47153 matches found
eXtreme Styles mod <= 2.2.1 Multiple Vulnerabilities
Site: http://www.phpbbstyles.com/ 1. Remote File Content Disclosure http://forum/admin/xsedit.php?edit=../../../../etc/passwd 2. Full Path Disclosure http://forum/admin/xsedit.php?edit=&viewbackup=1 http://wtf.bz/...
Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727)
Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer 896727 Issued: August 9, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...
FunkBoard V0.66CF (possibly prior versions) cross site scripting, possible database username/password disclosure & board takeover,possible remote code execution
FunkBoard V0.66CF possibly prior versions cross site scripting, possible database username/password disclosure & board takeover, possible remote code execution software: author site: http://www.pathtofunkboard.co.uk/ xss:...
[VulnWatch] CORE-2004-0819: MSN Messenger PNG Image Parsing Vulnerability
Core Security Technologies Advisory http://www.coresecurity.com MSN Messenger PNG Image Parsing Vulnerability Date Published: 2005-02-08 Last Update: 2005-02-08 Advisory ID: CORE-2004-0819 Bugtraq ID: None currently assigned. CVE Name: CAN-2004-0597 Title: MSN Messenger PNG Image Parsing...
Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net
Здравствуйте, 3APA3A. нашел новую узвимость. Просмотр файлов в Search Engine & Directory Powered by Turbo Seek от FocalMedia.Net Software / Application - Search Engine & Directory Powered by Turbo Seek Problem-Type - удаленная Vulnerability - возможность чтения файлов. Vendor - FocalMedia.Net...
Web Wiz Forums ver. 7.01
Informations : °°°°°°°°°°°° Language : ASP Bugged Version : Web Wiz Forums ver. 7.01 and less ? Website : http://www.webwizforums.com Problems : Permanent XSS Objects : °°°°°°° - registernewuser.asp - register.asp The values variable are not filtered: strLocation = Request.Form"location" strMessa...
DCP Portal - 5.5 holes
Never use this product if you have turned off magicquotesgpc. And this product won't work anyway if you have turned off registerglobals. All the files in the product, dont check for integrity of variables. You can easily exploit this using some SQL Injection techniques. For example, if you want t...
Microsoft Security Bulletin MS03-017: Flaw in Windows Media Player Skins Downloading could allow Code Execution (817787)
-----BEGIN PGP SIGNED MESSAGE----- - -------------------------------------------------------------------- Title: Flaw in Windows Media Player Skins Downloading could allow Code Execution 817787 Date: 07 May 2003 Software: Microsoft Windows Media Player 7.1 Microsoft Windows Media Player for Windo...
Microsoft Security Bulletin MS02-065: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution (Q329414)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Buffer Overrun in Microsoft Data Access Components Could Lead to Code Execution Q329414 Date: 20 November, 2002 Software: Microsoft Data Access Components MDAC 2.1 Microsoft Data...
[Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis
Mantis Advisory/2002-04 Arbitrary code execution vulnerability in Mantis 0. Table of Contents 1. Introduction 2. Summary / Impact analysis 3. Affected versions 4. Workaround / Solution 5. Detailed explanation 6. Credit 7. Contact details 1. Introduction Mantis is an Open Source web-based...
Security Advisory: Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 5000 Series Concentrator RADIUS PAP Authentication Vulnerability Revision 1.0 For Public Release 2002 August 07 UTC 1500 Contents Summary Affected Products Details Impact Software Versions and Fixes Obtaining Fixed...
Security Bulletin MS02-001
Title: Trusting Domains Do Not Verify Domain Membership of SIDs in Authorization Data Date: 30 January 2002 Software: Windows NT 4.0, Windows 2000 Impact: Privilege Elevation Max Risk: Moderate Bulletin: MS02-001 Microsoft encourages customers to review the Security Bulletin at:...
[ WWWThreads, UBBThreads ] Security Hole in upload system
WWWThreads, UBBThreads Security Hole in upload system Author: RootExtractor, CompuMe [email protected], [email protected] I. Details II. Vulnerable ver's III. Example, Xploit IV. Solution Details : ..: config.inc.php :.. ------------------------- snip ------------------------------ //...
NSFOCUS SA2001-02 : Microsoft IIS CGI Filename Decode Error Vulnerability
NSFBUGTRAQOCUS Security AdvisorySA2001-02 Topic: Microsoft IIS CGI Filename Decode Error Vulnerability Release DateЈє 2001-5-15 CVE Candidate Numbers: CAN-2001-0333 BUGTRAQ ID : 2708 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Not affected system: ===================...
