UBUNTU-CVE-2014-2405

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462...

DSA-2907-1 squeeze end-of-life

This is an advance notice that regular security support for Debian GNU/Linux 6.0 code name squeeze will be terminated on the 31st of May. However, we're happy to announce that security support for squeeze is going to be extended until February 2016, i.e. five years after the initial release. This...

VFU 4.10-1.1 Stack Buffer Overflow

Author: Provensec http://www.provensec.com Tested on GNU/Linux - Debian Wheezy Description: VFU v4.10-1.1 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to execute...

GNUPanel 0.3.5_R4 - Multiple Vulnerabilities

GNUpanel version 0.3.5R4 suffers from cross site request forgery and cross site scripting vulnerabilities. Exploit Title :GNUpanel 0.3.5R4 - Multiple Vulnerabilities Vendor Homepage :http://wp.geeklab.com.ar/gl-en/gnupanel/ GNUPanel Version :0.3.5R4 Server :Centos 6.4 Exploit Author :Necmettin...

CVE-2011-4613

The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...

Veno File Manager Arbitrary File Download

Exploit Title : Veno File Manager Arbitrary File Download Vulnerability Google Dork : allintitle: "Veno File Manager" Date : 10/12/2013 Exploit Author : Daniel Godoy Vendor Homepage :...

Zend-Framework - Full Info Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on :...

Zend-Framework - Full Information Disclosure

Zend-Framework - Full Information Disclosure Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on : GNU/Linu...

Zend-Framework - Full Information Disclosure

Exploit Title : Zend-Framework Full Info Disclosure Google Dork : inurl:/application/configs/application.ini Date : 26/11/2013 Exploit Author : Ariel Orellana Vendor Homepage : http://framework.zend.com/ Category : Web applications Tested on : GNU/Linux CommentGreetz : Daniel Godoy PoC : The...

CVE-2013-5724

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

Code injection

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

CVE-2013-5724

Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations...

CVE-2013-5724

CVE-2013-5724 affects phpBB3 up to version 3.0.11-4 used in Debian GNU/Linux. The issue arises from world-writable permissions on cache files, enabling local users to modify file contents through standard filesystem writes. The vulnerability is localized to systems running the affected phpBB3 pac...

CVE-2013-1662

vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsbrelease binary in a directory in the PATH, related to use of the popen library function...

Design/Logic Flaw

vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsbrelease binary in a directory in the PATH, related to use of the popen library function...

CVE-2013-1662

CVE-2013-1662 affects VMware Workstation (8.x/9.x) and VMware Player (4.x/5.x) on Debian-based systems. A local attacker can escalate privileges to root by exploiting a crafted lsb_release binary in PATH via vmware-mount’s use of popen(3). The issue is rooted in how vmware-mount handles PATH and ...

CVE-2013-2162

Race condition in the post-installation script mysql-server-5.5.postinst for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive...

CVE-2013-2162

Race condition in the post-installation script mysql-server-5.5.postinst for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive...

Integrated CMS - SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================================================================== /Exploit Title : Integrated CMS Saudi SQL Injection \ /Exploit Author : DSST \ /Vendor Home Page : in2sol.com \ /Tested on: Windows...

Integrated CMS 1.0 - SQL Injection

========================================================================================================== /Exploit Title : Integrated CMS Saudi SQL Injection \ /Exploit Author : DSST \ /Vendor Home Page : in2sol.com \ /Tested on: Windows 7,GNU/Linux,Windows XP,Windows 8 \ /Google Dork:...