Смотрите также связанные темы 09.01.2018 CVE-2013-0001 The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a pointer to an unmanaged memory location, aka "System Drawing Information Disclosure Vulnerability."
09.01.2018 CVE-2015-7115 libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.
14.08.2018 CVE-2008-3675 Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via (1) a .. (dot dot) and possibly (2) full pathname in the img parameter. NOTE: some of these details are obtained from third party information.
07.10.2018 CVE-2008-4489 Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
20.10.2018 CVE-2008-4635 Unspecified vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 and earlier, a module for XOOPS, allows remote attackers to obtain sensitive user information via unknown vectors.
27.10.2018 CVE-2008-4766 SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
02.02.2018 Organizations responsible for third party security? A new Massachusetts law called 201 CMR 17.00 from the Office of Consumer Affairs and Business Regulation (OCABR) was passed in order to add additional protection requirements around personal information disclosure. This new regulation is specifically targeted to reduce the incidence of identity theft that comes from personal data maintained by businesses and organizations that do business in Massachusetts. This regulation is an extension of [...]
04.02.2018 CVE-2008-6067 SQL injection vulnerability in search_results.php in E-Shop Shopping Cart (aka E-Php Shopping Cart) allows remote attackers to execute arbitrary SQL commands via the cid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
19.02.2018 CVE-2008-6212 Cross-site scripting (XSS) vulnerability in admin.php in Php-Stats 0.1.9.1 allows remote attackers to inject arbitrary web script or HTML via the (1) sel_mese and (2) sel_anno parameters in a systems action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
26.02.2018 CVE-2008-6310 SQL injection vulnerability in index.html in W3matter RevSense 1.0 allows remote attackers to execute arbitrary SQL commands via the f[password] parameter. NOTE: some of these details are obtained from third party information.
|