Netvolution CMS 2.5.8 Blind SQL Injection

Netvolution CMS v2.5.8 is vulnerable to a blind SQL injection attack in the HTTP “referer” header. A malicious user may utilize this vulnerability to modify content on the vulnerable website, inject malicious javascript code to a visitor’s browser, collect CMS usernames and plaintext passwords an...

monkey -- improper input validation vulnerability

Census Labs reports: We have discovered a remotely exploitable "improper input validation" vulnerability in the Monkey web server that allows an attacker to perform denial of service attacks by repeatedly crashing worker threads that process HTTP requests...

CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability

census ID: census-2009-0003 URL: http://census-labs.com/news/2009/12/02/corehttp-web-server/ CVE ID: CVE-2009-3586 Affected Products: CoreHTTP web server versions = 0.5.3.1. Class: Improper Input Validation CWE-20, Failure to Constrain Operations within the Bounds of a Memory Buffer CWE-119 Remot...

FreeBSD 7.0/7.1 - 'vfs.usermount' Local Privilege Escalation

/ cve-2008-3531.c -- Patroklos Argyroudis, argp at domain census-labs.com Privilege escalation exploit for the FreeBSD-SA-08:08.nmount CVE-2008-3531 vulnerability: http://security.freebsd.org/advisories/FreeBSD-SA-08:08.nmount.asc http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3531 For ...