Codesys CmpWebServer Multiple Vulnerabilities

Codesys is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Voxsmart VoxRecord Control Centre 2.7 SQL Injection

======================================================================= VoxRecord Control Centre - version 2.7 Blind SQLi and auth. bypass ======================================================================= Affected Software : Voxsmart - VoxRecord Control Centre v. 2.7 Severity : Critical...

IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/49753/info IceWarp Web Mail is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to gain access to potentially sensitive information, and possibly cause denial-of-service conditions; other attacks may also be...

Important: Red Hat Security Advisory: JBoss Communications Platform 1.2.11 and 5.1.1 security update

An updated JBoss Web Services Native component for JBoss Communications Platform 1.2.11 and 5.1.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability...

Important: Red Hat Security Advisory: jbossws-common security update

An updated jbossws-common package that fixes one security issue is now available for JBoss Enterprise Application Platform 4.3 for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: jbossws-common security update

An updated jbossws-common package that fixes one security issue is now available for JBoss Enterprise Web Platform 5.1.1 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CV...

Important: Red Hat Security Advisory: jbossws-common security update

An updated jbossws-common.jar file for JBoss Enterprise Application Platform 5.1.1 that fixes one security issue is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System...

Important: Red Hat Security Advisory: jbossws-common security update

An updated jbossws-common package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.1 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring...

WordPress Plugin 1 Flash Gallery 1.30 1.5.7a - Arbitrary File Upload (Metasploit)

WordPress Plugin 1 Flash Gallery 1.30 1.5.7a - Arbitrary File Upload Metasploit Exploit Title: 1 Flash Gallery Wordpress Plugin Arbitrary File Upload Exploit Google Dork: inurl:"wp-content/plugins/1-flash-gallery" Date: 09/06/2011 Author: Ben Schmidt Software Link:...

Cross Site Scripting Vulnerability at Google Appspot

Cross Site Scripting Vulnerability at Google Appspot The Google Appspot "ClickDesk" login page is vulnerable to Cross Site Scripting attack. Cross Site scripting attack is a critical issue in web application. When an attacker gets a user's browser to execute his/her XSS code, the code will run...

IBM Lotus Domino HPRAgentName Parameter Stack Buffer Overflow

A stack buffer overflow vulnerability has been reported in IBM Lotus Domino. IBM Lotus Domino is a software suite which provides enterprise-class messaging, calendaring, and scheduling capabilities for collaborative applications. The vulnerability is due to insufficient input validation by IBM...

Citrix XenApp / XenDesktop XML Service Heap Corruption

No description provided by source. n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.002 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in...

Citrix XenApp / XenDesktop XML Service - Heap Corruption

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.002 28-Jul-2011 Vendor: Citrix, http://www.citrix.com Affected Products: XenApp and XenDesktop Affected Version: See the Citrix security bulletin 2 for a list Vulnerability: Heap Corruption in Citrix XML Service Risk: HIGH Vendor...

Portech MV-372 VoIP Gateway - Multiple Vulnerabilities

Portech MV-372 VoIP Gateway - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/48560/info The Portech MV-372 VoIP Gateway is prone to multiple security vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information, cause vulnerable devices to...

Portech MV-372 VoIP Gateway - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/48560/info The Portech MV-372 VoIP Gateway is prone to multiple security vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information, cause vulnerable devices to crash resulting in a denial-of-service condition, or...

Google: Spyware Found, Removed from Android Market

Google says it has suspended a number of suspicious applications from the Android Market after researchers at NC State announced they had discovered a new and particularly stealthy piece of spyware, dubbed “Plankton,” lurking in Android applications there. According to a report by computer scienc...

IBM Tivoli Endpoint Manager POST Query Buffer Overflow

Exploit for windows platform in category remote exploits $Id: ibmtivoliendpointbof.rb 12925 2011-06-12 00:04:55Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...

IBM Tivoli Endpoint Manager POST Query Buffer Overflow

$Id: ibmtivoliendpointbof.rb 12925 2011-06-12 00:04:55Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

IBM Tivoli Endpoint Manager - POST Query Buffer Overflow (Metasploit)

$Id: ibmtivoliendpointbof.rb 12925 2011-06-12 00:04:55Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

IBM Tivoli Endpoint Manager POST Query Buffer Overflow

This module exploits a stack based buffer overflow in the way IBM Tivoli Endpoint Manager versions 3.7.1, 4.1, 4.1.1, 4.3.1 handles long POST query arguments. This issue can be triggered by sending a specially crafted HTTP POST request to the service lcfd.exe listening on TCP port 9495. To trigge...