Blog System 1.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection, and...

GENU CMS SQL Injection

GENU CMS sqli read.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

MS11-093: Vulnerability in OLE Could Allow Remote Code Execution (2624667)

The remote Windows host contains a flaw in the way OLE objects are handled in memory. An attacker can exploit this issue by tricking a user into opening a specially crafted OLE object file that could execute arbitrary code in the context of the user. C Tenable Network Security, Inc...

tinx-lfixss.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

PHP-Nuke Web_Links Module - cid SQL Injection

PHP-Nuke WebLinks Module - cid SQL Injection source: https://www.securityfocus.com/bid/27894/info The PHP-Nuke WebLinks module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow...

Particle Blogger 1.2.1 - 'Archives.php' SQL Injection

source: https://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...

Magic Photo Storage Website - '/user/add_news.php?_config[site_path]' Remote File Inclusion

source: https://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying...

Woltlab Burning Board Multiple SQL Injections

The remote version of Burning Board includes an optional module, the Database module, that fails to properly sanitize the 'fileid' parameter of the 'infodb.php' script, which can be exploited to launch SQL injection attacks against the affected host. %NASLMINLEVEL 70300 C Tenable Network Security...

IWebNegar - Multiple SQL Injections

IWebNegar - Multiple SQL Injections source: https://www.securityfocus.com/bid/11946/info iWebNegar is reported prone to multiple SQL injection vulnerabilities, these issues exist due to a lack of sufficient boundary checks performed on user-supplied URI parameter data. These issues could...

Debian DSA-362-1 : mindi - insecure temporary file

mindi, a program for creating boot/root disks, does not take appropriate security precautions when creating temporary files. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running mindi. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

KnowledgeBuilder 2.02.13.0 - Remote File Inclusion

KnowledgeBuilder 2.02.13.0 - Remote File Inclusion source: https://www.securityfocus.com/bid/9292/info KnowledgeBuilder is prone to a remote file include vulnerability. An attacker could exploit this to cause hostile PHP scripts to be included and executed from a remote server. This would occur i...

Opera Browser 6.0 6 - URI Display Obfuscation

Opera Browser 6.0 6 - URI Display Obfuscation source: https://www.securityfocus.com/bid/9281/info A weakness has been reported in Opera that may allow attackers to obfuscate the URI for a visited page. The problem is said to occur when a URI that is designed to access a specific location with a...

phpBB 2.0.x - 'profile.php' SQL Injection

source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the underlying database. As a result, it is...

Symantec Norton AntiVirus 20022003 - Device Driver Memory Overwrite

Symantec Norton AntiVirus 20022003 - Device Driver Memory Overwrite source: https://www.securityfocus.com/bid/8329/info It has been reported that a memory corruption vulnerability affects the Symantec Norton AntiVirus Device Driver. According to the report, one of the device control operation...

Speak Freely <=7.5 multiple remote and local vulnerabilities (the Hackademy Audit)

-- Summary -- Speak Freely is a free and open-sourced software used for efficient and secure encrypted voice communication over the Internet. It was written by John Walker, and runs on Windows and Unix. Homepage : http://www.fourmilab.ch/speakfree/ During a source code audit, the Hackademy staff...

WebStores 2000 browse_item_details.asp SQL Injection

The remote web server is running WebStores 2000, a set of ASP scripts designed to set up an e-commerce store. There is a flaw in the version of WebStores used on the remote host that may allow an attacker to make arbitrary SQL statements to the backend database. An attacker may be able to exploit...

PHP-Nuke 6.0/6.5 Web_Links Module - Full Path Disclosure

source: https://www.securityfocus.com/bid/7589/info The WebLinks module for PHP-Nuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this manner to mount further attacks...

Libopt.a 3.1x - Error Logging Buffer Overflow (1)

/ source: https://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. It has been reported that several Libopt.a error logging functions, may be prone to buffer overflow vulnerabilities when handling excessive data. The data may be suppli...

Formatstring Vulnerability in decfingerd 0.7

Hello all, I have no idea if this is the most current version of this application, I found it while browsing packetstormsecurity earlier. For all I know it may not even be kept current anymore. Anyhow... bad call to syslog is the culprit. I'm to lazy to code an exploit for this at the moment but ...

Microsoft Internet Explorer 5.0.1/6.0 - Content-Disposition Handling File Execution

source: https://www.securityfocus.com/bid/4752/info An issue exists in the way Microsoft Internet Explorer handles conflicting information in some HTTP headers used to describe non-HTML content. A malicious web server may provide content with misleading values in the content-type and...