5359 matches found
Unfixed XSS vulnerability at www.kwalib.or.kr
Security researcher cyber, has submitted on 01/04/2007 a cross-site-scripting XSS vulnerability affecting www.kwalib.or.kr, which at the time of submission ranked 3713492 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/04/2007. It is current...
Unfixed XSS vulnerability at www.j-shopping.jp
Security researcher s0m.ph, has submitted on 01/04/2007 a cross-site-scripting XSS vulnerability affecting www.j-shopping.jp, which at the time of submission ranked 322500 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/04/2007. It is...
Unfixed XSS vulnerability at www.foodsafetyforum.org
Security researcher RubberDuck, has submitted on 01/04/2007 a cross-site-scripting XSS vulnerability affecting www.foodsafetyforum.org, which at the time of submission ranked 4618925 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/04/2007. I...
Unfixed XSS vulnerability at www.webdeveloperlist.com
Security researcher cyber, has submitted on 01/04/2007 a cross-site-scripting XSS vulnerability affecting www.webdeveloperlist.com, which at the time of submission ranked 1261568 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/04/2007. It is...
Unfixed XSS vulnerability at www.tomshardware.com.tr
Security researcher cyber, has submitted on 01/03/2007 a cross-site-scripting XSS vulnerability affecting www.tomshardware.com.tr, which at the time of submission ranked 22936 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/03/2007. It is...
Unfixed XSS vulnerability at www.sarilacivert.org.tr
Security researcher MaXWeL, has submitted on 01/03/2007 a cross-site-scripting XSS vulnerability affecting www.sarilacivert.org.tr, which at the time of submission ranked 6266273 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/03/2007. It is...
[fixed URLs] firefox/thunderbird/seamonkey
The original advisory for this issue contained incorrect URLs for the Slackware 11.0 patches. Sorry about that! The URLs for the 10.2 packages were correct and the Firefox/Thunderbird links given for 11.0 would have been just fine anyway since 10.2 and 11.0 are using the same packages for those...
linkscaffe30.txt
Gonafish.com LinksCaffe 3.0 is free link indexing directory, we found that the file admin1953.php can be accessed directly to get full administration rights without password and username. Proof of exploit: http://www.example.com/pathtolinksCaffe/Admin/admin1953.php Or the images of mirror...
SSA-2006-0628032502
New kdebase packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue with KDM the KDE login manager which could be exploited by a local attacker to read any file on the system. The official KDE security advisory may be found here:...
kdebase kdm local file reading vulnerability
New kdebase packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue with KDM the KDE login manager which could be exploited by a local attacker to read any file on the system. The official KDE security advisory may be found here:...
Ultimate PHP Board 1.96 GOLD - Multiple Vulnerabilities
"; $ikey = ordsubstr$key, $i, 1; // print $i."ikey:".$ikey."...
Mandrake Linux Security Advisory : kernel (MDKSA-2006:086)
A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Prior to Linux kernel 2.6.16.5, the kernel does not properly handle uncanonical return addresses on Intel EM64T CPUs which causes the kernel exception handler to run on the user stack with the wrong GS...
clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability
Secunia reports: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS Denial of Service and potentially to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the HTTP client in the Freshclam command line...
CVE-2000-0354
mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory...
CVE-2000-0354
CVE-2000-0354 affects mirror 2.8.x on Linux; remote attackers can create files one level above the local target directory. Impact: partial integrity impact via a network vector with low complexity and no authentication. No remediation details are provided in the supplied documents.
CVE-2000-0354
mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory...
[SECURITY] New version of mirror fixes remote exploit
We have received reports that the version of mirror as distributed in Debian GNU/Linux 2.1 could be remotely exploited. When mirroring a remote site the remote site could use filename-constructions like " .." that would case mirror to work one level above the target directory for the mirrored...
[SECURITY] New version of mirror fixes remote exploit
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 18, 1999 - ------------------------------------------------------------------------ We have received reports that the...
"mirror" directory traversal
mirror is a Perl script which is widely used for making copy of remote FTP site. It's included in FreeBSD packages. There are security holes, which allows overwrite local files from remote ftp site with permissions of the user who uses mirror. Then retrieving directory listing mirror doesn't chec...