10 matches found
SourceForge Kagemai Cross-Site Scripting Vulnerability
SourceForge Organization kagemai is an application of the Japanese open source SourceForge Organization . A Web-based bug tracking system BTS. Kagemai 0.8.6 suffers from a cross-site scripting vulnerability that could allow an attacker to execute arbitrary script in a user's web browser...
[SECURITY] [DLA 351-1] redmine security update
Package : redmine Version : 1.0.1-2+deb6u11 CVE ID : CVE-2015-8346 It was discovered that there was a data disclosure vulnerability in Redmine, a web-based bug and project management tool. The time logging form could disclose subjects of issues that are not visible/public. Patch by Holger Just. F...
Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9
Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: When abusing the X-FORWARDED-FOR header, an attacker could bypass the lockout policy allowing a possible brute-force discovery o...
Debian DSA-2308-1 : mantis - several vulnerabilities
Several vulnerabilities were found in Mantis, a web-based bug tracking system: Insufficient input validation could result in local file inclusion and cross-site scripting. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
Multiple vulnerabilities in BugTracker.Net
Core Security - CoreLabsMultiple vulnerabilities in BugTracker.Net 1. Advisory Information Title: Multiple vulnerabilities in BugTracker.Net Advisory Id: CORE-2010-1109 Advisory URL: http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker Date published: 2010-11-30 Date of last...
CVSTrac Detection
This host is running CVSTrac, a Web-Based Bug And Patch-Set Tracking System For CVS, Subversion and GIT. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVSTrac Detection
This host is running CVSTrac, a Web-Based Bug And Patch-Set Tracking System For CVS, Subversion and GIT. OpenVAS Vulnerability Test $Id: cvstracdetect.nasl 5721 2017-03-24 14:42:01Z cfi $ cvstrac Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is...
Debian: Security Advisory (DSA-778-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-944-1 : mantis - several vulnerabilities
Several security related problems have been discovered in Mantis, a web-based bug tracking system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-4238 Missing input sanitising allows remote attackers to inject arbitrary web script or HTML. -...
CVSTrac ticket title arbitrary command execution
The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to ticket titles containing a semi-colon ';' that may allow an attacker to execute arbitrary commands on the system. OpenVAS has determined the vulnerability...