Security Bulletin: Vulnerabilities in OpenSource Spring Source/Pivotal Spring Framework affect IBM Tivoli Netcool Configuration Manager (ITNCM) (CVE-2013-7315, CVE-2013-4152, CVE-2014-0054)

Summary There are a number of potential security vulnerabilities in OpenSource Spring Source/Pivotal Spring Framework, that is used by IBM Tivoli Netcool Configuration Manager ITNCM. Vulnerability Details CVEID: CVE-2013-7315 DESCRIPTION: Pivotal Spring Framework could allow a remote attacker to...

OpenSource ERP 6.3.1. - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenSource ERP SQL Injection Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows...

OpenSource ERP 6.3.1. - SQL Injection

Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows CVE-2019-5893...

OpenSource ERP 6.3.1. - SQL Injection

OpenSource ERP 6.3.1. - SQL Injection Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Window...

OpenSource ERP 6.3.1 SQL Injection

Exploit Title: OpenSource ERP SQL Injection Date: 10.01.2019 Exploit Author: Emre AVANA Vendor Homepage: http://www.nelson-it.ch Software Link: http://sourceforge.net/projects/opensourceerp/files/Windows/erp6.3.1.exe/download Version: v6.3.1 Tested on: Windows CVE-2019-5893...

Debian: Security Advisory (DLA-1627-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGB OpenSource Guestbook 0.7.0.2 SQL Injection

Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download Version: 0.7.0.2 Category: Webapps Tested on:...

MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection

Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download Version: 0.7.0.2 Category: Webapps Tested on:...

MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download Version: 0.7.0.2 Category:...

MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection

MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Exploit Title: MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection Dork: N/A Date: 2018-10-23 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.m-gb.org/ Software Link: https://sourceforge.net/projects/mopzz-gb/files/latest/download...

Security Bulletin: IBM Tivoli Netcool Impact affected by OpenSource Apache ActiveMQ Vulnerability (CVE-2015-5254)

Summary IBM Tivoli Netcool Impact has addressed the OpenSource Apache ActiveMQ Vulnerability. Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be...

Security Bulletin: Pivotal Spring Framework vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM)

Summary Multiple vulnerabilities have been identified in the OpenSource/Pivotal Spring Framework version that is embeddded in IBM Tivoli Application Dependency Discovery Manager TADDM thus requiring an upgrade to Spring Framework version 3.2.13. Vulnerability Details CVEID: CVE-2014-3578...

Security Bulletin:OpenSource ICU4C Vulnernabilties in IBM eDiscovery Analyzer

Summary International Components for Unicode ICU is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the Locale class in common/locid.cpp. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or caus...

Security Bulletin: OpenSource ICU4C Vulnernabilities in IBM eDiscovery Manager

Summary International Components for Unicode ICU is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the Locale class in common/locid.cpp. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or caus...

Security Bulletin: eDiscovery Manager -OpenSource Apache Taglibs Vulnerability (CVE-2015-0254)

Summary OpenSource Apache Taglibs Vulnerability Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system, caused by an XML External Entity Injection XXE error when processing XML data. By sending...

Security Bulletin: OpenSource GNU Glibc as used in IBM QRadar SIEM is vulnerable to multiple vulnerabilities. (CVE-2014-9761, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779)

Summary OpenSource GNU glibc Vulnerabilities Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the nan function. By sending an overly long string, a remote attacker could overflow a...

OWASP Joomla Vulnerability Scanner Project: JoomScan

OWASP JoomScan short for Joomla Vulnerability Scanner is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis. If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is being faster than ever and...

Open Source Vulnerability Assessment and Management: Archery

Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scaning for web application and network. It also performs web application dynamic...

Tutorial: Mutiny Fuzzing Framework and Decept Proxy

Here's a basic demo video for our new opensource tools, Decept and Mutiny. Happy New Year ^^ Lilith Recently, Talos released new tools to assist in the monumental task of finding vulnerabilities in network applications. Mutiny and Decept work together to help researchers fuzz quickly and...

PHP Scripts Mall Opensource Classified Ads Script SQL Injection Vulnerability

PHP Scripts Mall Opensource Classified Ads Script is a set of PHP based classifieds posting website scripts by PHP Scripts Mall India. A SQL injection vulnerability exists in PHP Scripts Mall Opensource Classified Ads Script version 3.2. A remote attacker can exploit this vulnerability by sending...