47153 matches found
SQL injection vulnerability in SyntaxCMS
Vulnerability ID: HTB22540 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinsyntaxcms.html Product: SyntaxCMS Vendor: Forum One Communications http://www.syntaxcms.org/ Vulnerable Version: 1.3 and Probably Prior Versions Vendor Notification: 27 July 2010 Vulnerability Type: S...
ZDI-10-096: Apple Webkit Recursive Use Element Remote Code Execution Vulnerability
ZDI-10-096: Apple Webkit Recursive Use Element Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-096 June 8, 2010 -- CVE ID: CVE-2010-1404 -- Affected Vendors: Apple -- Affected Products: Apple WebKit -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
FreeBSD Security Advisory FreeBSD-SA-10:05.opie
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-10:05.opie Security Advisory The FreeBSD Project Topic: OPIE off-by-one stack overflow Category: contrib Module: contribopie Announced: 2010-05-27 Credits:...
SSL data injection
Data injection possibility connected with SSL in-session renegotiation...
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-095 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
Oracle 11g (11.1.0.6) Password Policy and Compliance
Many security standards require the tracking of users' password history to prevent password re-use. In Oracle 11g 11.1.0.6, if a security administrator has enabled 11g passwords exclusively then tracking password history is broken. This can affect compliance. This was addressed by Oracle in their...
[DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities
original advisory: http://dsecrg.com/pages/vul/show.php?id=137 Digital Security Research Group DSecRG Advisory DSECRG-09-037 Application: AbleSpace Versions Affected: 1.0 Vendor URL: http://abk-soft.com/ Bugs: Multiple Blind SQL Injections, Multiple XSS Exploits: YES Reported: 18.03.2009 Vendor...
LFI in Drupal CMS
Author : Rasool Nasr ------------------------------------------- Discovered by : Rasool Nasr ------------------------------------------- Exploited By : Rasool Nasr ------------------------------------------- E-Mail : [email protected] ------------------------------------------- WebSite :...
CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities (Updated - v1.1)
Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities CA Advisory Reference: CA20090123-01 CA Advisory Date: 2009-01-23 Reported By: n/a Impact: Refer to the CVE identifiers for details. Summary: Multiple security risks exist in Apache Tomcat as included with CA Cohesion Application...
[security bulletin] HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01607558 Version: 1 HPSBMA02392 SSRT071481 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as...
FreeBSD Security Advisory FreeBSD-SA-08:12.ftpd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:12.ftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in ftpd8 Category: core Module: ftpd Announced: 2008-12-23 Credits: Maksymilian...
drupal: Session hijacking vulnerability, CVE-2008-3661
drupal: Session hijacking vulnerability, CVE-2008-3661 References https://vulners.com/cve/CVE-2008-3661 http://int21.de/cve/CVE-2008-3661-drupal.html http://enablesecurity.com/2008/08/11/surf-jack-https-will-not-save-you/ https://www.defcon.org/html/defcon-16/dc-16-speakers.htmlPerry Description...
Mini-NUKE v2.3 Freehost (tr) Multiple Remote SQL Injection Vulnerabilities
Exploits admin user name : http://localhost/mininuke/members.asp?action=memberdetails&uid=1+union+select+0,kuladi,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+members+where+seviye=1 admin password :...
Vulnerabilities in Timbuktu Pro 8.6.5
Luigi Auriemma Application: Timbuktu Pro Remote Control Software http://www.netopia.com/software/products/tb2/ Versions: = 8.6.5 RC 229 Platforms: Windows Mac OS X has not been tested Bugs: A Denial of Service B limited upload directory traversal Exploitation: remote Date: 10 Mar 2008 Author: Lui...
MSIE7 entrapment again (+ FF tidbit)
Hello again, Microsoft Internet Explorer seems to have a soft spot for browser entrapment vulnerabilities. Just to recap, in these attacks, the user is made believe he had left a webpage and the URL bar or SSL state data reinforce him in this belief - but in reality, is prevented from doing so, a...
[Full-disclosure] Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure
Advisory: Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure RedTeam Pentesting discovered an information disclosure in the Fujitsu- Siemens BX300 Switch Blade during a penetration test. By accessing URLs of the web interface directly and aborting the authentication dialog, one is...
