ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================================= ReloadCMS nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent:...

Code injection

A "programming error" in fastipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and...

[Full-disclosure] Outblaze Cross Site Scripting Vulnerability

Title: outblaze Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk simoatmorxorg Discovered: 23 january 2005 Published: 02 february 2006 MorX Security Research Team http://www.morx.org Service: Webmail manager Vendor: outblaze / www.outblaze.com Vulnerability: Cross Site Scripting /...

Sql injection

Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliab...

Sql injection

Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 DB05 in the a Data Pump component; 2 DB15 in the b Oracle Text component; 3 DB22 in the c Streams Apply component; 4 DB23 and 5 DB24 in th...

CVE-2006-0269

Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB25. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent...

CVE-2006-0257

Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliab...

CVE-2006-0257

Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliab...

Ubuntu 4.10 / 5.04 : mozilla-thunderbird vulnerabilities (USN-157-1)

Vladimir V. Perepelitsa discovered a bug in Thunderbird's handling of anonymous functions during regular expression string replacement. A malicious HTML email could exploit this to capture a random block of client memory. CAN-2005-0989 Georgi Guninski discovered that the types of certain XPInstal...

Break SSS technology blockade-vulnerability warning-the black bar safety net

Recently is really too busy, while the countersunk finishing school to be turned over tothe networkthe security research topic, while in the online to clean up the malicious website. I love machine follow me were non-stop, no how much rest of time okay my machine is a dual Xeon in theservice, ha...

On WEBSHELL to elevate privileges to the point of experience-vulnerability warning-the black bar safety net

| --- | Many newcomers in the use of servu elevation of Privilege will encounter many problems, such as the default local administrator Password changed, ws, etc. the cmd is disabled, or the site root directory there is no permission to run! Many Novices will be sent to the discard, Oh, actually...

X Display Manager Control Protocol (XDMCP) Detection

The XDMCP service is running on the remote host. SPDX-FileCopyrightText: 2005 Pasi Eronen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Outlook Web Access URL Injection

Due to a lack of sanitization of the user input, the remote version of Microsoft Outlook Web Access 2003 is vulnerable to URL injection which can be exploited to redirect a user to a different, unauthorized web server after authenticating to OWA. SPDX-FileCopyrightText: 2005 Michael J. Richardson...

CVE-2005-3439

Multiple unspecified vulnerabilities in Oracle Database Server 10g up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB02, 2 DB03, and 3 DB05 in Change Data Capture; 4 DB07 in Data Pump Export; and 5 DB18, 6 DB19, 7 DB20, 8 DB21, 9 DB22, 10 DB23, 11 DB24, and 12 DB25 in t...

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

CVE-2005-3439

Technical details about CVE-2005-3439 are not publicly available in the provided connected documents. Monitor for updates from official advisories and vendor notices.

CVE-2005-3438

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln 1 DB04 in Change Data Capture; 2 DB06 in Data Guard Logical Standby; 3 DB10 in Locale; 4 DB12 in Materialized Views; 5 DB13 in Objects Extension; 6 DB15 in...

PT-2005-4113 · Blender · Blender

Name of the Vulnerable Software and Affected Versions: Blender version 2.36 Description: The issue allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. This occurs in the bvh import.py module. Recommendations: For...

Important: Red Hat Security Advisory: thunderbird security update

Updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way...

CVE-2001-1519

CVE-2001-1519 affects Windows 2000 RunAs (runas.exe). Multiple sources describe a local-privilege issue where, if the RunAs service is stopped, a local attacker can create a spoofed named pipe and potentially capture cleartext usernames and passwords when clients connect. The Red Hat and CVE/CVE-...