Sqlbuddy versions 1.3.2 and 1.3.3 suffer from a reflective cross site scripting vulnerability.
916109532feb3c292fbab16a34d4a14aRed Hat Security Advisory 2014-0876-01 - Ruby on Rails is a model-view-controller framework for web application development. Active Record implements object-relational mapping for accessing database entries using objects. It was discovered that Active Record did not properly quote values of the bitstring type attributes when using the PostgreSQL database adapter. A remote attacker could possibly use this flaw to conduct an SQL injection attack against applications using Active Record.
f031ae3efe6092fb923d08c3242c3860Red Hat Security Advisory 2014-0877-01 - Ruby on Rails is a model-view-controller framework for web application development. Active Record implements object-relational mapping for accessing database entries using objects. It was discovered that Active Record did not properly quote values of the range type attributes when using the PostgreSQL database adapter. A remote attacker could possibly use this flaw to conduct an SQL injection attack against applications using Active Record.
271863dfb96935c67af5efcf96445bebSlackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
f8a479c91e5eab4f2b4b393e484b04b5OpenCart versions 1.5.6.4 and below suffer from a PHP objection injection vulnerability.
c2131aa96490a8154ddc0adab7fbcee3WordPress Tidio Gallery plugin version 1.1 suffers from cross site scripting and remote shell upload vulnerabilities.
941f212e40a0c263f162e141fa5109a6WEBMIS CMS suffers from a remote shell upload vulnerability.
bb116c73616d0fd0d5d850f8de69fb95WordPress CopySafe PDF Protection plugin versions 0.6 and below suffer from a remote shell upload vulnerability.
2bb66ce6b558daa1b35ac1b6c6e5058f
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed