7575 matches found
OSSIM <= 0.9.9 RC5 Multiple Vulnerabilities
Binary data 4398.prm...
ListManager < 9.3b / 9.2c / 8.95d Multiple Vulnerabilities
Binary data 4399.prm...
OSSIM Framework session/login.php dest Parameter XSS
The remote host is running OSSIM Open Source Security Information Management, a suite of security tools managed by a web-based front-end. The version of OSSIM installed on the remote host fails to sanitize user input to the 'dest' parameter of the 'session/login.php' script before using it to...
atutor155-xss.txt
====================================================================== ATutor Impact: Cross Site Scripting Status: patch available ------------------------------ Affected software description: ------------------------------ Application: ATutor Version: = 1.5.5 Vendor: http://www.atutor.ca...
Debian DSA-1488-1 : phpbb2 - several vulnerabilities
Several remote vulnerabilities have been discovered in phpBB, a web-based bulletin board. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0471 Private messaging allowed cross site request forgery, making it possible to delete all private messages of...
GE-Fanuc Proficy Real-Time Information Portal远程脚本上传及执行漏洞
BUGTRAQ ID: 27446 CVECAN ID: CVE-2008-0175 Proficy Real-Time Information Portal是一个基于Web的解决方案,将基于在线和过程的系统与厂级连接性、分析和人机界面器件集成起来。 Proficy Real-Time Information Portal在处理用户请求时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 Proficy Real-Time Information Portal没有对Add WebSource执行正确的Java...
SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion
The remote host is running SQLiteManager, a web-based application for managing SQLite databases. The version of SQLiteManager installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter of the 'spaw/dialogs/confirm.php' script before using it to include PHP code...
eTicket 'index.php' Cross Site Scripting Path Vulnerability
eTicket 'index.php' Cross Site Scripting Path Vulnerability Name: eTicket 'index.php' Cross Site Scripting Path Vulnerability Application: eTicket Versions Affected: 1.5.6-RC4 Severity: Medium Vendor: eTicket, http://sourceforge.net/projects/eticket Bug: XSS Path vulnerability Exploitation: Clien...
IBM AIX WebSM Remote Client For Linux本地不安全文件权限漏洞
BUGTRAQ ID: 27433 IBM AIX是一款商业性质的UNIX操作系统。 Web-based System Manager(WebSM)Remote Client for Linux在安装文件时设置了不正确的访问权限,本地攻击者可能利用此漏洞执行权限提升。 Web-based System Manager(WebSM)Remote Client for Linux允许远程管理AIX系统。当在Linux系统上安装WebSM Remote Client时,一些安装的文件错误地分配了完全可写的权限,因此Linux系统上的任意用户都可以写入这些文件。 IBM AIX 5.3 IBM...
DSA-1467-1 mantis - several vulnerabilities
Bulletin has no description...
Debian Security Advisory DSA 980-1 (tutos)
The remote host is missing an update to tutos announced via advisory DSA 980-1. Joxean Koret discovered several security problems in tutos, a web-based team organization software. The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2004-2161 An SQL injection...
Debian Security Advisory DSA 173-1 (bugzilla)
The remote host is missing an update to bugzilla announced via advisory DSA 173-1. OpenVAS Vulnerability Test $Id: deb1731.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 173-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 346-1 (phpsysinfo)
The remote host is missing an update to phpsysinfo announced via advisory DSA 346-1. OpenVAS Vulnerability Test $Id: deb3461.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 346-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 944-1 (mantis)
The remote host is missing an update to mantis announced via advisory DSA 944-1. Several security related problems have been discovered in Mantis, a web-based bug tracking system. For details on the issues resolved, please visit the referenced advisories. The old stable distribution woody does no...
Debian Security Advisory DSA 1177-1 (usermin)
The remote host is missing an update to usermin announced via advisory DSA 1177-1. Hendrik Weimer discovered that it is possible for a normal user to disable the login shell of the root account via usermin, a web-based administration tool. OpenVAS Vulnerability Test $Id: deb11771.nasl 6616...
Debian Security Advisory DSA 674-1 (mailman)
The remote host is missing an update to mailman announced via advisory DSA 674-1. OpenVAS Vulnerability Test $Id: deb6741.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 674-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 419-1 (phpgroupware)
The remote host is missing an update to phpgroupware announced via advisory DSA 419-1. OpenVAS Vulnerability Test $Id: deb4191.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 419-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 512-1 (gallery)
The remote host is missing an update to gallery announced via advisory DSA 512-1. OpenVAS Vulnerability Test $Id: deb5121.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 512-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Aria 0.99-6 (effect.php page) Local File Inclusion Vulnerability
No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-002 Application: aria-0.99-6 Web based ERP Versions Affected: aria-0.99-6 Vendor URL: http://www.tucows.net/ Bug: Local File Include Exploits: YES Reported: 09.01.2008 Vendor Response: None Date of Public...
Debian Security Advisory DSA 899-1 (egroupware)
The remote host is missing an update to egroupware announced via advisory DSA 899-1. Several vulnerabilities have been discovered in egroupware, a web-based groupware suite. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-0870 Maksymilian Arciemowicz...