7422 matches found
DSA-2116-1 freetype - integer overflow
Bulletin has no description...
SmarterMail 7.x (7.2.3925) LDAP Injection Vulnerability
Exploit for php platform in category web applications ======================================================= SmarterMail 7.x 7.2.3925 LDAP Injection Vulnerability ======================================================= Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author :...
SmarterMail 7.2.3925 - LDAP Injection
SmarterMail 7.2.3925 - LDAP Injection Vendor: smartertools.com SmarterMail 7.x 7.2.3925 Date: 2010-10-01 Author : David Hoyt sqlhacker – Hoyt LLC Contact : [email protected] Home : http://cloudscan.me Dork : insite: SmarterMail Enterprise 7.2 Bug : LDAP Injection + Cross Site Scripting STORED Test...
e107 v0.7.23 SQL Injection Vulnerability
Exploit for php platform in category web applications ======================================== e107 v0.7.23 SQL Injection Vulnerability ======================================== Product: e107 Website System Vendor: e107 http://www.e107.org/ Vulnerable Version: 0.7.23 and Probably Prior Versions...
Entrans 0.3.2 Cross Site Scripting / SQL Injection
======================================= Vulnerability ID: HTB22606 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinentrans.html Product: Entrans Vendor: Khader Abbeb N http://sourceforge.net/projects/entrans/ Vulnerable Version: 0.3.2 and Probably Prior Versions Vendor Notification: ...
Aleza Portal 1.6 - Insecure SQL Injection Cookie Handling
Aleza Portal 1.6 - Insecure SQL Injection Cookie Handling Aleza Portal v1.6 - Insecure SQLi Cookie Handling ========================================================= My + Author : KnocKout Contact : [email protected] Software info Web App. : Aleza Portal v1.6 Software: http://www.webavail.com/...
DSA-2114-1 git-core
Bulletin has no description...
MS IIS 6.0 WebDAV Auth. Bypass Exploit
Exploit for windows platform in category remote exploits ====================================== MS IIS 6.0 WebDAV Auth. Bypass Exploit ====================================== Author : FoX HaCkEr Contact : email protected SiTe : www.sec4ever.com...
Old Y article management system v2. 5 sp2 SQL injection&Cookie spoofing vulnerability-vulnerability warning-the black bar safety net
Old Y article management system v2. 5 sp2/user/ 'UserLogin'. asp file there is a SQL injection vulnerability, a malicious user can exploit to give the database any data. In addition the background of the landing of improper handling, caused by the falsification of the management account password,...
Report: Reused, Third Party Code Major Sources of Insecurity
A new report out from security testing firm Veracode suggests that reused and third party code is a big source of application insecurity. Application security is a sore spot for many organizations, as attackers shift the battlefield from operating system and network attacks to application specifi...
Fashione E-Commerce Webshop SQL Injection
/ / / / / / / / / / // / / / / ///// // Exploit Title: Fashione E-Commerce Webshop Multiple SQL Injection Vulnerabilities Date: 2010-09-19 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link: http://www.fashione.co.uk/ Version: All...
DSA-2112-1 bzip2 - integer overflow
Bulletin has no description...
AChecker 1.0 Cross Site Scripting
Vulnerability ID: HTB22601 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinachecker.html Product: AChecker Vendor: Inclusive Design Institute http://www.atutor.ca/ Vulnerable Version: 1.0 Vendor Notification: 01 September 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixe...
SiteEngine CMS 5.1.0 file upload vulnerability-vulnerability warning-the black bar safety net
Website engineSiteEngine,name: Boca website, the engine management system, The Beijing Boca vanguard Software Development Co., Ltd. in 2 0 0 2-year independent research and development, with intellectual property rights of a marketing type website construction management class software. At the sa...
New Jailbreak Could Defy Patching on iPhones, iPads
Code that allows Apple customers to circumvent that company’s exclusive content protection features was released on Wednesday, with security researchers warning that the hack could be impossible for Apple to fix on devices that have already been manufactured. The Chronic Development Team, a group...
[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2102-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 3, 2010 http://www.debian.org/security/faq - -...
DSA-2102-1 barnowl - arbitrary code execution
Bulletin has no description...
TFTPDWIN v0.4.2 Directory Traversal Vulnerability
Exploit for windows platform in category remote exploits ================================================= TFTPDWIN v0.4.2 Directory Traversal Vulnerability ================================================= Author: chr1x email protected Affected operating system/software, including full version...
DSA-2099-1 openoffice.org - several vulnerabilities
Bulletin has no description...
wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness
Westpoint Security Advisory --------------------------- Title: Multiple Browser Wildcard Cerficate Validation Weakness Risk Rating: Low Author: Richard Moore [email protected] Test Cases: Simon Ward [email protected] Date: 14 July 2010 Advisory ID: wp-10-0001 URL:...