Thor Larholm discovered that PHPMailer, as used by Moodle, did not
correctly escape email addresses A local attacker with direct access
to the Moodle database could exploit this to execute arbitrary commands
as the web server user (CVE-2007-3215) ...
Several remote vulnerabilities have been discovered in Moodle, an online
course management system The following issues are addressed in this
update, ranging from cross site scripting to remote code execution
Various cross site scripting issues in the Moodle codebase
(CVE-2008-3326, CVE-2008-3325, CVE-2007-3555, CVE-2008-5432,
MSA-08-0021, MDL-884 ...
Several vulnerabilities have been discovered in wordpress, weblog
manager The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2008-6762
It was discovered that wordpress is prone to an open redirect
vulnerability which allows remote attackers to conduct phishing atacks
CVE-2008-6767
It was discovered that remot ...
Debian Bug report logs -
#504771
wordpress can be subject of delayed attacks via cookies
Package:
wordpress;
Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon)
Reported by: Raphael Geissert <atomo64@gmailcom>
Date: Fri, 7 Nov 2008 02:42:04 UTC
S ...
Debian Bug report logs -
#496369
The possibility of attack with the help of symlinks in some Debian packages
Package:
ampache;
Maintainer for ampache is Debian QA Group <packages@qadebianorg>; Source for ampache is src:ampache (PTS, buildd, popcon)
Reported by: "Dmitry E Oboukhov" <dimka@uvwru>
Date: Sun, 24 Aug ...
Debian Bug report logs -
#778634
libphp-snoopy: CVE-2008-7313 / CVE-2014-5008
Package:
libphp-snoopy;
Maintainer for libphp-snoopy is Debian PHP PEAR Maintainers <pkg-php-pear@listsaliothdebianorg>; Source for libphp-snoopy is src:libphp-snoopy (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@debianorg>
...
Debian Bug report logs -
#504168
CVE-2008-4796: missing input sanitising
Package:
libphp-snoopy;
Maintainer for libphp-snoopy is Debian PHP PEAR Maintainers <pkg-php-pear@listsaliothdebianorg>; Source for libphp-snoopy is src:libphp-snoopy (PTS, buildd, popcon)
Reported by: Steffen Joeris <steffenjoeris@skolelinuxde& ...
Debian Bug report logs -
#536724
wordpress: CORE-2009-0515 priviledges unchecked and multiple information disclosures
Package:
wordpress;
Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon)
Reported by: "Michael S Gilbert" <michaelsgilbert@gmailcom&g ...
Debian Bug report logs -
#531736
CVE-2008-6767, CVE-2008-6762
Package:
wordpress;
Maintainer for wordpress is Craig Small <csmall@debianorg>; Source for wordpress is src:wordpress (PTS, buildd, popcon)
Reported by: Giuseppe Iuculano <giuseppe@iuculanoit>
Date: Wed, 3 Jun 2009 17:27:02 UTC
Severity: normal
Tags: s ...
Multiple off-by-one errors in Nagios Core 351, 402, and earlier, and Icinga before 185, 19 before 194, and 110 before 1102 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key value in the variable list to the process_cgivars function ...