47153 matches found
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service
MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service http://cxsecurity.com/ YouTube Kaspersky PoC: https://www.youtube.com/watch?v=joa9IS7U90 ---- 0. Where is the problem? ---- Some time ago I have reported vulnerabilities in regcomp in BSD implementation CVE-2011-3336 and GNU li...
[security bulletin] HPSBMU02964 rev.1 - HP Service Manager, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access, Disclosure of Informa
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04117626 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04117626 Version: 1 HPSBMU02964 rev....
CSRF, XSS and Redirector vulnerabilities in IBM Lotus Notes Traveler
Hello 3APA3A! These are Cross-Site Request Forgery, Cross-Site Scripting and Redirector vulnerabilities in IBM Lotus Notes Traveler. They are similar to CSRF, XSS and Redirector vulnerabilities in IBM Lotus Domino http://securityvulns.ru/docs29060.html, which I announced at 19.05.2012 and disclos...
Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install)
------------------- 1 Overview Title: Intersystems Cache Remote Code Execution via Default 'Minimal Security' Install Product: Intersystems Cache Product URL: http://www.intersystems.com/cache/index.html Vendor: Intersystems Affected Versions: Tested on Cache for Windows x86-64 & i386 2009. thru...
AFU and XSS vulnerabilities in TinyMCE Image Manager
Hello 3APA3A! These are Arbitrary File Uploading and Cross-Site Scripting vulnerabilities in TinyMCE Image Manager plugin for TinyMCE. ------------------------- Affected products: ------------------------- Vulnerable are TinyMCE Image Manager 1.1 and previous versions. -------------------------...
[USN-1833-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1833-1 May 24, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
[SE-2012-01] Java 7 Update 11 confirmed to be vulnerable
Hello All, This post might be interesting for those concerned about the state of Oracle's Java SE security. We have successfully confirmed that a complete Java security sandbox bypass can be still gained under the recent version of Java 7 Update 11 1 JRE version 1.7.011-b21. MBeanInstantiator bug...
Cross-Site Scripting (XSS) Vulnerabilities in Flogr
Advisory ID: HTB23110 Product: Flogr Vendor: Flogr Vulnerable Versions: 2.5.6 and probably prior Tested Version: 2.5.6 Vendor Notification: August 15, 2012 Public Disclosure: September 5, 2012 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2012-4336 CVSSv2 Base Score: 4.3...
[SECURITY] [DSA 2480-1] request-tracker3.8 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2480-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2012 http://www.debian.org/security/faq -...
[ MDVSA-2012:071 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:071 http://www.mandriva.com/security/ Package : php Date : May 10, 2012 Affected: Enterprise Server 5.0 Problem Description: This is a bugfix and security advisory that upgrades php to the latest 5.3.13...
[SECURITY] [DSA 2421-1] moodle security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2421-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 29, 2012 http://www.debian.org/security/faq -...
Spherica Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Spherica AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.spherica.it/ Persian Gulf 4 Ever! Dork : "powered by spherica" "inurl:prodotto.php?idcatalogo=" Exploite:...
ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability
ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-182 June 8, 2011 -- CVE ID: CVE-2011-0817 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracl...
AR Web Content Manager (AWCM) Cross-Site scripting Vulnerability
AR Web Content Manager AWCM v2.2 Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1012 21/03/2011 Issue Discovered 24/03/2011 Vendor Notified 24/03/2011 Vendor Responded 25/03/2011 Vendor Solution Class: Cross-Site Scripting Severity: Medium...
cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ cforms WordPress Plugin Cross Site Scripting Vulnerability CVE-2010-3977...
vBulletin - Critical Information Disclosure
Versions Affected: 3.8.6 Only! Info: Content publishing, search, security, and more—vBulletin has it all. Whether it’s available features, support, or ease-of-use, vBulletin offers the most for your money. Learn more about what makes vBulletin the choice for people who are serious about creating...
PR09-17: Juniper Secure Access seriers (Juniper IVE) authenticated XSS & REDIRECTION
PR09-17: Juniper Secure Access series Juniper IVE authenticated XSS & REDIRECTION http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr09-17 Vulnerability found: 12th October 2009 Vendor informed: 12 October 2009 Severity: Medium Script injection Description: There are multiple...
Kayako SupportSuite Multiple Persistent Cross Site Scripting (Current Versions)
Comodo Group Vendor : Kayako Infotech Ltd. URL : http://www.kayako.com/ Version : Kayako SupportSuite = 3.60.04 We've discovered multiple persistent cross site scripting vulnerabilities in the latest version of Kayako SupportSuite 3.60.04. Because of improper input validation an attacker...
Oracle PL/SQL Injection Flaw in REPCAT_RPC.VALIDATE_REMOTE_RC
Hey all, The Oracle REPCATRPC.VALIDATEREMOTERC function executes blocks of anonymous PL/SQL that can be influenced by an attacker to execute arbitrary PL/SQL. As this package is only accessible directly by SYS this flaw would not normally present a risk. However, the REPCATRPC.VALIDATEREMOTERC...
