phonon, qt security update

CentOS Errata and Security Advisory CESA-2013:0669 Updated qt packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Raidbooking v.1.1 <= Sql Injection Vulnerability

Raidbooking Is A Guild Manager for MMORPGS +P0c : localhost/raid.php?id=1 +Examples: http://mossraid.wz.cz//raid.php?id=1%27 http://wow.boule.cz/raids/raid.php?id=1%27 http://www.fredzy.fr/WOW/raidCP/raid.php?id=1%27%22 ---|DzMafia|--- We Are : PassWord | BackUp | Gel-dz | EliteTrojan | Lakamora ...

ZPanel 10.0.1 XSS / CSRF / SQL Injection

Exploit Title: ZPanel = 10.0.1 CSRF, XSS, SQLi, Password Reset Date: 04/11/2012 Exploit Author: pcsjj Vendor Homepage: http://www.zpanelcp.com/ Version: 10.0.1 Software Link: http://sourceforge.net/projects/zpanelcp/files/latest/download Downloads: 90,382 CVE : CVE-2012-5683 CSRF, CVE-2012-5684...

Gong Interactive Web Design SQL Injection

gonginteractive Web Design Sql Injection Vulnerability + Exploit Title : gonginteractive Web Design Sql Injection Vulnerability Author : Siamak.Black Site : Http : www.datacoders.org & iranhack.org Tested On : BackTrack 5 & 7 Emai : [email protected] Software Link : http://gonginteractive.co...

Dornica CMS SQL Injection

dornica Cms Sql Injection Vulnerability + Exploit Title : dornica Cms Sql Injection Vulnerability + Google Dork :Powered And Designed By PersianSoft.org & powered by dornica + Autor : Siamak.Black + Download : http://www.dornica.net/ + MAil : [email protected] + Tested on: BackTrack , 7...

Fluger Edit 2 Blind SQL Injection / Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ===================================================== Vulnerable Software: Fluger Edit v.2 || administration software Vendor: http://www.fluger.com/ Software License: Commercial Vulnerabilities: Blind SQL Injection And XSS Tested: In Wild...

Scientific Linux Security Update : tomcat5 on SL5.x i386/x86_64

A flaw was found in the way Tomcat handled the Transfer-Encoding header in HTTP requests. A specially crafted HTTP request could prevent Tomcat from sending replies, or cause Tomcat to return truncated replies, or replies containing data related to the requests of other users, for all subsequent...

Limny 3.3.1 Blind SQL Injection

Exploit Title: Limny v 3.3.1 Blind SQL Injection Date: 31/7/2012 Author: L0n3ly-H34rT Homepage: http://se3c.tk/ Contact: [email protected] Software Link: http://www.limny.org/releases/limny-3.3.1.zip Tested on: Linux/Windows Example 1: http://127.0.0.1/limny-3.3.1/index.php?q=-1' or 57 = '5...

Apache Struts struts-examples upload-submit.do 'theText' Parameter XSS

The remote web server hosts struts-examples, a demonstration application for the Struts framework. Input passed via the 'theText' POST parameter to the 'upload-submit.do' page is not properly sanitized before using it to generate dynamic HTML. By tricking a user into clicking on a specially craft...

Vnet - SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload

WordPress Plugin Omni Secure Files 0.1.13 - Arbitrary File Upload Exploit Title: Wordpress Omni-secure-files 0.1.13 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/omni-secure-files/ Date: 07/06/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://omni-secure.com/ Software Link...

PHP Volunteer Management System 1.0.2 - Multiple SQL Injections

Title: PHP Volunteer Management System v 1.0.2 multiple SQLi Vulnerabilities Version: 1.0.2 Author/Found by: loneferret Software Site: https://sourceforge.net/projects/phpvolunteer/ Other vulnerabilities: http://www.exploit-db.com/exploits/18941/ Date found: May 28th 2012 Tested on: Ubuntu Server...

Dow Group Design SQL Injection

. . . . | | | / || \ \ | / | | / \ / | / \ / \ / \ / /| |\ \ / \ / \ / / \ / | / \ \ \ | || | / // | | | \ / \ \ | | / | | \ \ / // | \ / | | / |||| /\ | / || / \ / || /|| / \ / / \ | \ || / / / / / / / / / /...

Comment field on GH cards do not respect the comment visibility.

If you add the Comment field on any Issue Views on GH the field shows the latest comment but it doesn't inherit the comment visibility from Jira. This misbehaviour happens on Planning board and Task board with any GH views Summaries, Cards and Lists. Steps to Reproduce: Add the comment field to a...

EasyWebRealEstate blind defect and repair-vulnerability warning-the black bar safety net

Title: EasyWebRealEstate Blind SQL Injection Vulnerabilitiy Author: H4ckCity Security Team farbodmahini badguest. cnwww. badguest. cn WwW.H4ckCity.Org Software address: www.easywebrealestate.com Affects all version: All Version Testing platform: GNU/Linux Ubuntu - Windows Server - win7 Example...

mPDF <= 5.3 file disclosure and fix-vulnerability warning-the black bar safety net

Title: mPDF = 5.3 File Disclosure Author: ZadYree Download address: http://www.mpdf1.com/mpdf/download Affected versions: 5.3 and prior Test platform: multiple !/ usr/bin/perl-U =head1 TITLE mPDF = 5.3 File Disclosure Exploit 0day =head2 SYNOPSIS -- examples/showcode.php --...

FCMS CMS 2.7.2 - Multiple Cross-Site Request Forgery Vulnerabilities

FCMS2.7.2 cms and earlier multiple CSRF Vulnerability =================================================================================== Exploit Title: FCMS2.7.2 cms multiple CSRF Vulnerability Download link...

Multiple vulnerabilities in PHPShop CMS Free

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in PHPShop CMS Free, which can be exploited to perform cross-site scripting and SQL injection attacks. 1 Cross-Site Scripting in PHPShop CMS Free 1.1 Input appended to the URL after multiple files is not properly...

Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting

Cyclope Internet Filtering Proxy 4.0 - Persistent Cross-Site Scripting !/usr/bin/python Title: Cyclope Internet Filtering Proxy 4.0 - Stored XSS Vuln. From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Software link:...

Multiple vulnerabilities in BugFree

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BugFree which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerabilities in BugFree 1.1 Input passed via the "ActionType" GET parameter to Bug.php is not properly sanitis...