Path traversal

Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in 1 Crm/Controller.php, 2 Crm/Export/Csv.php, or 3 Calendar/Model/Attender.php, which reveal the full installation path...

Fedora 13 : subversion-1.6.16-1.fc13 (2011-2698)

A NULL pointer dereference flaw was found in the way the moddavsvn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. CVE-2011-0715 The Fedora Project would lik...

Cross-Site Scripting vulnerabilities in Icinga

Advisory: Cross-Site Scripting vulnerabilities in Icinga Advisory ID: SSCHADV2011-001 Author: Stefan Schurtz Affected Software: Successfully tested on: icinga-1.3.0 / icinga-1.2.1 Vendor URL: http://www.icinga.org Vendor Status: fixed csv export link to make it XSS save IE 1275 CVE-ID: -...

Icinga 1.3.0 / 1.2.1 Cross Site Scripting

Advisory: Cross-Site Scripting vulnerabilities in Icinga Advisory ID: SSCHADV2011-001 Author: Stefan Schurtz Affected Software: Successfully tested on: icinga-1.3.0 / icinga-1.2.1 Vendor URL: http://www.icinga.org Vendor Status: fixed csv export link to make it XSS save IE 1275 CVE-ID: -...

CVE-2010-4506

CVE-2010-4506 concerns Passlogix v-GO Self-Service Password Reset (SSPR) and OEM prior to version 7.0A. The flaw enables physically proximate attackers to run arbitrary programs without authentication by abusing an invalid SSL certificate and using Internet Explorer to navigate the filesystem via...

Oracle Document Capture Multiple Vulnerabilities

The Oracle Document Capture client installed on the remote host is potentially affected by multiple vulnerabilities : - An unspecified vulnerability exists in the Import Export utility. An attacker can exploit this to affect integrity. CVE-2010-3598 - An information disclosure vulnerability exist...

B.C. dating website hacked !

A hacker bankrupt into the online dating website Plenty of Fish aftermost week, auspiciously exporting hundreds of accounts. Markus Frind, CEO of the Vancouver-based company, said Monday all passwords accept been displace back the Jan. 18 aegis breach. He additionally said all annual users accept...

CVE-2010-3598

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility...

Buffer overflow

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility...

CVE-2010-3598

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Import Export Utility...

CVE-2010-3598

Affected product: Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5. The issue is described as an unspecified vulnerability relating to the Import Export Utility that allows remote attackers to affect integrity. The Connected documents corroborate multiple CVEs (...

Hack Record Book

Записная книга для хранения и обработки найденных на сайтах уязвимостей. Можно сохранить: + Ссылку. + Описание уязвимости. + ТИЦ, PR можно узнать автоматически. + Alexa rate. + Google indexed|not filtered pages count. + Дату и время записи. + Рейтинг уязвимости. + Ваши личные заметки по данному...

NetworkScanViewer v1.0.4 is out !

NetworkScanViewer is a GUI application designed to help view the results of nessus v4 and nmap v5 scan results. It combines the functionality of both NessusViewer and NmapViewer. The application loads the scan data from nessus and nmap XML, does some data cleansing, then displays the results on t...

CVE-2010-4503

SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...

Sql injection

SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...

CVE-2010-4503

SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute arbitrary SQL commands via the ID parameter in an export action...

Fedora Update for tuxguitar FEDORA-2010-15650

Check for the Version of tuxguitar OpenVAS Vulnerability Test Fedora Update for tuxguitar FEDORA-2010-15650 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

php: information leak vulnerability in var_export()

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

SqlInjector : A MS SQL Server Blind Injector !

SqlInjector was originally called as BlindSQLInjector. SqlInjector is an application to perform completely blind SQL injection, that currently supports only MS SQL Server. It uses time based inference to determine true or false conditions to extract data. The key feature is that it uses a binary...

Fedora Update for tuxguitar FEDORA-2010-15783

Check for the Version of tuxguitar OpenVAS Vulnerability Test Fedora Update for tuxguitar FEDORA-2010-15783 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...