Property Listing Script version 3.1 suffers from a remote SQL injection vulnerability.
Monthly Archives: March 2017
Bugtraq: [security bulletin] HPESBHF03716 rev.1 – HPE Intelligent Management Center (IMC) PLAT, Remote Authentication Bypass
[security bulletin] HPESBHF03716 rev.1 – HPE Intelligent Management Center (IMC) PLAT, Remote Authentication Bypass
Bugtraq: [security bulletin] HPESBGN03707 rev.1 – HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege
[security bulletin] HPESBGN03707 rev.1 – HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege
Bugtraq: [security bulletin] HPESBHF03711 rev.1 – HPE 2620 Series Network Switches, Remote Cross Site Request Forgery (CSRF)
[security bulletin] HPESBHF03711 rev.1 – HPE 2620 Series Network Switches, Remote Cross Site Request Forgery (CSRF)
Bugtraq: [security bulletin] HPESBUX03706 rev.1 – HP-UX NTP service running ntpd, Multiple Vulnerabilities
[security bulletin] HPESBUX03706 rev.1 – HP-UX NTP service running ntpd, Multiple Vulnerabilities
Yacht Listing Script 2.0 SQL Injection
Yacht Listing Script version 2.0 suffers from a remote SQL injection vulnerability.
Yellow Pages Script 3.2 SQL Injection
Yellow Pages Script version 3.2 suffers from a remote SQL injection vulnerability.
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017.
rkward-0.6.5-5.fc25 rpy-2.8.5-3.fc25 R-3.3.3-1.fc25
Update to 3.3.3. Fix CVE-2016-8714.
R-3.3.3-1.el7
Update to 3.3.3. Fix CVE-2016-8714.