7422 matches found
Mongoose Web Server 2.11 Directory Traversal
Exploit Title: Mongoose 2.11 Directory Traversal Date: 29 Oct Author: nitr0us Alejandro Hernandez H. Software Link: http://mongoose.googlecode.com/files/mongoose-2.11.exe Version: 2.11 Windows Version Tested on: Windows XP Service Pack 2 Chatsubo inSecurity Dark Labs...
XSS vulnerability in BlogBird platform
Vulnerability ID: HTB22647 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinblogbird1.html Product: BlogBird Vendor: BlogBird http://www.blogbird.nl/ Vulnerable Version: Current actual version on http://www.blogbird.nl/ Vendor Notification: 13 October 2010 Vulnerability Type: Stored X...
XSS vulnerability in Zomplog
Vulnerability ID: HTB22642 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinzomplog.html Product: Zomplog Vendor: Gerben Schmidt http://www.zomp.nl/zomplog/ Vulnerable Version: 3.9 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability Type: XSS Cross Site...
Novaboard 1.1.4 - Local File Inclusion
Novaboard 1.1.4 - Local File Inclusion Vulnerability ID: HTB22657 Reference: http://www.htbridge.ch/advisory/lfiinnovaboard.html Product: Novaboard Vendor: Novaboard http://www.novaboard.net/ Vulnerable Version: 1.1.4 and probably prior versions Vendor Notification: 13 October 2010 Vulnerability...
BlogBird Platform - Multiple Cross-Site Scripting Vulnerabilities
Vulnerability ID: HTB22647 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinblogbird1.html Product: BlogBird Vendor: BlogBird http://www.blogbird.nl/ Vulnerable Version: Current actual version on http://www.blogbird.nl/ Vendor Notification: 13 October 2010 Vulnerability Type: Stored X...
phpLiterAdmin 1.0 RC1 - Authentication Bypass
Vulnerability ID: HTB22653 Reference: http://www.htbridge.ch/advisory/authenticationbypassinphpliteradmin.html Product: phpLiterAdmin Vendor: phpLiterAdmin http://code.google.com/p/phpliteradmin/ Vulnerable Version: 1.0 RC1 and probably prior versions Vendor Notification: 13 October 2010...
XSS vulnerability in sNews
Vulnerability ID: HTB22638 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsnews1.html Product: sNews Vendor: sNews Team tp://www.snewscms.com/ Vulnerable Version: 1.7 and probably prior versions Vendor Notification: 05 October 2010 Vulnerability Type: XSS Cross Site Scripting Status...
Subject: BSA-008 Security Update for pidgin
Jan Wagner uploaded new packages for pidgin which fixed the following security problems: CVE-2010-3711 Fixes multiple remotely-triggered DoSes https://vulners.com/cve/CVE-2010-3711 For the lenny-backports distribution the problems have been fixed in version 2.7.3-1bpo50+2. For the unstable sid...
sNews CMS - Multiple Cross-Site Scripting Vulnerabilities
sNews CMS - Multiple Cross-Site Scripting Vulnerabilities Vulnerability ID: HTB22638 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinsnews1.html Product: sNews Vendor: sNews Team tp://www.snewscms.com/ Vulnerable Version: 1.7 and probably prior versions Vendor Notification: 05 Octobe...
Exploit Hub Aims to be iTunes for Exploits
It’s been tried before, but NSS Labs founder Rick Moy says his company’s new Exploit Hub – a store front for exploit code – can work. In an interview with Threatpost.com, he explains why the current market for exploits doesn’t work for the good guys, and why zero day exploits don’t help anyone...
XSRF (CSRF) in Lara
Vulnerability ID: HTB22619 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinlara.html Product: Lara Vendor: Geographical Media http://getlara.com/ Vulnerable Version: Current at 18.09.2010 and Probably Prior Versions Vendor Notification: 27 September 2010 Vulnerability Type: CSRF Cross-Site...
[SECURITY] Fedora 14 Update: dnsperf-1.0.1.0-21.fc14
This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf1 and resperf1 man pages...
Debian: Security Advisory (DSA-2097-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-2113-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass
--------------------------------------------------------------------------- Debian Security Advisory DSA-2118-1 [email protected] http://www.debian.org/security/ Nico Golde October 8th, 2010 http://www.debian.org/security/faq -...
XSS vulnerability in Elxis CMS polls module
Vulnerability ID: HTB22616 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinelxiscmspollsmodule.html Product: Elxis CMS Vendor: Elxis Team http://www.elxis.org/ Vulnerable Version: 2009.2 electra rev2631 and probably prior versions Vendor Notification: 20 September 2010 Vulnerability...
The Five Key Things to Know About the Security of Your Networking Gear
Measuring the performance and security of your network equipment has never been more important than it is today. While there will always be tradeoffs between maximum throughput and maximum security, I want to emphasize the “and” in “performance and security.” Your devices must perform while...
ITS SCADA SQL Injection
STANKOINFORMZASCHITA-10-02 ITS SCADA Authorization bypass Authors: Eugene Salov [email protected], Andrej Komarov [email protected] Product: ITS SCADA CVSS v2 Base Score: 9.0 AV:N/AC:L/Au:R/C:C/I:C/A:C Impact Subscore: 10.0 Exploitability Subscore: 8.0 Availability of exploit: Yes Product...
SmarterMail 7.x LDAP Injection
Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author : David Hoyt sqlhacker – Hoyt LLC Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.2 Bug : LDAP Injection + Cross Site Scripting STORED Tested on : SmarterMail 7.x 7.2.3925 //...
DSA-2117-1 apr-util - denial of service
Bulletin has no description...