Lucene search
+L

1730 matches found

Fedora
Fedora
added 2008/12/21 8:32 a.m.18 views

[SECURITY] Fedora 9 Update: drupal-views-6.x.2.2-1.fc9

The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...

2.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/12/21 12:0 a.m.24 views

Fedora 9 : drupal-views-6.x.2.2-1.fc9 (2008-11519)

Fixes SA-2008-075 http://drupal.org/node/348321. http://drupal.org/node/347831 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS5.4AI score0.0133EPSS
Exploits0References4
Drupal
Drupal
added 2008/12/16 12:0 a.m.13 views

SA-2008-075 - Views - SQL Injection

The Views module provides a flexible method for Drupal site designers to control how lists of content are presented. When using an exposed filter on CCK text fields with allowed values, Views does not filter the data correctly. This may allow malicious users to conduct SQL injection attacks again...

8AI score
Exploits0References7
0day.today
0day.today
added 2008/03/16 12:0 a.m.21 views

phpBP <= RC3 (2.204) FIX4 Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================ phpBP HACKBOX.pl query"SELECT FROM $confprefixbanners WHERE id=$GETid" or $db-errFILE, LINE; 13 14 if$db-numrows==0 15 16 redirect'index.php?module=error?error=bannerserror2'; 17...

7.1AI score
Exploits0
Prion
Prion
added 2007/08/23 1:17 a.m.15 views

Design/Logic Flaw

eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module...

10CVSS7.1AI score0.01797EPSS
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2007/08/03 12:0 a.m.72 views

DynamicData&#40;dms&#41;Document&amp;Article Script /dm_browse.asp.asp sql injection

DynamicDatadmsDocument&Article Script /dmbrowse.asp.asp sql injection Credit : CodeXpLoder'tq mail : codexploderathotmaildotcom site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam all members thx 3APA3A spec.note : "Live The Life" 1- example.com/patch/dmbrowse.asp?pid=sql methot 1-...

0.5AI score
Exploits0
0day.today
0day.today
added 2007/07/19 12:0 a.m.46 views

Oracle 9i/10g evil views Change Passwords Exploit (CVE-2007-3855)

Exploit for multiple platform in category local exploits ================================================================= Oracle 9i/10g evil views Change Passwords Exploit CVE-2007-3855 ================================================================= -- -- bunkerview.sql -- -- Oracle 9i/10g -...

6.9AI score0.15815EPSS
Exploits9
exploitpack
exploitpack
added 2007/07/12 12:0 a.m.91 views

Oracle Database - SQL Compiler Views Unauthorized Manipulation

Oracle Database - SQL Compiler Views Unauthorized Manipulation source: https://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected...

6.5CVSS1AI score0.15815EPSS
Exploits9
Cvelist
Cvelist
added 2007/05/11 10:0 a.m.21 views

CVE-2007-2607

PHP remote file inclusion vulnerability in views/print/printbar.php in LaVague 0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the viewspath parameter...

7.6AI score0.70643EPSS
Exploits1References5
securityvulns
securityvulns
added 2006/10/26 12:0 a.m.43 views

Modify Data via Inline Views

Name Modify Data via Inline Views 8107967 DB09 Systems Affected Oracle 9i - 10g Rel. 2 Severity High Risk Category Unauthorized Access Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 October 2006 V 1.00 Advisory...

1.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/08/02 6:39 p.m.6 views

security flaw

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

9.3CVSS7.7AI score0.0696EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/07/29 12:16 a.m.7 views

security flaw

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

9.3CVSS7.7AI score0.0696EPSS
Exploits0References4
OSV
OSV
added 2006/06/02 7:2 p.m.3 views

DEBIAN-CVE-2006-2779

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

9.3CVSS8.8AI score0.0696EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2006/06/02 7:0 p.m.54 views

CVE-2006-2779

Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 nested tags in a select tag, 2 a DOMNodeRemoved mutation event, 3 "Content-implemented tree views," 4 BoxObjects, 5 the XBL implementation, 6 an ifram...

9.3CVSS7.4AI score0.0696EPSS
Exploits0
securityvulns
securityvulns
added 2006/04/10 12:0 a.m.32 views

[Full-disclosure] Oracle read-only user can insert/update/delete data via specially crafted views

Hello Full Disclosure Last Thursday 6th April 2006, Oracle released a note on the Oracle knowledgebase Metalink with details about an unfixed security vulnerability =0day and a working test case =exploit code which effects all versions of Oracle from 9.2.0.0 to 10.2.0.3. This note "363848.1 - A...

0.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2006/01/22 12:0 a.m.9 views

PT-2006-1440 · Oracle · Mysql Server

Name of the Vulnerable Software and Affected Versions: MySQL version 5.0.18 Description: The issue allows local users with access to a VIEW to obtain sensitive information via the "SELECT FROM information schema.views;" query, which returns the query that created the VIEW. It is noted that the...

2.1CVSS6.4AI score0.00802EPSS
Exploits0References9
NVD
NVD
added 2005/11/02 11:2 a.m.31 views

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

10CVSS7AI score0.05866EPSS
Exploits5References7
NVD
NVD
added 2005/11/02 11:2 a.m.15 views

CVE-2005-3442

Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB09 in Export, 2 DB11 in Materialized Views, and 3 DB16 in Security Service...

10CVSS6.5AI score0.02884EPSS
Exploits0References5
Cvelist
Cvelist
added 2005/11/02 11:0 a.m.30 views

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

7AI score0.05866EPSS
Exploits5References7
0day.today
0day.today
added 2005/08/30 12:0 a.m.35 views

Gopher <= 3.0.9 (+VIEWS) Remote (Client Side) Buffer Overflow Exploit

Exploit for linux platform in category local exploits ===================================================================== Gopher bindshell port The Internet Gopher Client is based on the UMN Gopher/Gopherd 2.3.1 code. Gopher is an Internet technology that predates the Web. It presents informati...

6.8AI score
Exploits0
Rows per page
Query Builder