[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252212

 
 

909

 
 

196748

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 81359 Download | Alert*

Thor Larholm discovered that PHPMailer, as used by Moodle, did not correctly escape email addresses. A local attacker with direct access to the Moodle database could exploit this to execute arbitrary commands as the web server user. Nigel McNie discovered that fetching https URLs did not correctly escape shell meta-characters. An authenticated remote attacker could execute arbitrary commands as t ...

It was discovered that libicu did not correctly handle certain invalid encoded data. If a user or automated system were tricked into processing specially crafted data with applications linked against libicu, certain content filters could be bypassed.

It was discovered that the Zope Object Database database server improperly filtered certain commands when a database is shared among multiple applications or application instances. A remote attacker could send malicious commands to the server and execute arbitrary code. It was discovered that the Zope Object Database database server did not handle authentication properly when a database is sh ...

It was discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

horizon: Web interface for OpenStack cloud infrastructure Horizon could be made to expose sensitive information over the network.

backuppc: high-performance, enterprise-grade system for backing up PCs BackupPC could be made to expose sensitive information over the network.

rhythmbox: music player and organizer for GNOME Rhythmbox could be made to run programs as your login when using the Context plugin.

mono: Mono is a platform for running and developing applications Mono could be made to expose sensitive information over the network.

transmission: lightweight BitTorrent client Transmission could be made to expose sensitive information over the network.

ruby-sanitize: allowlist-based HTML and CSS sanitizer Sanitize could be made to perform XSS attacks if it received specially crafted input.


Pages:      Start    8016    8017    8018    8019    8020    8021    8022    8023    8024    8025    8026    8027    8028    8029    ..   8135

© SecPod Technologies