Joomla/Mambo Component eXtplorer Code Execution Vulnerability

No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored...

Joomla/Mambo Component eXtplorer Code Execution Vulnerability

Exploit for unknown platform in category web applications ============================================================= Joomla/Mambo Component eXtplorer Code Execution Vulnerability ============================================================= ============================================= INTERNE...

Joomla! Mambo Component eXtplorer - Code Execution

Joomla! Mambo Component eXtplorer - Code Execution ============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored...

Joomla! / Mambo Component eXtplorer - Code Execution

============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored ============================================= I. VULNERABILITY...

Fedora Update for kdevelop FEDORA-2007-2985

Check for the Version of kdevelop OpenVAS Vulnerability Test Fedora Update for kdevelop FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CVE-2008-2320

Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long filename to the file...

Stack overflow

Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long filename to the file...

CVE-2008-2320

Stack-based buffer overflow in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.4, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows context-dependent attackers to execute arbitrary code or cause a denial of service application crash via a long filename to the file...

Apple Mac OS X CarbonCore栈溢出漏洞

BUGTRAQ ID: 30487 CVECAN ID: CVE-2008-2320 Mac OS X是苹果家族机器所使用的操作系统。 Mac OS X的CarbonCore组件是一些底层Mac OS Toolbox管理器的工具集，CarbonCore的文件名解析代码中存在栈溢出漏洞，如果向CarbonCore框架文件管理API传送了超长文件名就可以触发这个溢出，导致执行任意指令。 Apple Mac OS X 10.5.4 Apple Mac OS X 10.4.11 Apple MacOS X Server 10.5.4 Apple MacOS X Server 10.4.11...

Parallels Virtuozzo Containers 3.0.0-25.44.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery

Parallels Virtuozzo Containers 3.0.0-25.44.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/28589/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacke...

WordPress Plugin Wp-FileManager 'ajaxfilemanager.php'任意文件上传漏洞

BUGTRAQ ID: 27151 CNCAN ID:CNCAN-2008010813 WordPress Plugin Wp-FileManager是一款基于WordPress的文件管理程序。 WordPress Plugin Wp-FileManager不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞上传任意文件。 问题是由于'ajaxfilemanager.php'脚本对用户提交的WEB参数处理缺少充分过滤，可提交任意文件，导致以WEB权限执行。 Wp-FileManager 1.2 厂商解决方案 --------- 目前没有解决方案提供：...

JVN#90712589 Multiple Cybozu products vulnerable to cross-site scripting

Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN50342989. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the latest updates provided by the vendor. Products Affected Cybozu Office 6....

JVN#50342989 Multiple Cybozu products vulnerable to cross-site scripting

Multiple Cybozu products are vulnerable to cross-site scripting. This vulnerability is different from JVN90712589. Impact An arbitrary script can be executed on the user's web browser. Solution Update the Software Apply the latest updates provided by the vendor. Products Affected Cybozu Office 6....

[SECURITY] Fedora 7 Update: kdevelop-3.5.0-4.fc7

The KDevelop Integrated Development Environment provides many features that developers need as well as providing a unified interface to programs like gdb, the C/C++ compiler, and make. KDevelop manages or provides: All development tools needed for C++ programming like Compiler, Linker, automake a...

[SECURITY] Fedora 7 Update: kdesdk-3.5.8-2.fc7

A collection of applications and tools used by developers, including: cervisia: a CVS frontend kbabel: PO file management kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...

Magic magiclink-vulnerability warning-the black bar safety net

Magic control MagicLink1. 4 remote control software Version 1.4 update 1. Using a more complex encryption algorithm, the encrypted message information. 2. You can set the Message ID to make the connection more secure,1.4the previous Server version, the message identity is set toCMJSPY2INFO 1....

Subversion (SVN) < 1.4.5 Directory Traversal Privilege Escalation (deprecated)

Binary data 4198.prm...

Unreal Commander畸形压缩文档多个远程漏洞

BUGTRAQ ID: 25419 Unreal Commander是一款免费的Windows平台文件管理器。 Unreal Commander在解压文件时存在多个安全漏洞，攻击者可能通过诱使用户处理恶意文件控制用户系统。 如果用户使用Unreal Commander解压了文件名包含有类似于以下目录遍历序列的ZIP或RAR文档的话： Something/../../../../../../Program Files/Something/ws232.dll 就会导致在指定目录中创建ws232.dll文件。 ZIP文档中包含有两处写入文件名的位置：Local文件头和Central...

Microsoft Windows Vista/2003/XP/2000 file management security issues

Title: Microsoft Windows Vista/2003/XP/2000 file management security issues Author: 3APA3A, http://securityvulns.com/ Vendor: Microsoft and potentially another vendors Products: Microsoft Windows Vista/2003/XP/2000, Microsoft resource kit for Windows 2000 and different utilities. Access Vector:...

Unrestricted file upload

Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magicquotesgpc is disabled, allows remote authenticated users to upload and execute arbitrary PHP code via a file with an executable extension, which is then accessed by the 1 calendar or 2 file management module, or possibly...