120 matches found
DEBIAN-CVE-2020-1930
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same...
openSUSE Security Update : php7-imagick (openSUSE-2020-14)
This update for php7-imagick fixes the following issues : Upgrade to version 3.4.4 : Added : - function Imagick::optimizeImageTransparency - METRICSTRUCTURALSIMILARITYERROR - METRICSTRUCTURALDISSIMILARITYERROR - COMPRESSIONZSTD - https://github.com/facebook/zstd - COMPRESSIONWEBP -...
WordPress qtranslate-x plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. qtranslate-x is a multi-language switching plugin used in it. A cross-site request forgery vulnerability exists in WordPress...
ConvertPlus <= 3.4.4 - Multiple Issues
According to the changelog: 3.4.5 - Security: User with none role gets created on form submission by curl request for variants. 3.4.4 - Improved sanitization, escaping and other security improvements...
Design/Logic Flaw
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled ...
R Buffer Overflow Vulnerability (CNVD-2018-10175)
R is a free software environment for statistical computing and graphics that supports a wide range of UNIX, Windows and macOS platforms. A buffer overflow vulnerability exists in R version 3.4.4. A local attacker could exploit this vulnerability to execute code...
DEBIAN-CVE-2017-14266
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160...
Cross-Site Scripting
Overview Affected versions of i18next may fail to sanitize user input when certain configuration options are used. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. Proof of Concept var init = i18n.ini...
Core Security Bypass Vulnerability in Joomla!
Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. The system provides RSS feeds , site search and other features.Joomla! Core is a Joomla! kernel . A security bypass vulnerability exists in Joomla! Core versions 3.4.4 through 3.6.3...
CPython CRLF Injection Vulnerability - Windows
CPython is prone to a CRLF injection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
CPython CRLF Injection Vulnerability - Linux
CPython is prone to a CRLF injection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Octopus Deploy Login Utility
This module simply attempts to login to an Octopus Deploy server using a specific username and password. It has been confirmed to work on version 3.4.4 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require...
Unspecified vulnerability in tcpreplay tcprewrite
tcpreplay is a suite of tools based on the UNIX operating system developed by software developer Aaron Turner for testing the traffic of various network devices. tcprewrite is one of the tools used to modify the headers of Layer 2, Layer 3, and Layer 4 messages of the network protocol. An...
Squid 3.4.4 - 3.4.11, 3.5.0.1 - 3.5.1 Nonce Replay Security Bypass Vulnerability
Squid is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:squid-cache:squid";...
Cross-Site Scripting Vulnerability in Joomla!
Joomla! is the United States Open Source Matters team developed a set of open source content management system CMS. login is one of the login module . A cross-site scripting vulnerability exists in the login module in Joomla! versions 3.4.4 and 3.4.x prior to Joomla! A remote attacker can exploit...
IP.Board 3.4 cross-site scripting in Referer header
+-------------------------------------------------------------------- + + IP.Board 3.4 cross-site scripting in Referer header + +-------------------------------------------------------------------- + vendor site........: http://www.invisionpower.com + Affected Software .: IP.Board 3.4 + Class...
PowerZip 7.21 Stack Buffer Overflow
/ DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage or losses of any kind caused by the use or misuse of the...
Winplot 2010 - Buffer Overflow (PoC)
/ DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage or losses of any kind caused by the use or misuse of the...
PT-2006-5230 · Phlymail · Phlymail Lite
Name of the Vulnerable Software and Affected Versions: PHlyMail Lite versions 3.4.4 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the PM pathhandler parameter. This is a different attack vector. Note that this issue has been...
PHlyMail Lite [PM_[path][lib]=] Remote File Include Vulnerability
PHlyMail Lite PMpathlib= Remote File Include Vulnerability ------------------------------------------------------------------------------------------------------ - Script name: PHlyMail Lite v. 3.4.4 - Script site: http://phlymail.de...