ASUS notebooks and motherboards privilege escalations

There are multiple possibilities for user with phisical memory access to execute code in high-pribileged SMM processor mode...

Payment Processor Script Blind SQL Injection

PaymentProcessorScript.net R-Sql/B-Sql Multiple Vulns. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 04.01.09 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : EN ONEMLi N0T: demolarI...

Payment Processor Script (shop.htm cid) SQL Injection Vulnerability

No description provided by source. PaymentProcessorScript.net R-Sql/B-Sql Multiple Vulns. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 04.01.09 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIM...

Payment Processor Script (PPScript) - shop.htm cid SQL Injection

Payment Processor Script PPScript - shop.htm cid SQL Injection PaymentProcessorScript.net R-Sql/B-Sql Multiple Vulns. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 04.01.09 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK,...

Payment Processor Script (PPScript) - 'shop.htm' SQL Injection

source: https://www.securityfocus.com/bid/42539/info PPScript is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...

Payment Processor Script (shop.htm cid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Payment Processor Script shop.htm cid SQL Injection Vulnerability =================================================================== PaymentProcessorScript.net R-Sql/B-Sq...

Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection

PaymentProcessorScript.net R-Sql/B-Sql Multiple Vulns. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 04.01.09 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : EN ONEMLi N0T: demolarI...

[SECURITY] Fedora 11 Update: xml-security-c-1.5.1-1.fc11

The xml-security-c library is a C++ implementation of the XML Digital Signa ture specification. The library makes use of the Apache XML project's Xerces-C X ML Parser and Xalan-C XSLT processor. The latter is used for processing XPath and XSLT transforms...

httpd: mod_proxy reverse proxy DoS (infinite loop)

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

Authentication flaw

Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

CVE-2008-6863

Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

CVE-2008-6863

Xigla Software Absolute Form Processor .NET 4.0 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value...

CVE-2008-6863

CVE-2008-6863 : Xigla Software Absolute Form Processor .NET 4.0 contains an authentication bypass. Remote attackers can gain administrative access by setting a specific cookie value. Impact is described as partial confidentiality, integrity, and availability with a CVSS v2 base score of 7.5 (HIGH...

Fedora Core 11 FEDORA-2009-6768 (kernel)

The remote host is missing an update to kernel announced via advisory FEDORA-2009-6768. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora 11 : kernel-2.6.29.5-191.fc11 (2009-6768)

Update to kernel 2.6.29.5: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.29.5 Includes DRM modesetting bug fixes. Adds driver for VIA SD/MMC controllers and full support for the Nano processor in 64-bit mode. Note that Tenable Network Security has extracted the preceding description...

CVE-2009-1902

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

Null pointer dereference

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

CVE-2009-1902

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

CVE-2009-1902

The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service crash via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference...

CVE-2009-1902

CVE-2009-1902 affects ModSecurity prior to 2.5.9. The vulnerability arises in the multipart processor when a datapost request has a missing part header name, causing a NULL pointer dereference and potential denial of service (remote crash). Evidence from SUSE confirms the same description and imp...