Stanmax Interactive Studio CMS SQL Injection Vulnerability

Exploit for php platform in category web applications Title : Stanmax Interactive Studio CMS Vulnerable to SQL Injection Vendor : http://www.stanmax.com.my/ Found by : p0pc0rn Dork : intext:"Site Powered By Stanmax Interactive Studio" SQL ---- http://site.com/index.php?p=newsdetails&annid=SQL...

Windows Capture Keystroke Recorder

This module can be used to capture keystrokes. To capture keystrokes when the session is running as SYSTEM, the MIGRATE option must be enabled and the CAPTURETYPE option should be set to one of Explorer, Winlogon, or a specific PID. To capture the keystrokes of the interactive user, the Explorer...

Low: Red Hat Enhancement Advisory: subversion enhancement update

Updated subversion packages that upgrade Subversion to upstream version 1.6.11 and provide two enhancements are now available for Red Hat Enterprise Linux 5. Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a...

Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution

Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution !/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin...

Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution

!/usr/bin/python Concrete CMS v5.4.1.1 xss/remote code execution exploit Download: http://www.concrete5.org/ Special Zeitgeist pre release - "Moving Forward" - 15th Jan 2011 "They must find it difficult, those who take authority as the truth instead of truth as the authority"...

Flaw in Microsoft Windows SAM Processing Allows Continued Administrative Access Using Hidden Regular User Masquerading After Compromise (2010-M$-001)

---------------------------------------------------------- www.ExploitDevelopment.com 2010-M$-001 ---------------------------------------------------------- TITLE: Flaw in Microsoft Windows SAM Processing Allows Continued Administrative Access Using Hidden Regular User Masquerading After Compromi...

[SECURITY] Fedora 13 Update: udunits2-2.1.19-1.fc13

The Unidata units utility, udunits2, supports conversion of unit specificat ions between formatted and binary forms, arithmetic manipulation of unit specifications, and conversion of values between compatible scales of measurement. A unit is the amount by which a physical quantity is measured. Fo...

[SECURITY] Fedora 14 Update: udunits2-2.1.19-1.fc14

The Unidata units utility, udunits2, supports conversion of unit specificat ions between formatted and binary forms, arithmetic manipulation of unit specifications, and conversion of values between compatible scales of measurement. A unit is the amount by which a physical quantity is measured. Fo...

Information disclosure in IceBB

Vulnerability ID: HTB22686 Reference: http://www.htbridge.ch/advisory/informationdisclosureinicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Information Disclosure Status: Not Fixed, Vendor...

SQL injection in IceBB

Vulnerability ID: HTB22688 Reference: http://www.htbridge.ch/advisory/sqlinjectioninicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor Alerted, Awaiting...

Path disclosure in IceBB

Vulnerability ID: HTB22689 Reference: http://www.htbridge.ch/advisory/pathdisclosureinicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Path disclosure Status: Not Fixed, Vendor Alerted,...

IceBB 1.0-rc10 Disclosure / SQL Injection

=================================== Vulnerability ID: HTB22686 Reference: http://www.htbridge.ch/advisory/informationdisclosureinicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: Information...

IceBB 1.0-rc10 - Multiple Vulnerabilities

IceBB 1.0-rc10 - Multiple Vulnerabilities Vulnerability ID: HTB22688 Reference: http://www.htbridge.ch/advisory/sqlinjectioninicebb.html Product: IceBB Vendor: XAOS Interactive http://icebb.net/ Vulnerable Version: 1.0-rc10 Vendor Notification: 02 November 2010 Vulnerability Type: SQL Injection...

CVE-2010-2405

Technical details about CVE-2010-2405 are not publicly provided in the supplied documents. No affected product specifics, impact, or remediation are listed here. Monitor for updates from official advisories.

CVE-2010-2406

CVE-2010-2406 affects Siebel Core - Highly Interactive Client in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3. The vulnerability allows remote authenticated users to affect confidentiality via unknown vectors (no exploit details provided). The Siebel entry is listed in the Oracle...

Adobe Shockwave Player Director File FFFFFF88 Record Integer Overflow (CVE-2010-2876; CVE-2010-4192)

Adobe Shockwave is a multimedia player that allows users to view interactive web content such as games, business presentations, entertainment, and advertisements from the web browser. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on systems whic...

Blue River Mura CMS - Directory Traversal

Blue River Mura CMS - Directory Traversal Sep 24, 2010 Title: Blue River Mura CMS Directory Traversal Version: 1.0 Issue type: Directory Traversal Affected vendor: Blue River Interactive Group Release date: 24/09/2010 Discovered by: Steven Seeley & Rohan Stelling Summary Mura CMS is an open sourc...

Blue River Mura CMS - Directory Traversal

Sep 24, 2010 Title: Blue River Mura CMS Directory Traversal Version: 1.0 Issue type: Directory Traversal Affected vendor: Blue River Interactive Group Release date: 24/09/2010 Discovered by: Steven Seeley & Rohan Stelling Summary Mura CMS is an open source content management system which is built...

Interactive Web Solutions CMS SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================= Interactive Web Solutions CMS SQL Injection Vulnerability ========================================================= EDB-ID: CVE: OSVDB-ID: Author: Dr.0rYX and Cr3w-DZ Published: Verifie...

DMXready Polling Booth Manager SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================== DMXready Polling Booth Manager SQL Injection Vulnerability ==========================================================...