Joomla Component xfaq 1.2 (aid) Remote SQL Injection Vulnerability

No description provided by source. joomla SQL Injectioncomxfaq AUTHOR : S@BUN HOME : http://www.hackturkiye.com http://www.milw0rm.com/author/1334 MA陌L : [email protected] [email protected] DORK 1 : allinurl: aid "comxfaq" DORK 2 : allinurl: "comxfaq" EXPLOIT :...

Hardcoded credentials

The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor changehat system call, which might allow attackers to trigger the unconfining of an apparmored task...

CVE-2008-0731

The Linux kernel before 2.6.18.8-0.8 in SUSE openSUSE 10.2 does not properly handle failure of an AppArmor changehat system call, which might allow attackers to trigger the unconfining of an apparmored task...

CVE-2008-0603

SQL injection vulnerability in index.php in the amazOOP Awesom! comawesom 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task...

kernel hang via userspace PTRACE+waitid

The waittaskstopped function in the Linux kernel before 2.6.23.8 checks a TASKTRACED bit instead of an exitstate value, which allows local users to cause a denial of service machine crash via unspecified vectors. NOTE: some of these details are obtained from third party information...

Fedora 8 : kernel-2.6.23.8-63.fc8 (2007-3837)

Update to kernel 2.6.23.9-rc1: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.2 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.3 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.5...

Format string

frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...

CVE-2007-6056

frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...

[SECURITY] Fedora 7 Update: kdeutils-3.5.8-2.fc7

Utilities for the K Desktop Environment. Includes: ark tar/gzip archive manager; kcalc scientific calculator; kcharselect character selector; kdepasswd change password; kdessh ssh front end; kdf view disk usage; kedit simple text editor; kfloppy floppy formatting tool; kgpg gpg gui khexedit hex...

Ubuntu 5.10 / 6.06 LTS / 6.10 : linux-source-2.6.12/2.6.15/2.6.17 vulnerabilities (USN-416-1)

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented IPv6 packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has has already been fixed for Ubuntu 6.10 in USN-395-1; this is the corresponding fix...

Ubuntu 5.10 / 6.06 LTS / 6.10 : linux-source-2.6.12/-2.6.15/-2.6.17 vulnerabilities (USN-395-1)

Mark Dowd discovered that the netfilter iptables module did not correcly handle fragmented packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules. This has only be fixed for Ubuntu 6.10; the corresponding fix for Ubuntu 5.10 and 6.06 will foll...

CVE-2002-2293

Webshots Desktop screensaver allows local users to bypass the password on the screensaver by pressing CTRL-ALT-DELETE and 1 hitting the cancel button or 2 killing the screensaver from the task manager...

Unfixed Redirect vulnerability at www.karangturi.org

Security researcher Narcoticxs, has submitted on 30/09/2007 a Redirect vulnerability affecting www.karangturi.org, which at the time of submission ranked 2527778 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2007. It is currently unfixe...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

CVE-2007-3593

Multiple cross-site scripting XSS vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the 1 alpha parameter in a netflow/jspui/applicationList.jsp, the 2 task parameter in b netflow/jspui/appConfig.jsp, the 3 view parameter in c...

CVE-2007-3593

Multiple cross-site scripting XSS vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the 1 alpha parameter in a netflow/jspui/applicationList.jsp, the 2 task parameter in b netflow/jspui/appConfig.jsp, the 3 view parameter in c...

Exploit for eTrust Antivirus Agent r8

No description provided by source. / ---------------------------------------------------------------------- | 48Bits Advisory -=- Privilege Elevation in eTrust Antivirus Agent r8 | ---------------------------------------------------------------------- Affected versions :...

CVE-2007-2686

CVE-2007-2686 describes a Cross‑Site Scripting (XSS) vulnerability in Jetbox CMS 2.1. The flaw is in index.php, where an attacker can inject arbitrary web script or HTML via the login parameter in the sendpwd task. Affected product: Jetbox CMS 2.1. Reported impact per sources is XSS with potentia...