CVE-2013-1058

maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle MITM attack...

[MISP v2.1] Malware Information Sharing Platform

The problem that we experienced in the past was the difficulty to exchange information about targeted malwares and attacks within a group of trusted partners, or a bilateral agreement. Even today much of the information exchange happens in unstructured reports where you have to copy-paste the...

Oracle Linux 3 / 4 : openoffice.org (ELSA-2007-0406)

From Red Hat Security Advisory 2007:0406 : Updated openoffice.org packages to correct a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office...

export_requests

This plugin exports all discovered HTTP requests URL, Method, Params to the given file CSV which can then be imported in another scan by using the crawl.importresults. One configurable parameter exists: outputfile Plugin type Output Options Name | Type | Default Value | Description | Help...

[MSF-Installer] Script to Automate Metasploit Framework Installation

Script to help with installing and configuring Metasploit Framework, Armitage and the Plugins I have written on OSX and Linux To use the script on OSX Java, Xcode and Command Development Tools from Xcode must be installed before running the script. In the case of OSX I also added the option of...

[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8-1.fc18

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

CVE-2013-1516

Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server...

Design/Logic Flaw

Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server...

CVE-2013-1516

Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server...

CVE-2013-1516

Unspecified vulnerability in the Oracle WebCenter Capture component in Oracle Fusion Middleware 10.1.3.5.1 allows remote authenticated users to affect availability via unknown vectors related to Import Server...

Microsoft Internet Explorer CSS导入处理拒绝服务漏洞

Microsoft Internet Explorer是一款流行的WEB浏览器 Microsoft Internet Explorer处理特制的CSS导入存在一个段错误，允许攻击者构建恶意WEB页，诱使用户解析，使应用程序崩溃。 此漏洞需要用户一些交互才能触发，并且目前来看不能用于执行代码 0 Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 厂商解决方案 目前没有详细解决方案提供： http://www.microsoft.com/...

hishop和易分销系统演示站入侵

简要描述： hishop、易分销、快店通演示站被成功入侵 详细说明： 在导入淘宝数据包的同时会解压数据包。 如果在数据包（压缩文件）里面放一句话同时会解压 解压之后目录就是压缩文件夹的名字 漏洞证明： 快店通： hishop 易分销 img src="https://images.seebug.org/u...

Moving custom attributes through import/export of CSV file

Purpose To export custom attributes from one installation of Business View to another, follow these steps: 1. Click Configuration in the top right corner of the screen and navigate to the Import/Export pane. 2. This step is not mandatory If you want to pre-designate which custom attributes Busine...

ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow

The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax server...

Portal: XML eXternal Entity (XXE) flaw in site import

The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 allows remote attackers to read arbitrary files via a crafted external XML entity in an XML document, aka an XML Entity Expansion XEE attack...

Portal: remote unauthenticated site import

The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly check authentication when importing Zip files, which allows remote attackers to modify site contents, remove the site, or alter the access controls for portlets...

Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability

================================================================== Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability ================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: Remote Code...

Alt-N MDaemon WebAdmin Remote Code Execution

================================================================== Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability ================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: Remote Code...

CVE-2012-6356

IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5 allow remote authenticated users to gain privileges via vectors related to an import operation...

CVE-2012-6356

CVE-2012-6356 affects IBM Maximo Asset Management 7.5, Maximo Asset Management Essentials 7.5, and SmartCloud Control Desk 7.5. The vulnerability allows remote authenticated users to escalate privileges via vectors related to an import operation. The available sources (NVD entry and related recor...