47153 matches found
Calendar Module <= 1.5.7 Remote File Include Vulnerabilities
--------------------------------------------------------------------------------- Calendar Module = 1.5.7 Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact : [email protected] Application : Calendar...
MySQL COM_TABLE_DUMP Information Leakage and Arbitrary command execution.
.oOOo. MySQL COMTABLEDUMP .oOOo. Information Leakage and Arbitrary command execution ============================== - Summary: MySQL Server has an information leakage flaw, if a malicious client sends a specific forged packet. Moreover some particular input can crash the server by overwriting the...
[SA19147] bMail GBK Charsets SQL Injection Vulnerability
TITLE: bMail GBK Charsets SQL Injection Vulnerability SECUNIA ADVISORY ID: SA19147 VERIFY ADVISORY: http://secunia.com/advisories/19147/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: bMail 9.x http://secunia.com/product/8584/ DESCRIPTION: A vulnerability...
XSS vulnerability in guestbook-php-script
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------- SySS-Advisory: XSS-vulnerability in guestbook-php-script - ------------------------------------------------------------------- Problem discovered: February 3d 2006 Vendor contacted:...
JSE XSS vuln.
JSE XSS vuln. Vuln. dicovered by : r0t Date: 2 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/jse-xss-vuln.html Vendor:http://www.me.lv/jse/index.html affected version:0.9.34 Product Description: Java Search Engine is a server-side search engine program for web sites. Search engin...
Annuaire Netref v4.2 [ fwrite php ] vulnerability
Software: annuaire netref version : 4.2 url : http://www.netref.net Risk factor : critical Vendor has been contacted Description: ----------- Netref is a PHP/MySQL-based directory script that supports an unlimited number of categories and links. Many fonctions to manage the links : Fast search...
Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution (890047)
Microsoft Security Bulletin MS05-008 Vulnerability in Windows Shell Could Allow Remote Code Execution 890047 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating:...
[Full-Disclosure] Vulnerability in CCBill script
Recently there are many hacking attempts attacking E-commerce site that use CCBILL to precess credit cards. Some of my clients sites are hacked and defaced by this vulnerability. In the Incidents List, some people already mention about it. I just take a look at the actual problem and figure out...
[EXPL] Exploit Code Released for diagrpt Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits...
another fatal bug in NT/2000 "Command Prompt" I/O
Recent messages on the comp.lang.c and allegedly comp.os.ms-windows.programmer.win32 have documented various short programs which cause Windows NT4 and 2000 to crash and reboot by writing certain strings to stdout. The following is one example of such a program: include stdio.h int mainvoid while...
Vulnerabilities in QVT/Term
-----BEGIN PGP SIGNED MESSAGE----- Vulnerabilities in QVT/Term Overview QVT/Term v5.0 is a suite of Internet tools available from http://www.qpc.com/. Two vulnerabilities exist in the FTP daemon. The first allows a remote user to list the files outside the ftp root. The second allows a remote use...
BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability
-- iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000 Advisory -- BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability Problem discovered: 22/08/2001 -- Overview -- BadBlue http://badblue.com/ is a tiny, free download that lets you share files, search...
Уязвимости Arkeia Backup (weak encryption)
Весь протокол обмена трафиком между клиентом и сервером не зашифрован. Используются стандартные DES-пароли...
Уязвимость ActiveX в Microsoft Outlook (code execution)
ActiveX компонент управляющий всей работой Outlook помечен как безопасный, что позволяет использовать его в Internet-страницах и письмах...
Overflow in Outlook Express 4.* - too long filenames with graphic format extension
==== APPLICATION AFFECTED Outlook Express 4. 5. is not affected ==== DESCRIPTION All attached graphic files are automatically shown in the Outlook Express while viewing the e-mail. The problem is that long filenames with .jpg .bmp extension makes overflow if filename lenght is longer then 256...
Two Problems in IMP 2
Crimelabs, Inc. www.crimelabs.com Security Advisory Crimelabs Security Advisory CLABS200003 Title: IMP/MSWordView /tmp Problems Date: 22 April, 2000 Application: IMP with MSWordView Platform: Any supported by IMP, MSWordView Severity: Moderate -- anyone can view Word document attachments processe...
SalesLogix Eviewer Web App Bug: URL request crashes eviewer web application
Disclaimer: The opinions expressed in this advisory and program are my own and not of any company. The usual standard disclaimer applies, I am not liable for any damages caused by direct or indirect use of the information or functionality provided by this advisory. I bear NO responsibility for...
CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin
Details ================ Software: Font Version: 7.5 Homepage: https://wordpress.org/plugins/font/ CVE: CVE-2015-7683 Pending CVSS: 6.3 Medium; AV:N/AC:M/Au:S/C:C/I:N/A:N CWE: CWE-22 Description ================ An absolute path traversal vulnerability in Font 7.5 allows WordPress admins read...
[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager
Advisory: SQL Injection in TYPO3 Extension Akronymmanager An SQL injection vulnerability in the TYPO3 extension "Akronymmanager" allows authenticated attackers to inject SQL statements and thereby read data from the TYPO3 database. Details ======= Product: sbakronymmanager Affected Versions: =0.5...
Linux kernel security vulnerabilities
DoS, privilege escalations...
Instant v2.0 SQL Injection Vulnerability
========================================================================================== Instant v2.0 SQL Injection Vulnerability ==========================================================================================...
Apple Mac OS X multiple security vulnerabilities
80 different vulnerabilities...
