47153 matches found
Tikiwiki 1.9.7 HTML/embed object injection
Tikiwiki Version: 1.9.7 Example Address http://example.com/tiki-remindpassword.php Overview: The following codes can be added to the HTML password page by placing the HTML codes in the user name input box and hitting the "send me my password" button. Examples: 1.brbrbuXSS/u/b 2.EMBED...
AsteriDex (Asterisk / Trixbox) remote code execution
Hoku Security Vulnerability Advisory Title: AsteriDex remote command execution Vendor URL: http://bestof.nerdvittles.com/applications/asteridex/ Type: Command injection / remote code execution Vulnerable versions: = 3.0 Risk factor: High Popularity: Low Author: Carl Livitt Contact: [email protected]...
c-arbre <= Multiple Remote File Include Vulnerablitiy
c-arbre = Multiple Remote File Include Vulnerablitiy D.Script: http://fresh.t-systems-sfr.com/unix/src/www/c-arbre0.6PR7full.tar.gz Discovered by: MoHaNdKo-=-=- [email protected] Homepage: http://www.MoHaNdKo.cOm Exploit:Path/c-arbre/espaces/communiques/annotations.php?rootpath=Shell Greetz To:...
Microsoft Security Bulletin MS07-021 Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)
Microsoft Security Bulletin MS07-021 Vulnerabilities in CSRSS Could Allow Remote Code Execution 930178 Published: April 10, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...
SEC Consult SA-20070314-0 :: Apache HTTP Server / Tomcat directory traversal
SEC Consult Security Advisory 20070314-0 ======================================================================= title: Apache HTTP Server / Tomcat directory traversal program: Apache HTTP Server / Apache Tomcat vulnerable version: Apache Tomcat 5.x: 5.5.22 Apache Tomcat 6.x: 6.0.10 CVE:...
FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability
FreeForum 0.9.0 =- index.php fpath Remote File Include Vulnerability Script: FreeForum Version: 0.9.0 URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&scriptid=616 Found By : BorN To K!LL Bug in : index.php code : include"$fpath/forum.php"; Explo!T :. ^^^^^ /index.php?fpath=SHe1L-CoD...
Ezboxx multiple vulnerabilities.
Ezboxx multiple vulnerabilities. Vulnerable version: Ezboxx Portal System Beta v 0.7.6 and below. The Ezboxx Portal System Beta v 0.7.6 and below versions are vulnerable to Cross-site scripting, Path disclosure and SQL Injection attacks. Cross-site scripting: ---------------------- Description:...
[SA22092] Opial Audio/Video Download Management Cross-Site Scripting
TITLE: Opial Audio/Video Download Management Cross-Site Scripting SECUNIA ADVISORY ID: SA22092 VERIFY ADVISORY: http://secunia.com/advisories/22092/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Opial Audio/Video Download Management 1.x...
Microsoft Security Bulletin MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege (914798)
Microsoft Security Bulletin MS06-011 Permissive Windows Services DACLs Could Allow Elevation of Privilege 914798 Published: March 14, 2006 | Updated: March 17, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Elevation of...
RNN's Guestbook 1.2 Multiple Vulnerabilities
RNN's Guestbook 1.2 Multiple Vulnerabilies Discovered by Chris Rahm aka: BrainRawt brainrawt at haxworx.com Vulnerabilities: Remote Command Execution Administrative Access Information Disclosure Reading of Files Arbitrary HTML Insertion/Script Injection Plain Text Administrative Password Remote:...
WAnewsletter (PHP)
Informations : °°°°°°°°°°°°°° Website : http://www.phpcodeur.net Versions : 2.0beta - 2.1.0 Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° newsletter.php 2.1beta - 2.1.0 : ---------------------------------------------------- if !empty$HTTPPOSTVARS'action' $action =...
Buffer overflow in awhttpd (Re: Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS))
Hello 3APA3A, OK, format string issue exists only in proposed patch... What about this issue: There are at least 2 buffer overflows with heap corruption, tpbuf can be up to 210 characters while getreqsi is malloc100. Of cause, target file should exist... tpbuf is base dir concatenated with 100...
INDEXU Authentication By-Pass
UNDERSEC SECURITY ADVISORY 4th March 20001 ======================================================================= PROGRAM: INDEXU VERSIONS: All versions prior to 2.0Beta 2.0Beta included OS: All REMOTE: YES LOCAL: YES CLASS: Authentication bypass POSTED BY: Sp4rK [email protected] BACKGROUND...
Security Bulletin (MS00-042)
The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. -----BEGIN PGP SIGNED MESSAGE----- Patch Available for "Active Setup Download" Vulnerability Originally Posted: June 29,...
Denial of Service in Xitami webserver all versions up to v2.5b1 for Windows.
Anyone can remotely crash Xitami webserver by sending simple GET command. On remote side will be: Assertion Failed! Module: D:ImatixDevelopSmtSmthttpl.c , line 745 All you need to do is just telnet to remote computer and execute GETspaceenterenter command. Also Xitami will crash if you'll execute...
CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution
Note: the current version of this advisory can be found at https://confluence.atlassian.com/x/Hw7RLg . CVE ID: CVE-2015-6576 Product: Bamboo. Affected Bamboo product versions: 2.2 = version 5.8.5 5.9.0 = version 5.9.7 Summary: This advisory discloses a critical severity security vulnerability tha...
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities
Advisory Information Title: FortiClient Antivirus Multiple Vulnerabilities Advisory ID: CORE-2015-0013 Advisory URL: http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities Date published: 2015-09-01 Date of last update: 2015-09-01 Vendors contacted: Fortinet...
Apple QuickTime multiple security vulnerabilities
Multiple memory corruptions on different formats handling...
APPLE-SA-2015-06-30-1 iOS 8.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2015-06-30-1 iOS 8.4 iOS 8.4 is now available and addresses the following: Application Store Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A malicious universal provisioning profile app ma...
[SECURITY] [DSA 3242-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3242-1 [email protected] http://www.debian.org/security/ Michael Gilbert April 30, 2015 http://www.debian.org/security/faq -...
Microsoft Office and Sharepoint multiple security vulnerabilities
Code execution, privilege escalation...
Data Source: Scopus CMS - SQL Injection Web Vulnerability
Document Title: =============== Data Source: Scopus CMS - SQL Injection Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1436 Release Date: ============= 2015-02-25 Vulnerability Laboratory ID VL-ID: ====================================...
[SECURITY] [DSA 3108-1] ntp security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3108-1 [email protected] http://www.debian.org/security/ Florian Weimer December 20, 2014 http://www.debian.org/security/faq -...
[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Matta Consulting - Matta Advisory https://www.trustmatta.com MobileIron Multiple Products Authentication Bypass Vulnerability Advisory ID: MATTA-2013-004 CVE reference: CVE-2014-1409, CVE-2013-7286 Affected platforms: VSP and Sentry Version: VSP 5.9...
ASUS router drive-by code execution via XSS and authentication bypass
ASUS router drive-by code execution via XSS and authentication bypass ===================================================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/asus-router-auth-bypass.txt Overview -------- Various ASUS routers contai...
APPLE-SA-2014-02-21-3 Apple TV 6.0.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-21-3 Apple TV 6.0.2 Apple TV 6.0.2 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: An attacker with a privileged network position may capture or modify data in sessions...
Cross-Site Scripting (XSS) in Komento Joomla Extension
Advisory ID: HTB23194 Product: Komento Joomla Extension Vendor: Stack Ideas Sdn Bhd. Vulnerable Versions: 1.7.2 and probably prior Tested Version: 1.7.2 Advisory Publication: January 2, 2014 without technical details Vendor Notification: January 2, 2014 Vendor Patch: January 2, 2014 Public...
wordpress jigoshop Plugin path disclosure vulnerabilities
the following directories is vulnerable to path disclosure vulnerability in wordpress jigoshop Plugin 1.8 @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@ @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@@ @@ @@@ @@@ @@@ @@@ @@@@@@@@@@@ @@@ @ @@@@@@@@@@ @@...
[SECURITY] [DSA 2573-1] radsecproxy security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2573-1 [email protected] http://www.debian.org/security/ Luciano Bello November 10, 2012 http://www.debian.org/security/faq -...
APPLE-SA-2012-09-24-1 Apple TV 5.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-24-1 Apple TV 5.1 Apple TV 5.1 is now available and addresses the following: Apple TV Available for: Apple TV 2nd generation and later Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination ...
VUPEN - Mozilla Firefox "nsHTMLEditRules" Remote Use-after-free (CVE-2012-3958 / MFSA 2012-58)
VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Remote Use-after-free CVE-2012-3958 / MFSA 2012-58 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Mozilla Firefox is a free and open source web browser and...
Microsoft libraries security vulnerabilities
MSCOMCTL.OCX ActiveX code execution...
[SECURITY] [DSA 2536-1] otrs2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2536-1 [email protected] http://www.debian.org/security/ Florian Weimer August 30, 2012 http://www.debian.org/security/faq -...
Chamilo 1.8.8.4 Multiple Vulnerabilities
Chamilo 1.8.8.4 Multiple Vulnerabilities ======================== CVE: CVE-2012-4029 Issue: Reflected XSS PHPSELF in third-party app, Stored XSS PHPSELF XSS http://chamilo-1.8.8.4/main/inc/lib/phpdocx/pdf/www/examples.php/'"img src=404 onerror=alert1 Stored XSS unfiltered input categoryname...
