1337 matches found
Debian Security Advisory DSA 2604-1 (rails - insufficient input validation)
It was discovered that Rails, the Ruby web application development framework, performed insufficient validation on input parameters, allowing unintended type conversions. An attacker may use this to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform...
SQL Injection Flaw Haunts All Ruby on Rails Versions
All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the maintainers of...
Fedora Update for Django FEDORA-2012-20224
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2012-20224 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
[SECURITY] Fedora 17 Update: Django-1.4.3-1.fc17
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
Fedora Update for Django FEDORA-2012-16440
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2012-16440 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for Django FEDORA-2012-16417
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2012-16417 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
[SECURITY] Fedora 17 Update: Django-1.4.2-1.fc17
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 16 Update: Django-1.3.4-1.fc16
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 18 Update: python-django-1.4.2-1.fc18
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
Fedora Update for Django FEDORA-2012-11416
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2012-11416 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
[SECURITY] Fedora 16 Update: Django-1.3.2-1.fc16
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
[SECURITY] Fedora 17 Update: Django-1.4.1-1.fc17
Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...
Struts2 remote command execution vulnerability analysis and prevention-vulnerability and early warning-the black bar safety net
Struts 2 is the struts and WebWork technology based on a merge of the new framework. Its brand new Struts 2 architecture and Struts 1 architecture the difference is huge. Struts 2 with WebWork as the core, using the interceptor mechanism to deal with user's request, such design also makes the...
ThinkPhp web框架 php代码任意执行漏洞
No description provided by source...
Fedora Update for Django FEDORA-2011-12503
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2011-12503 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Debian Security Advisory DSA 2332-1 (python-django)
The remote host is missing an update to python-django announced via advisory DSA 2332-1. OpenVAS Vulnerability Test $Id: deb23321.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2332-1 python-django Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft...
Kingdee Apusic Web framework for the backend to get the site webshell and repair-vulnerability warning-the black bar safety net
Apusic Web Management Console Default background address: admin/login. jsp The default management account password: admin admin Use method: the background has to execute SQL statements, also have to load anything. Specific words have forgotten Find Upload, a loaded God horse, just look to...
Microsoft ASP.NET and PHP Hash Collision Denial of Service - Specific (CVE-2011-3414)
A denial of service vulnerability has been reported in Microsoft ASP.NET and PHP. The vulnerability is caused due to the way common web framework implementations use hash tables to map parameters and values of web requests. A remote attacker may exploit this vulnerability by generating multiple...
Microsoft ASP.NET and PHP Hash Collision Denial of Service (CVE-2011-3414)
A denial of service vulnerability has been reported in Microsoft ASP.NET and PHP. The vulnerability is caused due to the way common web framework implementations use hash tables to map parameters and values of web requests. A remote attacker may exploit this vulnerability by generating multiple...
USN-1297-1: Django vulnerabilities
Pall McMillan discovered that Django used the root namespace when storing cached session data. A remote attacker could exploit this to modify sessions. CVE-2011-4136 Paul McMillan discovered that Django would not timeout on arbitrary URLs when the application used URLFields. This could be exploit...