Vulnerabilty in TYPsoft FTP server
Vulnerabilty in TYPsoft FTP server v0.95 Overview: TYPsoft FTP Server is a freeware ftp server available from http://typsoft.n3.net . Affected systems: FTP server v0.95 - 0.93 and probably prior versions for Windows 95/98/NT/2000/ME Description: An attacker with anonymous access to the ftp server...
[SX-20010320-2b] - Followup re. Microsoft ISA Server Denial of Service
FSC Internet Corp. / SecureXpert Labs Advisory SX-20010320-2b This is a follow-up to: SX-20010320-2 Denial of Service in Microsoft ISA server v1.0 Several individuals have pointed out an easier exploit scenario for this vulnerability, which additionally does NOT require the Web Publishing feature...
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
CORE SDI http://www.core-sdi.com SSH1 CRC-32 compensation attack detector vulnerability Date Published: 2001-02-08 Advisory ID: CORE-20010207 Bugtraq ID: 2347 CVE CAN: CAN-2001-0144 Title: SSH1 CRC-32 compensation attack detector vulnerability Class: Boundary Error Condition Remotely Exploitable:...
Win2k Telnet.exe malicious server vulnerability
Microsoft was informed of this problem with exploit over a month ago. I received some token responses right after emailing them, but have heard nothing since. If they have released an advisory of their own yet, I have not seen it. I informed them up-front that I would release a full-disclosure...
Security Bulletin (MS00-040)
Patch Available for "Remote Registry Access Authentication" Vulnerability Originally posted: June 08, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Windows NT 4.0. Under certain conditions, the vulnerability could be used to cause a...
Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin
Vulnerability title: Multiple Path/Directory Traversal and/or Local File Inclusion in Easy2Map version 1.2.9 WordPress plugin CVE: CVE-2015-7669 Vendor: Steven Ellis Product: Easy2Map Affected version: 1.2.9 Fixed version: 1.3.0 Reported by: Iberia Medeiros Vulnerability Details:...
Openfire 3.10.2 CSRF Vulnerabilities
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt Vendor: ================================ www.igniterealtime.org/projects/openfire www.igniterealtime.org/downloads/index.jsp Product: ================================...
[SECURITY] [DSA 3369-1] zendframework security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3369-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini October 06, 2015 https://www.debian.org/security/faq -...
Correction: BMC-2015-0006: File inclusion vulnerability caused by misconfiguration of "BIRT Engine" servlet as used in BMC Remedy AR Reporting
Enigmail: ????? ????? ????????? ?? ???? ??????????? ??? ????????? Errata: This is a correction of our previous disclosure email from September 23rd, 2015. Our previous posting implied that the security vulnerability we discovered was in the "BIRT Engine" servlet itself. This is NOT the case, but...
[USN-2772-1] PostgreSQL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2772-1 October 16, 2015 postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities ========================================================================== A security issue affects these...
[USN-2720-1] Django vulnerability
========================================================================== Ubuntu Security Notice USN-2720-1 August 18, 2015 python-django vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
[SECURITY] [DSA 3313-1] linux security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3313-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2015 https://www.debian.org/security/faq -...
[USN-2668-1] HAProxy vulnerability
========================================================================== Ubuntu Security Notice USN-2668-1 July 07, 2015 haproxy vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
[SECURITY] [DSA 3278-1] libapache-mod-jk security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3278-1 [email protected] http://www.debian.org/security/ Markus Koschany June 03, 2015 http://www.debian.org/security/faq -...
Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1
Affected software: GoAhead Web Server Affected versions: 3.0.0 - 3.4.1 3.x.x series before 3.4.2 CVE ID: CVE-2014-9707 Description: The server incorrectly normalizes HTTP request URIs that contain path segments that start with a "." but are not entirely equal to "." or ".." eg. ".x". By sending a...
Pligg CMS 2.0.2 - Stored XSS
Hi Team, Affected Vendor: http://pligg.com/ Date: 23/04/2015 Discovered by: Joel Vadodil Varghese Type of vulnerability: Persistent XSS Tested on: Windows 8.1 Product: Pligg CMS Version: 2.0.2 Tested Link: http://localhost/pligg/admin/adminpage.php Description: Pligg CMS is a content management...
[SECURITY] [DSA 3249-1] jqueryui security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3249-1 [email protected] http://www.debian.org/security/ Sebastien Delafond May 03, 2015 http://www.debian.org/security/faq -...
