47153 matches found
Boonex Dolphin v7.0.9 CMS & Mobile App - Multiple Web Vulnerabilities
Title: ====== Boonex Dolphin v7.0.9 CMS - Multiple Web Vulnerabilities Date: ===== 2012-05-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=565 http://www.vulnerability-lab.com/getcontent.php?id=566 ID: Changeset 16256 VL-ID: ===== 565 Common Vulnerability Scoring...
PHP Booking Calendar 10e XSS
Exploit Title: PHP Booking Calendar 10e XSS Date: 12/16/11 Author: G13 Software Link: http://sourceforge.net/projects/bookingcalendar/ Version: 10e Category: webapps php Vulnerability The pageinfomessage varibale in the detailsview.php does not sanitize input. This is a relective XSS attack...
Sql injection in SugarCRM
Vulnerability ID: HTB23051 Reference: https://www.htbridge.ch/advisory/sqlinjectioninsugarcrm.html Product: SugarCRM Vendor: SugarCRM Inc. http://www.sugarcrm.com Vulnerable Version: Community Edition 6.3.0RC1 and probably prior Tested Version: Community Edition 6.3.0RC1 Vendor Notification: 05...
[SECURITY] [DSA 2343-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2343-1 [email protected] http://www.debian.org/security/ Raphael Geissert November 09, 2011 http://www.debian.org/security/faq -...
Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
Jcow CMS 4.x:4.2 = , 5.x:5.2 = | Arbitrary Code Execution 1. OVERVIEW Jcow CMS versions 4.x: 4.2 and lower, 5.x: 5.2 and lower are vulnerable to Arbitrary Code Execution. 2. BACKGROUND Jcow is a flexible Social Networking software written in PHP. It can help you to build a social network for your...
ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication On-Premise Advisories Updated August 11, 2011 Summary: An issue with Adaptive Authentication On-Premise was discovered which in certain circumstances...
[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1
---------------------------------------------------------------------- PT-2011-08 Positive Technologies Security Advisory Multiple vulnerabilities in Dlink DPH 150SE/E/F1 ---------------------------------------------------------------------- --- Vulnerable platform Dlink DPH 150s IP Phone Firmwar...
XSS in Webmin 1.540 + exploit for privilege escalation
Information -------------------- Name : XSS vulnerability in Webmin Software : All versions prior to and including 1.540 are affected. Vendor Hompeage : http://www.webmin.com Vulnerability Type : Cross-Site Scripting Severity : Medium Researcher : Javier Bassi javierbassi at gmail dot com...
Xymon monitor cross-site scripting vulnerabilities
Several cross-site scripting vulnerabilities have been identified in the Xymon systems- and network-monitoring tool available at http://sourceforge.net/projects/xymon/ All versions prior to 4.3.1 released April 3, 2011 are vulnerable. I would like to thank David Ferrest for notifying me of this...
PR10-14 Unauthenticated command execution within Mitel's AWC (Mitel Audio and Web Conferencing)
http://www.procheckup.com/vulnerabilitymanager/vulnerabilities/pr10-14 PR10-14 Unauthenticated command execution within Mitel's AWC Mitel Audio and Web Conferencing Advisory publicly released: Tuesday, 21 December 2010 Vulnerability found: Wednesday, 21 July 2010 Vendor informed: Monday, 26 July...
XSRF (CSRF) in Wolf CMS
Vulnerability ID: HTB22681 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinwolfcms.html Product: Wolf CMS Vendor: Wolf CMS team http://www.wolfcms.org/ Vulnerable Version: 0.6.0b and probably prior versions Vendor Notification: 09 November 2010 Vulnerability Type: CSRF Cross-Site Request...
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Advisory ID: cisco-sa-20100811-ace Revision 1.0 For Public Release 2010 August 11 1600 UTC GMT...
phpvidz Administrative Password Disclosure
Original Advisory:http://blog.sitewat.ch/2010/05/phpvidz-administrative-password.html Affecting: phpvidz 0.9.5 Vulnerability: Administrative Password Disclosure Vendor's Homepage: http://sourceforge.net/projects/phpvidz/ Date: May 15th 2010 Researcher: Michael Brooks phpvidz does not use a SQL...
Hackproofing Oracle Financials 11i & R12
Hi all, Yesterday a friend of mine told me that I "forget" to share with the general public one small detail about a presentation 1 I given at the conference RootedCon 2010 2. In the presentation there is a currently working 0day against Oracle Financials R12. The 0day is too obvious and pretty...
[CORE-2010-0106] Cisco Secure Desktop XSS/JavaScript Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Cisco Secure Desktop XSS/JavaScript Injection 1. Advisory Information Title: Cisco Secure Desktop XSS/JavaScript Injection Advisory Id: CORE-2010-0106 Advisory URL:...
