SuSE 11 Security Update : Mozilla (SAT Patch Number 1328)

This update brings the Mozilla XULRunner engine to the 1.9.0.14 stable release. It also fixes various security issues : - / CVE-2009-30 /. MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 - Mozilla developers and community members identified and fixed...

pointter PHP content management system 1.2 - Multiple Vulnerabilities

pointter PHP content management system 1.2 - Multiple Vulnerabilities Pointter PHP Content Management System 1.2 Multiple Vulnerabilities Vendor: PangramSoft GmbH Product web page: http://www.pointter.com Affected version: 1.2 Summary: Pointter PHP Content Management System is an advanced, fast a...

Oracle Linux 4.9 kernel security and bug fix update

2.6.9-100 -cxgb3: prevent reading uninitialized stack memory to fix xgbextensionioctl infoleak Eugene Teo 633153 CVE-2010-3296 -mlx4: disable MSI-X by default Andy Gospodarek 530596 -ext3: call fs invalidatepage instead of blockinvalidatepage Josef Bacik 488611 -av7110: check for negative array...

Metasploit Framework v3.5.2 latest version download !

Our favourite exploitation framework – The Metasploit Framework has been updated! We now have Metasploit Framework version 3.5.2! "The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits...

CVE-2011-0773

PivotX is vulnerable to a Cross-Site Scripting (XSS) flaw in the image parameter of pivotx/modules/module_image.php, affecting PivotX before 2.2.3. The root cause is insufficient sanitization of user-supplied data. The documented impact is remote injection of arbitrary script/HTML. Remediation: u...

SA-CONTRIB-2011-004 - Multiple Vulnerabilities In Multiple Contributed Modules

Versions affected and proposed solutions OG Forum for Drupal 6.x OG Forum creates a forum per organic group and restricts viewing forum nodes by group membership. OG Forum does not properly implement access controls on private forums it creates, which can lead to a private group's forums becoming...

DEBIAN-CVE-2010-3435

The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...

SuSE 10 Security Update : Python (ZYPP Patch Number 7314)

With this update of Python : - a race condition in the accept implementation of smtpd.py could lead to a denial of service. CVE-2010-3493 - integer overflows and insufficient size checks could crash the audioop and rgbimg modules. CVE-2010-2089 / CVE-2010-1634 / CVE-2009-4134 / CVE-2010-1449 /...

Joomla Component com_allcinevid 1.0.0 Blind SQL Injection Vulnerability

Exploit for php platform in category web applications allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name allCineVid Vendor http://www.joomtraders.com Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta...

Joomla! Component allCineVid 1.0.0 - Blind SQL Injection

http://adv.salvatorefresta.net/allCineVidJoomlaComponent1.0.0BlindSQLInjectionVulnerability-18012011.txt allCineVid Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name allCineVid Vendor http://www.joomtraders.com Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website...

Windows Gather PowerShell Environment Setting Enumeration

This module will enumerate Microsoft PowerShell settings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows Gather PowerShell Environment Setting Enumeration', 'Description' = %q This...

PhpGedView <= 4.2.3 Local File Inclusion Vulnerability

Exploit for php platform in category web applications !/usr/bin/perl -w :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com PhpGedView = 4.2.3 Local File Inclusion Vulnerability...

Cross site scripting

Cross-site scripting XSS vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearchContentContent parameter...

LoveCMS 1.6.2 Final Multiple Local File Inclusion Vulnerabilities

Exploit for php platform in category web applications LoveCMS 1.6.2 Final Multiple Local File Inclusion Vulnerabilities found by cOndemned vendor: http://lovecms.org/ download: http://sourceforge.net/project/showfiles.php?groupid=168535 source of /system/admin/modules.php 13. ifisset$GET'install'...

LoveCMS 1.6.2 Local File Inclusion

LoveCMS 1.6.2 Final Multiple Local File Inclusion Vulnerabilities found by cOndemned vendor: http://lovecms.org/ download: http://sourceforge.net/project/showfiles.php?groupid=168535 source of /system/admin/modules.php 13. ifisset$GET'install' 14. 15. $include = $GET'install'; 16. 17...

LoveCMS 1.6.2 Final - Multiple Local File Inclusions

LoveCMS 1.6.2 Final - Multiple Local File Inclusions LoveCMS 1.6.2 Final Multiple Local File Inclusion Vulnerabilities found by cOndemned vendor: http://lovecms.org/ download: http://sourceforge.net/project/showfiles.php?groupid=168535 source of /system/admin/modules.php 13. ifisset$GET'install'...

Metasploit Framework v3.5.1 Updated Version Download !

Our favourite exploitation framework – The Metasploit Framework has been updated! We now have Metasploit version 3.5.1! "The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a...

Drupal Module Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/45276/info The Embedded Media Field, Media: Video Flotsam, and Media: Audio Flotsam modules for Drupal are prone to multiple remote vulnerabilities, including: 1. An HTML-injection vulnerability 2. An arbitrary-file-upload vulnerability. An attacker could...

DEBIAN-CVE-2010-4171

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

CVE-2010-4171

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...