35 matches found
EUVD-2003-0935
Malware in sbrugna...
EUVD-2014-1776
Malware in sbrugna...
CVE-2003-0943
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via 1 waecho, 2 Web SQL Interface websql, or 3 Web Database Manager webdbm...
Exment 安全漏洞
Exment is Exceedone's open source simple, easy, lightweight, free web database. A security vulnerability exists in Exment versions 6.1.4 and earlier and 5.0.11 and earlier, which stems from an incorrect assignment of permissions to critical resources and a stored cross-site scripting vulnerabilit...
Exment 安全漏洞
Exment is Exceedone's open source simple, easy, lightweight, free web database. A security vulnerability exists in Exment versions 6.1.4 and earlier and 5.0.11 and earlier, which stems from an incorrect assignment of permissions to critical resources and a stored cross-site scripting vulnerabilit...
SUSE CVE-2006-6942
Multiple cross-site scripting XSS vulnerabilities in PhpMyAdmin before 2.9.1.1 allow remote attackers to inject arbitrary HTML or web script via 1 a comment for a table name, as exploited through a dboperations.php, 2 the db parameter to b dbcreate.php, 3 the newname parameter to dboperations.php...
SUSE CVE-2014-1702
Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecifie...
SUSE CVE-2015-3727
WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly restrict rename operations on WebSQL tables, which allows remote attackers to access an arbitrary web site's database via a crafted web site...
part-db 操作系统命令注入漏洞
part-db is a web-based database used to manage electronic components. An operating system command injection vulnerability exists in part-db that stems from the presence of system command injection in part-db...
Warehouse Inventory System Cross-Site Request Forgery Vulnerability
Warehouse Inventory System is an open source inventory management system based on php and mysql . Warehouse Inventory System suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to send unintended requests to the server via an affected client...
Arbitrary Code Execution Vulnerability in Multiple Versions of Intimate Home Care Intimate Cat (imcat)
Intimate Cat imcat is a general-purpose website system designed in PHP+MySQL architecture. Arbitrary code execution vulnerability exists in several versions of Intimate Home Care Intimate Cat imcat. An attacker can exploit the vulnerability to execute arbitrary code and gain server privileges...
Unauthorized Access Vulnerability in EML Enterprise Contacts Management System of Yisoftone.com
EML enterprise address book management system is based on Linux open kernel and Apache based Php+Mysql intelligent B/S interactive service system. EML Enterprise Address Book Management System of YisoftStone.com has an unauthorized access vulnerability, which can be exploited by attackers to caus...
Arbitrary File Deletion Vulnerability in HuCart
HuCart is a PHP+Mysql based enterprise building system that can run on various server platforms such as Linux and Windows. HuCart has an arbitrary file deletion vulnerability that can be exploited by attackers to arbitrarily delete server files...
Collection of 1.4 Billion Plain-Text Leaked Passwords Found Circulating Online
Hackers always first go for the weakest link to quickly gain access to your online accounts. Online users habit of reusing the same password across multiple services gives hackers opportunity to use the credentials gathered from a data breach to break into their other online accounts. Researchers...
Code Execution Vulnerability in FineCMS Frontend
FineCMS is a content management system based on PHP+MySql. A code execution vulnerability exists in the frontend of FineCMS version 5.x, which can be exploited by an attacker to execute arbitrary code via a constructed statement...
Updated chromium-browser-stable packages fix security vulnerabilities
Use-after-free in speech CVE-2014-1700. UXSS in events CVE-2014-1701. Use-after-free in web database CVE-2014-1702. Potential sandbox escape due to a use-after-free in web sockets CVE-2014-1703. Multiple vulnerabilities in V8 fixed in version 3.23.17.18 CVE-2014-1704. Memory corruption in V8...
Google Chrome Multiple Vulnerabilities-02 (Mar 2014) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Design/Logic Flaw
Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecifie...
CVE-2014-1702
Use-after-free vulnerability in the DatabaseThread::cleanupDatabaseThread function in modules/webdatabase/DatabaseThread.cpp in the web database implementation in Blink, as used in Google Chrome before 33.0.1750.149, allows remote attackers to cause a denial of service or possibly have unspecifie...
CVE-2014-1702
Removed by vendor...