Microsoft Security Bulletin MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution (931906)
Microsoft Security Bulletin MS07-028 Vulnerability in CAPICOM Could Allow Remote Code Execution 931906 Published: May 8, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use CAPICOM or BizTalk 2004 Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...
bloofoxCMS 0.2.2 Cross Site Scripting
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
Sitebar 3.3.5 (index.php writerFile)Remote File Include Vulnerabilities
Sitebar = 3.3.5 Remote File Include Vulnerabilities D.Script: http://scripts.ringsworld.com/bookmark-management/sitebar-3.3.5.zip -::AUTHOR: VerY-SecReT Homepage: http://www.sniper-sa.com Exploit: :- target/sitebar/index.php?writerFile=Shell target/sitebar/Integrator.php?file=Shell $Includer:...
MobilePublisherphp v1.1.2 Remote File Include Vulnerabilities
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
sitex multiple vulnerabilities
global risk:critical upload vulnerability: in user profile upload an avatar with a double extension like : file.php.jpg once it's done,you gone get an error like:Fatal error: Call to undefined function imagedestroy in /. but the last extension jpg will be removed by the script, and stored in :...
FlashGameScript v1.5.4 Remote File Inclusion Vulnerability
-------------------------------------------------------- Author : JuMp-Er Date : feb, 21th 2007 Level : Dangerous contact: : aH-crewathotmaildotcom -------------------------------------------------------- Software description -------------------------------------------------------- App...
Multiple Oracle application server vulnerabilities
SQL injections, DoS, data modification, crossite scripting, privilege escalation, audit setings modification. Password is passed from JDeveloper to SQLPlus in cleartext. JDeveloper password is stored in cleartext in different XML configuration files. Cleartext FormBuilder password is stored in...
VAMP Webmail <= 2.0beta1 (yesno.phtml) Remote Include Vulnerability
ToXiC VAMP Webmail Remote File Inclusion by ToXiC CreW BuG FounD by Drago84 Application Affect:VAMP Webmail Page: yesno.phtml Dir : /setup/ Problem: ?if$answer=="Yes" include $yesurl; else include $nourl; ? ExPloit :...
OpenSSH 4.4 is available
OpenSSH 4.4 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100 complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community...
Easy File Sharing Web Server Multiple Vulnerablilities
Easy File Sharing Web Server Multiple Vulnerablilities Software: Easy File Sharing Web Server Version: 3.2 Website: http://www.sharing-file.com/ Description: Easy File Sharing Web Server is a Windows program that allows you to host a secure peer-to-peer and web-based file sharing system without a...
Multiple vulnerabilities in Liero Xtreme 0.62b
Luigi Auriemma Application: Liero Xtreme http://lieroxtreme.thegaminguniverse.com Versions: = 0.62b Platforms: Windows Bugs: A server crash/freeze B format string in the visualization function Exploitation: A remote, versus server B local/remote, versus clients Date: 06 Mar 2006 Author: Luigi...
[SA17652] e-Quick Cart SQL Injection Vulnerabilities
TITLE: e-Quick Cart SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA17652 VERIFY ADVISORY: http://secunia.com/advisories/17652/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: e-Quick Cart http://secunia.com/product/6165/ DESCRIPTION: BiPiHaCk has...
Microsoft Security Bulletin MS04-028 Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987)
Microsoft Security Bulletin MS04-028 Buffer Overrun in JPEG Processing GDI+ Could Allow Code Execution 833987 Issued: September 14, 2004 Version: 1.0 Summary Who should read this document: Customers who use any of the affected operating systems, affected software programs, or affected components...
Security Bulletin MS02-056: Cumulative Patch for SQL Server (Q316333)
---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server Q316333 Date: 02 October 2002 Software: Microsoft SQL Server 7.0 Microsoft Data Engine MSDE 1.0 Microsoft SQL Server 2000 Microsoft Desktop Engine MSDE 2000 Impact: Four vulnerabilities,...
Progres Databse PROMSGS Format strings issue.
Well once again I have found yet another Progress database issue. The PROMSGS has been looked at one time already for buffer overflows. It was supposed to be fixed. I was poking around at it today and noticed these format strings issues... PROGRESS Version 9.1C as of Thu Jun 7 10:03:59 EDT 2001...
freexl library DoS
DoS on Excel document parsing...
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 Safari 6.2 and Safari 7.1 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 Impact: An attacker with a privileged network position may...
ArcGIS for Server Vulnerability Disclosure
Product: ArcGIS for Server Vendor: ESRI Vulnerable Version: 10.1.1 Tested Version: 10.1.1 Vendor Notification: June 19, 2014 Public Disclosure: August 15, 2014 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference: CVE-2014-5121 Risk Level: Medium CVSSv2 Base Score: 4.3...
Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities
Exploit Title: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities Google Dork: intitle:"Powered by Pro Chat Rooms" Date: 5 August 2014 Exploit Author: Mike Manzotti @ Dionach Ltd Vendor Homepage: http://prochatrooms.com Software Link: http://prochatrooms.com/software.php Version: v8.2.0 Tested on:...
[oss-security] CVE request: various NodeJS module vulnerabilities
Hi all, This is a request for CVEs for the following vulnerabilities discovered by the Node Security Project. I left out their advisories where I could find an assigned CVE; CVE-2013-7370 CVE-2013-7371 CVE-2013-6393 CVE-2013-4660 https://nodesecurity.io/advisories printer potential command...
APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-25-2 Safari 6.1.2 and Safari 7.0.2 Safari 6.1.2 and Safari 7.0.2 is now available and addresses the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.1 Impac...
Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability
Title: ====== Microsoft SharePoint 2013 Cloud - Persistent Exception Handling Web Vulnerability Date: ===== 2013-09-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=812 Security Bulletin: MS13-067 http://technet.microsoft.com/de-de/security/bulletin/MS13-067 Microsoft...
[waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin
waraxe-2013-SA105 - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin =================================================================================== Author: Janek Vind "waraxe" Date: 22. May 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-105.html Description of...
ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks
ESA-2012-032.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST Browser Exploit Against SSL/TLS attacks EMC Identifier: ESA-2012-032 CVE Identifier: CVE-2011-3389 Severity Rating: CVSS v2 Base Score: 4.3...
CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass
Affected products ============== CodeIgniter = 2.1.1 PHP framework and all CodeIgniter-based PHP applications using its built-in XSS filtering mechanism. CVE ==== CVE-2012-1915 Introduction ========== CodeIgniter http://codeigniter.com is a powerful PHP framework with a very small footprint, buil...
Boonex Dolphin v7.0.9 CMS & Mobile App - Multiple Web Vulnerabilities
Title: ====== Boonex Dolphin v7.0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-05-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=565 http://www.vulnerability-lab.com/getcontent.php?id=566 ID: Changeset 16256 VL-ID: ===== 565 Common Vulnerability Scoring...
PHP Booking Calendar 10e XSS
Exploit Title: PHP Booking Calendar 10e XSS Date: 12/16/11 Author: G13 Software Link: http://sourceforge.net/projects/bookingcalendar/ Version: 10e Category: webapps php Vulnerability The pageinfomessage varibale in the detailsview.php does not sanitize input. This is a relective XSS attack...
Sql injection in SugarCRM
Vulnerability ID: HTB23051 Reference: https://www.htbridge.ch/advisory/sqlinjectioninsugarcrm.html Product: SugarCRM Vendor: SugarCRM Inc. http://www.sugarcrm.com Vulnerable Version: Community Edition 6.3.0RC1 and probably prior Tested Version: Community Edition 6.3.0RC1 Vendor Notification: 05...
[SECURITY] [DSA 2343-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
Jcow CMS 4.x:4.2 = , 5.x:5.2 = | Arbitrary Code Execution 1. OVERVIEW Jcow CMS versions 4.x: 4.2 and lower, 5.x: 5.2 and lower are vulnerable to Arbitrary Code Execution. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your...
ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication On-Premise Advisories Updated August 11, 2011 Summary: An issue with Adaptive Authentication On-Premise was discovered which in certain circumstances...
[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1
---------------------------------------------------------------------- PT-2011-08 Positive Technologies Security Advisory Multiple vulnerabilities in Dlink DPH 150SE/E/F1 ---------------------------------------------------------------------- --- Vulnerable platform Dlink DPH 150s IP Phone Firmwar...
XSS in Webmin 1.540 + exploit for privilege escalation
Information -------------------- Name : XSS vulnerability in Webmin Software : All versions prior to and including 1.540 are affected. Vendor Hompeage : http://www.webmin.com Vulnerability Type : Cross-Site Scripting Severity : Medium Researcher : Javier Bassi javierbassi at gmail dot com...
Stored and Reflective XSS in Yaws-Wiki 1.88-1 (Erlang)
Software: yaws-wiki version affected: 1.88-1 platform: Erlang homepage:http://yaws.hyber.org/ Researcher: Michael Brooks Original Advisory:https://sitewat.ch/en/Advisory/4 Install instructions for Ubuntu: sudo apt-get install yaws-wiki Edit:/etc/yaws/conf.d/yaws-wiki.conf add this: server wiki po...