47153 matches found
[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass
Advisory: Owl Intranet Engine: Authentication Bypass During a penetration test, RedTeam Pentesting discovered an Authentication Bypass vulnerability in the Owl Intranet Engine, which allows unauthenticated users administrative access to the affected systems. Details ======= Product: Owl Intranet...
Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities
a bug in Wordpress flash-album-gallery plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Islamic Republic Of Iran Security Team http://irist.ir/forum/ Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities Download......:...
TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181
TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181 Published: 2011/11/16 Version 1.0 Affected products: iTop version 1.1.181, 1.2.0-RC-282 maybe earlier versions as well http://sourceforge.net/projects/itop/ References: CVE-2011-4275 - Multiple web-vulnerabilities in iTop...
APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006 OS X Lion v10.7.2 and Security Update 2011-006 is now available and addresses the following: Apache Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 and...
Elastix PBX Extensions Enumeration
Exploit Title: Elastix PBX Extensions Enumeration Date: 1 Oct 2011 Author: Bassem Saleh Contact: Injectoratlivedotcom Software Link: http://www.elastix.org/ Version: 2.X and may be below versions Tested on: 2.0.3 ================================================================ Non privileges user...
Sonexis ConferenceManager SQL Injection
Vulnerability title: Sonexis ConferenceManager SQL Injection Solutionary ID: SERT-VDN-1006 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-SQL-Injection.html CVE ID: Pending CVSS risk rating: 8 Product: Sonexis ConferenceManager Application Vendor: Sonex...
Microsoft Windows shortcuts code execution
Code execution on shortcut icon displaying...
Oracle applications multiple security vulnerabilities
Oracle Critical Patch Update fixes 40 of different vulnerabilities in all Oracle applications...
[oCERT-2009-010] mimeTeX and mathTeX buffer overflows and command injection
2009-010 mimeTeX and mathTeX buffer overflows and command injection Description: The mimeTeX and mathTeX CGIs are widely used helper executables that allow mathematical equation rendering in the form of images. Both applications suffer from several buffer overflows as well as command injection...
[oCERT-2009-007] FCKeditor input sanitization errors
2009-007 FCKeditor input sanitization errors Description: FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary...
Nokia N95-8 browser denial of service
Application: Nokia N95-8 OS: Symbian ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description The nokia n95 is a smartphone, this phone have more tools, for example:...
US-CERT Technical Cyber Security Alert TA08-297A -- Microsoft Windows Server Service RPC Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-297A Microsoft Windows Server Service RPC Vulnerability Original release date: October 23, 2008 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows 2000 Microsoft Windows ...
SMEweb 1.4b (SQL/XSS) Multiple Remote Vulnerabilities
======================================================= SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
VLC highlander bug
The old buffer-overflow in the subtitles handled by VLC has not been fully patched in version 0.8.6e, in fact buffertext2 in ParseSSA is still unchecked: if sscanf s, "Dialogue: ^,,d:d:d.d,d:d:d.d,81920^rn", buffertext2, The funny thing is that my old proof-of-concept was built just to test this...
ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption
ZDI-07-074: Microsoft Internet Explorer Node Manipulation Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-074.html December 11, 2007 -- CVE ID: CVE-2007-3903 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 Internet Explorer 7 --...
[Full-disclosure] Predictable DNS transaction IDs in Microsoft DNS Server
1 Summary Affected software: Microsoft Windows 2003 SP2, Microsoft Windows 2000 SP4 Server Vendor URL: www.microsoft.com Severity: Medium References: Microsoft Security Bulletin MS07-062, CVE-2007-3898 2 Vulnerability Description Microsoft DNS server generates predictable DNS transaction IDs. If...
