Asp - comersus7F Shopping Cart Software Backup Dump

Asp - comersus7F Shopping Cart Software Backup Dump ======================================================================================== | Title : Asp - comersus7F Shopping Cart Software Backup Dump Vulnerability | Author : indoushka | Home : www.iqs3cur1ty.com | Bug : Database Disclosure...

CVE-2009-4632

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read...

Google Sorry For Business User Data Leak

Google is apologizing after it mistakenly e-mailed potentially sensitive business data last week to other users of its business listings service. Read the full article. InfoWorld...

typecho blog system store cross-site vulnerability&easy to get webshell-vulnerability warning-the black bar safety net

author:hiphop qq group:5 2 9 3 8 7 2 2 转 帖 请 附上 来源 :http://hi.baidu.com/securehiphop/blog/item/f5b3627a1768bcfc0ad187f5.html Today Wake up in the morning eat Breakfast go to download a set of blogs to look at In the admin backend post post place found to the title place the title didn't do better...

evil little dictionary

Subject: stardict broadcasts clipboard context over network Package: stardict Version: 3.0.1-4.1 Justification: user security hole Severity: grave Tags: security Please type your report below this line In default config "enable net dict" is selected, it attempts to grab clipboard and sends it ove...

Information disclosure

Crysis 1.21 and earlier allows remote attackers to obtain sensitive player information such as real IP addresses by sending a keyexchange packet without a previous join packet, which causes Crysis to send a disconnect packet that includes unrelated log information...

Ubuntu: Security Advisory (USN-637-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-0828

QuoteBook stores quotes.inc under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information, including user credentials, via a direct request...

Maran PHP Shop - admin.php Insecure Cookie Handling

Maran PHP Shop - admin.php Insecure Cookie Handling Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was writte...

CVE-2008-1263

The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI...

AIOCP 1.3.x - cp_users_online.php Cross-Site Scripting

AIOCP 1.3.x - cpusersonline.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20931/info All In One Control Panel AIOCP is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues could allow an...

D-Link DSL-G624T - Information Disclosure

D-Link DSL-G624T - Information Disclosure source: https://www.securityfocus.com/bid/20689/info D-Link DSL-G624T devices are prone to a remote information-disclosure vulnerability because the devices fail to properly sanitize user-supplied input. Exploiting this issue allows remote, unauthenticate...

DBMan CGI server information leakage

It is possible to cause the DBMan CGI to reveal sensitive information, by requesting a URL such as: GET /scripts/dbman/db.cgi?db=no-db OpenVAS Vulnerability Test $Id: dbmancgi.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: DBMan CGI server information leakage Authors: Noam Rathaus Changes b...

Linksys Wireless Internet Camera File Disclosure (2004) - Active Check

The Linksys Wireless Internet Camera contains a CGI that allows remote attackers to disclosue sensitive files stored on the server. SPDX-FileCopyrightText: 2004 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

TFTP File Detection (Cisco IOS CA) - Active Check

The remote host has a TFTP server installed that is serving one or more sensitive Cisco IOS Certificate Authority CA files. SPDX-FileCopyrightText: 2005 Corsaire Limited Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Linux Orinoco drivers information leakage

Linux Orinoco Driver Information Leakage Vulnerability I. Background http://sourceforge.net/projects/orinoco The Linux orinoco driver, included in the kernel since 2.4.3 and in David Hinds' pcmcia-cs package since 3.1.30 supports a large number of wireless NICs based on the Lucent/Agere Hermes,...

Netquery 3.1 - nqgeoip.php?step Cross-Site Scripting

Netquery 3.1 - nqgeoip.php?step Cross-Site Scripting source: https://www.securityfocus.com/bid/14373/info Netquery is affected by multiple remote vulnerabilities. These issues can allow remote attackers to execute arbitrary commands, disclose sensitive information and carry out cross-site scripti...

CVE-2005-0440

ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL...