47153 matches found
[SA18026] UStore Cross-Site Scripting and SQL Injection Vulnerabilities
TITLE: UStore Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA18026 VERIFY ADVISORY: http://secunia.com/advisories/18026/ CRITICAL: Moderately critical IMPACT: Security Bypass, Cross Site Scripting, Manipulation of data WHERE: From remote SOFTWARE: UStore...
Advisory: Lawson Financials RDBMS Insecurity
+-----------------------------------------------------------------------+ | Advisory: lawson001 | | Authors: John Eisenschmidt [email protected] | | George Lewis [email protected] | | Release Date: December 02, 2002 | | Vendor: Lawson | | Application: Financials possibly others | | Affected...
Security Bulletin MS02-056: Cumulative Patch for SQL Server (Q316333)
---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server Q316333 Date: 02 October 2002 Software: Microsoft SQL Server 7.0 Microsoft Data Engine MSDE 1.0 Microsoft SQL Server 2000 Microsoft Desktop Engine MSDE 2000 Impact: Four vulnerabilities,...
Progres Databse PROMSGS Format strings issue.
Well once again I have found yet another Progress database issue. The PROMSGS has been looked at one time already for buffer overflows. It was supposed to be fixed. I was poking around at it today and noticed these format strings issues... PROGRESS Version 9.1C as of Thu Jun 7 10:03:59 EDT 2001...
freexl library DoS
DoS on Excel document parsing...
Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Please find a text-only version below sent to security mailing-lists. The complete version on exploits about my last advisory of ipTIME products is posted here:...
[SECURITY] [DSA 3198-1] php5 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3198-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 20, 2015 http://www.debian.org/security/faq -...
Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability
Document Title: =============== Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1355 Release Date: ============= 2015-02-09 Vulnerability Laboratory ID VL-ID: ==================================== 1355...
[ MDVSA-2015:032 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:032 http://www.mandriva.com/en/support/security/ Package : php Date : February 5, 2015 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been discovered and corrected in php:...
[The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360)
Hi, This is part 12 of the ManageOwnage series. For previous parts, see 1. This time we have an arbitrary file download, directory content disclosure and blind SQL injection vulnerabilities in ManageEngine OpManager, Applications Manager and IT360. I've pushed two new Metasploit modules into the...
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability
================================================================================ REWTERZ-20140103 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product:...
CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional"
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2026 =================== "Reflected Cross-Site Scripting XSS" CWE-79 vulnerability in "Intrexx Professional" product Vendor =================== United Planet GmbH Product =================== "Intrexx is an integrated cross-platform developmen...
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 Safari 6.2 and Safari 7.1 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: An attacker with a privileged network position may...
SQL Injection Vulnerability in ArticleFR
Advisory ID: HTB23225 Product: ArticleFR Vendor: Free Reprintables Vulnerable Versions: 3.0.4 and probably prior Tested Version: 3.0.4 Advisory Publication: July 23, 2014 without technical details Vendor Notification: July 23, 2014 Public Disclosure: August 20, 2014 Vulnerability Type: SQL...
APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 Safari 6.1.6 and Safari 7.0.6 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.4 Impact...
Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities
Exploit Title: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities Google Dork: intitle:"Powered by Pro Chat Rooms" Date: 5 August 2014 Exploit Author: Mike Manzotti @ Dionach Ltd Vendor Homepage: http://prochatrooms.com Software Link: http://prochatrooms.com/software.php Version: v8.2.0 Tested on:...
[oss-security] LMS-2014-06-16-2: Linux Kernel LZO
Hello All, A vulnerability has been identified in the Linux kernel implementation of the LZO algorithm. Please find the bug report inline. Best, Don A. Bailey Founder / CEO Lab Mouse Security https://www.securitymouse.com/ Lab Mouse Security Report LMS-2014-06-16-2 Report ID: LMS-2014-06-16-2 CVE...
[SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 6.0.33 to 6.0.37 Description: Previous fixes to path parameter handling 1 introduc...
Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability
Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft...
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses the following: Apache Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lio...
XAMPP 1.8.1 Local Write Access Vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2013-007 - Original release date: March 14th, 2013 - Last revised: March 19th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 6,8/10 CVSS Base Score - CVE-ID: CVE-2013-2586...
PuTTY SSH handshake heap overflow
PuTTY SSH handshake heap overflow CVE-2013-4852 Description: PuTTY versions 0.62 and earlier - as well as all software that integrates these versions of PuTTY - are vulnerable to an integer overflow leading to heap overflow during the SSH handshake before authentication, caused by improper bounds...
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...
CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass
Affected products ============== CodeIgniter = 2.1.1 PHP framework and all CodeIgniter-based PHP applications using its built-in XSS filtering mechanism. CVE ==== CVE-2012-1915 Introduction ========== CodeIgniter http://codeigniter.com is a powerful PHP framework with a very small footprint, buil...
Boonex Dolphin v7.0.9 CMS & Mobile App - Multiple Web Vulnerabilities
Title: ====== Boonex Dolphin v7.0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-05-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=565 http://www.vulnerability-lab.com/getcontent.php?id=566 ID: Changeset 16256 VL-ID: ===== 565 Common Vulnerability Scoring...
PHP Booking Calendar 10e XSS
Exploit Title: PHP Booking Calendar 10e XSS Date: 12/16/11 Author: G13 Software Link: http://sourceforge.net/projects/bookingcalendar/ Version: 10e Category: webapps php Vulnerability The pageinfomessage varibale in the detailsview.php does not sanitize input. This is a relective XSS attack...
Sql injection in SugarCRM
Vulnerability ID: HTB23051 Reference: https://www.htbridge.ch/advisory/sqlinjectioninsugarcrm.html Product: SugarCRM Vendor: SugarCRM Inc. http://www.sugarcrm.com Vulnerable Version: Community Edition 6.3.0RC1 and probably prior Tested Version: Community Edition 6.3.0RC1 Vendor Notification: 05...
[SECURITY] [DSA 2343-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server
Trustwave's SpiderLabs Security Advisory TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server https://www.trustwave.com/spiderlabs/advisories/TWSL2011-013.txt Published: 2011-09-23 Version: 1.0 Vendor: IceWarp http://www.icewarp.com Product: IceWarp Mail Server Version affected: 10.3.2 a...
Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
Jcow CMS 4.x:4.2 = , 5.x:5.2 = | Arbitrary Code Execution 1. OVERVIEW Jcow CMS versions 4.x: 4.2 and lower, 5.x: 5.2 and lower are vulnerable to Arbitrary Code Execution. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your...
[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1
---------------------------------------------------------------------- PT-2011-08 Positive Technologies Security Advisory Multiple vulnerabilities in Dlink DPH 150SE/E/F1 ---------------------------------------------------------------------- --- Vulnerable platform Dlink DPH 150s IP Phone Firmwar...
HTB22947: XSS in Ajax Category Dropdown wordpress plugin
Vulnerability ID: HTB22947 Reference: http://www.htbridge.ch/advisory/xssinajaxcategorydropdownwordpressplugin.html Product: Ajax Category Dropdown wordpress plugin Vendor: http://www.dyasonhat.com/ http://www.dyasonhat.com/ Vulnerable Version: 0.1.5 Vendor Notification: 07 April 2011 Vulnerabili...
Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang)
Software: yaws-wiki version affected: 1.88-1 platform: Erlang homepage:http://yaws.hyber.org/ Researcher: Michael Brooks Original Advisory:https://sitewat.ch/en/Advisory/4 Install instructions for Ubuntu: sudo apt-get install yaws-wiki Edit:/etc/yaws/conf.d/yaws-wiki.conf add this: server wiki po...
PR10-14 Unauthenticated command execution within Mitel's AWC (Mitel Audio and Web Conferencing)
http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-14 PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 2010 Vendor informed: Monday, 26 July...
