[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15028 Download | Alert*

The host is installed with Ruby on Rails 3.0.x before 3.0.10 or 3.1.x before 3.1.0.rc6 and is prone to filter skipping vulnerability. A flaw is present in the application which fails to properly handle glob characters. Successful exploitation allows an attacker to craft a URL and cause Rails to render an arbitrary view.

The host is installed with Ruby on Rails before 2.3.13 or 3.0.x before 3.0.10 or 3.1.x before 3.1.0.rc5 and is prone to multiple SQL injection vulnerabilities. The flaws are present in the application which fail to properly handle a crafted column name. Successful exploitation allows remote attackers to inject arbitrary SQL into a query.

The host is installed with Ruby on Rails before 2.3.13 or 3.0.x before 3.0.10 or 3.1.x before 3.1.0.rc5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application which fails to properly handle strip_tags helper. Successful exploitation allows remote attackers to inject arbitrary web script or HTML into the response.

The host is installed with Ruby on Rails before 2.3.13 or 3.0.x before 3.0.10 or 3.1.x before 3.1.0.rc5 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application which fails to properly handle escaping function. Successful exploitation allows remote attackers to bypass the escaping code via a malformed unicode string.

The host is installed with Ruby on Rails 2.3.x before 2.3.13 and is prone to CRLF injection vulnerability. A flaw is present in the application which fails to sufficiently validate the values provided. Successful exploitation allows remote attackers to inject arbitrary HTTP headers into a response.

The host is installed with Adobe Reader and Acrobat and is prone to input validation vulnerability. A flaw is present in the applications, which fail to properly perform input validation. Successful exploitation allows remote attackers to execute arbitrary code using a crafted 3D file.

The host is installed with Ruby on Rails 3.0.5 and is prone to security bypass vulnerability. A flaw is present in the application which fails to properly validate the X-Forwarded-For header in requests from IP addresses on a Class C network. Successful exploitation allows remote attackers to bypass intended address parsing or inject arbitrary text into log files.

The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark, which fails to validate a certain frame size. Successful exploitation could allow attackers to crash the service.

The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle a buffer exception. Successful exploitation could allow attackers to crash the service.

The host is installed with Wireshark 1.6.x before 1.6.2 and is prone to a denial of service vulnerability. A flaw is present in the csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector, which fails to initialize a certain structure member. Successful exploitation could allow attackers to crash the service.


Pages:      Start    1174    1175    1176    1177    1178    1179    1180    1181    1182    1183    1184    1185    1186    1187    ..   1502

© SecPod Technologies