47153 matches found
MOPB-39-2007:PHP str_replace() Memory Allocation Integer Overflow Vulnerability
Summary When strreplace is called in a way that a single char is replaced by a long string and the single char occurs very often in the subject this will result in an integer overflow when the size of the memory buffer is calculated. The allocation of a too small buffer will result in a buffer...
[COVERT-2000-10] Windows NetBIOS Unsolicited Cache Corruption
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Network Associates, Inc. COVERT Labs Security Advisory August 29, 2000 Windows NetBIOS Unsolicited Cache Corruption COVERT-2000-10 o Synopsis The Microsoft Windows implementation of the NetBIOS cache allows a remote attacker to insert and flush dynami...
Microsoft Windows multiple security vulnerabilities
OpenType fonts parsing code execution, multiple Internet Explorer and Edge vulnerabilities, code execution and information disclosure in system libraries, code execution via RDP and AMB, privilege escalation, information disclosure via WebDAV...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[SYSS-2015-019] BullGuard Antivirus - Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-019 Product: BullGuard Antivirus Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solution...
BookFresh - Persistent Clients Invite Vulnerability
Document Title: =============== BookFresh - Persistent Clients Invite Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1351 Release Date: ============= 2014-10-28 Vulnerability Laboratory ID VL-ID: ==================================== 1351...
[oss-security] CVE request for vulnerability in OpenStack Heat
A vulnerability was discovered in OpenStack see below. In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Heat template URL information leakage Reporter: Jason...
[SECURITY] [DSA 2832-1] memcached security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2832-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 01, 2014 http://www.debian.org/security/faq -...
[SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities
SOJOBO-ADV-13-01 - Zenphoto 1.4.5.2 multiple vulnerabilities I. Information ================== Name : Zenphoto 1.4.5.2 multiple vulnerabilities Software : Zenphoto 1.4.5.2 and possibly below. Vendor Homepage : http://www.zenphoto.org/ Vulnerability Type : SQL Injection, Reflected Cross-Site...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[security bulletin] HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02735590 Version: 1 HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack PSP Running on Linux and Windows, Remote Cross Site Scripting XSS, URL Redirection, Information Disclosure NOTICE: The...
XSS Vulnerability in Redmine 1.0.1 to 1.1.1
Information -------------------- Name : XSS vulnerability in Redmine Software : all Redmine versions from 1.0.1 to 1.1.1 Vendor Homepage : http://www.redmine.org Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur mesut at mavitunasecurity dot com Advisory Reference...
[security bulletin] HPSBMA02585 SSRT100256 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02521481 Version: 1 HPSBMA02585 SSRT100256 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as...
Apache mod_isapi Dangling Pointer Vulnerability - Security Advisory - SOS-10-002
Apache modisapi Dangling Pointer Vulnerability - Security Advisory - SOS-10-002 Release Date. 5-Mar-2010 Last Update. - Vendor Notification Date. 9-Feb-2010 Product. Apache HTTP Server Platform. Microsoft Windows Affected versions. 2.2.14 verified and possibly others. Severity Rating. High Impact...
[InterN0T] Google Analytics plugin for Wordpress - XSS Vulnerability
Yoast GA Plugin for WP - Cross Site Scripting Vulnerability Version Affected: 3.2.4 newest Info: The Google Analytics for WordPress plugin automatically tracks and segments all outbound links from within posts, comment author links, links within comments, blogroll links and downloads. It also...
Cisco ASA5520 Web VPN Host Header XSS
Cisco ASA5520 Web VPN Host Header XSS - Description Cross-site scripting. - Product Cisco, ASA5520, IOS 7.2222 - PoC Modified request: POST /+webvpn+/index.html HTTP/1.1 Host: "'scriptalert'BugsNotHugs'/scriptmeta httpequiv="" content='"www.owasp.org Accept: image/gif, image/x-xbitmap,...
Multiple FTP servers unsafe fgets() vulnerability
It's possible to embed additional commands into URLs...
Cisco Security Advisory: Cisco Unified Communications Manager CTL Provider Heap Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager CTL Provider Heap Overflow Document ID: 100345 Advisory ID: cisco-sa-20080116-cucmctl http://www.cisco.com/warp/public/707/cisco-sa-20080116-cucmctl.shtml Revision 1.0 For Public Release 20...
JBrowser acces to admin/config files
JBrowser acces to admin/config files By : sn0oPy Risk : high Dork : inurl:"JBrowser/index.php" exploit : juste replace the http://www.target.ma/jbrowser/index.php by http://www.target.ma/jbrowser/admin/ contact : [email protected] greetz : subzero, Avg...
SaphpLesson v3.0 SQL Injection Exploit
//////////////////2007///////////////////// //SaphpLesson v3.0 SQL Injection Exploit// ////////////////////////////////////////// Found by:SwEET-DeViL&HaCKeR sUn TeaM AL-GaRNi------------------ Application : SaphpLesson------ version : v3.0----------------- URL : No-----------------------...
[eVuln] MyQuiz Arbitrary Command Execution Vulnerability
New eVuln Advisory: MyQuiz Arbitrary Command Execution Vulnerability http://evuln.com/vulns/57/summary.html --------------------Summary---------------- Software: MyQuiz Sowtware's Web Site: http://www.corantodemo.net/ Versions: 1.01 Critical Level: Dangerous Type: Command Execution Class: Remote...
[Full-disclosure] ZRCSA-200601: SPIP - Multiple Vulnerabilities
Zone-H Research Center Security Advisory 200601 http://www.zone-h.fr Date of release: 31/01/2006 Software: SPIP http://www.spip.net Affected versions: 1.8.2-e , 1.9 Alpha 2 5539 Risk: Medium Discovered by: Kevin Fernandez "Siegfried" and Benot Sklnard "netcraft" from the Zone-H Research Team...
DJB's students release 44 *nix software vulnerability advisories
Widely deployed open source software is commonly believed to contain fewer security vulnerabilities than similar closed source software due to the possibility of unrestricted third party source code auditing. Predictably, most users of open source software do not invest a significant amount of ti...
phpShop Vulnerabilities
Vendor : phpShop Project URL : http://www.phpshop.org Version : phpShop 0.6.1-b && Earlier Versions?? Risk : Multiple Vulnerabilities Description: phpShop is a PHP-based e-commerce application and PHP development framework. phpShop offers the basic features needed to run a successful e-commerce w...
Incorrect MIME Header Can Cause IE to Execute E-mail Attachment
Hi, Microsoft has released a security bulletin http://www.microsoft.com/technet/security/bulletin/ms01-020.asp entitled "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment". EML files are MIME multipart files that IE 5 will parse. There is a vulnerability allowing arbitrary code...
Microsoft Windows multiple security vulnerabilities
Internet Explorer / Edge multiple security vulnerabilities, VBScript / Jscript code execution, Windows Shell code execution, kernel privilege escsalation...
APPLE-SA-2015-09-16-3 iTunes 12.3
APPLE-SA-2015-09-16-3 iTunes 12.3 iTunes 12.3 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption...
[SECURITY] [DSA 3022-1] curl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3022-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez September 10, 2014 http://www.debian.org/security/faq -...
Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699)
Document Title: =============== Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities BNSEC-699 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=750 BARRACUDA NETWORK SECURITY ID: BNSEC-699 Release Date: ============= 2014-08-22...
SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server
SEC Consult Vulnerability Lab Security Advisory 20140411-0 ======================================================================= title: Multiple vulnerabilities product: Plex Media Server vulnerable version: confirmed in 0.9.9.10 fixed version: none impact: High homepage: http://www.plex.tv...
CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2
DD-WRT v24-sp2 is prone to command injection from specially crafted configuration values containing shell meta-characters. A remote attacker can potentially use CSRF from an authenticated client to execute commands on the router as the root user. Successful exploitation can result in system wide...
Vulnerabilities in multiple plugins for WordPress with VideoJS
Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in multiple plugins for WordPress with VideoJS. Earlier I've wrote about vulnerabilities in VideoJS http://seclists.org/fulldisclosure/2013/May/21. This is popular video and audio player, which is used at hundreds thousands of web sites...
APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update 2013-001 OS X Mountain Lion v10.8.3 and Security Update 2013-001 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lio...
VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability
VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Java is a programming language and computing platform released by Sun Microsystems now Oracle. ...
TCExam Edit Cross-Site Scripting
/---------------------------------- | TCExam Edit Cross-Site Scripting | ----------------------------------/ Summary ======= TCExam 11.3.007 is subject to a cross-site scripting vulnerability. A 'questionsubjectid' parameter is not sufficiently sanitised before being written to the...
