2296 matches found
ACC PHP eMail v1.1 - Multiple Web Vulnerabilities
Document Title: =============== ACC PHP eMail v1.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=505 Release Date: ============= 2012-04-12 Vulnerability Laboratory ID VL-ID: ==================================== 505 Produ...
Whoops! Cancellation E-Mail Meant For 300 Rattles 8 Million New York Times Subscribers
An errant e-mail campaign has rattled subscribers to the New York Times with false cancellation notices. The e-mail blast meant for 300 subscribers was instead sent to 8 million current subscribers, raising speculation that the paper suffered a data breach. The e-mail, which was widely received,...
NATO Reports Data Breach to One of Its Websites
NATO Reports Data Breach to One of Its Websites The North Atlantic Treaty Organization NATO has just issued a short statement that reads as follows: "Police dealing with digital crimes have notified NATO of a probable data breach from a NATO-related website operated by an external company. NATO's...
Comptel InstantLink Cross Site Scripting
-------------------------------------------------------------------- Exploit Title: Comptel InstantLink" XSS vulnerability Date: 24 Feb 2010 Author: thebluegenius Software Link: http://www.comptel.com/ProvisioningActivation/ Version: All CVE : NA --------------------------------------------------...
Smart PHP Subscriber Disclosure
----------------------------------------------------------------------------------------------- Title: Smart PHP Subscriber Multiple Disclosure Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...
Smart PHP Subscriber Multiple Disclosure Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------------- Title: Smart PHP Subscriber Multiple Disclosure Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...
Smart PHP Subscriber Multiple Disclosure Vulnerabilities
Exploit for unknown platform in category web applications ======================================================== Smart PHP Subscriber Multiple Disclosure Vulnerabilities ========================================================...
Smart PHP Subscriber - Multiple Disclosure Vulnerabilities
----------------------------------------------------------------------------------------------- Title: Smart PHP Subscriber Multiple Disclosure Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...
Joomla Jinc SQL Injection
--------------------------------------------------------------------------------- joomla component comjinc newsid Blind SQL Injection Vulnerability --------------------------------------------------------------------------------- Author : Chip D3 Bi0s Group : LatiHackTeam Email :...
SA-2008-056 - Simplenews - Cross site scripting
Simplenews publishes and sends newsletters to lists of subscribers. Newsletter categories are not always properly escaped. This allows users with the "administer taxonomy" permission to add arbitrary HTML and script code to the site. Wikipedia has more information about such cross site scripting...
MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...
MailMachine Pro 2.2.4 - SQL Injection
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Remote Sql...
CVE-2006-3483
PHPMailList 1.8.0 stores sensitive information under the web document root iwth insufficient access control, which allows remote attackers to obtain email addresses of subscribers, configuration information, and the admin username and password via direct requests to 1 list.dat or 2 mlconfig.dat...
CVE-2005-4248
CVE-2005-4248 : Multiple cross-site scripting (XSS) vulnerabilities in QuickPayPro 3.1 allow remote attackers to inject arbitrary web script or HTML via fields in (1) communication/subscribers.tracking.add.php, (2) support/tickets.add.php, and (3) mycompany/categories.php. The description across ...
CVE-2005-4248
Multiple cross-site scripting XSS vulnerabilities in QuickPayPro 3.1 allow remote attackers to inject arbitrary web script or HTML via various fields, such as those in 1 communication/subscribers.tracking.add.php, 2 support/tickets.add.php, and 3 mycompany/categories.php...
FreeBSD : mailman -- generated passwords are poor quality (b3cd00f7-c0c5-452d-87bc-086c5635333e)
Florian Weimer wrote : Mailman 2.1.5 uses weak auto-generated passwords for new subscribers. These passwords are assigned when members subscribe without specifying their own password either by email or the web frontend. Knowledge of this password allows an attacker to gain access to the list...