[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.7-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index =3D es, users, permissions, while you still have the ability to...

http-put NSE Script

Uploads a local file to a remote web server using the HTTP PUT method. You must specify the filename and URL path with NSE arguments. Script Arguments http-put.file - The full path to the local file that should be uploaded to the server http-put.url - The remote directory and filename to store...

Netvolution 2.5.8 - 'referer' Header SQL Injection

source: https://www.securityfocus.com/bid/49918/info Netvolution is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

[SECURITY] Fedora 16 Update: phpMyAdmin-3.4.5-1.fc16

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Tajan System Arbitrary File Download

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Author : St493r Contact : [email protected] Title : Tajan System Arbitrary File Download Vulnerability Tested On : Linux Date : 28 - 09 - 2011 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++...

[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.5-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Aspgwy Access 1.0.0 Cross Site Scripting

=========================================================== aspgwyaccess1.0.0 XSS Vulnerability ----------------------------------------------------------- foun by :kurd-team group : kurdish hackers team contact : [email protected] site : kurdteam.org...

Persistent XSS vulnerability in eBuddy Web Messenger

Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security, Russian Federation, has discovered a persistent XSS vulnerability in eBuddy the biggest web IM solution in the world by transmitting messages with embedded encoded javascript code. In-depth detail...

ACal 2.2.6 Cross Site Scripting

================================================================= =ACal-2.2.6 XSS Vulnerability ================================================================= Exploit Title: ACal-2.2.6 XSS Vulnerability Date: 02.09.2011 Author: T0xic Category: webapps/0day Script url:...

http-vuln-cve2011-3192 NSE Script

Detects a denial of service vulnerability in the way the Apache web server handles requests for multiple overlapping/simple ranges of a page. References: See also: http-slowloris-check.nse http-slowloris.nse Script Arguments http-vuln-cve2011-3192.path Define the request path...

Td Web SQL Injection

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Td Web news.php?idcategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.tdweb.it/ Persian Gulf 4 Ever! Exploite: www.victim.com/news.php?idcategoria=SQL Example :...

Cross-site Scripting (XSS) Vulnerability in Redirection WordPress Plugin

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Redirection WordPress Plugin which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Redirection WordPress Plugin Input passed via the "id" GET parameter to...

[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.3.2-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Virtual Consultant SQL Injection

exploit title : Virtual Consultant newsDetail.asp SQL Injection Vulnerability + author : CriminalCoder + category : WebApps + d0rk : inurl:/newsDetail.asp?secID= "Powered By Virtual Consultant" + vendor : www.v-consultant.co.uk/ + myWEB : http://beyz4de.wordpress.com + twitter :...

Cross-site Scripting (XSS) Vulnerabilities in eShop for Wordpress

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in eShop for Wordpress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in eShop for Wordpress 1.1 The vulnerability exists due to input sanitation error i...

[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.3.1-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahc(lebanese hacker)

Iframe Injection & Blind SQL Injection vulnerability on Apple.com exposed by Idahclebanese hacker After Sony hacks, Idahclebanese hacker is back to strike Apple.com . He found two vulnerability on as listed below. Iframe Injection : Click here Blind SQL INjection: Click Here Examples of the...

Nodesforum - '_nodesforum_node' SQL Injection

source: https://www.securityfocus.com/bid/48451/info Nodesforum is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...

EA Sports Cross Site Scripting

Information -------------------- Name : XSS Persistent in EA Sports Software : EA Sports Main site Vendor Homepage : http://www.ea.com Vulnerability Type : XSS Persistent Severity : Very High Researcher : Juan Sacco Description ------------------ EA Sports is prone to a XSS Stored vulnerability...

python security, bug fix, and enhancement update

python: 2.6.6-20 Resolves: CVE-2010-3493 2.6.6-19 Resolves: CVE-2011-1015 2.6.6-18 Resolves: CVE-2011-1521 2.6.6-17 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-16 - recompile against systemtap 1.4 Related: rhbz569695 2.6.6-15 - fix race condition that sometimes breaks the build wi...