Vulnerabilities in XAMPP
Hello 3APA3A! I want to warn you about security vulnerabilities in XAMPP. These are Information Leakage, Cross-Site Request Forgery and SQL Injection vulnerabilities. Information Leakage: http://site/xampp/phpinfo.php During access to admin panel via Insufficient Authorization vulnerabilities it'...
Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities
VUPEN Security Research Advisory - VUPEN-SR-2009-01 // VUPEN-SR-2009-02 Advisory URL: http://www.vupen.com/english/advisories/2009/1393 May 22, 2009 I. BACKGROUND ---------------------- Novell GroupWise is a complete collaboration software solution that provides information workers with e-mail,...
[security bulletin] HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager (SAM), Unintended Remote Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01367453 Version: 1 HPSBUX02286 SSRT071466 rev.1 - HP-UX Running System Administration Manager SAM, Unintended Remote Access NOTICE: The information in this Security Bulletin should be acted upon...
iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Information Disclosure Vulnerability
iDefense Security Advisory 06.03.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 03, 2008 I. BACKGROUND Sun Java System Active Server Pages is a multi-platform ASP application server. It provides provides ASP Active Server Pages functionality to a web server. More information is...
NULL pointer in Remotely Anywhere 8.0.668
Luigi Auriemma Application: Remotely Anywhere Server and Workstation http://www.remotelyanywhere.com Versions: = 8.0.668 Platforms: Windows Bug: NULL pointer Exploitation: remote Date: 08 Mar 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code ...
INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION EXPLOIT
---- INVISION POWER BOARD 2.1.7 EXPLOIT ... ITDefence.ru Antichat.ru INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION Eugene Minaev [email protected] / / . / /// // / / // / / / /// / / / / / // / / / / / / / / / / / / / / / / / // / / / / // / // / / / // 2007 //// // // // // / . -...
3proxy 0.5.3j released (bugfix)
3proxy http://3proxy.ru/ is multi-platform Windows, Linux, Unix multi-protocol proxy server with abilities to mange traffic flows and bandwidths, convert requests between different proxy types, authenticate, authorize, control, limit and account users access and more. 3proxy 0.5.3j version was...
Phorm v3.0 Remote File Upload Vulnerability
Phorm v3.0 Remote File Upload Vulnerability ilker kandemir ilkerkandemiratmynet.com Download: ftp://ftp.holotech.net/phorm/phorm.zip TnX.: Ajann, Dumenci, H0tTurk, Str0ke Exploit: http://site/phormpath/lib/fileupload.php +===== upload your shell.php http://site/phormpath/files/phpshell.php...
Powered By Dvbbs Version 7.1.0 Sp1 By Pass
By : Hasadya Raed Contact : [email protected] Israel -------------------------- Script : Dvbbs Version 7.1.0 Sp1 Dork : "Powered By Dvbbs Version 7.1.0 Sp1" -------------------------- Exploit : http://www.victim.com/Data/Dvbbs7.mdb...
CWB PRO Version 1.5(INCLUDE_PATH)Remote File Include Vulnerabilites
-------------------------------------------------------------------------------- Title : BT-Sondage-v112 Remote File Include Vulnerability -------------------------------------------------------------------------------- Author: CrackersChild cont@ct: [email protected]...
Mega Mall [ multiples injection sql & full path disclosure ]
vendor site: http://products.kaonsoftwares.com/ product: mega-mall bug:injection sql & full path disclosure language: asp risk: high injection sql get: http://site.com/mega-mall/productreview.php?t=sql http://site.com/mega-mall/productreview.php?t=0&productId=sql...
LBlog <= "comments.asp" SQL Injection Exploit
LBlog = "comments.asp" SQL Injection Exploit - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Credit by | Chironex Fleckeri Mail | [email protected] Googledork | Powered By LBlog - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Usage :...
SolpotCrew Advisory #3 - com_trade Remote File Inclusion (mosConfig_absolute_path)
SolpotCrew Community comtrade Remote File Inclusion mosConfigabsolutepath original advisory : http://solpotcrew.org/adv/BlueSpy-adv-comtrade.txt Bug Found By :Blue|Spy contact: [email protected] Website : http://kunamgede.biz, http://blue-spy.com Greetz: h4ntu , Fungky, Solpot, Matdhule and all cr...
Cartweaver ColdFusion vuln.
Cartweaver ColdFusion vuln. Vuln. discovered by : r0t Date: 25 april 2006 vendorlink:www.cartweaver.com affected versions:2.16.11 and previous orginal advisory:http://pridels.blogspot.com/2006/04/cartweaver-coldfusion-vuln.html Vuln. Description: 1. SQL Injection vuln. Cartweaver ColdFusion...
