Input passed to the "orderby" parameter in cmd.php (when "cmd" is set to "query_engine", "query" is set to "none", and "search" is set to e.g. "1") is not properly sanitised in lib/functions.php before being used in a "create_function()" function call. This can be exploited to inject and execute arbitrary PHP code.
phpMyAdmin is vulnerable to a remote code execution due the use of the unserialize method on user supplied data. This data is written in the config file and is accessible from the internet by default.
This update adds support for Solaris and Mac OS X.
This update adds support for Solaris and Mac OS X.
This update appends support for solaris and Mac OS X.
The Administration Console of Oracle GlassFish Server is prone to an authentication bypass vulnerability, which can be achieved by performing HTTP TRACE requests. A remote unauthenticated attacker can exploit this in order to execute arbitrary code on the vulnerable server.
This update adds support for Solaris platforms.
This update adds support for Solaris platforms.
This module adds support for Mac OS X and Solaris platforms.
WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site.
This update adds support for Mac OS X and Solaris platforms.
The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter.
This update adds support for Solaris and Mac OS X platforms.
This update adds support for Solaris and Mac OS X platforms