Directory traversal

Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magicquotesgpc is disabled, allow remote attackers to read arbitrary files via directory traversal sequences in the 1 theme parameter to loadStyles.php and the 2 scripts parameter to javascript/loadScripts.php. NOTE: the...

Joomla! Component user_id com_sqlreport - Blind SQL Injection

============================================================================== »Joomla Component userid comsqlreport Blind SQL Injection Vulnerability ============================================================================== » Script: Joomla » Language: PHP » Founder: Snakespc...

Winamp 5.57 - Browser IE Denial of Service

Winamp 5.57 - Browser IE Denial of Service From: Indonesia Tested Win xpsp2 Greetz: no thanks : Usage: change your winamp skin with bento, to open browser press ALT + X drag or load file to browser and keep smile : +---------------------------------------------------------------------------------...

Cross-domain data theft with CSS load

CSS can be loaded cross-domain, and in some cases it is be possible to read the data pointed to, leading to the possibility of cross-domain data theft...

CentOS 5 : kernel (CESA-2009:1106)

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

NTP: Denial of service

Background NTP is a set of the Network Time Protocol programs. Description Robin Park and Dmitri Vinokurov discovered that ntprequest.c in ntpd does not handle MODEPRIVATE packets correctly, causing a continuous exchange of MODEPRIVATE error responses between two NTP daemons or causing high CPU...

PHPhotoalbum 0.5 - SQL Injection

Title: PHPhotoalbum Remote sql injection Vulnerability Tested on: windows http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+user+from+mysql.user-- http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+loadfile/directory hex/config.inc.php+from+mysql.user--...

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijack...

Barracuda Web Firewall 660 Firmware 7.3.1.007 - Multiple Vulnerabilities

Pentest Information: ==================== GESEC Team remove discover a input validation vulnerability on Barracuda - Web Application Firewall 660 Appliance. A remote attacker is able to get sensitive customer sessions hijackor can implement script routines & malicious codesserver-side|persistent...

CVE-2009-4129

Race condition in Mozilla Firefox allows remote attackers to produce a JavaScript message with a spoofed domain association by writing the message in between the document request and document load for a web page in a different domain...

[SECURITY] Fedora 11 Update: memcached-1.2.8-2.fc11

memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load...

tomcat6 Denial-Of-Service with AJP connection

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and modjk load balancing are used, allows remote attackers to cause a denial of service application outage via a crafted request with invalid headers, related to temporary blocking of...

Mac OS X : Apple Safari < 4.0.4

The version of Apple Safari installed on the remote Mac OS X host is earlier than 4.0.4. As such, it is potentially affected by several issues : - Multiple use-after-free issues exist in libxml2, the most serious of which could lead to a program crash. CVE-2009-2414, CVE-2009-2416 - An issue in t...

tomcat6 Denial-Of-Service with AJP connection

Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and modjk load balancing are used, allows remote attackers to cause a denial of service application outage via a crafted request with invalid headers, related to temporary blocking of...

CVE-2009-3452

WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to obtain sensitive information via unspecified requests that trigger responses containing the saved-image folder pathname...

Unrestricted file upload

Unrestricted file upload vulnerability in RADactive I-Load before 2008.2.5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, and then sending a request for a predictable filename during a short time window...

CVE-2009-3447

Unrestricted file upload vulnerability in RADactive I-Load before 2008.2.5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, and then sending a request for a predictable filename during a short time window...

CVE-2009-3451

Directory traversal vulnerability in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to read arbitrary files via unspecified vectors...

Directory traversal

Directory traversal vulnerability in WebCoreModule.ashx in RADactive I-Load before 2008.2.5.0 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2009-3450

The CVE-2009-3450 entry describes multiple XSS vulnerabilities in WebCoreModule.ashx of RADactive I-Load before 2008.2.5.0. The issue stems from input parameters whose names begin with __ (double underscore), which bypasses the built‑in ASP.NET XSS protection and allows remote attackers to inject...