[ISecAuditors Security Advisories] PHP-Calendar <= v1.1 'configfile' Remote and Local File Inclusion vulnerability
============================================= INTERNET SECURITY AUDITORS ALERT 2009-011 - Original release date: October 13th, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - CVE ID: CVE-2009-3702 - Severity: 8.5/10 CVSS Base Score...
Netgear DG632 Router Remote DoS Vulnerability
Product Name: Netgear DG632 Router Vendor: http://www.netgear.com Date: 15 June, 2009 Author: [email protected] [email protected] Original URL: http://www.tomneaves.co.uk/NetgearDG632RemoteDoS.txt Discovered: 18 November, 2006 Disclosed: 15 June, 2009 I. DESCRIPTION The Netgear DG632 router h...
[SECURITY] CVE-2008-5515 RequestDispatcher directory traversal vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2008-5515: Apache Tomcat information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.39 Tomcat 5.5.0 to 5.5.27 Tomcat 6.0.0 to 6.0.18 The unsupported Tomcat 3.x, 4.0.x and...
Formshield Captcha - Older Version vulnerable to replay attacks
Replay attack on CAPTCHA Libraries Summary A CAPTCHA implementation that we tested were found to be vulnerable to replay attacks. The attack is explained in detail for Formshield – A popular DOT NET CAPTCHA implementation. NOTE: We discovered this during a Black Box engagement with one of our...
Secunia Research: Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow
====================================================================== Secunia Research 12/09/2008 - Trend Micro OfficeScan "cgiRecvFile.exe" Buffer Overflow - ====================================================================== Table of Contents Affected...
[SECURITY] [DSA 1514-1] New moin packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1514-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 9, 2008 http://www.debian.org/security/faq -...
Gnats XSS vuln
GNATS XSS vuln Vuln. discovered by : r0t Date: 19 May 2007 vendor:http://www.gnu.org/software/gnats/ affected versions: tested on Gnatsweb v4.00, Gnats v4.1.99 orginal advisory:http://pridels-team.blogspot.com/2007/05/blog-post.html Gnats contains a flaw that allows a remote Cross-Site Scripting...
E-Annu (home.php) Remote SQL Injection Vulnerability
-------------------------------------------------AYYILDIZ.ORG PreSents... Script: E-Annu Script D.: http://www.alic.ch/sources/annu.rar Script Demo: http://www.autocash.ch/annu/ Contact: ilker Kandemir ilkerkandemiratmynet.com info: / Siz Yokken AYYILDIZ Vardi. /...
PHP121 Instant Messenger 2.2 Local File Inclusion Vulnerability
+========================I=R=A=N============================+ PHP121 Version 2.2 =========================I=R=A=N============================= +========================I=R=A=N============================+ Author : Dj7xpl / Dj7xplatYahoodotcom...
witshare 0.9 Local File Include Vulnerabilitiy
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
MapLab MS4W 2.2.1 Remote File Inclusion Vulnerability
Bug Found By ka0x D.O.M TEAM we are: anonyph;arp;ka0x;xarnuz Contact: [email protected] FROM SPAIN --- Script: MapLab Version: 2.2.1 Official Site: http://www.maptools.org Download: http://www.maptools.org/dl/ms4w/maplabms4w-2.2.1.zip -- Bug File: params.php Path: /htdocs/gmapfactory/params.php Bu...
ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability
Title : ASP EDGE = V1.2b user.asp Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://aspedge.cjb.net || http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?txtCodeId=7530&lngWId=4 $$ : Free SQL---------------------------------------------------------...
myPHPNuke Gallery Module (basepath) Remote File Include
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- myPHPNuke Gallery Module basepath Remote File Include =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Found: Cyber-Security.Org...
UltraSite 1.0 (update.asp) Remote SQL Injection Vulnerability
Title : UltraSite 1.0 update.asp Remote SQL Injection Vulnerability Author : ajann Admin Panel= http://target/path//update.asp?id=SQL Example: //update.asp?id=-120union20select200,0,0,username,password,0,0,0,0,0,0,0,0,020from20members20where20id20like207 """"""""""""""""""""" ajann,Turkey ... Im...
PNphpBB2 <= 1.2g (phpbb_root_path) Remote File Include Vulnerability
Yeah, another ZeroDay Smile Vendor: http://www.pnphpbb.com/ Vulnerable File: includes/functionsadmin.php Vulnerable Code: //The phpbbrootpath isn't initialize includeonce $phpbbrootpath . 'includes/functions.' . $phpEx ; Method To Use:...
tseekdir.cgi<--Local File Include
---------------------------------- foud by: BoNy-m Site: http://www.alshmokh.com E-mail: [email protected] ---------------------------------- Search: allinurl:tseekdir.cgi example: /tseekdir.cgi?location=/etc/passwd00 /tseekdir.cgi?id=1055&location=/etc/passwd00...
