SoftMP3 - SQL Injection

SoftMP3 - SQL Injection Exploit Title: SOFTMP3 source code SQL injection Date: 23/04/2011 Author: mArTi Software Link: http://softmp3.org/ Version: No others versions available... Tested on: Windows / Unix /.................................../ Introduction /.................................../...

SoftMP3 - SQL Injection

Exploit Title: SOFTMP3 source code SQL injection Date: 23/04/2011 Author: mArTi Software Link: http://softmp3.org/ Version: No others versions available... Tested on: Windows / Unix /.................................../ Introduction /.................................../ SoftMP3 released a source...

360 Web Manager 3.0 File Access

Exploit Title: Multiple vulnerabilities in 360 Web Manager 3.0 Google Dork: "Powered by 360 Web Manager 3.0" Date: 15/04/2011 Author: Ignacio Garrido Contact: [email protected] Software Link: www.360webmanager.com Version: v3.0 Tested on: Linux 2.6.18 Vulnerability description: 360 Web Manager 3....

PHP phar Extension 1.1.1 - Heap Overflow

PHP phar Extension 1.1.1 - Heap Overflow from: http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html version PHP: 5.3.6 version phar ext.: 1.1.1 site: http://php.net/ source code: http://windows.php.net/downloads/releases/php-5.3.6-src.zip An integer overflow vulnerability...

PHP 'phar' Extension 1.1.1 - Heap Overflow

from: http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html version PHP: 5.3.6 version phar ext.: 1.1.1 site: http://php.net/ source code: http://windows.php.net/downloads/releases/php-5.3.6-src.zip An integer overflow vulnerability leading to a heap overflow in the file...

Nginx 0.8.36源代码泄露和允许DOS攻击漏洞

No description provided by source...

FreeBSD-SA-11:01.mountd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:01.mountd Security Advisory The FreeBSD Project Topic: Network ACL mishandling in mountd8 Category: core Module: mountd Announced: 2011-04-20 Credits: Ruslan...

HBGary: Silence, Sloppy Reporting Hyped Anonymous Hack

After months of almost total silence, security firm HBGary issued a statement to counter what it claims were inaccurate media reports about a February security breach that spilled thousands of e-mail messages onto the Internet. The letter, published on HBGary’s Web site and positioned as an “Open...

rt -- multiple vulnerabilities

Best Practical reports: In the process of preparing the release of RT 4.0.0, we performed an extensive security audit of RT's source code. During this audit, several vulnerabilities were found which affect earlier releases of RT...

WordPress Hacked, Source Code Stolen

Servers belonging to Automattic, which makes the popular WordPress blogging software, say that their servers were hacked and that the company’s source code is believed to have been “exposed and copied,” according to a company blog post Wednesday. The post, by Matt Mullenweg, Automattic’s...

WordPress.Com Hacked, Hacker root the Server !

WordPress.Com Hacked, Hacker Root the Server ! The parent company that operates WordPress, made an announcement this morning that it has hacked, resulting what the company said was a low-level root break-in to several of their servers. The company warned that potentially anything on those servers...

Wireshark 1.5.1 Development Release !

Wireshark 1.5.1 Development Release ! Wireshark 1.5.1 has been released. Installers for Windows, OS X, and source code are now available. New and Updated Features The following features are new or have been significantly updated since version 1.4: 1. Wireshark can import text dumps, similar to...

ShopEx V4. 8(v4. 8 4,v4. 8 5) the background write WebShell-vulnerability warning-the black bar safety net

ShopEx online store system sales platform, is one of the earliest online shop software provider; is currently the shop system continued research and development of the oldest of the company; is currently the shop software domestic the highest market share of the software provider; is currently th...

Hydra v6.2 with a password bruteforcing mode, xmpp and irc modules, MD5/SHA1/ Support !

Hydra v6.2 with a password bruteforcing mode, xmpp and irc modules, MD5/SHA1/ Support ! A very fast network logon cracker which support many different services. Have a look at the feature sets and services coverage page - including a speed comparison against ncrack and medusa! CHANGELOG for 6.2...

ZeuS Source Code Leaked, Available for Sale !

ZeuS Source Code Leaked, Available for Sale ! The source is C++ and supposedly contains everything. The seller is asking for 5500 WebMoney/LibertyReserve for the full source code of version 2.0.8.9. The source code has been leaked but the archive is password-protected. Now there's a race to see w...

CVE-2011-1569

download.aspx in Douran Portal 3.9.7.8 allows remote attackers to obtain source code of arbitrary files under the web root via 1 a trailing ".", 2 a trailing space, or 3 mixed case in the FileNameAttach parameter...

Code injection

download.aspx in Douran Portal 3.9.7.8 allows remote attackers to obtain source code of arbitrary files under the web root via 1 a trailing ".", 2 a trailing space, or 3 mixed case in the FileNameAttach parameter...

Multiple Vulnerability in McAfee Website , XSS and Other Attacks !

Multiple Vulnerability in McAfee Website , XSS and Other Attacks ! Researchers at the YGN Ethical Hacker Group have revealed multiple security vulnerabilities found in the McAfee.com website that leaves the company's portal susceptible to attacks and data leakage. The group found that the McAfee...

SCADA Trojans: Attacking the Grid + Advantech vulnerabilities

Hi! You can download the slides of the research I was presenting at RootedCon'11 in Madrid "SCADA Trojans: Attacking the grid". A journey into attacking the power grid. I presented: - 0days in Advantech/BroadWin WebAccess SCADA product - Weak Design/Vulnerabilities in CSE-Semaphore TBOX RTUs -...

Douran Portal File Download/Source Code Disclosure Vulnerability

Title: Douran Portal File Download/Source Code Disclosure Vulnerability Date of Publishing: 16 March 2010 Application Name: Douran Portal Version: 3.9.7.8 Impact: Medium Vendor: www.douran.com Link: http://douran.com/HomePage.aspx?TabID=4862 Vendor Responses: They didn't respond to the emails...