47153 matches found
Path disclousure in OpenCart
Vulnerability ID: HTB22762 Reference: http://www.htbridge.ch/advisory/pathdisclousureinopencart.html Product: OpenCart Vendor: OpenCart http://www.opencart.com/ Vulnerable Version: 1.4.9.1 Vendor Notification: 15 December 2010 Vulnerability Type: Path disclosure Status: Not Fixed, Vendor Alerted,...
phpvidz Administrative Password Disclosure
Original Advisory:http://blog.sitewat.ch/2010/05/phpvidz-administrative-password.html Affecting: phpvidz 0.9.5 Vulnerability: Administrative Password Disclosure Vendor's Homepage: http://sourceforge.net/projects/phpvidz/ Date: May 15th 2010 Researcher: Michael Brooks phpvidz does not use a SQL...
XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp
------------------------------------------------------------------ XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp Date: 22.04.2010 ------------------------------------------------------------------- - Description Windows Mobile shows message previews if configured to do so. Due...
Instant CMS <= 1.1rc3 Admin (Auth Bypass) Vulnerability
======================================================= Instant CMS = 1.1rc3 Admin Auth Bypass Vulnerability ======================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 ...
Multiple applications log files terminal control characters injections
ESC-sequences filtering is not performed...
[ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2009-011 - Original release date: October 13th, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3702 - Severity: 8.5/10 CVSS Base Score...
ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability
ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-080 November 4, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection:...
Squid Proxy Cache Security Update Advisory SQUID-2009:2
Squid Proxy Cache Security Update Advisory SQUID-2009:2 Advisory ID: SQUID-2009:2 Date: July 27, 2009 Summary: Multiple Remote Denial of service issues in header processing. Affected versions: Squid 3.0 - 3.0.STABLE16, Squid 3.1 - 3.1.0.11 Fixed in version: Squid 3.0.STABLE17, 3.1.0.12...
[SECURITY] [DSA 1836-1] New fckeditor packages fix arbitrary code execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1836-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 16, 2009 http://www.debian.org/security/faq -...
LFI in Drupal CMS
Author : Rasool Nasr ------------------------------------------- Discovered by : Rasool Nasr ------------------------------------------- Exploited By : Rasool Nasr ------------------------------------------- E-Mail : [email protected] ------------------------------------------- WebSite :...
multiple vendor ftpd - Cross-site request forgery
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 multiple vendor ftpd - Cross-site request forgery Author: Maksymilian Arciemowicz securityreason.com Date: - - Written: 03.09.2008 - - Public: 26.09.2008 SecurityReason Research SecurityAlert Id: 56 CVE: not assigned SecurityRisk: Low Affected Softwar...
Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
====================================================================== Secunia Research 12/09/2008 - Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow - ====================================================================== Table of Contents Affected...
w2b.ru multiple products SQL Injection
------------------------------------------------------- | Aria-Security Team Persian Security Network | | http://Aria-Security.com For English | | http://Aria-Security.net For Farsi | | Greetz: | | AurA, NULL, Kinglet, t3rr0r1st, Moromort | | and to all of our staff | | Discovered by The-0utl4w |...
[DSECRG-08-011] Astrosoft HelpDesk Multiple XSS
Digital Security Research Group DSecRG Advisory DSECRG-08-011 Application: Astrosoft HelpDesk Versions Affected: Vendor URL: http://astrosoft.ru/ Bugs: Multiple XSS Injections Exploits: YES Reported: 29.01.2008 Vendor response: NONE Date of Public Advisory: 04.02.2008 Authors: Alexandr Polyakov,...
[HSC] Snitz Forums Multiple Vulnerabilities
HSC Snitz Forums Multiple Vulnerabilities Snitz Forums Default Database installation allows remote users to download the database which contains critical information. As a result, an attacker exploiting this vulnerability will be able to obtain detailed information. An attacker may leverage xss...
myphotographer image shop script /events/index.asp sql injection
myphotographer image shop script /events/index.asp sql injection Credit : CodeXpLoder'tq mail : codexploderathotmaildotcom site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam,Liz0ziM,eno7,3APA3A Sourge site : http://www.myphotographer.com/support/ 1-...
