110 matches found
[MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues
MajorSecurity SA-079PHPKIT WCMS - Multiple stored Cross Site Scripting Issues Details ============= Product: PHPKIT WCMS Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.phpkit.com/ Advisory-Status: published Credits ============= Discovered by: David Vieira-Kurz of MajorSecurity...
PHPKIT WCMS 1.6.5 Cross Site Scripting
MajorSecurity SA-079PHPKIT WCMS - Multiple stored Cross Site Scripting Issues Details ============= Product: PHPKIT WCMS Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.phpkit.com/ Advisory-Status: published Credits ============= Discovered by: David Vieira-Kurz of MajorSecurity...
[CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite
CAL-20100204-3Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite Affected Products ================= 11.5.2.602 ,11.5.6.606 and prior CVE ID: CVE-2010-1280 CAL ID: CAL-20100204-3 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com has discovered a...
[CAL-20100204-1]Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability
CAL-20100204-1Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability Affected Products ================= 11.5.2.602 ,11.5.6.606 and prior CVE ID: CVE-2010-1282 CAL ID: CAL-20100204-1 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com ha...
iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability
iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010 I. BACKGROUND Adobe Reader and Acrobat are Portable Document Format PDF reader and processors. For more information, please visit following pages: http://www.adobe.com/products/reader/...
Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
No description provided by source. ! /usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please assign to a CVE number DESCRIPTI...
Microsoft Media Player (quartz.dll .mid) Denial of Service Exploit
No description provided by source. ! /usr/bin/perl CALquartzmidpoc.pl MircoSoftMediaplayerquartz.dllmidremoteDos POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 windows media Player 10.00.00.3998 quartz.dll 6.5.3790.4283 Windows...
Microsoft GDI Plugin - '.png' Infinite Loop Denial of Service (PoC)
!/usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please assign to a CVE number DESCRIPTION =========== The vulnerability...
Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
Exploit for unknown platform in category dos / poc ============================================================= Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC ============================================================= ! /usr/bin/perl CALgdiplugpoc.pl...
Microsoft GDI Plugin - .png Infinite Loop Denial of Service (PoC)
Microsoft GDI Plugin - .png Infinite Loop Denial of Service PoC ! /usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please...
Microsoft Media Player - quartz.dll .wav Multiple Remote Denial of Service Vulnerabilities
Microsoft Media Player - quartz.dll .wav Multiple Remote Denial of Service Vulnerabilities ! /usr/bin/perl CAL2quartzwavpoc.pl TwoMircoSoftMediaplayerquartz.dllwavremoteDosvulnerabilities by Code Audit Labs public 2009-04-19 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp...
Microsoft Media Player (quartz.dll .mid) Denial of Service Exploit
Exploit for unknown platform in category dos / poc ================================================================== Microsoft Media Player quartz.dll .mid Denial of Service Exploit ================================================================== ! /usr/bin/perl CALquartzmidpoc.pl...
iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 01.12.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2009 I. BACKGROUND Oracle Database Server is a family of database products that range from personal databases to enterprise solutions. Further informati...
selfgen-xss.txt
Release Date: August 23 2008 Platform: Web Severity: Important Summary: Bam host a large number of websites for student unions throughout the uk using a custom cms system called Self Generate. This vulnerability affects all of these websites and allows attackers to inject arbitrary html/javascrip...
CAL-20070730-1.txt
CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability BACKGROUND: =========== BlueSkychat is a professional voice and video chat software widely used by large chat websites in china. DESCRIPTION: ============ Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered ...
[Full-disclosure] CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability
CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability BACKGROUND: =========== BlueSkychat is a professional voice and video chat software widely used by large chat websites in china. DESCRIPTION: ============ Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered ...
[Full-disclosure] ActiveWeb Contentserver CMS SQL Injection Management Interface
Advisory: ActiveWeb Contentserver CMS SQL Injection Management Interface RedTeam Pentesting discovered an SQL Injection in the picturerealedit.asp script of the activeWeb contentserver CMS during a penetration test. An editor with the permission to edit pictures can exploit this by injecting...
SUSE-SA:2006:044: libtiff
The remote host is missing the patch for the advisory SUSE-SA:2006:044 libtiff. This update of libtiff is the result of a source-code audit done by Tavis Ormandy, Google Security Team. It fixes various bugs that can lead to denial-of-service conditions as well as to remote code execution while...
phpmyvisites-xss.txt
Multiple vulnerabilities in phpMyVisites Application : phpMyVisites prior to 2.2 stable Release Date : 11 February 2007 Author : Nicob Abstract : ========== Several vulnerabilities were identified in phpMyVisites. This software is "a free and powerful open source GNU/GPL software for websites...
WEB vulnerabilities mining techniques-vulnerability warning-the black bar safety net
Source: security focus Author: 7all sgh81at163.com WEB vulnerability Mining Technology |=---------------= WEB vulnerability Mining Technology=-----------------------------=| |=-----------------------------------------------------------------=| |=---------------= 7all7all7at163. com...