Behsamanco CMS Editor Vulnerability
Exploit Title : Behsamanco CMS Editor Vulnerability Author : Iranian Security & Research Team Discovered By : R3dMind Home : sec-lab.ir Contact : research at sec-lab dot ir Software Link : www.behsamanco.com Security Risk : high Dork : inurl:".ir/Controls/TextEditor/"...
Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability Advisory ID: cisco-sa-20111102-srp500 Revision 1.0 For Public Release 2011 November 2 16:00 UTC GMT...
TeamSHATTER Security Advisory: Database Vault Account Management Vulnerabilites
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory October 20, 2011 Risk Level: Medium Affected versions: Oracle Database Server version 10gR2, 11gR1 and 11gR2 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of...
Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar Advisory ID: cisco-sa-20110601-cnr Revision 1.0 For Public Release 2011 June 01 1600 UTC GMT +---------------------------------------------------------------------...
Tembria Server Monitor Multiple Cross-site Scripting (XSS) Vulnerabilities
Tembria Server Monitor Multiple Cross-site Scripting XSS Vulnerabilities Solutionary ID: SERT-VDN-1003 Solutionary Disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Monitor-XSS.html CVE ID: Pending Product: Tembria Server Monitor Application Vendor: Tembria...
[SECURITY] CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2010-3718 Apache Tomcat Local bypass of security manger file permissions Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.3 - - Tomcat 6.0.0 to 6.0.? - - Tomcat 5.5.0 to 5.5.? - - Earlier, unsupported...
PRTG V8.1.2.1809 XSS Bugs in login.htm and error.htm
XSS Reflected Bugs in login.htm and error.htm ================================================================ PRTG V8.1.2.1809 All OS Versions: http://www.paessler.com/ I have discovered two XSS bugs within PRTG version 8.1.2.1809. These bugs are in the login.htm and error.htm documents. These...
Asan Portal (IdehPardaz) Multiple Vulnerabilities
Securitylab.ir Application Info: Name: Asan Portal Vendor: http://iptech.ir/default.aspx?id=130 Vulnerability: Denial of Service: http://site.ir/Modules/Administrative/ShowPhotos/ShowImages.aspx?id=922&FieldName=ContentImage1&w=1000&h=1000 With setting of large values of width and height it's...
Stored XSS (Cross Site Scripting) vulnerability in Diferior
Vulnerability ID: HTB22721 Reference: http://www.htbridge.ch/advisory/storedxsscrosssitescriptingvulnerabilityindiferior.html Product: Diferior Vendor: Povilas Musteikis http://www.diferior.com/ Vulnerable Version: 8.03 and probably prior versions Vendor Notification: Vulnerability Type: Stored X...
[Onapsis Security Advisory 2010-009] Oracle Virtual Server Agent Remote Command Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-0009 : Oracle Virtual Server Agent Remote Command Execution This advisory can be downloaded in PDF format from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you will...
Directory Traversal Vulnerability in TurboFTP Server
Vulnerability ID: HTB22514 Reference: http://www.htbridge.ch/advisory/directorytraversalvulnerabilityinturboftpserver.html Product: TurboFTP Server Vendor: TurboSoft, Inc http://turboftp.com/ Vulnerable Version: 1.20 Build 745 and Probably Prior Versions Vendor Notification: 19 July 2010...
SQL injection vulnerability in ImpressPages CMS
Vulnerability ID: HTB22385 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinimpresspagescms1.html Product: ImpressPages CMS Vendor: Apro Media Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 12 May 2010 Vulnerability Type: SQL Injection Status: Fixe...
Scientific Atlanta DPC2100 WebSTAR Cable Modem vulnerabilities
=============================================================== Scientific Atlanta DPC2100 Cable Modem Cross-Site Request Forgery and Insufficient Authentication May 24, 2010 CVE-2010-2025, CVE-2010-2026 =============================================================== ==Description== Scientific...
VUPEN Security Research - Adobe Shockwave IML32 Multiple Code Execution Vulnerabilities (CVE-2010-0129)
VUPEN Security Research - Adobe Shockwave IML32 Multiple Code Execution Vulnerabilities CVE-2010-0129 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player. These people now have access to so...
AlienTechnology ALR-9900 default root password and backdoor
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tested: www.alientechnology.com/readers/alr9900.php Background: Alien Technology is a major rfid-reader designer and manufacturer. Alien's products are sold to many corporations and the military. Alien's readers can be interfaced with in several ways...
[SECURITY] [DSA-2018-1] New php5 packages fix null pointer dereference
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2018-1 [email protected] http://www.debian.org/security/ Raphael Geissert March 18, 2010 http://www.debian.org/security/faq -...