CVE-2014-4736

SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...

Sql injection

SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...

Nullsoft SHOUTcast 1.9.2 icy-name/icy-url Memory Corruption Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8954/info Nullsoft SHOUTcast Server is prone to a memory corruption vulnerability that may lead to denial of service attacks or code execution. This is due to insufficient bounds checking of server commands supplied by...

MS Virtual Machine 2000/3100/3200/3300 Series com.ms.activeX.ActiveXComponent Arbitrary Program Execution

No description provided by source. source: http://www.securityfocus.com/bid/1754/info If a malicious website operator were to embed a specially crafted java object into a HTML document, it would be possible to execute arbitrary programs on a target host viewing the webpage through either Microsof...

SAP Netweaver Dispatcher Multiple Vulnerabilities

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Netweaver Dispatcher Multiple Vulnerabilities 1. Advisory Information Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL:...

OBOphiX <= 2.7.0 (fonctions_racine.php) Remote File Inclusion Vuln

No description provided by source. OBOphiX fonctionsracine.php = 2.7.0 Remote File Include Vulnerability + Author : EA Ngel + Location : Manado - Indonesia + Situs : wwwdotmanadocodingdotnet + Contact : [email protected] + Download Script :...

Citrix Presentation Server Client 9.200 WFICA.OCX ActiveX Component Heap Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21458/info Citrix Presentation Server Client is prone to a heap buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An...

phpMyAdmin 2.5.7 - Remote code injection Exploit

No description provided by source. / phpmy-explt.c written by Nasir Simbolon nasir kecapi com eagle kecapi com Jakarta, Indonesia June, 10 2004 A phpMyAdmin-2.5.7 exploite program. This is a kind of mysql server wrapper acts like a proxy except that it will sends a fake table name, when client...

Joomla XCloner Component (com_xcloner-backupandrestore) Remote Command Execution

No description provided by source. !/usr/bin/python Joomla component comxcloner-backupandrestore remote code execution exploit Vendor: http://www.xcloner.com/ Our true divinity is in our ability to create. And armed with the understanding of the symbiotic connections of life, while being guided b...

SAP Netweaver Message Server Multiple Vulnerabilities

No description provided by source. 1. Advisory Information Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities Date published: 2013-02-13 Date of last update:...

Joomla Fastball component 1.1.0-1.2 - SQL Injection

No description provided by source. Joomla Component comfastball Remote SQL injection vulnerability - league Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : September 23, 2009 Hello My Name Is : . | | / / ||\ / | |/ /\ \ / \ / \ \ || \ / | / / Y \ | | || / /...

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow

No description provided by source. MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow Release date: 2011-02-14 Author: Cupidon-3005 Greet: Winny Thomas, Laurent Gaffie, h07 Bug: Heap Overflow Remote Exploitability: Unlikely Local Exploitability: Likely Context: Broadcast,...

Towelroot : One-Click Android Rooting Tool Released By Geohot

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot aka George Hotz - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on...

SAP NetWeaver AS Java CIM UPLOAD - XXE

Application: SAP NetWeaver AS Java Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 16.06.2014 Vendor response: 17.06.2014 Date of Public Advisory: 18.05.2015 Reference: SAP Security Note 2090851 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XML External...

SAP Mobile Platform - XXE

Application: Mobile Platform Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.02.2015 Reference: SAP Security Note 2125358 Authors: Dmitry Chastukhin ERPScan VULNERABILITY INFORMATION Class: XML External Entity...

SAP Management Console ReadProfile Parameters - Information disclosure

Application: SAP NetWeaver 7.40 Vendor URL: http://www.sap.com Bugs: Information disclosure Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2091768 Authors: Dmitry Chastukhin ERPScan VULNERABILITY INFORMATION Class: Information...

SAP NetWeaver - Hardcoded Credentials

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2057982 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...

SAP NetWeaver - Hardcoded credentials

Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2059659 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...

SAP NetWeaver Dispatcher Multiple Vulnerabilities - RCE, DoS

Application: SAP NetWeaver Dispatcher Versions Affected: SAP KERNEL 7.00 32BIT, disp+work.exe 7000.52.12.34966 Vendor URL: http://www.sap.com Bugs: Buffer overflow CWE-119, Integer overflow CWE-190, Improper Input Validation CWE-20 CVSS: AV:N/AC:H/Au:S/C:C/I:C/A:C 7.1 Exploits: PoC Reported:...

Threat Outbreak Alert: Fake Personal Note Email Messages on May 28, 2014

Medium Alert ID: 34389 First Published: 2014 May 28 17:39 GMT Version: 1 Summary Cisco Security has detected significant activity related to German-language spam email messages that claim to contain a personal note for the recipient. The text in the email message attempts to convince the recipien...