[USN-2511-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2511-1 February 26, 2015 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Microweber 0.95 - SQL Injection Vulnerability
Exploit Title: Microweber 0.95 - SQL Injection Vulnerability Vendor: https://microweber.com/ Download link: https://microweber.com/download https://github.com/microweber/microweber CVE ID: CVE-2014-9464 Vulnerability: SQL Injection Affected version: Version 0.95 before 12/09/2014. Fixed version:...
Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities
Ultra Electronics / AEP Networks - SSL VPN Netilla / Series A / Ultra Protect Vulnerabilities http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabilities Release Date: 02-Oct-2014 Software: Ultra Electronics - Series A...
APPLE-SA-2014-09-17-5 OS X Server 3.2.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-5 OS X Server 3.2.1 OS X Server 3.2.1 is now available and addresses the following: CoreCollaboration Available for: OS X Mavericks v10.9.5 or later Impact: A remote attacker may be able to execute arbitrary SQL queries Description...
Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: Apple Foundation NSXMLParser XML eXternal Entity XXE Flaw Release Date: 2014-09-17 Application: Apple iOS...
apache tomcat cookie handling problem - characters out of 0x80 - 0xff causing internal server error
Title: Client-based DoS for Apache Tomcat on sending cookie with value out of 0x80 - 0xff scope. Author: Elar Lang @elarlang https://www.linkedin.com/in/elarlang Date: 02. January 2014 / 05. September 2014 Vendor: Apache Product: Tomcat Affected versions at least: 7.0.26 7.0.39 7.0.40 Timeline: 1...
[USN-2316-1] Subversion vulnerabilities
========================================================================== Ubuntu Security Notice USN-2316-1 August 14, 2014 subversion vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
APPLE-SA-2014-06-30-3 iOS 7.1.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-06-30-3 iOS 7.1.2 iOS 7.1.2 is now available and addresses the following: Certificate Trust Policy Available for: iPhone 4 and later, iPod touch 5th generation and later, iPad 2 and later Impact: Update to the certificate trust policy...
[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script
Advisory: SQL Injection in webEdition CMS File Browser RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for...
[ MDVSA-2014:087 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:087 http://www.mandriva.com/en/support/security/ Package : php Date : May 15, 2014 Affected: Business Server 1.0 Problem Description: A vulnerability has been discovered and corrected in php: PHP FPM in PHP...
[USN-2206-1] OpenStack Horizon vulnerability
========================================================================== Ubuntu Security Notice USN-2206-1 May 06, 2014 horizon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Multiple Vulnerabilities in SeedDMS < = 4.3.3
Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document Management System. http://www.seeddms.org/index.php?id=2 ============ SeedDMS Unprivileged User Remote Code Execution...
[USN-2059-1] GnuPG vulnerability
========================================================================== Ubuntu Security Notice USN-2059-1 December 18, 2013 gnupg vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities
ESA-2013-077.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities EMC Identifier: ESA-2013-077 CVE Identifier: CVE-2013-3288, CVE-2009-3555 Severity Rating: See below for individual scores and refer to vendor advisories for...
[ MDVSA-2013:246 ] openjpa
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:246 http://www.mandriva.com/en/support/security/ Package : openjpa Date : October 7, 2013 Affected: Business Server 1.0 Problem Description: Updated openjpa packages fix security vulnerability: The...
APPLE-SA-2013-09-26-1 iOS 7.0.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-09-26-1 iOS 7.0.2 iOS 7.0.2 is now available and addresses the following: Passcode Lock Available for: iPhone 4 and later Impact: A person with physical access to the device may be able to make calls to any number Description: A NULL...
[PSA-2013-0903-1] Apple Safari Heap Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0903-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Apple...
CVE-2013-4124 samba nttrans dos private exploit
Hi Forks! It's my samba private exploit and article of it. the security bug occurs while nttrans reply in samba daemon source code tree. the remote dos exploit that i copied from another nttrans exploit in 2003. and can't test it yet, check it out! CVE-2013-4124 samba dos private exploit: -...
[security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03747342 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03747342 Version: 2 HPSBMU02870...
[USN-1878-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1878-1 June 14, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities
Title ----- DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities Severity -------- High Date Discovered --------------- March 19, 2013 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Dennis Lavrinenko, Bobby Lockett, and r@b13$ 1. Actuate...
Multiple buffer overflows on Huawei SNMPv3 service
Multiple buffer overflows on Huawei SNMPv3 service ================================================== ADVISORY INFORMATION Title: Multiple buffer overflows on Huawei SNMPv3 service Discovery date: 11/02/2013 Release date: 06/05/2013 Credits: Roberto Paleari [email protected], @rpaleari...
SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption
SEC Consult Vulnerability Lab Security Advisory 20130417-1 ======================================================================= title: Java ActiveX Control Memory Corruption product: JavaTM Web Start Launcher vulnerable version: Sun Java Version 7 Update 17 and before Sun Java Version 6 Update...
[slackware-security] curl (SSA:2013-038-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security curl SSA:2013-038-01 New curl packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...
Aastra IP Telephone encrypted .tuz configuration file leakage
Aastra IP telephone encrypted .tuz configuration file leakage ------------------------------------------------------------- Affected products ================= Aastra 6753i IP Telephone Firmware Version 3.2.2.56 Firmware Release Code SIP Boot Version 2.5.2.1010 Background ========== "The 6753i fr...
NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection
======= Summary ======= Name: SysAid Helpdesk Pro - Blind SQL Injection Release Date: 30 November 2012 Reference: NGS00241 Discoverer: Daniel Compton [email protected] Vendor: SysAid Vendor Reference: Systems Affected: SysAid Helpdesk 8.5 Pro Risk: High Status: Published ========...
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
Over 90 vulnerabilities in different applications are fixed by quarterly update...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...