CVE-2009-4766

YP Portal MS-Pro Surumu aka MS-Pro Portal Scripti 1.0 and 1.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for galeri/database/db.mdb...

EUVD-2020-14968

Malware in sbrugna...

EUVD-2002-0552

Malware in sbrugna...

CVE-2020-22203

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

Malicious code in discord-yp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0d2252fab3f11a50edd63d2fc7a07cf9a5fa74bbe2702926fc744312a06b8023 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

CVE-2020-22203

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

CVE-2020-22203

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

Sql injection

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

CVE-2020-22203

SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php...

PT-2021-10745 · Phpcms · Phpcms

Name of the Vulnerable Software and Affected Versions: phpCMS 2008 sp4 Description: The issue allows remote malicious users to execute arbitrary php commands. This is achieved via the pagesize parameter to the "yp/product.php" endpoint. Recommendations: For phpCMS 2008 sp4, consider restricting...

PHPCMS SQL注入漏洞

PHPCMS is a web content management system based on PHP and Mysql architecture. The system includes modules such as news, images, downloads, information, products and so on. A SQL injection vulnerability exists in phpCMS because the genre parameter in the yp/job.php file is not handled securely,...

OpenSSH 3.2.2 Security Vulnerability

A possible security issue for sshd in OpenBSD has been reported. A vulnerability related to the implementation of BSD authentication exists in sshd that may have security implications. In access configurations which use YP with netgroups, sshd will authenticate users via ACL by checking for the...

glampers-yp.com Cross Site Scripting vulnerability OBB-1413937

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

gainful.silver.yp.com.hk Cross Site Scripting vulnerability OBB-1235014

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Fedora 29 : icecast (2018-b881073c43)

This release fixes buffer overflows in URL authentication code CVE-2018-18820, a crash in htpasswd authentication if no filename is set, a crash on xsltApplyStylesheet error, and a crash on malformed Opus streams. It also corrects global listener counter. It stops displaying hashed user passwords...

Fedora 27 : icecast (2018-f3d995c6a8)

This release fixes buffer overflows in URL authentication code CVE-2018-18820, a crash in htpasswd authentication if no filename is set, a crash on xsltApplyStylesheet error, and a crash on malformed Opus streams. It also corrects global listener counter. It stops displaying hashed user passwords...

Code injection

In meta/classes/packageipk.bbclass in Poky in poky-pyro 17.0.0 for Yocto Project through YP Core - Pyro 2.3, attackers can obtain sensitive information by reading a URL in a Source entry in an ipk package...

CVE-2017-9731

The CVE-2017-9731 entry concerns the Yocto Project/Poky component: meta/classes/package_ipk.bbclass (Poky-Pyro 17.0.0 for Yocto through YP Core - Pyro 2.3). The issue enables information disclosure by allowing attackers to read a URL from a Source entry in an ipk package, exposing sensitive data....

Scientific Linux Security Update : autofs on SL6.x i386/x86_64 (20150722)

It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. CVE-2014-8169 Note:...

YP Portal MS-Pro Surumu 1.0 DB Download Vulnerability

No description provided by source...