SEC Consult SA-20090305-0 :: NextApp Echo XML Injection Vulnerability

SEC Consult Security Advisory 20090305-0 ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 2.1.1 homepage: http://echo.nextapp.com/site/echo2 found: Feb. 2008 by: Anonymous / SEC...

PHPRecipeBook 2.24 (base_id) Remote SQL Injection Vulnerability

No description provided by source. + PHPRecipeBook 2.24 idRemort SQL Injection Vulnerability - + Discovered By d3b4g + script: http://phprecipebook.sourceforge.net/demo/phprecipebook/ + Greetz : str0ke | Inerd | & friends - Follow me on twitter www.twitter.com/schaba About: ------ PHPRecipeBook i...

NextApp Echo XML Injection

SEC Consult Security Advisory ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 me...

NextApp Echo < 2.1.1 XML Injection Vulnerability

Exploit for multiple platform in category remote exploits ================================================ NextApp Echo ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 2.1.1...

NextApp Echo &lt; 2.1.1 - XML Injection

SEC Consult Security Advisory ======================================================================== title: NextApp Echo XML Injection Vulnerability program: NextApp Echo vulnerable version: Echo2 2.1.1 homepage: http://echo.nextapp.com/site/echo2 found: Feb. 2008 by: Anonymous / SEC Consult...

PHPRecipeBook 2.24 (base_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== PHPRecipeBook 2.24 baseid Remote SQL Injection Vulnerability =============================================================== + PHPRecipeBook 2.24 idRemort SQL Injection...

PHPRecipeBook 2.24 - &#039;base_id&#039; SQL Injection

PHPRecipeBook 2.24 idRemort SQL Injection Vulnerability - + Discovered By d3b4g + script: http://phprecipebook.sourceforge.net/demo/phprecipebook/ + Greetz : str0ke | Inerd | & friends - Follow me on twitter www.twitter.com/schaba About: ------ PHPRecipeBook is a Web-based cookbook with the...

[Backports-security-announce] Security Update for mediawiki

Gerfried Fuchs uploaded new packages for mediawiki which fixed the following security problems: CVE-2008-5249, Debian BTS 508868 Cross-site scripting XSS vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Afian Document Manager Local File Inclusion

Afian is an application that can add, in just minutes, powerful document management capabilities to any Web server. It provides an Web-based interface for documents residing on the Web server's file system. This software has a secutity hole allow attackers download any files if they know the path...

Afian Local File Inclusion

Afian is an application that can add, in just minutes, powerful document management capabilities to any Web server. It provides an Web-based interface for documents residing on the Web server's file system. This software has a secutity hole allow attackers download any files if they know the path...

CentOS Update for tog-pegasus CESA-2008:0002 centos4 x86_64

Check for the Version of tog-pegasus OpenVAS Vulnerability Test CentOS Update for tog-pegasus CESA-2008:0002 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for phpPgAdmin FEDORA-2007-0469

Check for the Version of phpPgAdmin OpenVAS Vulnerability Test Fedora Update for phpPgAdmin FEDORA-2007-0469 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpPgAdmin FEDORA-2007-1013

Check for the Version of phpPgAdmin OpenVAS Vulnerability Test Fedora Update for phpPgAdmin FEDORA-2007-1013 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for sblim-cmpi-base CESA-2008:0497 centos4 x86_64

Check for the Version of sblim-cmpi-base OpenVAS Vulnerability Test CentOS Update for sblim-cmpi-base CESA-2008:0497 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the web-based installer config/index.php in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-0737

Multiple cross-site scripting XSS vulnerabilities in the web-based installer config/index.php in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-0737

Multiple cross-site scripting XSS vulnerabilities in the web-based installer config/index.php in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-0737

Multiple cross-site scripting XSS vulnerabilities in the web-based installer config/index.php in MediaWiki 1.6 before 1.6.12, 1.12 before 1.12.4, and 1.13 before 1.13.4, when the installer is in active use, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2009-0737

MediaWiki 1.6/1.12/1.13 series are affected by multiple cross-site scripting (XSS) vulnerabilities in the web-based installer (config/index.php) when the installer is in use. The issue allows remote attackers to inject arbitrary script/HTML via unspecified vectors. Root cause is XSS in the instal...

phpScheduleIt多个PHP代码注入漏洞

BUGTRAQ ID: 33855 phpScheduleIt是一个基于Web的预约/计划系统，可以用来管理需要预约的资源。 phpScheduleIt的reserve.php和check.php文件中没有正确地验证对processreservation函数所传送的startdate和enddate参数，远程攻击者可以通过提交恶意请求导致注入并执行恶意PHP代码。 Nick Korbel phpScheduleIt 1.2.11 厂商补丁： Nick Korbel ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...