8692 matches found
Default configuration
DISPUTED The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the CyberoamSSLC...
DEBIAN-CVE-2012-3818
The fpm exporter in Revelation 0.4.13-2 and earlier encrypts the version number but not the password when exporting a file, which might allow local users to obtain sensitive information...
KeePass Password Safe 1.22 - Encoding Filter Vulnerability
Document Title: =============== KeePass Password Safe 1.22 - Encoding Filter Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=615 Release Date: ============= 2012-06-24 Vulnerability Laboratory ID VL-ID: ====================================...
KeePass Password Safe 1.22 - Encoding Filter Vulnerability
Document Title: =============== KeePass Password Safe 1.22 - Encoding Filter Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=615 Release Date: ============= 2012-06-23 Vulnerability Laboratory ID VL-ID: ====================================...
Interspire Shopping Cart v6 - Multiple Web Vulnerabilities
Title: ====== Interspire Shopping Cart v6 - Multiple Web Vulnerabilities Date: ===== 2012-06-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=593 VL-ID: ===== 593 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: =============...
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure
WordPress Plugin Easy Contact Forms Export 1.1.0 - Information Disclosure Description : Wordpress Plugins - Easy Contact Forms Export Information Disclosure Vulnerability Version : 1.1.0 Link : http://wordpress.org/extend/easy-contact-forms-exporter/ Plugins :...
WordPress Plugin Email NewsLetter 8.0 - 'option' Information Disclosure
source: https://www.securityfocus.com/bid/53850/info The Email Newsletter plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attackers can exploit this issue to obtain sensitive information that may aid in...
WordPress Newsletter Manager 1.0 Cross Site Scripting
Hi We have used our tool, THAPS, to identify vulnerabilities in this WordPress plugin. We have confirmed at least one of the reported vulnerabilities and created a working exploit located below. Attached is one or more log files containing the output of our tool, identifying the location of the...
Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow
Exploit for windows platform in category local exploits ?php // Adobe Photoshop CS5.1 U3D.8bi Library Collada Asset Elements // Unicode Conversion Stack Based Buffer Overflow poc .dae // 32bit/SEH // // unicode overflow occurs when overlong asset elements are processed // one could be able to...
CVE-2012-0555
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0556,...
CVE-2012-0554
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0555, CVE-2012-0556,...
Buffer overflow
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0555,...
CVE-2012-0556
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0555,...
CVE-2012-0555
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows remote attackers to affect confidentiality, integrity, and availability, related to Outside In Image Export SDK, a different vulnerability than CVE-2012-0554, CVE-2012-0556,...
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.0-1.fc17
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
[SECURITY] Fedora 16 Update: phpMyAdmin-3.5.0-1.fc16
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...
Cyber Attack on The Iranian Oil Ministry's Computer Network
Cyber Attack on The Iranian Oil Ministry's Computer Network The Iranian oil ministry's computer network came under attack from hackers and a computer virus, prompting the Islamic Republic to disconnect the country's main oil export terminal from the internet as a preventative measure, a...
t3_dbtools_seditio_plugin_CSRF
====================================================================== Vulnerable software: T3 DB Tools Version 1.6 seditio database management plugin. Developed by : http://www.t3-design.com/t3-db-tools/ MD5 SUM: 8ab362601793e238f504783fd9953dd4 dbtools.rar...
'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670)
'PHP Grade Book' Unauthenticated SQL Database Export CVE-2012-1670 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in admin/index.php that allows for an unauthenticated user to export the entire application database by...
Teampass <= v2.1.6 Arbitrary File Upload / Export decrypt passwords
Exploit for php platform in category web applications Vendor or Software Link: https://github.com/nilsteampassnet/TeamPass Version: connect; // Get all accounts $rows = $db-fetchallarray" SELECT i.id AS id, i.restrictedto AS restrictedto, i.perso AS perso, i.label AS label, i.description AS...