Tails - The Amnesic Incognito Live System Released

Tails , The Amnesic Incognito Live System, is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete...

CVE-2014-2405

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462...

CVE-2014-0462

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405...

Design/Logic Flaw

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462...

CVE-2014-2405

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462...

PerfectWare CMS SQL Injection

PerfectWare CMS SQL Injection Risk: High CWE number: CWE-89 Author: Hugo Santiago dos Santos Contact: [email protected] Date: 09/05/2014 Vendor Homepage: http://www.perfectware.com.br/ Robson Gutierrez Tested on: Windows 7 and Gnu/Linux Google Dork: intext:Desenvolvimento By Robson Gutierrez U...

Jasper Server 5.5 Session Fixation

Session Fixation / Hijacking on JasperServer + Date: 09/05/2014 + Risk: High + CWE number: CWE-384 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.jaspersoft.com/ + Software Download : http://sourceforge.net/projects/jasperserver/ + Contact: [email protected] + Tested on:...

Enquete yS 1.0 SQL Injection Vulnerability

Enquete yS version 1.0 suffers from a remote SQL injection vulnerability. Enquete yS - Full v. 1.0 POST SQL Injection in Panel Admin Risk: High CWE number: CWE-89 Author: Hugo Santiago dos Santos Contact: email protected Date: 08/05/2014 Vendor Homepage:...

Enquete yS 1.0 SQL Injection

Enquete yS - Full v. 1.0 POST SQL Injection in Panel Admin Risk: High CWE number: CWE-89 Author: Hugo Santiago dos Santos Contact: [email protected] Date: 08/05/2014 Vendor Homepage: http://phpbrasil.com/script/AG216GUqK7nS/enquete-ys--full-v-10-yourspotcombr Version: v1.0 Tested on: Windows 7...

BlackArch Linux v2014.04.21 - Lightweight expansion to Arch Linux for pentesters and security researchers

BlackArch Linux is an Arch-based GNU/Linux distribution for pentesters and security researchers. The BlackArch package repository is compatible with existing Arch installs. Changelog v2014.04.21 added new system packages: mplayer, abs, ack, bc, bridge-utils, darkhttpd, flashplugin, inotify-tools,...

CVE-2014-0462

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405...

UBUNTU-CVE-2014-2405

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462...

DSA-2907-1 squeeze end-of-life

This is an advance notice that regular security support for Debian GNU/Linux 6.0 code name squeeze will be terminated on the 31st of May. However, we're happy to announce that security support for squeeze is going to be extended until February 2016, i.e. five years after the initial release. This...

VFU 4.10-1.1 Stack Buffer Overflow

Author: Provensec http://www.provensec.com Tested on GNU/Linux - Debian Wheezy Description: VFU v4.10-1.1 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to execute...

GNUPanel 0.3.5_R4 - Multiple Vulnerabilities

GNUpanel version 0.3.5R4 suffers from cross site request forgery and cross site scripting vulnerabilities. Exploit Title :GNUpanel 0.3.5R4 - Multiple Vulnerabilities Vendor Homepage :http://wp.geeklab.com.ar/gl-en/gnupanel/ GNUPanel Version :0.3.5R4 Server :Centos 6.4 Exploit Author :Necmettin...

CVE-2011-4613

The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...

Veno File Manager Arbitrary File Download

Exploit Title : Veno File Manager Arbitrary File Download Vulnerability Google Dork : allintitle: "Veno File Manager" Date : 10/12/2013 Exploit Author : Daniel Godoy Vendor Homepage :...

Zend-Framework - Full Info Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on :...

Zend-Framework - Full Information Disclosure

Zend-Framework - Full Information Disclosure Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on : GNU/Linu...

Zend-Framework - Full Information Disclosure

Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on : GNU/Linux CommentGreetz : Daniel Godoy PoC : The...