Dropbear SSH server use-after-free vulnerability
Dropbear SSH server use-after-free vulnerability Impact: A remote authenticated user can execute arbitrary code on the target system. Class: Use After Free - CWE-416 CVE ID: CVE-2012-0920 CVSS: 8.5 AV:N/AC:M/AU:S/C:C/I:C/A:C Description: This vulnerability is located within the Dropbear daemon an...
Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability Advisory ID: cisco-sa-20110830-apache Revision 1.0 For Public Release 2011 August 30 1600 UTC GMT Summary ======= The Apache HTTPd server contains a denial of service...
THE STUDIO (prod.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability THE STUDIO prod.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.thestudio.net/ Persian Gulf 4 Ever! Dork : "Site designed by The Studio, INC." "inurl:prod.php?id="...
Kimia Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Kimia AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.kimia.co.za/ Persian Gulf 4 Ever! Dork : "Graphic design & Website design by Kimia" "inurl:id=" Exploite:...
DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass
Title ----- DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass Severity -------- High Date Discovered --------------- April 30th, 2010 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Edward Bullard, James Robertson and r@b13$...
Mozilla Foundation Security Advisory 2010-26
Mozilla Foundation Security Advisory 2010-26 Title: Crashes with evidence of memory corruption rv:1.9.2.4/ 1.9.1.10 Impact: Critical Announced: June 22, 2010 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 Thunderbird 3.0...
Cross Site Scripting (XSS) Vulnerabilitiy in fuzzylime (cms) >=3.02, CVE-2008-3098
Cross Site Scripting XSS Vulnerabilitiy in fuzzylime cms =3.02, CVE-2008-3098 References https://vulners.com/cve/CVE-2008-3098 http://cms.fuzzylime.co.uk http://www.datensalat.eu/fabian/cve/CVE-2008-3098-fuzzylime-cms.html Description Fuzzylime cms is a way to run websites and keep it up-to-date...
[DSECRG-08-027] Multiple RFI-LFI in 1024 CMS 1.4.3, 1.4.4 RFC
Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/ Bug: Multiple Remote/Local File Include Exploits: YES Reported: 18.06.2008 Second report: 27.06.2008 Vendor Response: NONE Solution: NONE Dat...
iDefense Security Advisory 02.08.08: Adobe Reader Security Provider Unsafe Libary Path Vulnerability
iDefense Security Advisory 02.08.08 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 08, 2008 I. BACKGROUND Adobe Reader is a program for viewing Portable Document Format PDF documents. More information is available at the following URLs. http://www.adobe.com/products/reader/ II...
ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability
ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-058.html October 16, 2007 -- CVE ID: CVE-2007-5766 -- Affected Vendor: Oracle -- Affected Products: E-Business Suite 11 E-Business Suite 12 -- TippingPointTM IPS Customer Protection:...
[Full-disclosure] PHP File Sharing System 1.5.1
PHP File Sharing System - Directory traversal +--------------------------------------------+ Author: Jonas Thambert Date: 2007-10-13 URL: http://sourceforge.net/projects/phpfilesadmin/ Vendor Notified. Version: 1.5.1 latest - Description - PHP File Sharing System is vulnerable to directory...
PhpBB Xs 2 profile.php Permanent Xss Vulnerability
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ PhpBB Xs 2 profile.php Permanent Xss Vulnerability +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Found By Seph1roth +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ POST METHOD Corrupted page:...
Oracle Critical Patch Update - April 2007
Oracle Critical Patch Update - April 2007 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Due to the threat posed by a successful...
PHP 4.4.4 and PHP 5.1.5 Released
PHP 4.4.4 and PHP 5.1.5 Released 17-Aug-2006 The PHP development team would like to announce the immediate availability of PHP 5.1.5 and 4.4.4. These two releases address a series of security problems that were discovered since the release of PHP 5.1.4 and 4.4.3. The new releases include the...
[Full-disclosure] TP-Book <= 1.00 Cross Site Scripting Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: TP-Book = 1.00 Cross Site Scripting Vulnerabilities Release Date: 2006/07/25 Last Modified: 2006/07/25 Author: Tamriel tamriel at gmx dot net Application: TP-Book = 1.00 Risk: Low Vendor Status: not contacted Vendor Site:...