Flaw in Microsoft Windows SAM Processing Allows Continued Administrative Access Using Hidden Regular User Masquerading After Compromise (2010-M$-001)
---------------------------------------------------------- www.ExploitDevelopment.com 2010-M$-001 ---------------------------------------------------------- TITLE: Flaw in Microsoft Windows SAM Processing Allows Continued Administrative Access Using Hidden Regular User Masquerading After Compromi...
XSRF (CSRF) in Wolf CMS
Vulnerability ID: HTB22681 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinwolfcms.html Product: Wolf CMS Vendor: Wolf CMS team http://www.wolfcms.org/ Vulnerable Version: 0.6.0b and probably prior versions Vendor Notification: 09 November 2010 Vulnerability Type: CSRF Cross-Site Request...
vBulletin 4.0.8 - Persistent XSS via Profile Customization
vBulletin - Persistent Cross Site Scripting via Profile Customization Versions Affected: 4.0.8 3.8. is not vulnerable. Info: Content publishing, search, security, and more— vBulletin has it all. Whether it’s available features, support, or ease-of-use, vBulletin offers the most for your money...
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Advisory ID: cisco-sa-20100811-ace Revision 1.0 For Public Release 2010 August 11 1600 UTC GMT...
Microsoft Security Bulletin MS10-060 - Critical Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
Microsoft Security Bulletin MS10-060 - Critical Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution 2265906 Published: August 10, 2010 Version: 1.0 General Information Executive Summary This security update resolves two...
FreeBSD Security Advisory FreeBSD-SA-10:05.opie
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:05.opie Security Advisory The FreeBSD Project Topic: OPIE off-by-one stack overflow Category: contrib Module: contribopie Announced: 2010-05-27 Credits:...
MKPortal modules metric XSS Vulnerability
========================================= MKPortal modules metric XSS Vulnerability ========================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / / / 1 1 / / 0 0 ////// // // //...
SSL data injection
Data injection possibility connected with SSL in-session renegotiation...
[CORE-2010-0106] Cisco Secure Desktop XSS/JavaScript Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Cisco Secure Desktop XSS/JavaScript Injection 1. Advisory Information Title: Cisco Secure Desktop XSS/JavaScript Injection Advisory Id: CORE-2010-0106 Advisory URL:...
[InterN0T] LiveZilla - XSS Vulnerability
LiveZilla - Cross Site Scripting Vulnerability Version Affected: 3.1.8.3 newest Info: LiveZilla, the Next Generation Live Help / Live Chat and Live Support System connects you to your website visitors. Use LiveZilla to provide Live Chats and monitor your website visitors in real-time. Convert...
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-095 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
Netgear DG632 Router Remote DoS Vulnerability
Product Name: Netgear DG632 Router Vendor: http://www.netgear.com Date: 15 June, 2009 Author: [email protected] [email protected] Original URL: http://www.tomneaves.co.uk/NetgearDG632RemoteDoS.txt Discovered: 18 November, 2006 Disclosed: 15 June, 2009 I. DESCRIPTION The Netgear DG632 router h...
[SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-5515: Apache Tomcat information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.39 Tomcat 5.5.0 to 5.5.27 Tomcat 6.0.0 to 6.0.18 The unsupported Tomcat 3.x, 4.0.x and...
Formshield Captcha - Older Version vulnerable to replay attacks
Replay attack on CAPTCHA Libraries Summary A CAPTCHA implementation that we tested were found to be vulnerable to replay attacks. The attack is explained in detail for Formshield – A popular DOT NET CAPTCHA implementation. NOTE: We discovered this during a Black Box engagement with one of our...
FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:12.ftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in ftpd8 Category: core Module: ftpd Announced: 2008-12-23 Credits: Maksymilian...
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities
Exploits admin user name : http://localhost/mininuke/members.asp?action=memberdetails&uid=1+union+select+0,kuladi,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+members+where+seviye=1 admin password :...