47153 matches found
Microsoft Office buffer overflow
Buffer overflow on .wps files parsing...
'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670)
'PHP Grade Book' Unauthenticated SQL Database Export CVE-2012-1670 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in admin/index.php that allows for an unauthenticated user to export the entire application database by...
Sony Bravia Remote Denial of Service - CVE-2012-2210
Exploit Title: Sony Bravia Remote Denial of Service Date: 04/04/2012 Author: Gabriel Menezes Nunes Version: Sony Bravia TV Tested on: Sony Bravia TV KDL-32CX525 CVE: CVE-2012-2210 Playing with my TV, I found a bug that can crash the device. Running a hping command against a Sony Bravia TV...
Sony Bravia TV sets DoS
Flood attack with malcrafted packets causes device to hang...
Sourcefire Defense Center multiple security vulnerabilities
Crossite scripting, unauthorized access...
Prado TJavaScript::encode() script injection vulnerability
Prado TJavaScript::encode script injection vulnerability Vulnerability severity : medium Vulnerability type : cross-site script injection attack cookie theft session hijacking stealing of sensitive information Remotely exploitable : yes Vulnerability discovery date : 2012/03/07 Vulnerability...
[SECURITY] [DSA 2444-1] tryton-server security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2444-1 [email protected] http://www.debian.org/security/ Florian Weimer March 29, 2012 http://www.debian.org/security/faq -...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Title: ====== DirectAdmin v1.403 - Cross Site Scripting Vulnerability Date: ===== 2012-04-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=486 VL-ID: ===== 486 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
php(5.3.10-5.4.0)_XSS_vulns.txt
============================================================================================= Vulnerable Software: PHP 5.3.10/5.4.0 php-5.3.10-Win32-VC9-x86.zip MD5 SUM: af452dfa681ae03ff42eea6d1c7348cd php-5.4.0-Win32-VC9-x86.zip MD5 SUM: b1b0abe883f84eb6d76793aabf1aa612 Downloaded...
struts2 xsltResult Local code execution vulnerability
the file: http://svn.apache.org/repos/asf/struts/struts2/trunk/core/src/main/java/org/apache/struts2/views/xslt/XSLTResult.java String pathFromRequest = ServletActionContext.getRequest.getParameter"xslt.location"; path = pathFromRequest; URL resource =...
'e-ticketing' SQL Injection (CVE-2012-1673)
'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TESTED VERSION...
Arbor Networks Peakflow SP crossite scripting
Crossite scripting in administration interface...
Quest Toad for Oracle ActiveX unauthorized access
It's possible to access files via unsafe methods...
PHP crossite scripting
XSS on error message if displayerrors enabled...
VMSA-2012-0006 VMware ESXi and ESX address several security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0006 Synopsis: VMware ESXi and ESX address several security issues Issue date: 2012-03-29 Updated on: 2012-03-29 initial advisory C...
VMWare privilege escalation
It's possible to manipulate emulated ROM via backdoor interface...
vBulletin 4.1.10 Sql Injection Vulnerabilitiy
a bug in vBulletin 4.1.10 that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir Software Link : http://vbulletin.com Security Risk : High Version : All Version Test...
[SE-2012-01] Security vulnerabilities in Java SE
Dear Bugtraq, Security Explorations, a security and vulnerability research company from Poland, discovered multiple security issues in the latest version of Java Platform Standard Edition Java SE 1 software coming from Oracle Corporation 2. Discovered security issues violate many "Secure Coding...
SQL injection in Wordpress plugin Buddypress
Hi, I would like disclosure SQL injection vulnerability if Buddypress plugin affecting last versions. This issue was reported to developers and resolved in 1.5.5 version. So, I suggest all having this plugin in their blogs update to last version, if you haven't done it yet. Example of POST messag...
[CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter
Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Wicket 1.4.x Apache Wicket 1.3.x and 1.5.x are not affected Description: A Cross Site Scripting XSS attack is possible by manipulating the value of 'wicket:pageMapName' request parameter. Mitigation: Upgrade to...
Multiple vulnerabilities in Open Journal Systems (OJS)
Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...
Matthew1471s ASP BlogX - XSS Vulnerabilities
Title: Matthew1471s ASP BlogX - XSS Vulnerabilities Software : Matthew1471s ASP BlogX Software Version : 12 August 2008 Vendor: http://blogx.co.uk/ Vulnerability Published : 2012-03-26 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0, AV:N/AC:L/Au:N/C:P/I:N/A:N Bug Description...
Minify and related plugins DOM-Based XSS Vulnerability
+-------------------------------------------------------------------------------------------+ Title : Minify and related plugins DOM-Based XSS Vulnerability Version : 2.1.3 & 2.1.4-Beta Credit : Ayoub Aboukir, Independent Security Researcher Contact : ay.aboukir at gmail d0t com Software Link :...
'Hotel Booking Portal' SQL Injection (CVE-2012-1672)
'Hotel Booking Portal' SQL Injection CVE-2012-1672 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in getcity.php that allows for SQL injection of the 'country' POST parameter. II. TESTED VERSION...
'phpMoneyBooks' Local File Inclusion (CVE-2012-1669)
'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...
Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player Advisory ID: cisco-sa-20120404-webex Revision 1.0 For Public Release 2012 April 4 16:00 UTC GMT +--------------------------------------------------------------------...
