Reaver WiFi Protected Setup Exploit

No description provided by source. Exploit Title: Reaver WiFi Protected Setup Exploit Google Dork: Date: 28 December 2011 Author: [email protected] Software Link: http://www.tacnetsol.com/products/ Version: All 802.11 access points implementing WiFi Protected Setup and have it enabled. Teste...

DCShop Beta 1.0 Form Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4356/info DCShop Beta is a freely available shopping cart system, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. It is possible to overwrite setup files .setu...

Bs Auto_Classifieds Script - (articlesdetails.php) SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs AutoClassifieds Scriptarticlesdetails.php Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL...

Ananda Image Gallery SQL Vulnerability

No description provided by source. Exploit Title:Ananda Image Gallery SQL Vulnerable Vendor url:http://www.softwebsnepal.com/ Version:n/a Price:159$ Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-06-17 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to...

Cobbler 2.4.x - 2.6.x - LFI Vulnerability

No description provided by source. Exploit Title: Local File Inclusion vulnerability in cobbler Exploit author: Dolev Farhi @f1nhack Date 07/05/2014 Vendor homepage: http://www.cobblerd.org Affected Software version: 2.4.x - 2.6.x Alerted vendor: 7.5.14 Software Description =====================...

PANews 2.0 - Remote PHP Script Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php...

Apple Mac OS X 10.3.x Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12863/info Multiple security vulnerabilities are reported to affect Apple Mac OS X. These issues were disclosed in the referenced vendor advisory. Insecure permissions are reported to be set on certain Apple Mac OS X...

MS IE 4.x/5.0,Outlook 2000 0/98 0/Express 4.x ActiveX CAB File Execution

No description provided by source. Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4,Internet Explorer 4.1 for Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0,Outlook 2000...

TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF Vulnerability

No description provided by source. Exploit Title: TOSHIBA e-Studio 232/233/282/283 Change Admin Password CSRF Vulnerability Date: 02.10.2013 Exploit Author: Hubert Gradek PL Affected version: firmware T377SY0EXXX Tested on: TOSHIBA e-Studio 232 T377SY0E354 / 233 T377SY0E331 CVE : No CVE exists -...

op5 Monitoring 5.4.2 - (VM Applicance) Multiple Vulnerabilities

No description provided by source. Author: loneferret of Offensive Security Product: op5 Monitoring VM appliance Version: 5.4.2 Vendor Site: http://www.op5.com/ Software Download: http://www.op5.com/get-op5-monitor/get-started/ Software Description: op5 is a market leading developer of Open Sourc...

events calendar 1.1 - Remote File Inclusion Vulnerability

No description provided by source. Events Calendar 1.1 Remote File Inclusion Vulnerability ======================================================== Author: kevin mitnick tunisianblackhat team = = Home : http://tunisianblackhat.com = = email: kevinmitnickAlive.fr = =...

wordpress <= 3.3.1 - Multiple Vulnerabilities

No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version...

Poster 2.0 Unauthorized Privileged User Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8426/info A vulnerability has been reported for Poster.version:two. The problem occurs due to the application failing to lock the 'setup' variable after initialization. As a result, an attacker may access this variable to...

iodined -- authentication bypass

Erik Ekman of the iodine project reports: The client could bypass the password check by continuing after getting error from the server and guessing the network parameters. The server would still accept the rest of the setup and also network traffic...

openSUSE Security Update : phpMyAdmin (openSUSE-2012-135)

update to 3.4.10.1 fix for bnc747841 - security XSS in replication setup, see PMASA-2012-1 - 3.4.10.0 2012-02-14 - bug 3460090 interface TextareaAutoSelect feature broken - patch 3375984 export PHP Array export might generate invalid php code - bug 3049209 import Import from ODS ignores cell that...

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:0344-1)

phpMyAdmin was updated to 4.1.8 to fix bugs, security issues and also bring new features. Fixed security issue : - PMASA-2014-1 CVE-2014-1879, CWE-661 CWE-79 - update to 4.1.8 2014-02-22 - sf4276 Login loop on session expiry - sf4249 Incorrect number of result rows for SQL with subqueries - sf427...

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

DEBIAN-CVE-2014-3967

The HVMOPinjectmsi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service NULL pointer dereference and crash via unspecified vectors...