Joomla! Jimtawl component version 2.2.7 suffers from a remote SQL injection vulnerability.
d3b79f7c964061c092b60bca81183ea7bc3f07c456c3a397863c6a1c6b13934bZechat version 1.5 suffers from a remote SQL injection vulnerability.
84ff6edd4775e29a81b52adbe6edbf25cc7991a3b52797218ac9ee6be0e8c8a3Red Hat Security Advisory 2018-2868-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.
7eced1675dc2c952087fc4da02268030fbf94529eba0329937238f9258fefbf9Red Hat Security Advisory 2018-2867-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.0 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 5.0, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Issues addressed include an information leakage vulnerability.
1e53207eeb1e3abad71a75447a461b5ee7e4f22670d2d0fefe5f247a0f39bd8dUbuntu Security Notice 3782-1 - Henri Salo discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Liblouis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.
487abc1a3964d03e149224612c3eaf988c06aa29e13e9a9a28d7bb89115f3eabUbuntu Security Notice 3781-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
bd154b90a5e93b10a5e86d5ecf677bbf8c984f82ba9cc98a735d91d58039a8c9Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue.
e409996a93b56a3beccbb769cb31201dc29fd079c498e1cb926597616d9195b0sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
7e3a6c3843ecdd95a2d3a6bf4d863e432ed043909ed5c3db2dddf21e2a47c47bCollaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from an improper access control vulnerability.
750eb164ea45b8c746c98b5354c209f19dd64366c1af8fd09c78c20f8081542fCollaboration Compliance and Quality Management Platform versions 9.1.1.5482 and below suffer from a password disclosure vulnerability.
0018ec5778d402f160a3a47a794d2be0f3045f1ad2e4f4fdefd4292239008402PTC ThingWorx suffers from cross site scripting and password disclosure vulnerabilities. Versions affected include 6.5 through 7.4, 8.0.x, 8.1.x, and 8.2.x.
317f2e2b6aaec261a18c273b5fe9dec4ba8d2ee4aba58d901e630188c8d8b97fThe Call For Papers for nullcon Goa 2019 is now open. Nullcon is an annual Information Security Conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 1st through the 2nd, 2019 in Goa, India.
18fccbc17caa3e4bb0fd09b38388099b7be8ce3e500f75211479c70804f68d88OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the nome input.
d6c97a8f4e0a187395b2b5775240550e6f0253aeef582723813d671c9002ec61Coaster CMS version 5.5.0 suffers from a cross site scripting vulnerability.
0849b869bee82b63fddc5c4a779ba641150604c464edc36529ef46abcd7e08b3OPAC EasyWeb Five version 5.7 suffers from a remote SQL injection vulnerability in the biblio input.
06a064fa6626f63fa9d75e10581ee339fde2278790ee80a59e18cade8135cceb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed