Tunisians Voice - Nawaat Portal hacked

Kosova Warriors Group deface a subdomain https://events.nawaat.org/ of Nawaat Portal.. Its an independent collective blog hosted by Tunisians. It gives a voice to all those who, through their civic engagement, take the cover and spread. Our editorial decisions are guided by among other concerns...

[SECURITY] Fedora 18 Update: libsocialweb-0.25.21-1.fc18

libsocialweb is a social data server which fetches data from the "social we b", such as your friend's blog posts and photos, upcoming events, recently play ed tracks, and pending eBay auctions. It also provides a service to update your status on web services which support it, such as MySpace and...

CVE-2012-4022

Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment...

Code injection

Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment...

CVE-2012-4022

Pebble before 2.6.4 allows remote attackers to trigger loss of blog-entry viewability via a crafted comment...

Anonymous leaks VMware ESX Server Kernel source code

Anonymous group member "Stun" announce the leak of VMware ESX Server Kernel source code via twitter today. The tweet reads, "WILD LEAKY LEAK. FULL VMware ESX Server Kernel LEAKED LINK Anonymous AntiSec". VMware ESX is an enterprise-level computer virtualization product offered by VMware. The reas...

Pebble vulnerability where entries may become unviewable

Overview Pebble contains a vulnerability where blog entries may become unviewable due to a specially crafted comment being posted. Pebble is an open source weblog system. Pebble contains an issue in the processing of comments that are posted on blog entries, which may lead to a vulnerability wher...

JVN#75492883: Pebble vulnerability where entries may become unviewable

Pebble is an open source weblog system. Pebble contains an issue in the processing of comments that are posted on blog entries, which may lead to a vulnerability where blog entries may become unviewable. Impact A specially crafted comment being posted may cause an arbitrary blog entry to become...

vBulletin ChangUonDyU Advanced Statistics SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: vBulletin ChangUonDyU Advanced Statistics - SQL Injection Vulnerability Google Dork: No Dork Date: 19/10/2012 Exploit Author: Junookyo Vendor Homepage: http://hoiquantinhoc.com Software Link:...

Vbulletin (blog_plugin_useradmin) v4.1.12 Sql Injection Vulnerability

a bug in Vbulletin blogpluginuseradmin v4.1.12 that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : Vbulletin blogpluginuseradmin v4.1.12 Sql Injection Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link :...

WordPress Plugin social discussions 6.1.1 - Multiple Vulnerabilities

waraxe-2012-SA093 - Multiple Vulnerabilities in Wordpress Social Discussions Plugin ====================================================================================== Author: Janek Vind "waraxe" Date: 17. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-93.html...

bo-blog xss vulnerability-vulnerability warning-the black bar safety net

Bo-Blog is an domestic excellent open source blogging, wordpress and other blog Bo-Blog the advantage of easy to use, convenient, efficiency is high. If wordpress is the professional blogging program so Bo-blog is a civilian blog. Bo-blog The advantages and disadvantages are obvious, the...

Bo-Blog tag.php跨站漏洞

tag.php中的mode变量过滤不严，导致xss存在 攻击者可窃取用户cookie或者构造CSRF。 0 Bo-Blog 2.1.1 inc/modtag.php里的第61行 acceptrequest'mode'; 之后，加上 $mode = intval$mode;...

akcms code execution vulnerability-vulnerability warning-the black bar safety net

Last week digging out of the akcms background stencil getshell feeling nothing new, and then carefully looked at the code, found a comparison with“the future”of the hole, the code execution vulnerability, and the problem function is that the authors provided to the station user for secondary...

Blog Mod <= 0.1.9 SQL Injection Vulnerability

Exploit for php platform in category web applications How does this exploit works? It exploits one of the several SQL Injections in the system. Specifiedly, in the file "index.php", parr "month". Usage: php filename.php / function puts$str echo $str."\n"; function gets return trimfgetsSTDIN;...

CVE-2012-4407

lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file...

CVE-2012-4407

lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file...

CVE-2012-4407

lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive information by reading a blog entry that references a non-public file...

Webify Blog Arbitrary File Deletion

!x! Informations: Name : Webify Blog Download : http://www.webify.ws/blog Vulnerability : Delete Arbitrary File Vulnerability Author : JIKOJAWAD Contact : [email protected] Site : No-ExploiT.CoM Is Back Notes : No-ExploiT.CoM Miss !x! Bug: Delete Arbitrary File Vulnerability you can delete file...

Webify Blog Arbitrary File Deletion Vulnerability

Exploit for php platform in category web applications !x! Informations: Name : Webify Blog Download : http://www.webify.ws/blog Vulnerability : Delete Arbitrary File Vulnerability Author : JIKOJAWAD Contact : email protected Site : No-ExploiT.CoM Is Back Notes : No-ExploiT.CoM Miss !x! Bug: Delet...