47153 matches found
[RT-SA-2014-008] Python CGIHTTPServer File Disclosure and Potential Code Execution
Advisory: Python CGIHTTPServer File Disclosure and Potential Code Execution The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root...
Cross-Site Scripting (XSS) in Offiria
Advisory ID: HTB23210 Product: Offiria Vendor: Slashes Dots Sdn Bhd. Vulnerable Versions: 2.1.0 and probably prior Tested Version: 2.1.0 Advisory Publication: April 2, 2014 without technical details Vendor Notification: April 2, 2014 Public Disclosure: May 7, 2014 Vulnerability Type: Cross-Site...
Samsung DVR authentication bypass
Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Samsung provides a wide range of DVR...
[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7
We don't release 0days... except when vendors show no interest in fixing their their bugs. http://umbraco.com/umbraco/dashboard/FeedProxy.aspx?url=http://en.wikipedia.org/wiki/Openproxy Have fun. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Matta Consulting - Matta Advisory...
Iciniti Store SQL Injection - Security Advisory - SOS-12-003
Sense of Security - Security Advisory - SOS-12-003 Release Date. 06-Mar-2012 Last Update. - Vendor Notification Date. 28-Jul-2011 Product. Iciniti Store Platform. Windows Affected versions. 4.3.3683.31484 verified, and possibly others Severity Rating. High Impact. Manipulation of data Attack...
XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3
Information -------------------- Name : XSS and SQL Injection Vulnerabilities on Symphony CMS Software : Symphony CMS 2.2.3 and possibly below Vendor Homepage : http://symphony-cms.com Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Mesut Timur mesut a...
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
Gentoo Linux Security Advisory GLSA 201110-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit
?php / Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration Web Service getSubKeys Remote SQL Injection Exploit tested against: Microsoft Windows Server 2003 r2 sp2 Microsoft SQL Server 2005 Express download uri:...
[Onapsis Security Advisory 2011-014] SAP WebAS Remote Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ?Onapsis Security Advisory 2011-014: SAP WebAS Remote Denial of Service 1. Impact on Business ========================= By exploiting this vulnerability, an unauthenticated attacker would be able to remotely disrupt the SAP Application Server. This...
CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server
-----BEGIN PGP SIGNED MESSAGE----- CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server Issued: April 26, 2011 CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist...
XSS in Oracle default fcgi-bin/echo
Long ago, I wrote about an XSS vulnerability in Oracle fcgi-bin/echo : http://lists.grok.org.uk/pipermail/full-disclosure/2010-October/076794.html http://www.securityfocus.com/archive/1/514181 The issue may now be fixed in the latest versions of Oracle web servers:...
Cisco Security Advisory: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints Advisory ID: cisco-sa-20110202-tandberg Revision 1.0 For Public Release 2011 February 2 1600 UTC GMT...
CVE-2010-3863: Apache Shiro information disclosure vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2010-3863: Apache Shiro information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Shiro 1.0.0-incubating The unsupported JSecurity 0.9.x versions are also affected Description:...
Microsoft Security Bulletin MS10-039 - Important Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
Microsoft Security Bulletin MS10-039 - Important Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege 2028554 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed and two privately reported...
CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: TANDBERG Video Communication Server Arbitrary File Retrieval Release Date:...
OpenCms (7.5.0) - Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error
Application: OpenCms Version: 7.5.0 Hardware: Tomcat/Oracle Vulnerability: Cross-Site Scripting, Phishing Through Frames, Application Error Overview: Various URL's within the deployed OpenCms application version 7.5.0 are open to attacks, including Cross-Site Scripting, Phishing Through Frames an...
ViArt Shopping Cart v3.5 Multiple Remote Vulnerabilities
=============================================================== !vuln ViArt Shopping Cart v3.5 is prone to multiple remote vulnerabilities. Earlier versions may also be affected. ===============================================================...
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Multiple Directory Traversal Vulnerabilities
iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...
America Online AOL Instant Messenger AIM6.0 or 6.5 or higher XSS remote execution
Sorry for the brief post but Im still able to bypass filters that aol has put in place. So again with frustration I come to FD to imply pressure on a company to patch correct. From reading feedback from AOL they feel the vulnerability is put to bed and requires no more attention. I am not posting...