[Full-disclosure] ActiveWeb Contentserver CMS SQL Injection Management Interface
Advisory: ActiveWeb Contentserver CMS SQL Injection Management Interface RedTeam Pentesting discovered an SQL Injection in the picturerealedit.asp script of the activeWeb contentserver CMS during a penetration test. An editor with the permission to edit pictures can exploit this by injecting...
HP JetDirect and HP printers buffer overflow
Buffer overflow in LIST, NLIST and RETR command of built-in FTP server...
Multiple XSS in IronMail
=============================== - Advisory - =============================== Tнtulo: Multipls XSS in Cypherstrust Ironmail 6.1.1 Risk: Medium Date: 20.Feb.2007 Author: Javier Olascoaga jolascoaga at 514.es WEB: http://www.514.es/ .: INTRO :. IronMail protects enterprise email systems from inbound...
FlashGameScript v1.5.4 Remote File Inclusion Vulnerability
-------------------------------------------------------- Author : JuMp-Er Date : feb, 21th 2007 Level : Dangerous contact: : aH-crewathotmaildotcom -------------------------------------------------------- Software description -------------------------------------------------------- App...
ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability
Title : ASP EDGE = V1.2b user.asp Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://aspedge.cjb.net || http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?txtCodeId=7530&lngWId=4 $$ : Free SQL---------------------------------------------------------...
OpenSSH 4.4 is available
OpenSSH 4.4 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100 complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community...
PNphpBB2 <= 1.2g (phpbb_root_path) Remote File Include Vulnerability
Yeah, another ZeroDay Smile Vendor: http://www.pnphpbb.com/ Vulnerable File: includes/functionsadmin.php Vulnerable Code: //The phpbbrootpath isn't initialize includeonce $phpbbrootpath . 'includes/functions.' . $phpEx ; Method To Use:...
PHP ip2long() function circumvention
--- PHP ip2long function circumvention -------------------------------------- tested on php 5.0.2 " 4.3.3 -------------------------------------------------------------------------------- after some test on miniBB application http://www.minibb.net/ I obtained that the php ip2long function can be...
[Full-disclosure] [thunkers.net] D-Link Fragmented UDP DoS Vulnerability
At the time of discovery the issue affected the latest D-Link firmwares. As D-Link has since released a new firmware, this is no longer the case, so... cheers... --- Aaron Portnoy ------------------------------------------------------------------------------------ D-Link Fragmented UDP Denial of...
WheresJames Webcam Publisher Bof + POC [Haxorcitos]
Haxorcitos advisory ----------------------- Application : WheresJames Webcam Publisher Version : Beta 2.0.0014 Url : www.wheresjames.com Type : Remote / Local Bof Author : Miguel Tarasco Acuna - Tarako AT gmail.com - Tarako AT Haxorcitos.com Exploit/Poc : Attached...
Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707)
Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer 834707 Issued: October 12, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...
IRIX hpsnmpd vulnerability
-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX hpsnmpd vulnerability Number: 20020404-01-P Date: April 24, 2002 Reference: CERT CA-2002-03 Reference: CVE CAN-2002-0012 Reference: CVE CAN-2002-0013 - ----------------------- - --- Issue Specifics --- - ----------------------- ...
PostACI Webmail Vulnerability
The PostACI webmail system contains a rather trival vulnerability. One can obtain the hostname, username and password variables for the MySQL server in addition to other setup information if PostACI is setup as described running out of the box by simplying going to the url:...
Security Update: ld.so unsetenv problem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera Systems, Inc. Security Advisory Subject: ld.so unsetenv problem Advisory number: CSSA-2000-028.0 Issue date: 2000 August, 24 Cross reference: 1. Problem Description A bug has been discovered in ld.so that could allow local users to obtain supe...
Security Bulletin (MS00-031)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-031 - -------------------------------------- Patch...
