- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200809-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200809-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200809-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Original article:
http://www.davidsopas.com/2008/09/sql-injection-in-easyrealtorpro/
"EasyRealtorPRO 2008 provides you with all features you need to setup
your own business oriented real estate website on your own domain
name. Our support team will install the script on your server and then
you c
===
Ubuntu Security Notice USN-645-3 September 25, 2008
firefox-3.0, xulrunner-1.9 regression
https://launchpad.net/bugs/270429
===
A security issue affects the following Ubuntu
#! /usr/bin/perl
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Libra PHP File Manager <= 1.18 / Local File Inclusion Vulnerability
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# Program: Libra PHP File Manager
# Version: <= 1.18
# File affected:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
adnforum <= 1.0b / Insecure Cookie Handling Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
$ Program: adnforum
$ Version: <= 1.0b
$ File affected: index.php
$ Download: http://sourceforge.net/projects/adnforum/
Fo
Cross Site Scripting (XSS) Vulnerabilitiy in flatpress 0.804,
CVE-2008-4120
References
http://www.datensalat.eu/~fabian/cve/CVE-2008-4120-flatpress.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4120
http://www.flatpress.org/
Description
FlatPress is an open-source standard-compli
Background
-
Vendor product information:
PCU400 is the modern product when implementing an effective data acquisition
network in SCADA-based systems
PCU400, Process Communication Unit 400 forms the communication interface to the network of remote terminal units (RTUs) together w
Are you kidding ?
As the PHP manual said "if you use double quotes there will be a need to escape
the variable names".
In your example you use a function with double quotes, without escaping the
variable $sort_by, so
this is not a PHP vulnerability, but a development one.
For this time,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01560892
Version: 1
HPSBST02372 SSRT080133 rev.1 - Storage Management Appliance (SMA), Microsoft
Patch Applicability MS08-052 to MS08-055
NOTICE: The information in this Security Bulletin shou
Google Docs (HTML code) Multiple Cross Site Scripting Vulnerabilities
I. Background:
Google Docs is an online application which makes possibile to "Create and share
your work online". You can use it to
create Documents, Presentations, Spreadsheets and Forms.
II. Description:
Multiple cross sit
php use create_function function to CREATE an anonymous function like
below(stolen from php_manual):
--
Description
string create_function ( string args, string code )
Creates an anonymous function from the parameters passed, and returns a unique
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01539423
Version: 3
HPSBOV02364 SSRT080078 rev.3 - HP OpenVMS SMGRTL Run Time Library, Local
Authorized User, Gain Privileged Access
NOTICE: The information in this Security Bulletin should be
14 matches
Mail list logo