WordPress Zingiri Forums Plugin - Local File Include

Zingiri Forums plugin is prone to a local file include vulnerability. It allows an attacker to view files and execute local scripts in the context of the web server process. Solution Update the plugin...

Why you should try to join some of the underground hacker forums that are out there

Even if you are considered to be a white hat hacker, you are always still walking a fine line between being a bad guy and a good guy in many people eyes. There are a lot of people out there who believe that there should be no hacking at all being done and everyone who does it should be considered...

FBI Warns of New Twist to Reveton, Citadel Malware Scams

The cybercrime group behind the Citadel malware and Reveton ransomware has upped the stakes with a new extortion technique, the FBI’s Internet Crime Complaint Center said today. Reveton scams have now co-opted the Internet Crime Complaint Center with a new fake warning to users whose computers ha...

Skype Community Body / Title Cross Site Scripting

Title: ====== Skype Community - Mail Encoding Web Vulnerability 1 Date: ===== 2012-11-20 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=708 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13021bc VL-ID: ===== 708 Common Vulnerability Scoring System:...

Skype Community - Mail Encoding Web Vulnerability #2

Document Title: =============== Skype Community - Mail Encoding Web Vulnerability 2 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=719 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13022 & 13034 Release Date: ============= 2012-11-20 Vulnerability...

Skype Community - Mail Encoding Web Vulnerability #2

Document Title: =============== Skype Community - Mail Encoding Web Vulnerability 2 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=719 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13022 & 13034 Release Date: ============= 2012-11-20 Vulnerability...

Skype Community - Mail Encoding Web Vulnerability #1

Document Title: =============== Skype Community - Mail Encoding Web Vulnerability 1 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=708 MICROSOFT SECURITY RESPONSE CENTER MSRC ID: 13022 & 13034 Release Date: ============= 2012-11-19 Vulnerability...

CVE-2012-4954

The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack, related to a "parameter manipulation" issue...

Design/Logic Flaw

The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack, related to a "parameter manipulation" issue...

CVE-2012-4954

Summary (evidence-based): Vanilla Forums, prior to version 2.1a32, is affected by a parameter manipulation vulnerability on the edit-profile page. An authenticated attacker who can perform a man-in-the-middle attack can replace the target UserID and modify arbitrary profile settings, including th...

dotProject <= 2.1.6 Remote File Inclusion Vulnerability

Exploit for php platform in category web applications Discovered by dun \ posdubatgmail.com 2012-11-13 dotProject = 2.1.6 Remote File Inclusion Vulnerability Script: "PHP web-based project management framework that includes modules for companies, projects, tasks with Gantt charts, forums, files,...

Vanilla Forums version 2.1.a26 contains a parameter manipulation vulnerability

Overview Vanilla Forums version 2.1.a26 and possibly other versions is vulnerable to parameter manipulation via the "edit profile" page of authenticated users. Description CWE-280: Improper Handling of Insufficient Permissions or PrivilegesVanilla Forums version 2.1.a26 and possibly other version...

ImageShack Server and Symantec Database hacked and Dumped

Hackers hack into ImageShack server and expose all the files online, moreover Antivirus Company Symantec's portal also hacked by them and complete database of all 1000's of researchers dumped in a pastebin File. One of the hacker behind this hack avilable on twitter at @Doxbin. Hacker expose...

Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity

The elusive authors of the Citadel Trojan have released a new version of their banking botnet malware and service. The latest version, the sixth since it debuted in January and dubbed Rain, includes a dynamic configuration mechanism that allows botmasters to inject malicious content to compromise...

CVE-2012-5313

SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPICID parameter...

Sql injection

SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPICID parameter...

CVE-2012-5313

SQL injection vulnerability in forum.asp in Snitz Forums 2000 allows remote attackers to execute arbitrary SQL commands via the TOPICID parameter...

CVE-2012-5313

CVE-2012-5313 describes an SQL injection in the Snitz Forums 2000 product, specifically in forum.asp via the TOPIC_ID parameter. This allows remote attackers to manipulate SQL commands, potentially exposing or altering data. The vulnerability is tied to the Web application’s handling of TOPIC_ID ...

CVE-2012-5295

Cross-site scripting XSS vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in login.cfm in FuseTalk Forums 3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the windowed parameter...