412 matches found
PHP-Kit <= 1.6.1 RC2 Multiple Vulnerabilities
The remote host is running PHP-Kit, an open source content management system written in PHP. The remote version of this software is vulnerable to multiple remote and local code execution, SQL injection and cross-site scripting flaws. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities
source: https://www.securityfocus.com/bid/11550/info Master of Orion III is reported prone to multiple remote denial of service vulnerabilities. These issues occur because the application does not handle exceptional conditions in a proper manner. Master of Orion III 1.2.5 and prior versions are...
[VulnWatch] Patch available for multiple critical flaws in Oracle
Researchers at NGSSoftware have discovered multiple critical vulnerabilities in Oracle Database Server and Oracle Application Server. Versions affected include Oracle Database 10g Release 1 Version 10.1.0.2 Oracle9i Database Server Release 2, versions 9.2.0.4 and 9.2.0.5 Oracle9i Database Server...
Coppermine Photo Gallery 1.2.0 RC4 - startdir Traversal Arbitrary File Access
Coppermine Photo Gallery 1.2.0 RC4 - startdir Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur...
Expinion.net News Manager Lite 2.5 - category_news.asp?ID SQL Injection
Expinion.net News Manager Lite 2.5 - categorynews.asp?ID SQL Injection source: https://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. T...
Expinion.net News Manager Lite 2.5 - 'news_sort.asp?filter' SQL Injection
source: https://www.securityfocus.com/bid/9935/info Multiple vulnerabilities have been identified in the application that may allow an attacker to carry out SQL injection, cross-site scripting, and account hijacking attacks. The issues exist in the 'commentadd.asp', 'search.asp',...
CGI bugs
No description provided...
Xpressions Software: Multiple SQL Injection Attacks To Manage WebStore
/------------------------ Pimp industries. --------------------------/ Xpressions Software : Multiple SQL Injection Attacks To Manage WebStores. BackGround ------------- When your suppliers and trading partners can interact with your organization as a seamless extension of your internal business...
CGI bugs
No description provided...
SECURITY.NNOV: file locking and security
Hello bugtraq, Topic : File locking and security Author : 3APA3A [email protected] Affected software : Windows NT 4.0, Windows 2000 and may be another systems Exploitable : Yes Remotely exploitable : No Category : Design flow Background: Application can lock the file after file description ...
Catastrophic failure of Strip password generation.
Executive summary: If you have ever used Strip for the Palm to generate your passwords, change them. Change them NOW. Strip Secure Tool for Recalling Important Passwords is a nice encrypted password notebook for the Palm; see http://www.zetetic.net/products.html for details. Strip-0.5 also featur...
PADLOCK.txt
LOWNOISE Advisory: [email protected] by ET. PADLOCK-IT 1.01 =============== DISCLAIMER: Learn, there are dark things behind a nice GUI. Well, maybe this isnt a topic for bugtraq but many people is using this kind of programs to protect all kind of passwords. Dial-up passwords, UNIX accounts, etc...