Web Mayhem: Firefox’s JAR: Protocol issues
Web Mayhem: Firefox’s JAR: Protocol issues published: November 7th, 2007 One of the things that we enjoy the most, here in GNUCITIZEN, is finding issues with features. Unlike bugs, insecure features tend to be more severe and usually last longer due to uneasy and rather long decision making proce...
iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_check_sign_pgp_mime() Command Injection Vulnerability
SquirrelMail G/PGP Plugin gpgchecksignpgpmime Command Injection Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND The SquirrelMail G/PGP Encrpytion Plugin is a general purpose encryption, decryption, and digital...
[email protected]
Application: fuzzylime Forum Web Site: http://forum.fuzzylime.co.uk/st/front/index/ Versions: 1.01b and below Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: Yes Advisory File: http://www.secvsn.com/content/Advisories/sr-180607-fuzzy.html...
[Full-disclosure] SonicBB version 1.0 Multiple SQL Injection Vulnerabilities
netVigilance Security Advisory 19 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities Description: SonicBB is a user-friendly and fully customizable bulletin board package. SonicBB is compatible with any web server/operating system combo with PHP 4.x or higher installed.SonicBB is the idea...
Multiple Denial of Service attacks possible for Webspeed OpenEdge
Denial of Service attack against OpenEdge WebSpeed possible through dict.r. 11-5-2007 author: Eelko Neven discovered: 9-5-2007 Because of poor security in dict.r it is possible to put all agents in busy mode. First you have to find the messenger execution url. For example:...
phpwebnews v.1 Multiple Cross Site Scripting Vulnerabilites
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
SecurityVulns.com: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS (Problem 3000).
Title: Microsoft Visual C++ 8.0 standard library time functions invalid assertion DoS Problem 3000. Product: Visual Studio 2005 Vendor: Microsoft Vulnerability class: Denial of Service Remote: application dependant, remote vector is possible CVE: CVE-2007-0842 Author: 3APA3A,...
freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability
freeqboard = 1.1 qbpath Remote File Include Vulnerability Author: Mr.3FReeT Softname: freeqboard code in : about.php , contact.php , delete.php , faq.php , index.php include "config.php"; include $qbpath."incs/mysql.php"; Exploit : """""""" www.site.com/path/index.php?qbpath=shellcode.txt?...
[Full-disclosure] [SECURITY] [DSA 1104-1] New OpenOffice.org packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1104-1 [email protected] http://www.debian.org/security/ Martin Schulze June 30th, 2006 http://www.debian.org/security/faq -...
ashnews v0.83(pathtoashnews) - Remote File Include Vulnerabilities
DEVIL TEAM THE BEST POLISH TEAM ashnews v0.83pathtoashnews - Remote File Include Vulnerabilities Script site: http://dev.ashwebstudio.com/ dork: News powered by ashnews Find by Kacper Rahim. Greetings; DragonHeart, Satan, Leito, Leon, Luzak, Adam, DeathSpeed, Drzewko, pepi Special greetz...
Code Injection in phpBB Advanced Quick Reply Mod
Software: phpBB Advanced Quick Reply Mod I've found a security hole in this sofware Code Injection. You can download this software at http://phpbbhacks.com/viewhack.php?id=586 Hackers can exploit this Mod to inject some shell code to hack your forum, your website or your server local exploit...
CGIForum 1.0 Vulnerability
Hi, Date: 2000/11/20 Affected Application: CGIForum 1.0 http://www.marcbrinkmann.de/inandonline/netz/CGIForum-1.0.tar.gz Markus Triska [email protected] CGIForum is a free forum. We can set 'thesection' parameter to view files on the vulnerable system with privileges of the user "nobody". This is...
Microsoft Security Bulletin (MS00-028)
Microsoft Security Bulletin MS00-028 - -------------------------------------- Procedure Available to Eliminate "Server-Side Image Map Components" Vulnerability Originally Posted: April 21, 2000 Summary ======= A procedure is available to eliminate a security vulnerability affecting several web...
