executable and writable-executable Files, list path variable

List executable and writable-executable Files, list path variable over an SSH Connection. Check for executable Files outside /usr/local/bin:/usr/bin:/bin:/usr/bin/X11: /usr/games:/sbin:/usr/sbin:/usr/local/sbin:, check for user write permission on valid executables. OpenVAS Vulnerability Test $Id...

CVE-2010-2090

The npbprotocolerror function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX aka CSAIX or CS/AIX in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service daemon crash via APPC data containing a GDSID variable with a GDS...

Design/Logic Flaw

The npbprotocolerror function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX aka CSAIX or CS/AIX in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service daemon crash via APPC data containing a GDSID variable with a GDS...

Discuz! 7.x/6.x论坛绕过全局变量防御漏洞

Discuz!是一款华人地区非常流行的Web论坛程序。 由于php5.3.x版本php.ini的设置中requestorder默认值为GP，导致Discuz! 6.x/7.x中可以绕过全局变量防御。 在include/global.func.php代码中： function daddslashes$string, $force = 0 !defined'MAGICQUOTESGPC' && define'MAGICQUOTESGPC', getmagicquotesgpc; if!MAGICQUOTESGPC || $force ifisarray$string foreach$stri...

Discuz! 6. x/7. x a global variable Defense bypass vulnerability-vulnerability warning-the black bar safety net

Due to php5. 3. x version php. ini settings requestorder the default value for the GP, resulting in Discuz! 6. x/7. x a global variable Defense bypass vulnerability include/global. func. php code: function daddslashes$string, $force = 0 ! defined'MAGICQUOTESGPC' && define'MAGICQUOTESGPC',...

Discuz! 6.x/7.x 全局变量防御绕过漏洞

No description provided by source...

CVE-2010-1509

IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of PSD images, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow,...

ZDI-10-081: HP OpenView NNM ovet_demandpoll sel CGI Variable Format String Remote Code Execution Vulnerability

ZDI-10-081: HP OpenView NNM ovetdemandpoll sel CGI Variable Format String Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-081 May 11, 2010 -- CVE ID: CVE-2010-1550 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network No...

DeluxeBB 1.3 newpost. php page SQL injection vulnerability-vulnerability warning-the black bar safety net

DeluxeBB is a PHP-based Forum application. DeluxeBB of newpost. php page does not properly filter user submitted the SQL query parameters: //inserting thread $db-unbufferedquery"INSERT INTO ".$ prefix."threads VALUES NULL, ’$infofid’, ’".$ COOKIE’memberid’."’, ’$subject’, ’$posticon’, ’0’, ’0’,...

ZDI-10-082: HP OpenView NNM netmon sel CGI Variable Remote Code Execution Vulnerability

ZDI-10-082: HP OpenView NNM netmon sel CGI Variable Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-082 May 11, 2010 -- CVE ID: CVE-2010-1551 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

Windows Path Variable over WMI - Windows

Read the Windows System Path Variables over WMI. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sablog-X V2. X admin permissions spoofing and arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net

Sablog-X is a PHP and MySQL build a blog system. Affected version:Sablog-X-2. x Said First admin permission spoofing vulnerability Due to the Sablog-x v2. x the back-end authentication process there is a serious logical problem, and leads to the special structure of the cookie log in directly to...