exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-178
Posted Sep 13, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-178 - Multiple cross-site scripting vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via the BASE parameter, or the ega_1 parameter. Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the onglet_bis parameter. Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via multiple inventory fields to the search form, reachable through index.php; or the Software name field to the All softwares search form, reachable through index.php. This upgrade provides ocsinventory 1.02.3 which is not vulnerable for these security issues.

tags | advisory, remote, web, arbitrary, php, vulnerability, xss, sql injection
systems | linux, mandriva
advisories | CVE-2010-1594, CVE-2010-1595, CVE-2010-1733
MD5 | eff94d70c006b5ba8dc60d9915368da2
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
US Is Out Of The Picture In Syria-Turkey Crisis. Putin Now Owns This Mess.
Posted Oct 20, 2019

tags | headline, government, usa, russia, turkey, syria, military
The US Army Just Contracted With A UFO Group To Study Alien Alloys
Posted Oct 19, 2019

tags | headline, government, usa, space, science, military
Critical Linux Wi-Fi Bug Allows System Compromise
Posted Oct 19, 2019

tags | headline, linux, wireless, flaw
UC Browser Potentially Endangers 500 Million Users
Posted Oct 19, 2019

tags | headline, privacy, phone, flaw, google
US Stopped Using Floppy Disks To Manage Nuclear Weapons Arsenal
Posted Oct 19, 2019

tags | headline, government, usa, military
Zappos Offers Users 10% Discount In 2012 Breach Settlement
Posted Oct 18, 2019

tags | headline, hacker, privacy, data loss, identity theft
Cryptocurrency Execs Charged With Running $11 Million Ponzi Scheme
Posted Oct 18, 2019

tags | headline, bank, cybercrime, fraud, cryptography
How The Wheels Came Off Facebook's Libra Project
Posted Oct 18, 2019

tags | headline, government, bank, facebook, social, cryptography
Samsung Bug Allows Any Fingerprint To Unlock Phones
Posted Oct 18, 2019

tags | headline, phone, flaw, password, samsung
Dancho Danchev Launches New Uncle George Initiative
Posted Oct 17, 2019

tags | headline, hacker, cybercrime, fraud
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close