[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 11459 Download | Alert*

It was discovered that MoinMoin did not properly sanitize its input, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

It was discovered that Python Paste did not properly sanitize certain strings, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy

Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. Nigel McNie discovered that fetching https URLs did not correctly escape shell meta-characters. An authenticated remote attacker could execute arbitrary commands as t ...

It was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed.

It was discovered that the Zope Object Database database server improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. It was discovered that the Zope Object Database database server did not handle authentication properly when a database is sh ...

It was discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

horizon: Web interface for OpenStack cloud infrastructure Horizon could be made to expose sensitive information over the network.

backuppc: high-performance, enterprise-grade system for backing up PCs BackupPC could be made to expose sensitive information over the network.

rhythmbox: music player and organizer for GNOME Rhythmbox could be made to run programs as your login when using the Context plugin.


Pages:      Start    1117    1118    1119    1120    1121    1122    1123    1124    1125    1126    1127    1128    1129    1130    ..   1145

© SecPod Technologies