PT-2008-3425 · Digium +1 · Appliance Developer Kit +4

Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 1.0.x through 1.2.27 and versions 1.4.x through 1.4.18 Asterisk Business Edition versions A.x.x through B.2.5.1 and versions C.x.x through C.1.8.0 AsteriskNOW versions prior to 1.0.3 Appliance Developer Kit...

W1L3D4 Philboard 1.0 (philboard_reply.asp) SQL Injection Vulnerability

No description provided by source. Philboard W1L3D4 v1.0 Multiple SQL njection Vulnerable Author : U238 mail : setuid.noexec0x1aqhotmaildotcom webpage: http://noexec.blogspot.com Script : http://www.aspindir.com/Goster/4703 Script2: http://rapidshare.de/files/39107179/philboardtrge.zip.html...

CVE-2008-1390

The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values...

Heap overflow

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long 1 username, 2...

CVE-2008-0912

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long 1 username, 2...

CVE-2008-0912

CVE-2008-0912 is a vulnerability in Sybase MobiLink (mlsrv10.exe) affecting 10.0.1.3629 and earlier, used by SQL Anywhere Developer Edition 10.0.1.3415 and possibly other products. The issue: multiple heap-based buffer overflows triggered by processing overly long strings (username, version, remo...

[SECURITY] Fedora 8 Update: rb_libtorrent-0.12-3.fc8

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

[SECURITY] Fedora 8 Update: rb_libtorrent-0.12-3.fc8

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

JVN#33044255 GreaseKit and Creammonkey allows execution of userscript functions

GreaseKit and Creammonkey are plugins that enable user scripting to Safari and other Apple Webkit applications, and they provide APIs callable only from userscripts. GreaseKit and Creammonkey are vulnerable in allowing APIs called from a web page. Impact When a user views a specially crafted web...

adaimage-traverse.txt

Luigi Auriemma Application: Ada Image server ImgSvr http://adaimgsvr.sourceforge.net Versions: From developer's website: "ImgSvr is a personal or corporate Embedded Picture Web Server that let's you efficiently browse digital pictures. Contrary to other gallery systems, imgsvr aimed to be an easy...

CVE-2007-6104

The CVE-2007-6104 issue affects FileMaker Pro 7/8, Server 7/8, and Developer 7, with a cross-site scripting vulnerability in the Instant Web Publishing function. The root cause is an XSS flaw allowing injected scripts/HTML via unspecified vectors. Documented impact: arbitrary script execution in ...

JVN#55833292 FileMaker cross-site scripting vulnerability

FileMaker is database software from FileMaker, Inc. FileMaker contains a cross-site scripting vulnerability in its "Instant Web Publishing" function that enables users to publish database contents on the web. Impact An attacker could execute an arbitrary script on the web browser of a user who...

TalkBack 2.2.7 - Multiple Remote File Inclusions

TalkBack 2.2.7 - Multiple Remote File Inclusions ================================================================================================================================== TalkBack 2.2.7 Remote File Include Vulnerability Software : TalkBack version 2.2.7 Developer :...

Directory traversal

Directory traversal vulnerability in index.php in Ax Developer CMS AxDCMS 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...

CVE-2007-5820

Directory traversal vulnerability in index.php in Ax Developer CMS AxDCMS 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...

CVE-2007-5820

Directory traversal vulnerability in index.php in Ax Developer CMS AxDCMS 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the module parameter...

CVE-2007-5820

CVE-2007-5820 affects Ax Developer CMS (AxDCMS) 0.1.1. It is a directory traversal in index.php that lets remote attackers include and execute arbitrary local files via .. in the module parameter. The provided documents do not specify exploit status or remediation/version fixes; no explicit explo...

Ax Developer CMS 0.1.1 (index.php module) Local File Inclusion Vuln

No description provided by source. W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m sebug.net...

ax-lfi.txt

W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m...

Ax Developer CMS 0.1.1 - index.php?module Local File Inclusion

Ax Developer CMS 0.1.1 - index.php?module Local File Inclusion W w w . T r Y a G . C o m Ax Developer CMS 0.1.1 index.php module Local File Inclusion Vulnerability http://sourceforge.net/projects/axdcms/ POC : /index.php?module=../../../../../../../../etc/passwd%00 W w w . T r Y a G . C o m...