Dokeos version 1.8.6.2 suffers from a reflective cross site scripting vulnerability.
602124acbba9ac02c1e38b89d420675af928c33221170e7891883bce59d89ae9OmegaBill version 1.0 Build 6 suffers from an arbitrary PHP code execution vulnerability.
08dd8bef7c5cca1071275d972834abffd87dd2f752500a30375d8eeb0ef68cd3OmegaBill version 1.0 Build 6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e353289884695b576bab4d32d9efdfdeb9b16c82b0f86554452d4fdf632ac9bdUbuntu Security Notice 1062-1 - Keiichi Mori discovered that the MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to a denial of service attack due to improper logic when a worker child process exited because of invalid network input. This could only occur when kpropd is running in standalone mode; kpropd was not affected when running in incremental propagation mode ("iprop") or as an inetd server. This issue only affects Ubuntu 9.10, Ubuntu 10.04 LTS, and Ubuntu 10.10. Kevin Longfellow and others discovered that the MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks when using an LDAP back end due to improper handling of network input.
026c107b8e69f09a0f231a9050536cf994a0857a0a7ecb94245b288ee26ca969Ubuntu Security Notice 1063-1 - Neil Wilson discovered that if VNC passwords were blank in QEMU configurations, access to VNC sessions was allowed without a password instead of being disabled. A remote attacker could connect to running VNC sessions of QEMU and directly control the system. By default, QEMU does not start VNC sessions.
f58fcaa41e8dd476310be860b4827839a5fcbf87285da73a23b6edf3e0272132jSchool Advanced suffers from a remote SQL injection vulnerability.
1f0034fe6234c90827dca3427d82055149a918a29259535725a775985b41cd48
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed