3396 matches found
[SA23887] Drupal Project Issue Tracking Module Multiple Vulnerabilities
TITLE: Drupal Project Issue Tracking Module Multiple Vulnerabilities SECUNIA ADVISORY ID: SA23887 VERIFY ADVISORY: http://secunia.com/advisories/23887/ CRITICAL: Less critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, System access...
[SA23895] Drupal Acidfree Module "node titles" SQL Injection Vulnerability
TITLE: Drupal Acidfree Module "node titles" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA23895 VERIFY ADVISORY: http://secunia.com/advisories/23895/ CRITICAL: Less critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: Drupal Acidfree Module 4.x http://secunia.com/product/13326/...
NCTsoft NCTAudioFile2 ActiveX Control Remote Buffer Overflow Vulnerability
Description NCTsoft NCTAudioFile2 ActiveX control is prone to a buffer-overflow vulnerability. The software fails to perform sufficient bounds-checking of user-supplied input before copying it to an insufficiently sized memory buffer. NCTAudioEditor is a collection of ActiveX controls for...
[SA23726] All In One Control Panel "download_category" SQL Injection
TITLE: All In One Control Panel "downloadcategory" SQL Injection SECUNIA ADVISORY ID: SA23726 VERIFY ADVISORY: http://secunia.com/advisories/23726/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: All In One Control Panel 1.x http://secunia.com/product/12505...
Mandiant First Response multiple security vulnerabilities
DoS on SSL parsing in HTTPS interface, data manipulation...
SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2006-013 Advisory Title: Multiple Vulnerabilities in Mandiant First Response Author: Brian Reilly / [email protected] Release Date: 18-12-2006...
Dol Storye - 'Dettaglio.asp' Multiple SQL Injections
source: https://www.securityfocus.com/bid/21463/info The 'dol storye' application is prone to multiple SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the...
[SA22812] Vallheru mail.php SQL Injection Vulnerabilities
---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understandi...
[Full-disclosure] PacSec Hype Security Team: CGI.pm param injection
====================================================================== PacSec Hype Security Team param injection in CGI.pm and inheritors allows SQL injection and manipulation of data bypassing many perl web form validators ======================================================================...
[SA22014] PHP-Post Multiple Vulnerabilities
TITLE: PHP-Post Multiple Vulnerabilities SECUNIA ADVISORY ID: SA22014 VERIFY ADVISORY: http://secunia.com/advisories/22014/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data, Exposure of sensitive information WHERE: From remote SOFTWARE: PHP-Post 1.x...
[SA21558] WebAdmin Account Manipulation and Arbitrary File Disclosure
TITLE: WebAdmin Account Manipulation and Arbitrary File Disclosure SECUNIA ADVISORY ID: SA21558 VERIFY ADVISORY: http://secunia.com/advisories/21558/ CRITICAL: Less critical IMPACT: Manipulation of data, Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE...
[SA21482] Spidey Blog Script "pid" SQL Injection Vulnerability
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
[SA21379] The Address Book Reloaded Login SQL Injection Vulnerabilities
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
[SA21223] Symantec Brightmail AntiSpam Multiple Vulnerabilities
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
LinksCaffe30.txt
LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties Produce : LinksCaffe 3.0 Website : http://gonafish.com/ Impact : manupulation of data / system access Discovered by : Simo64 - Moroccan Security Team + SQL injection 1Vulnerable code in line 223 in links.php code : $rime =...
OpenOffice.org may fail to recognize embedded Basic macros
Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org process basic macros. Description A vulnerability in OpenOffice.org may allow an attacker to inject basic code into documents such that the code will be executed when the document is...
[SA20589] CMS Mundo SQL Injection Vulnerabilities
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
Secunia Research: DeluxeBB SQL Injection and File Inclusion Vulnerabilities
====================================================================== Secunia Research 14/06/2006 - DeluxeBB SQL Injection and File Inclusion Vulnerabilities - ====================================================================== Table of Contents Affected...
facerave.txt
Facerave.com Homepage: http://www.facerave.com Effected files: Profile input boxes - Self Description box Posting a blog entry Sending a message index.php ------------------------------------------------------ XSS vuln with cookie disclosure via posting a comment: No filter evasion needed. for Po...
secunia-deluxebb.txt
====================================================================== Secunia Research 14/06/2006 - DeluxeBB SQL Injection and File Inclusion Vulnerabilities - ====================================================================== Table of Contents Affected...