Several persistent XSS and CSRF on Wireless-G ADSL Gateway with SpeedBooster (WAG54GS)
http://www.gnucitizen.org/blog/persistent-xss-and-csrf-on-wireless-g-adsl-gateway-with-speedbooster-wag54gs The following vulns were found on 24 June 2007 and were tested against firmware V1.00.06. The specific persistent XSS holes mentioned in this advisory were fixed by Cisco on firmware versio...
Mozilla Foundation Security Advisory 2007-22
Mozilla Foundation Security Advisory 2007-22 Title: File type confusion due to 00 in name Impact: Low Announced: July 17, 2007 Reporter: Ronald van den Heetkamp Products: Firefox Fixed in: Firefox 2.0.0.5 Description Ronald van den Heetkamp reported that a filename URL containing 00 encoded null...
ViewCVS 0.9.4 issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! Short version for the busy ones: o Security issue on ViewCVS 0.9.4 o Not really exploitable unless malicious users have CVS write access AND victim visits pre-crafted URL ViewCVS 0.9.4...
[Aria-Security Team] DuWare DuNews SQL Injection Vuln
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian Original Advisory: http://www.aria-security.com/forum/showthread.php?t=61 ----------------------------------------------------------- Software: DuNews Method: SQL Injection Vendor: http://www.duware.co...
ContentNow CMS 1.39 'pageid' Sql Injection + Path Disclosure Vulnerabilities
ContentNow CMS 1.39 Sql Injection + Path Disclosure Vulnerabilities Severity : Medium risk Vendor : www.contentnow.mf4k.de Author : Alfredo 'revenge' Pesoli -------------------------------------------------- Description ContentNow is a PHP Content Management System web 2.0 compliant, more info ca...
[SA19913] phpkb Knowledge Base "searchkeyword" Cross-Site Scripting
TITLE: phpkb Knowledge Base "searchkeyword" Cross-Site Scripting SECUNIA ADVISORY ID: SA19913 VERIFY ADVISORY: http://secunia.com/advisories/19913/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: phpkb Knowledge Base 1.x http://secunia.com/product/9697/...
Ethernet frame padding information leakage
Incorrect memory managment causes ethernet fame padding bytes may contain sensitive information...
[synnergy] - Solaris mailtool(1) buffer overflow vulnerability
Vulnerability in Solaris mailtool1 Date Published: May 29, 2001 Advisory ID: N/A Bugtraq ID: N/A Sun Bug ID: 4458476 CVE CAN: Non currently assigned. Title: Solaris mailtool1 Buffer Overflow Vulnerability Class: Boundary Error Condition Remotely Exploitable: No Locally Exploitable: Yes Vulnerable...
Security Advisory: Cisco IOS HTTP Server Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Cisco IOS HTTP Server Vulnerability Revision 1.0 For public release 2000 May 14 at 09:00 US/Eastern UTC+0400 ------------------------------------------------------------------------ Summary A defect in multiple releases of Cisco IOS software will cause a Cisco...
Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities
Document Title: =============== Lazarus Guestbook v1.22 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1386 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2239 CVE-ID: ======= CVE-2014-2239 Release Date:...
Multiple Vulnerabilities in KrisonAV CMS
Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79,...
Alt-N MDaemon's WorldClient Username Enumeration Vulnerability
==================================================================== Alt-N MDaemon's WorldClient Username Enumeration Vulnerability ==================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type:...
Multiple critical vulnerabilities in Maxthon and Avant browsers
Hi, Below you can find a short summary of discovered vulnerabilities in Maxthon and Avant browsers. Such vulnerabilities were demonstrated during HITBAMS2012 security conference and more recently at HackPra. Affected Products - Maxthon www.maxthon.com - Avant Browser www.avantbrowser.com Security...
Content Spoofing and Cross-Site Scripting vulnerabilities in Bitrix Site Manager
Hello 3APA3A! I want to warn you about security vulnerabilities in Bitrix Site Manager. It is commercial CMS. These are Content Spoofing and Cross-Site Scripting vulnerabilities. These holes bypass built-in WAF and all other protections of Bitrix. ------------------------- Affected products:...
ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-142 August 17, 2012 - -- CVE ID: CVE-2012-1713 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...
Liferay 6.1 can be compromised in its default configuration
Liferay 6.1 can be compromised in its default configuration Description: Liferay Portal is an enterprise portal written in Java By utilizing the json webservices exposed by the platform you can register a new user with any role in the system, including the built in administrator role. The problem...
[ MDVSA-2010:239 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:239 http://www.mandriva.com/security/ Package : php Date : November 19, 2010 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A possible double free flaw was found ...
CVE-2010-1622: Spring Framework execution of arbitrary code
CVE-2010-1622: Spring Framework execution of arbitrary code Severity: Critical Vendor: SpringSource, a division of VMware Versions Affected: 3.0.0 to 3.0.2 2.5.0 to 2.5.6.SEC01 community releases 2.5.0 to 2.5.7 subscription customers Earlier versions may also be affected Description: The Spring...
Jcaptcha vulnerability
Hi, Jcaptcha has a design problem that allows a complete bypass of it's security features. Vendor was contacted on 12/Dec/09: http://jcaptcha.octo.com/jira/browse/FWK-114 Other captcha systems could be affected. Kind Regards, --------------------- Hugo Vazquez Carames "El trabajo que nunca se...
Multiple TCP implementations different security vulnerabilities
Multiple security vulnerabilities in different operation sustems caused by resource exhaustions on maintaining TCP states table...
“Cross-Site Scripting” vulnerability in MyBB 1.4.5
Advisory : “Cross-Site Scripting” vulnerability in MyBB Application: MyBB Vulnerable Versions: = 1.4.5 Reported By: Jacques Copeau Description MyBB is a forum package full of useful and to-the-point features, helping you to make administrating your bulletin board as easy as possible. We highlight...
vim multiple security vulnerabilities
Code execution on file open...
The Rat CMS (SQL/XSS) Multiple Remote Vulnerabilities
========================================================== The Rat CMS SQL/XSS Multiple Remote Vulnerabilities ========================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
CISCO routers IOS multiple security vulnerabilities
MVPN information leak, UDP DoS, multiple VPDN and DLSw DoS, multiple OSPF and MPLS vulnerabilities...
Pics Navigator Directory Traversal Vulnerability
Pics Navigator Directory Traversal Vulnerability By : sn0oPy Risk : medium site : http://www.jeunes-webmasters.com/ Dork : "Powered by J-Web Pics Navigator v2.0" | inurl:"jwpn-photos.php" | exploit : for the v1.0 http://www.target/gallery directory/pn-menu.php?ret=Pics20Navigator&dir=../../../ fo...
Adrenalin's ASP Chat XSS
Adrenalin's ASP Chat XSS By : sn0oPy Risk : high exploit : just inject any script at your psuedo or on chat, to apply it for all the users connected Dork : intitle:"ASP Chat" contact : [email protected] greetz : subzero, http://forums.avenir-geopolitique.net. reference :...
[SA21672] Sony PSP TIFF Image Viewing Code Execution Vulnerability
TITLE: Sony PSP TIFF Image Viewing Code Execution Vulnerability SECUNIA ADVISORY ID: SA21672 VERIFY ADVISORY: http://secunia.com/advisories/21672/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote OPERATING SYSTEM: Sony PlayStation Portable PSP 2.x...
Danware NetOp information leak
System information leak...
sql injection vulnerability in WBB 2.0 RC1 and below
Hi, I discovered a serious vulnerability in Woltlab Burning Board 2.0 RC 1 and below some weeks ago. The latest version WBB 2.0 RC 2 seems not vulnerable, but there are still sites using vulnerable versiones. versions tested vulnerable WBB 2.0 RC 1 WBB 2.0 beta 5 WBB 2.0 beta 4 WBB 2.0 beta 3...
ISS Alert: IIS URL Decoding Vulnerability
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to [email protected] Contact [email protected] for help with any problems! --------------------------------------------------------------------------- -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Aler...
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to craf...