[security bulletin] HPSBMU02749 SSRT100793 rev.1 - HP Business Availability Center (BAC) Running on Windows, Remote Cross Site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03242623 Version: 1 HPSBMU02749 SSRT100793 rev.1 - HP Business Availability Center BAC Running on Windows, Remote Cross Site Scripting XSS NOTICE: The information in this Security Bulletin should...
ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities
Title: ====== ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 437 Introduction: ============= ManageEngine® Firewall Analyzer is a web based tool for change management,...
Arbor Networks Peakflow SP web interface XSS
Exploit Title: Arbor Networks Peakflow SP XSS Date: 03 April 2012 Software Link: www.arbornetworks.com/peakflowsp ================================================================ - Login Page vulnerable to cross site scripting "XSS" https://127.0.0.2/index/"onmouseover="alert666;...
[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability
Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Wicket 1.4.x and 1.5.x Description: It is possible to view the content of any file of a web application by using an Url to a Wicket resource which resolves to a 'null' package. With such a Url the attacker can...
Brute Force и XSS уязвимость в Wordpress
Здравствуйте 3APA3A! Сообщаю вам об ещё одной уязвимости в WordPress, о которой мне известно уже давно - это Brute Force через XML-RPC функционал в WordPress. Brute Force WASC-11: http://site/xmlrpc.php В данном функционале нет защиты от Brute Force атак. При отправке соответствующих POST-запросо...
[DCA-2011-0016] - Tufin SecureTrack Cross Site Script
Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Tufin SecureTrack Vendor Product Description - Features powerful tools to track changes, analyze device configurations, optimize rule bases, and more on leading vendor firewalls, routers, switches...
[waraxe-2012-SA#080] - Multiple Vulnerabilities in NextBBS 0.6.0
waraxe-2012-SA080 - Multiple Vulnerabilities in NextBBS 0.6.0 =============================================================================== Author: Janek Vind "waraxe" Date: 27. March 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-80.html Description of vulnerable software:...
Astaro Command Center v2.x - Multiple Web Vulnerabilities
Title: ====== Astaro Command Center v2.x - Multiple Web Vulnerabilities Date: ===== 2012-04-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=4 VL-ID: ===== 4 Introduction: ============= We are pleased to announce the General Availability of the Astaro Command Center...
Oracle Java multiple security vulnerabilities
19 different vulnerabilities allow file access and code execution...
HP Onboard Administrator multiple security vulnerabilities
URL redirection, unaurthorized access, information leakage...
[ MDVSA-2012:054 ] libtiff
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:054 http://www.mandriva.com/security/ Package : libtiff Date : April 5, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in libtiff: An...
Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite
!-- Quest Toad for Oracle Explain Plan Display ActiveX Control QExplain2.dll 6.6.1.1115 Remote File Creation / Overwrite vendor site: http://www.quest.com/ file tested: QuestToad-Development-Suite-for-Oracle110R2.exe CLSID: F7014877-6F5A-4019-A3B2-74077F2AE126 Progid: QExplain2.ExplainPlanDisplay...
Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities
Title: ====== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=487 VL-ID: ===== 487 Introduction: ============= Flatnux is no database CMS for accessible websites, corporate websites, e-commer...
Wordpress taggator plugin Sql Injection Vulnerabilities
a bug in Wordpress taggator plugin that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : Wordpress taggator plugin Sql Injection Vulnerabilities Author : BHG Security Center - IrIsT Security Team Discovered By : Am!r Home : http://Black-hg.Org - http://IrIsT.Ir Software...
Landshop v0.9.2 - Multiple Web Vulnerabilities
Title: ====== Landshop v0.9.2 - Multiple Web Vulnerabilities Date: ===== 2012-03-31 References: =========== http://vulnerability-lab.com/getcontent.php?id=485 VL-ID: ===== 485 Introduction: ============= The SAMEDIA LandShop® is an innovative tool for the marketing, sale or rent of any kind of re...
Cross-site scripting vulnerability in Invision Power Board version 3.2.3
Information -------------------- Name : Cross-site scripting vulnerability in Invision Power Board version 3.2.3 Software : Invision Power Board version 3.2.3 Vendor Homepage : http://www.invisionpower.com Vulnerability Type : Cross-site scripting Severity : High Researcher : Vasil A. [email protected]...
seditio165_CSRF_and_world_readble_db_dumpissuses
============================================= Vulnerable Software: Seditio v165 Downloaded from: http://seditio-eklenti.com/datas/users/1-seditio.165.rar This version is under development of Kaan $ md5sum 1-seditio.165.rar 2eebc8d80f7fcd4e9a0d0659ef193488 1-seditio.165.rar...
HP Business Availability Center crossite scripting
No description provided...
[waraxe-2012-SA#081] - Multiple Vulnerabilities in Coppermine 1.5.18
waraxe-2012-SA081 - Multiple Vulnerabilities in Coppermine 1.5.18 ============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-81.html Affected Software: Coppermine is a...
[ MDVSA-2012:050 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:050 http://www.mandriva.com/security/ Package : phpmyadmin Date : April 3, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in phpmyadmin: It wa...
'phpPaleo' Local File Inclusion (CVE-2012-1671)
'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a null-byte attack on the 'lang' GET parameter. II...
[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0
waraxe-2012-SA082 - File Existence Disclosure in Uploadify 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-82.html Description of vulnerable software:...
[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4
waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...