CVE-2012-1623

The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions...

Design/Logic Flaw

The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions...

CVE-2012-1623

Affected software: Drupal with the Registration Codes contributed module (6.x) prior to 6.x-2.4. Vulnerability: The module does not restrict access to the registration code list, potentially allowing unauthorized users to view codes and bypass registration restrictions. Root cause: Insufficient a...

CVE-2012-1623

The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions...

Chinese hackers attack on White House computers

The White House acknowledged Monday that one of its computer networks was hit by a cyber attack, but said there was no breach of any classified systems and no indication any data was lost. Including systems used by the military for nuclear commands were breached by Chinese hackers. A conservative...

Mandrake Linux Security Advisory : vim (MDKSA-2001:035)

Users could embed malicious VIM control codes into a file, and as soon as any user opened that file in vim-enhanced or vim-X11 with the status line option enabled in .vimrc, the commands would be executed as that user. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Fedora Update for gnash FEDORA-2012-2617

Check for the Version of gnash OpenVAS Vulnerability Test Fedora Update for gnash FEDORA-2012-2617 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting

WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting Exploit Title: wordpress Count per Day Cross Site Scripting Vulnerability Google Dork:inurl:/wp-content/plugins/count-per-day Date: 08/24/2012 Author: Crim3R Version 3.2.3 Vendor Home :...

WordPress Plugin Count Per Day 3.2.3 - Cross-Site Scripting

Exploit Title: wordpress Count per Day Cross Site Scripting Vulnerability Google Dork:inurl:/wp-content/plugins/count-per-day Date: 08/24/2012 Author: Crim3R Version 3.2.3 Vendor Home : http://downloads.wordpress.org/plugin/count-per-day.3.2.3.zip Tested on: all $ $ Author will be not responsible...

WordPress Count Per Day 3.2.3 Cross Site Scripting

Exploit Title: wordpress Count per Day Cross Site Scripting Vulnerability Google Dork:inurl:/wp-content/plugins/count-per-day Date: 08/24/2012 Author: Crim3R Version 3.2.3 Vendor Home : http://downloads.wordpress.org/plugin/count-per-day.3.2.3.zip Tested on: all $ $ Author will be not responsible...

mtrace NSE Script

Queries for the multicast path from a source to a destination host. This works by sending an IGMP Traceroute Query and listening for IGMP Traceroute responses. The Traceroute Query is sent to the first hop and contains information about source, destination and multicast group addresses. First hop...

Scientific Linux Security Update : httpd on SL4.x i386/x86_64

A flaw was found in the Apache HTTP Server modproxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker...

Cells Blog CMS v1.1 - Multiple Web Vulnerabilities

Document Title: =============== Cells Blog CMS v1.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=591 Release Date: ============= 2012-06-04 Vulnerability Laboratory ID VL-ID: ==================================== 591 Comm...

LAN Messenger v1.2.28 - Persistent Software Vulnerability

Document Title: =============== LAN Messenger v1.2.28 - Persistent Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2012-05-16 Vulnerability Laboratory ID VL-ID: ==================================== 541...

Un-Patched PHP-CGI remote code execution vulnerability can expose Source Codes

Un-Patched PHP-CGI remote code execution bug can expose Source Codes A serious remote code execution vulnerability in PHP-CGI disclosed. PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. The developers were still in the process of building the patch...

German Court Rules Victims – Not Banks – at Fault in Phishing Scams

A German court ruled earlier this week that victims of phishing scams, and not banks, are responsible for money lost in online scams. The German Federal Court of Justice in the town of Karlsruhe made the ruling on Tuesday, according to English language German newspaper The Local, which called the...

[SE-2012-01] Security vulnerabilities in Java SE

Dear Bugtraq, Security Explorations, a security and vulnerability research company from Poland, discovered multiple security issues in the latest version of Java Platform Standard Edition Java SE 1 software coming from Oracle Corporation 2. Discovered security issues violate many "Secure Coding...

dns-ip6-arpa-scan NSE Script

Performs a quick reverse DNS lookup of an IPv6 network using a technique which analyzes DNS server response codes to dramatically reduce the number of queries needed to enumerate large networks. The technique essentially works by adding an octet to a given IPv6 prefix and resolving it. If the add...

Linux x86_64 - add user with passwd 189 bytes

Linux x8664 - add user with passwd 189 bytes. Shellcode exploit for linx86-64 platform ;scadduser01.S ;Arch: x8664, Linux ; ;Author: 0o -- nullnull ; nu11.nu11 at yahoo.com ;Date: 2012-03-05 ; ;compile an executable: nasm -f elf64 scadduser.S ; ld -o scadduser scadduser.o ;compile an object: nasm...

Search for specified dirs

This Plugin is searching for the specified webdirs. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...