-
```
What steps will reproduce the problem?
Headers and banners and code comments leak version information. Currently, not
much is done with this.
What is the expected output? What do you see instead…
-
How tolerant is muparserx to input from potentially malicious users, has this been investigated in any way?
For example someone could try to use up all memory by creating large matrices in expression…
-
At one IRC channel we were discussing the real name and "Got ZNC?" is a little weird. I think that something like "ZNC %VERSION%" (Supybot does this too) would be good default (if expandstrings are al…
-
Thanks to the virtualenv, you could force an old and known vulnerable version of some library to be installed. Also, could use the requirements.txt file to demonstrate the important of making sure sys…
nafod updated
9 years ago
-
In the config.json file, cvsscoremin should be cvssscoremin (missing an "s") as per JSON URL output from http://www.cvedetails.com/.
Great script though, appreciate the contribution.
-
Apply fixes for several CVE's.
olear updated
9 years ago
-
I couldn't find that this possible xss vulnerability was addressed before:
http://www.cvedetails.com/vulnerability-list/vendor_id-11506/product_id-23747/year-2015/opxss-1/Concrete5-Concrete5.html
-
Bug de sécurité
Référence
http://www.cvedetails.com/cve/CVE-2008-3093/
-
PHP version compatability has to be investigated, the goal is to keep everything compatable with PHP 5.1.0. From a cursory glance at the libraries SimpleSite uses it seems like it should be okay, the…
-
Collect possible sources for security issues here.