WordPress Plugin jetpack - sharedaddy.php ID SQL Injection

WordPress Plugin jetpack - sharedaddy.php ID SQL Injection Exploit Title: WordPress jetpack plugin SQL Injection Vulnerability Date: 2011-19-11 Author: longrifle0x software: Wordpress Download:http://wordpress.org/extend/plugins/jetpack/ Tools: SQLMAP DESCRIPTION Discovered a vulnerability in...

Fedora Update for wireshark FEDORA-2011-15328

Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2011-15328 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Fedora Update for wireshark FEDORA-2011-15338

Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2011-15338 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

IT-Grundschutz M5.008: Regelmäßiger Sicherheitscheck des Netzes

IT-Grundschutz M5.008: Regelmäßiger Sicherheitscheck des Netzes. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95050 Diese Prüfung bezieht sich auf die 12...

IT-Grundschutz M5.008: Regelmäßiger Sicherheitscheck des Netzes

IT-Grundschutz M5.008: Regelmäßiger Sicherheitscheck des Netzes. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95050 Diese Prüfung bezieht sich auf die 12...

CVE-2011-3993

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified...

Design/Logic Flaw

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified...

CVE-2011-3994

Cross-site request forgery CSRF vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, allows remote attackers to hijack the authentication of...

Multiple SKYARC System Co., Ltd. products vulnerable to cross-site request forgery

Overview Multiple products provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability. MTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged...

Multiple SKYARC System Co., Ltd. products fail to restrict access permissions

Overview Multiple products provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted. MTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted. Impact A user without the...

JVN#41032068: Multiple SKYARC System Co., Ltd. products fail to restrict access permissions

MTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted. Impact A user without the appropriate privileges may alter settings and files. Solution Apply an update Update to the latest version according to the informati...

Winamp < 5.622 Multiple Vulnerabilities

The remote host is running Winamp, a media player for Windows. The version of Winamp installed on the remote host is earlier than 5.622 and is affected by the following overflow vulnerabilities : - A heap-based buffer overflow exists in the plugin 'inmidi.dll' when processing the 'iOffsetMusic'...

Winamp < 5.622 Multiple Vulnerabilities

Binary data 6056.prm...

OSSAMS - Open Source Security Assessment Management System

OSSAMS - Open Source Security Assessment Management System As information security professionals, we conduct security assessments for companies. One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately. So we decided to start a project to...

MyBB Forum Userbar 2.2 SQL Injection

--------------------------------------------------------------------- Exploit Title : MyBB Forum Userbar Plugin Userbar v2.2 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ : mariovsato2.pl...

Fedora 16 : audacious-plugins-3.0.2-2.fc16 (2011-12322)

Merge changes from pre-3.0.3 git, such as using the system's libmodplug library. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

Mozilla Foundation Security Advisory 2011-38

Mozilla Foundation Security Advisory 2011-38 Title: XSS via plugins and shadowed window.location object Impact: High Announced: September 27, 2011 Reporter: Boris Zbarsky Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 6.0 Firefox 3.6.23 Thunderbird 6.0 SeaMonkey 2.3 Description Mozil...

Mozilla Thunderbird < 9.0 Multiple Vulnerabilities (deprecated)

Binary data 6110.prm...

Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)

Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170...

Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)

Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle "location" as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170...