779 matches found
Enghouse Interactive IVR Pro (VIP2000) Remote Root
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 XPD - XPD Advisory https://xpd.se Enghouse Interactive IVR Pro VIP2000 remote root authentication bypass Vulnerability Advisory ID: XPD-2013-001 CVE reference: CVE-2013-6838 Affected platforms: IVR Pro/Contact Center VIP2000 platforms with OpenVZ an...
[FruityWifi v1.6] the Wireless Network Auditing Tool
FruityWifi is a wireless network auditing tool based in the Wifi Pineapple idea. The application can be installed in any Debian based system. Tested in Debian, Kali Linux, Kali Linux ARM Raspberry Pi, Raspbian Raspberry Pi, Pwnpi Raspberry Pi. With the new version, it is possible to install...
[SpearPhisher] A Simple Phishing Email Generation Tool
SpearPhisher is a simple point and click Windows GUI tool designed for mostly non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending...
Cybozu Office vulnerable to cross-site scripting
Overview Cybozu Office is a groupware. Cybozu Office contains a cross-site scripting vulnerability in the function to customize the top page. Motoki Nishio of VALTES CO.,LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
[SECURITY] Fedora 17 Update: kubrick-4.10.5-1.fc17
Kubrick is a puzzle cube solving game. The cube sizes range from 2x2x2 easy up to 6x6x6 very hard, or you can play with irregular =E2=80=9Cbricks=E2=80=9D such as 5x3x2 and =E2=80=9Cmats=E2=80=9D one cubi e thick such as 6x4x1. The game has a selection of puzzles at several levels of difficulty, ...
Fedora Update for php-geshi FEDORA-2013-5472
Check for the Version of php-geshi OpenVAS Vulnerability Test Fedora Update for php-geshi FEDORA-2013-5472 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
[SECURITY] Fedora 19 Update: php-geshi-1.0.8.11-3.fc19
GeSHi aims to be a simple but powerful highlighting class, with the followi ng goals: Support for a wide range of popular languages Easy to add a new language for highlighting Highly customisable output formats...
[SECURITY] Fedora 17 Update: privoxy-3.0.21-1.fc17
Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit...
Botnet Operation for Dummies
Are you a self-starter with little or no technical skills looking to join the rapidly expanding, ethically dubious cybercrime industry? If you answered yes to this question, then the do-it-yourself, HTTP-based botnet profiled on Webroot by Dancho Danchev may be just the opportunity you’ve been...
8 ways siteserver background getwebshell and safety recommendations-vulnerability warning-the black bar safety net
First: stencil management to directly modify the file source code can be obtained webshell Second: editor vulnerability http://demo2.siteserver.cn/siteserver/TextEditor/fckeditor/ can get webshell Third: stencil add actually have add asp to the aspx file the template in webshell Fourth: the page...
SuSE 11.1 Security Update : GnuTLS (SAT Patch Number 6448)
This update of GnuTLS fixes multiple vulnerabilities : - remote attackers could cause a denial of service heap memory corruption and application crash via an issue in the asn1getlengthder function. CVE-2012-1569 - crafted GenericBlockCipher structures allow remote attackers to cause a denial of...
Mozilla Bugzilla信息泄露漏洞
CVE ID: CVE-2012-4747 Bugzilla是一个开源的缺陷跟踪系统,它可以管理软件开发中缺陷的提交,修复,关闭等整个生命周期。 Bugzilla在访问限制控制不足的web root下存放了敏感信息,通过直接请求,可允许远程攻击者读取extensions/下的template aka .tmpl文件和其他定制扩展文件,或docs/下的自定义文档文件。 0 Bugzilla 4.x Bugzilla 3.x Bugzilla 2.x 厂商补丁: Bugzilla -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Funeral Script PHP Cross Site Scripting / SQL Injection
Exploit for php platform in category web applications Funeral Script PHP - Multiple Web Vulnerabilites Introduction: ============= At your request and for a reasonable price, we may add or change features on the Funeral Script PHP. Funeral Script PHP requires PHP 4.3 or higher and MySQL 3 or high...
Western Digital's WD TV Live SMP/Hub - Privilege Escalation
Introduction ============ The WD TV Live Streaming Media Player is a consumer device to play various audio and video formats. Additionally it allows access to multiple video streaming services like Netflix, Hulu or Youtube.1 The device allows customization of its user interface and limited remote...
Western Digital TV (WD-TV) Live Remote Code Execution
Exploit for windows platform in category remote exploits Introduction ============ The WD TV Live Streaming Media Player is a consumer device to play various audio and video formats. Additionally it allows access to multiple video streaming services like Netflix, Hulu or Youtube.1 The device allo...
Tenable Release Nessus 5.0 vulnerability scanner
Tenable Release Nessus 5.0 vulnerability scanner Tenable Network Security announced Nessus 5.0 vulnerability and configuration assessment solution for enterprises and security professionals. Nessus version 5.0 introduces key features and improvements, separated into the four major phases of the...
openvas-otp-brute NSE Script
Performs brute force password auditing against a OpenVAS vulnerability scanner daemon using the OTP 1.0 protocol. Script Arguments openvas-otp-brute.threads sets the number of threads. Default: 4 passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the...
Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker
Ani-Shell v1.4 Released With Python - Bind Shell , Anti-Crawler Feature and MD5 Cracker Ani-Shell is a simple PHP shell with some unique features like Mass Mailer , A simple Web-Server Fuzzer , a DDoser , A MD5 hash Cracker , Python and PHP Bind-Shells , Anti-Crawler Features etc! This shell has...
aspcms Station system injection 0day-vulnerability warning-the black bar safety net
aspcms development of the new core open source enterprise built Station system, capable of enterprise a variety of site requirements, and Support template customization, support, extensions, etc., can be completed in a short time the enterprise built Station. Vulnerability file:/plug/productbuy...
aspcms corporate website system 0day 2.0 or above through the kill-vulnerability warning-the black bar safety net
aspcms development of the new core open source enterprise built Station system, capable of enterprise a variety of site requirements, and support template customization, support, extensions, etc., can be completed in a short time the enterprise built Station. The vulnerability appears in the...