[Full-disclosure] [thunkers.net] D-Link Fragmented UDP DoS Vulnerability
At the time of discovery the issue affected the latest D-Link firmwares. As D-Link has since released a new firmware, this is no longer the case, so... cheers... --- Aaron Portnoy ------------------------------------------------------------------------------------ D-Link Fragmented UDP Denial of...
WheresJames Webcam Publisher Bof + POC [Haxorcitos]
Haxorcitos advisory ----------------------- Application : WheresJames Webcam Publisher Version : Beta 2.0.0014 Url : www.wheresjames.com Type : Remote / Local Bof Author : Miguel Tarasco Acuna - Tarako AT gmail.com - Tarako AT Haxorcitos.com Exploit/Poc : Attached...
PtHProductions Gastenboek - XSS
------------------------------------------------------------------ - EXPL-A-2003-022 exploitlabs.com Advisory 022 ------------------------------------------------------------------ -= PtHProductions Gastenboek =- Donnie Werner Aug, 29 2003 Vunerabilitys: ---------------- 1. Persistant XSS injecti...
Security Patchs for PHP Products
PHPSecure made some patchs for security holes in PHP products. Here is the list : - ALP - Banner Ad 2.0 : http://www.phpsecure.org/index.php?id=1&zone=pDl More details : http://online.securityfocus.com/search?category=22&query=ALP - Tight Auction 3.0 :...
vixie cron...
Attached shell-script exploits fopen + preserved umask vulnerability in Paul Vixie's cron code. It will work on systems where /var/spool/cron is user-readable eg. 0755 - AFAIR Debian does so. RedHat at least 6.1 and previous have mode 0700 on /var/spool/cron, and thus it isn't exploitable in its...
Security Bulletin (MS00-031)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Microsoft Security Bulletin MS00-031 - -------------------------------------- Patch...
SecurityFocus.com Newsletter 37
Premier sponsor: PentaSafe STOP NOW AND MAKE SURE THAT YOUR SYSTEMS ARE SECURE. Download PentaSafe's 10-Point Security Checkup ReportTM for Windows NT, UNIX, Linux, or IBM AS/400. In minutes, this FREE program will scan your systems, checking for the top ten most critical, yet often overlooked,...
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities
About Encripto AS ================= Encripto is a Norwegian company which provides specialized services within IT-security. Our core expertise is security testing, network security monitoring and training. Encripto is committed to information security. We do research to discover trends, new...
CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4
Title: CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4 Submitter: Nitin Venkatesh Product: Encrypted Contact Form Wordpress Plugin Product URL: https://wordpress.org/plugins/encrypted-contact-form/ Vulnerability Type: Cross-site...
APPLE-SA-2015-04-08-3 iOS 8.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-3 iOS 8.3 iOS 8.3 is now available and addresses the following: AppleKeyStore Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A malicious application may be able to guess the user's...
Microsoft Exchange crossite scripting
Multiple crossite scripting possibilities...
Elasticsearch restrictions bypass
Sandbox restrictions bypass...
[USN-2501-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-2501-1 February 17, 2015 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
APPLE-SA-2015-01-27-2 iOS 8.1.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-2 iOS 8.1.3 iOS 8.1.3 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow acce...
ZTE ZXDSL 831 Multiple Cross Site Scripting
TR-069 Client page: Stored. executes when users go to http://192.168.1.1/tr69cfg.html...
[oss-security] CVE request: Proxmox VE < 3.2 user enumeration vulnerability
Hi list, We recently found a vulnerability affecting Proxmox VE 3.2 that allows an unauthenticated user to perform user enumeration. Vendor was contacted and the vulnerability fixed in Proxmox VE 3.2, released on 2014-03-10. References: Proxmox related commits:...
lighttpd security vulnerabilities
SQL injection, directory traversal...
[SECURITY] CVE-2013-2067 Session fixation with FORM authenticator
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2013-2067 Session fixation with FORM authenticator Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.32 - - Tomcat 6.0.21 to 6.0.36 Description: FORM authentication associates the most recent...
XSS and FPD vulnerabilities in ZeroClipboard in multiple themes for WordPress
Hello 3APA3A! These are Cross-Site Scripting and Full path disclosure vulnerabilities in multiple themes for WordPress with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in ZeroClipboard http://seclists.org/fulldisclosure/2013/Feb/103. I wrote that this is very...