|
267301
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. phpinfo (phpinfo.php) shows PHP information including values of HttpOnly cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4…
|
CWE-200
Information Exposure
|
CVE-2016-9848
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267302
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the…
|
CWE-200
Information Exposure
|
CVE-2016-9853
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267303
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the…
|
CWE-200
Information Exposure
|
CVE-2016-9852
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267304
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way thi…
|
CWE-310
Cryptographic Issues
|
CVE-2016-9847
|
2024-11-21 12:01 |
2016-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267305
|
9.9 |
CRITICAL
Network
|
pwc
|
ace-advanced_business_application_programming
|
PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communica…
|
CWE-74
Injection
|
CVE-2016-9832
|
2024-11-21 12:01 |
2016-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267306
|
5.5 |
MEDIUM
Local
|
gnome
|
libgsf
|
An error within the "tar_directory_for_file()" function (gsf-infile-tar.c) in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently caus…
|
CWE-476
NULL Pointer Dereference
|
CVE-2016-9888
|
2024-11-21 12:01 |
2016-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267307
|
7.5 |
HIGH
Network
|
osgeo
|
mapserver
|
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive information if data connection fails.
|
CWE-200
Information Exposure
|
CVE-2016-9839
|
2024-11-21 12:01 |
2016-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267308
|
9.8 |
CRITICAL
Network
|
joomla
|
joomla\!
|
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a u…
|
CWE-284
Improper Access Control
|
CVE-2016-9836
|
2024-11-21 12:01 |
2016-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267309
|
9.8 |
CRITICAL
Network
|
zikula
|
zikula_application_framework
|
Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x before 1.4.4 on Windows allows a remote attacker to launch a PHP object injection by uploading a serialize…
|
CWE-77
CWE-284
Command Injection
Improper Access Control
|
CVE-2016-9835
|
2024-11-21 12:01 |
2016-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267310
|
5.3 |
MEDIUM
Network
|
bluez
|
bluez
|
In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lac…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-9804
|
2024-11-21 12:01 |
2016-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