[USN-2539-1] Django vulnerabilities
========================================================================== Ubuntu Security Notice USN-2539-1 March 23, 2015 python-django vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivative...
Grindr 2.1.1 iOS Bug Bounty #2 - Denial of Service Software Vulnerability
Document Title: =============== Grindr 2.1.1 iOS Bug Bounty 2 - Denial of Service Software Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1418 Release Date: ============= 2015-05-02 Vulnerability Laboratory ID VL-ID:...
GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server
GDS LABS ALERT: CVE-2015-2080 JetLeak Vulnerability Remote Leakage Of Shared Buffers In Jetty Web Server SYNOPSIS ======== Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data...
[USN-2476-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2476-1 January 26, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...
REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability
================================================================================ REWTERZ-20140102 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Enumeration Vulnerability Product: ServiceDesk...
[RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0
Advisory: Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 RedTeam Pentesting discovered a cross-site scripting XSS vulnerability in the Tapatalk plugin for the WoltLab Burning Board forum software, which allows attackers to inject arbitrary JavaScript code via URL parameters...
SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower
SEC Consult Vulnerability Lab Security Advisory 20150113-1 ======================================================================= title: Privilege Escalation & XSS & Missing Authentication product: Ansible Tower vulnerable version: =2.0.2 fixed version: =2.0.5 impact: high homepage:...
Alienvault OSSIM/USM Command Execution Vulnerability
Details ======= Product: Alienvault OSSIM/USM Vulnerability: Command Execution Author: Peter Lapp, [email protected] CVE: None assigned Vulnerable Versions: =4.14.X Fixed Version: 4.15.0 Summary ======= Alienvault OSSIM is an open source SIEM solution designed to collect and correlate log data. T...
PHP security vulnerabilities
Use-after-free in unserialize...
[SECURITY] [DSA 3100-1] mediawiki security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3100-1 [email protected] http://www.debian.org/security/ Sebastien Delafond December 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3093-1] linux security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3093-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 08, 2014 http://www.debian.org/security/faq -...
CVE-2014-4331 OctavoCMS reflected XSS vulnerability
This proprietary content management software is vulnerable to reflected XSS on the file admin/viewer.php, src parameter. Current release on their demo site is vulnerable, same as other few sites I could find. PoC:...
[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2014-033: SAP Business Warehouse Missing Authorization Check 1. Impact on Business ===================== By exploiting this vulnerability an authenticated attacker will be able to abuse of functionality that should be...
Reflected Cross-Site Scripting (XSS) in BlackCat CMS
Advisory ID: HTB23228 Product: BlackCat CMS Vendor: Black Cat Development Vulnerable Versions: 1.0.3 and probably prior Tested Version: 1.0.3 Advisory Publication: August 13, 2014 without technical details Vendor Notification: August 13, 2014 Vendor Patch: August 13, 2014 Public Disclosure:...
Barracuda Networks Firewall / Web Firewall / Spam&Virus Firewall security vulnerabilities
XSS, restrictions bypass...
CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-3524 OpenOffice Calc Command Injection Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache OpenOffice 4.1.0 and older on Windows. OpenOffice.org versions may also be affected. Description: The...
CVE-2014-4980 Parameter Tampering in Nessus Web UI - Remote Information Disclosure
Product: Nessus Vendor: Tenable Network Security? Version: Nessus 5.2.3-5.2.7 - Web UI 2.3.4 potentially lower Vendor Notified Date: June 24, 2014 Vendor Resolved Date: June 25, 2014 Release Date: July 18, 2014 Risk: Medium Authentication: Not Required Remote: Yes Description: A parameter tamperi...
[oss-security] CVE-2014-1739: Kernel Infoleak vulnerability in,media_enum_entities()
Hi, We found an infoleak vulnerability in the ioctl mediaenumentities that allows to disclose 200 bytes the kernel process' stack. The vulnerability is exploitable on versions up to linux-3.15-rc3 by local users with read access to /dev/media0. Linux distributions ship with chmod 600 /dev/media0...
CS and XSS vulnerabilities in DZS Video Gallery for WordPress
Hello 3APA3A! There are Content Spoofing and Cross-Site Scripting vulnerabilities in plugin DZS Video Gallery for WordPress. After I announced multiple vulnerabilities in DZS Video Gallery at 08.05.2014 and informed developers, they ignored it, so the second advisory is going directly to full...