[UNIX] PowerPortal XSS vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
[Full-Disclosure] iDEFENSE Security Advisory 03.19.04: Borland Interbase admin.ib Administrative Access Vulnerability
Borland Interbase admin.ib Administrative Access Vulnerability iDEFENSE Security Advisory 03.19.04 www.idefense.com/application/poi/display?id=80&type=vulnerabilities March 19, 2004 I. BACKGROUND Borland Interbase is a small, high performance commercial database for Linux, Solaris, and Windows...
Internet Explorer Object Type Property Overflow
Internet Explorer Object Type Property Overflow Release Date: June 4, 2003 Severity: High Remote Code Execution Systems Affected: Microsoft Internet Explorer 5.01 Microsoft Internet Explorer 5.5 Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6.0 for Windows Server 2003 Description: T...
Microsoft RASAPI32.DLL
NGSSoftware Insight Security Research Advisory Name: Buffer Overflow in Microsoft Rasapi32.dll Systems Affected: WinNT, Win2K, XP, Microsoft Routing And Remote Access Server "Steelhead" Severity: High Category: Buffer Overrun / Privilege Escalation Vendor URL: http://www.microsoft.com/ Author: Ma...
Minor bug in Pagelog.cgi
There is a small bug in PAGELOG.cgi by Metertek [email protected] which allows users to create and view files. Any file on the system with a '.log' extension readable by the uid/gid of the webserver can be viewed. In addition, two files with extensions of '.txt' and '.log' can be created in any...
Linux news 5.09.00
Linux 2.2.17 Вышло новое ядро из стабильной серии - 2.2.17 Подробнее: http://www.linux.org.uk/VERSION/relnotes.2217.html Linux 2.2.18pre3 Alan Cox выпустил 1-ю pre-версию "после-следующего" стабильного ядра Linux - 2.2.18. Работа над следующим стабильным ядром Linux, 2.2.17, закончилась на pre20,...
Redhat Linux 6.x remote root exploit
Hi, Included below is an exploit for the recently exposed linux rpc.statd format string vulnerability0. I have tailored it towards current Redhat Linux 6.x installations. It can easily be incorporated into attacks against the other vulnerable Linux distributions. I am not a security expert, but...
[ZDI-15-396] ManageEngine ServiceDesk Plus remote code execution
Hi, Yet another RCE bug in ManageEngine ServiceDesk. This was disclosed by ZDI under ID ZDI-15-396 on August 20th, and fixed in version 9103 1. Details below, full advisory can be obtained from my repo at E2. A Metasploit module that exploits this vulnerability has been submitted upstream in E3...
Dogma India dogmaindia CMS - Auth Bypass Vulnerability
Document Title: =============== Dogma India dogmaindia CMS - Auth Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1583 Release Date: ============= 2015-08-25 Vulnerability Laboratory ID VL-ID: ==================================== 158...
APPLE-SA-2015-10-21-1 iOS 9.1
APPLE-SA-2015-10-21-1 iOS 9.1 iOS 9.1 is now available and addresses the following: Accelerate Framework Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: Visiting a maliciously crafted website may lead to arbitrary code execution Description: A...
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE
Hello, Please find a text-only version below sent to security mailing-lists. The html version on analysing the vulnerabilities in Huawei 3G routers is posted here: https://pierrekim.github.io/blog/2015-10-07-Huawei-routers-vulnerable-to-multiple-threats.html === text-version of the advisory ===...
OS Command Injection in Vesta Control Panel
Advisory ID: HTB23261 Product: Vesta Control Panel Vendor: http://vestacp.com Vulnerable Versions: 0.9.8 and probably prior Tested Version: 0.9.8 Advisory Publication: May 20, 2015 without technical details Vendor Notification: May 20, 2015 Vendor Patch: June 3, 2015 Public Disclosure: June 17,...
Kibana vulnerability CVE-2015-4093
Summary: Kibana versions 4.0.0, 4.0.1 and 4.0.2 are vulnerable to a cross-site scripting XSS attack. The attack allows execution of arbitrary JavaScript in the context of the user’s browser. We have been assigned CVE-2015-4093 for this issue. Fixed versions: Versions 4.0.3 and 4.1.0 have addresse...
[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability
------------------------------------------------------------------------------ Symantec Web Gateway = 5.2.1 restore.php OS Command Injection Vulnerability ------------------------------------------------------------------------------ - Software Link: http://www.symantec.com/web-gateway/ - Affecte...
[ MDVSA-2014:243 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:243 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : December 14, 2014 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in...
SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop
SEC Consult Vulnerability Lab Security Advisory 20140710-1 ======================================================================= title: Multiple high risk vulnerabilities in Shopizer webshop product: Shopizer vulnerable version: 1.1.5 and below fixed version: v2 new codebase impact: high...
LiveZilla 5.1.2.0 Multiple Stored XSS in webbased operator client
Author: Jakub Zoczek [email protected] CVE Reference: CVE-2013-7032 Product: LiveZilla Vendor: LiveZilla GmbH http://livezilla.net Affected version: 5.1.2.0 Severity: Medium CVSSv2 Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Status: Fixed 0x01 Background LiveZilla, the widely-used and trusted Live Help...