4 matches found
openSUSE Security Update : dbus-1 (openSUSE-2016-1269)
This update for dbus-1 to version 1.8.22 fixes several issues. This security issue was fixed : - boo1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. These non-security issues were fixed : - boo978477: Correctly reset timeouts for pending fi...
openSUSE Security Update : dbus-1 (openSUSE-2016-1206)
This update for dbus-1 to version 1.8.22 fixes several issues. This security issue was fixed : - boo1003898: Do not treat ActivationFailure message received from root-owned systemd name as a format string. These non-security issues were fixed : - boo978477: Correctly reset timeouts for pending fi...
BSQLinjector - Blind SQL Injection Exploitation Tool
BSQLinjector uses blind method to retrieve data from SQL databases. I recommend using "--test" switch to clearly see how configured payload looks like before sending it to an application. Options: --file Mandatory - File containing valid HTTP request and SQL injection point SQLINJECT...
[ACM, Ariadne Content Manager] unauth. SQL injection + user enumeration
Hi sec-folks, I recently discuss with Ariadne team to public disclose two new different vulnerabilities found in Ariadne Content Manager ACM. As the name says, ACM is an enterprise solution for content management mainly used by big private and public companies and institutions. This is the site o...