[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 611 Download | Alert*

The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection.

A Denial of Service vulnerability exists in askpop3d 0.7.7 in free (pszQuery),

The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe deserialization of XML messages.

PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

PrestaShop before 1.4.11 allows logout CSRF.

The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser.

Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type.

The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via unspecified vectors.

A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code

Pages:      Start    4    5    6    7    8    9    10    11    12    13    14    15    16    17    ..   61

© SecPod Technologies