CVE-2012-2002

Open redirect vulnerability in HP SNMP Agents for Linux before 9.0.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

Strato Newsletter Manager Directory Traversal

STRATO Newsletter Manager is vulnerable against Directory Traversal Vendor: www.strato-cgi.de Google Dork: inurl:"newsletter.php.cgi" Exploit: http://server/cgi-bin/newsletter.php.cgi?PHPSESSID=af92ed633ae0d06d1e24d22520f709f7&action=nlshow&nl=../../../../../../../../../../../../../../etc/passwd...

Fedora Update for openssl FEDORA-2012-6403

Check for the Version of openssl OpenVAS Vulnerability Test Fedora Update for openssl FEDORA-2012-6403 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

WebSploit Toolkit 1.6 Released

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability Description : +Autopwn - Used From Metasploit For Scan and Exploit Target Service +wmap - Scan,Crawler Target Used From Metasploit wmap plugin +format infector - inject reverse & bind payload into file form...

RedHat Update for firefox RHSA-2012:0515-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...

struts2 xsltResult Local code execution vulnerability

the file: http://svn.apache.org/repos/asf/struts/struts2/trunk/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java String pathFromRequest = ServletActionContext.getRequest.getParameter"xslt.location"; path = pathFromRequest; URL resource =...

CVE-2011-3073

Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources...

Fedora Update for maniadrive FEDORA-2011-11464

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for tomcat6 FEDORA-2011-13426

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for nagios FEDORA-2012-1592

Check for the Version of nagios OpenVAS Vulnerability Test Fedora Update for nagios FEDORA-2012-1592 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for rubygem-activesupport FEDORA-2011-11386

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

ManageEngine Firewall Analyzer 7.2 - 'fw/mindex.do?url' Cross-Site Scripting

source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

Iciniti Store SQL Injection - Security Advisory - SOS-12-003

Sense of Security - Security Advisory - SOS-12-003 Release Date. 06-Mar-2012 Last Update. - Vendor Notification Date. 28-Jul-2011 Product. Iciniti Store Platform. Windows Affected versions. 4.3.3683.31484 verified, and possibly others Severity Rating. High Impact. Manipulation of data Attack...

Fedora Update for kernel FEDORA-2012-3356

Check for the Version of kernel OpenVAS Vulnerability Test Fedora Update for kernel FEDORA-2012-3356 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CentOS 5 / 6 : thunderbird (CESA-2012:0388)

An updated thunderbird package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

CentOS 5 / 6 : firefox (CESA-2012:0387)

Updated firefox packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Critical: Red Hat Security Advisory: firefox security and bug fix update

Updated firefox packages that fix multiple security issues and three bugs are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Mozilla: SVG issues found with Address Sanitizer (MFSA 2012-14)

The SVG Filters implementation in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before 3.1.20 and 5.0 through 10.0, Thunderbird ESR 10.x before 10.0.3, and SeaMonkey before 2.8 might allow remote attackers to obtain sensitive information from...

Singapore 0.10.1 - gallery Cross-Site Scripting

Singapore 0.10.1 - gallery Cross-Site Scripting source: https://www.securityfocus.com/bid/52399/info singapore is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of ...