SecurityFocus.com Newsletter 37
Premier sponsor: PentaSafe STOP NOW AND MAKE SURE THAT YOUR SYSTEMS ARE SECURE. Download PentaSafe's 10-Point Security Checkup ReportTM for Windows NT, UNIX, Linux, or IBM AS/400. In minutes, this FREE program will scan your systems, checking for the top ten most critical, yet often overlooked,...
CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin
Details ================ Software: Pie Register Version: 2.0.18 Homepage: https://github.com/GTSolutions/Pie-Register CVE: CVE-2015-7682 Pending CVSS: 3.5 Low; AV:N/AC:M/Au:S/C:P/I:N/A:N CWE: CWE-89 Description ================ Two blind SQL injection vulnerabilities in Pie Register 2.0.18 allow...
[USN-2780-2] MiniUPnP vulnerability
========================================================================== Ubuntu Security Notice USN-2780-2 October 23, 2015 miniupnpc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities
About Encripto AS ================= Encripto is a Norwegian company which provides specialized services within IT-security. Our core expertise is security testing, network security monitoring and training. Encripto is committed to information security. We do research to discover trends, new...
PHP multiple security vulnerabilities
Resources exhaustion, memory corruptions...
[USN-2501-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-2501-1 February 17, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Elasticsearch restrictions bypass
Sandbox restrictions bypass...
APPLE-SA-2015-01-27-2 iOS 8.1.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-2 iOS 8.1.3 iOS 8.1.3 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow acce...
[USN-2441-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2441-1 December 12, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
FreeBSD tcp DoS
It's possible to tear down connection without knowing sequence number...
(CVE-2014-3501/2/3) Apache Cordova for Android - Multiple Vulnerabilities
Hi, We have recently discovered a severe Cross-Application Scripting XAS vulnerability in Apache Cordova for Android. This vulnerability enables theft of sensitive information from Crodova-based apps both locally by malware and also remotely by using drive-by exploitation techniques. In addition,...
Synology DiskStation Manager code execution
Code execution via web interface...
[SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-4590 Information disclosure via XXE when running untrusted web applications Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.0-RC5 - - Apache Tomcat 7.0.0 to 7.0.47 - - Apache Tomcat...
[PT-2013-63] Hash Length Extension in HTMLPurifier
----------------------------------------------------------- PT-2013-63 Positive Technologies Security Advisory Hash Length Extension in HTMLPurifier ----------------------------------------------------------- --- Vulnerable software HTMLPurifier Version: 4.5.0 and earlier Link:...
[USN-2029-1] Apache Commons FileUpload vulnerability
========================================================================== Ubuntu Security Notice USN-2029-1 November 13, 2013 libcommons-fileupload-java vulnerability ========================================================================== A security issue affects these releases of Ubuntu and...
MojoPortal XSS
Class Stored Cross-Site Scripting Remote Yes Credit Michael Savage of Dionach [email protected] Vulnerable MojoPortal 2.3.9.7 MojoPortal is prone to a stored cross-site scripting vulnerability because it does not escape the titles of forum threads when inserting into the page title element. An...
[SECURITY] CVE-2013-2067 Session fixation with FORM authenticator
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2067 Session fixation with FORM authenticator Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.32 - - Tomcat 6.0.21 to 6.0.36 Description: FORM authentication associates the most recent...
Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header
httpGetHdr | l == strlenhdr + 1 Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.0.3, 2.1.5 Summary: It's possible to crash Varnish via assertion if the single header within the Vary header is longer then 127 bytes. The 'l' cachehttp.c2...
FreeBSD 9.1 ftpd Remote Denial of Service
FreeBSD 9.1 ftpd Remote Denial of Service Maksymilian Arciemowicz http://cxsecurity.org/ http://cxsec.org/ Public Date: 01.02.2013 URL: http://cxsecurity.com/issue/WLB-2013020003 Affected servers: - ftp.uk.freebsd.org, - ftp.ua.freebsd.org, - ftp5.freebsd.org, - ftp5.us.freebsd.org, -...