2004 matches found
Google Releases Chrome 4.0.249.89
Google has released Chrome 4.0.249.89 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...
Adobe Releases Security Bulletins for Acrobat, Reader, and Flash Player
Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an...
Cisco Releases Advisory for IronPort Encryption Appliance
Cisco has released an advisory to address multiple vulnerabilities in IronPort Encryption Appliance. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review...
Oracle Releases Security Alert for WebLogic Server Vulnerability
Oracle has released a security alert to address a vulnerability in Oracle WebLogic Server. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands on an affected system. US-CERT encourages users and administrators to review the Oracle security...
Microsoft Releases Security Advisory 980088
Microsoft has released Security Advisory 980088 to alert users of a vulnerability in Microsoft Internet Explorer. The advisory indicates that exploitation of this vulnerability may allow an attacker to harvest user credentials and other sensitive information by enticing users to visit a malicious...
SA-CONTRIB-2010-011 - Feedback - Cross Site Scripting
Feedback module enables users and visitors of a Drupal site to quickly send feedback messages about the currently displayed page. When displaying reports about submitted feedback, the module does not properly sanitize the user agent strings from the Browscap module before display, leading to a...
Google Releases Chrome 4.0.249.78
Google has released Chrome 4.0.249.78 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or cause a denial-of-service condition. US-CERT encourages users and...
Adobe Releases Shockwave Player Update
Adobe has released an update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT...
KB "Running JIRA over SSL or HTTPS" needs review for Windows Standalone scenario
There are three recommended updates to the KB Running JIRA over SSL or HTTPS|http://confluence.atlassian.com/display/JIRA/Running+JIRA+over+SSL+or+HTTPS based on customer feedback. 1. quote When asked to "What is your first and last name" make sure you enter in the DNS name that you will use to...
Joomla! Component com_foobla_suggestions (idea_id) 1.5.11 - SQL Injection
Joomla! Component comfooblasuggestions ideaid 1.5.11 - SQL Injection ----------------------------------------------------------------------------------------- joomla component comfooblasuggestions ideaid SQL Injection Vulnerability...
ITechBids 8.0 (itechd.php productid) Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " ITechBids v8.0 Blind SQL Injection Exploit \n"; print " \n"; print " itechd.php productid...
CVE-2009-2588
Multiple cross-site scripting XSS vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to 1 feedback.php, 2 index.php, and 3 lostpassword.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Hotscripts Type PHP Clone Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to 1 feedback.php, 2 index.php, and 3 lostpassword.php...
Ebay Clone 2009 - Multiple SQL Injections
Ebay Clone 2009 - Multiple SQL Injections ---------------------------------------------------------------------------------------------------- Name : Ebay Clone 2009 Multiple SQL Injection Vulnerabilities Site : http://www.ebayclonescript.com/ Demo : http://ebayclonescript.com/ebayclone2009/...
Ebay Clone 2009 Multiple SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ====================================================== Ebay Clone 2009 Multiple SQL Injection Vulnerabilities ======================================================...
FormMail 1.92 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ============================================= FormMail 1.92 Multiple Remote Vulnerabilities ============================================= FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected...
formmail 1.92 - Multiple Vulnerabilities
FormMail 1.92 Multiple Vulnerabilities Name Multiple Vulnerabilities in FormMail Systems Affected FormMail 1.92 and possibly earlier versions Severity Medium Impact CVSSv2 Medium 4.3/10, vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Vendor http://www.scriptarchive.com/formmail.html Advisory...
Surat Diamond Blind SQL Injection
Blind sql injection found at URL: http://www.suratdiamond.com/prodcriteria.aspx Entity: matid Security Risk: It is possible to view, modify or delete database entries and tables Below are the tables found on the database admin uid username userpass 1 admin removed brochureimage Carat CartMaster...
Cross site scripting
Cross-site scripting XSS vulnerability in the leave comment feedback feature in Typo 5.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 commentauthor Name and 2 commenturl Website parameters...
NXP Semiconductors MIFARE Classic Smartcard - Multiple Vulnerabilities
NXP Semiconductors MIFARE Classic Smartcard - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/31853/info MIFARE Classic is prone to multiple security weaknesses: 1. A security weakness may allow attackers to recover the internal state of the linear feedback shift register. 2. A...