APPLE-SA-2015-10-21-8 OS X Server 5.0.15
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 OS X Server 5.0.15 is now available and addresses the following: BIND Available for: OS X Yosemite 10.10.5, OS X El Capitan 10.11.1 or later Impact: Multiple vulnerabilities in BIND Description: Multiple vulnerabilities existed in BIND versions prior to...
ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-081: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities EMC Identifier: ESA-2015-081 CVE Identifier: CVE-2015-0533, CVE-2015-0534, CVE-2015-0535, CVE-2015-0536, CVE-2015-0537 Severity...
[SYSS-2015-018] BullGuard Premium Protection - Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-018 Product: BullGuard Premium Protection Vendor: BullGuard Ltd. Affected Versions: 15.0.297 Tested Versions: 15.0.297 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level: Medium...
[Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2014-034: SAP Business Objects Search Token Privilege Escalation via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote and potentially unauthenticated attacker would be able t...
APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and addresses the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite...
APPLE-SA-2014-09-17-2 Apple TV 7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-2 Apple TV 7 Apple TV 7 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: An attacker can obtain WiFi credentials Description: An attacker could have impersonated a WiFi...
[USN-2253-1] LibreOffice vulnerability
========================================================================== Ubuntu Security Notice USN-2253-1 June 23, 2014 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CVE-2014-0097 Spring Security Blank password may bypass user authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0097 Blank password may bypass user authentication Severity: Important Vendor: Spring by Pivotal Versions Affected: - - Spring Security 3.2.0 to 3.2.1 - - Spring Security 3.1.0 to 3.1.5 Description: The ActiveDirectoryLdapAuthenticator does n...
Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities
Document Title: =============== Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1117 Release Date: ============= 2013-10-18 Vulnerability Laboratory ID VL-ID:...
[ MDVSA-2013:216 ] perl-Proc-ProcessTable
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:216 http://www.mandriva.com/en/support/security/ Package : perl-Proc-ProcessTable Date : August 23, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated perl-Proc-ProcessTab...
Adobe ColdFusion multiple security vulnerabilities
Authentication bypass, privilege escalation, information leakage...
XSS in dokeos 2.1.1
Exploit Title : Dokeos 2.1.1 Multiple Cross-Site Scripting Vulnerabilities Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 10/17/12 version: 2.1.1 software link:www.dokeos.com Dokeos description Dokeos is an open source e-learning platform programmed in PHP, Javascript and HTML which...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
DNS Poisoning via Port Exhaustion
Hey, Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers. It discloses two vulnerabilities: 1. A vulnerability in Java CVE-2011-3552, CVE-2010-4448 which enables remote DNS poisoning using Java applets. This vulnerability can be...
Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Dow Group dynamic.php?id sub.php?solutioncatid newsdesc.php?id product.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dowgroup.com/ Persian Gulf 4 Ever! Dork :...
Mozilla Foundation Security Advisory 2011-16
Mozilla Foundation Security Advisory 2011-16 Title: Directory traversal in resource: protocol Impact: Moderate Announced: April 28, 2011 Reporter: Soroush Dalili Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 Thunderbird 3.1.10 SeaMonkey 2.0.14 Description...
HTB22920: Path disclosure in Viscacha
Vulnerability ID: HTB22920 Reference: http://www.htbridge.ch/advisory/pathdisclosureinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech Bridge ...
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability (CVE-2010-4331)
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
Microsoft Windows multiple security vulnerabilities
OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...
Microsoft Security Bulletin MS10-061 - Critical Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
Microsoft Security Bulletin MS10-061 - Critical Vulnerability in Print Spooler Service Could Allow Remote Code Execution 2347290 Published: September 14, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Print Spooler...
Mozilla Foundation Security Advisory 2010-32
Mozilla Foundation Security Advisory 2010-32 Title: Content-Disposition: attachment ignored if Content-Type: multipart also present Impact: Moderate Announced: June 22, 2010 Reporter: Ilja van Sprundel Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 SeaMonkey 2.0.5 Description...