7576 matches found
phpScheduleIt多个PHP代码注入漏洞
BUGTRAQ ID: 33855 phpScheduleIt是一个基于Web的预约/计划系统,可以用来管理需要预约的资源。 phpScheduleIt的reserve.php和check.php文件中没有正确地验证对processreservation函数所传送的startdate和enddate参数,远程攻击者可以通过提交恶意请求导致注入并执行恶意PHP代码。 Nick Korbel phpScheduleIt 1.2.11 厂商补丁: Nick Korbel ----------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Fedora Update for mantis FEDORA-2008-8925
Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2008-8925 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for mantis FEDORA-2008-0282
Check for the Version of mantis OpenVAS Vulnerability Test Fedora Update for mantis FEDORA-2008-0282 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for horde FEDORA-2008-5683
Check for the Version of horde OpenVAS Vulnerability Test Fedora Update for horde FEDORA-2008-5683 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora Update for phpMyAdmin FEDORA-2008-8370
Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2008-8370 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
ravennuke 2.3.0 - Multiple Vulnerabilities
waraxe-2009-SA072 - Multiple Vulnerabilities in RavenNuke 2.3.0 =============================================================================== Author: Janek Vind "waraxe" Date: 16. February 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-72.html Description of vulnerable softwar...
Fedora Update for phpPgAdmin FEDORA-2008-11576
Check for the Version of phpPgAdmin OpenVAS Vulnerability Test Fedora Update for phpPgAdmin FEDORA-2008-11576 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for phpPgAdmin FEDORA-2008-11602
Check for the Version of phpPgAdmin OpenVAS Vulnerability Test Fedora Update for phpPgAdmin FEDORA-2008-11602 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Security Advisory for Bugzilla 3.2.1, 3.0.7, and 3.3.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Summary ======= Bugzilla is a Web-based bug-tracking system, used by a large number of software projects. Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under modperl, generated insufficiently random numbers, resulting in all random tokens being the...
Oracle Application Server Portal 10g Cross Site Scripting Vulnerability
OracleAS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environment for accessing and interacting with enterprise software services and information resources. A vulnerability has been identified in Oracle Application Server 10g, This could b...
Oracle AS Portal Cross Site Scripting
Oracle AS Portal is a Web-based application for building and deploying portals. It provides a secure, manageable environment for accessing and interacting with enterprise software services and information resources. A vulnerability has been identified in Oracle Application Server 10g, This could ...
JVN#28344798 Cisco IOS cross-site scripting vulnerability
Some versions of the Cisco IOS provide a web-based interface to configure the device. This web-based interface contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest firmware provided by...
FreeBSD : vinagre -- format string vulnerability (214e8e07-d369-11dd-b800-001b77d09812)
CORE Security Technologies reports : A format string error has been found on the vinagreutilsshowerror function that can be exploited via commands issued from a malicious server containing format string specifiers on the VNC name. In a web-based attack scenario, the user would be required to...
Text Lines Rearrange Script (filename) File Disclosure Vulnerability
No description provided by source. + Text Lines Rearrange Script download.php filename File Disclosure Vulnerability + Discovered By SirGod + Visit : www.h4cky0u.org + Greetz : All my friends + File Disclosure Vulnerability Vulnerable Code in download.php :...
[SECURITY] Fedora 8 Update: phpPgAdmin-4.2.2-1.fc8
phpPgAdmin is a fully functional web-based administration utility for a PostgreSQL database server. It handles all the basic functionality as well as some advanced features such as triggers, views and functions stored procedures. It also has Slony-I support...
[SECURITY] Fedora 10 Update: phpPgAdmin-4.2.2-1.fc10
phpPgAdmin is a fully functional web-based administration utility for a PostgreSQL database server. It handles all the basic functionality as well as some advanced features such as triggers, views and functions stored procedures. It also has Slony-I support...
[SECURITY] Fedora 9 Update: phpPgAdmin-4.2.2-1.fc9
phpPgAdmin is a fully functional web-based administration utility for a PostgreSQL database server. It handles all the basic functionality as well as some advanced features such as triggers, views and functions stored procedures. It also has Slony-I support...
[SECURITY] Fedora 8 Update: phpMyAdmin-3.1.1-1.fc8
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpPgAdmin = 4.2.1 Local File Inclusion Vulnerability Script: "phpPgAdmin is a web-based...
phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================== phpPgAdmin 136 ... // Determine language file to import: // 1. Check for the language from a request var if isset$REQUEST'language' && isset$appLangFiles$REQUEST'language'...