47153 matches found
Timesheet Next Gen 1.5.2 Multiple SQLi
Exploit Title: Timesheet Next Gen 1.5.2 Multiple SQLi Date: 02/23/12 Author: G13 Software Link: https://sourceforge.net/projects/tsheetx/ Version: 1.5.2 Category: webapps php Vulnerability The login.php page has multiple SQL injection vulnerabilities. Both the 'username' and 'password' parameters...
OSI Security: CheckPoint Firewall VPN - Information Disclosure
CheckPoint Firewall VPN1 - Information Disclosure Vulnerability http://www.osisecurity.com.au/advisories/checkpoint-firewall-securemote-hostname-information-disclosure Note: this is essentially a feature, but thought it may be useful for pen testers when deciding which system to attack. Release...
Kongreg8 1.7.3 Mutiple XSS
Exploit Title: Kongreg8 1.7.3 Mutiple XSS Date: 02/24/12 Author: G13 Software Link: https://sourceforge.net/projects/kongreg8/ Version: 1.7.3 Category: webapps php Vulnerability Kongreg8 1.7.3 has multiple XSS vulnerabilites. These vulnerabilities are in the Add Member and Add Group functions...
Endian UTM Firewall security vulnerabilities
XSS, CSRF...
Polycom teleconferencing devices security vulnereabilities
Directory traversal, code injection...
FlashFXP FTP client buffer overflow
Buffer overflow on server response parsing...
CheckPoint Firewall / VPN-1 information leakage
It's possible to obtain host names...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
VMware vCenter Chargeback Manager security vulnerabilities
Information leakage, DoS...
Многочисленные уязвимости в EJBCA
Здравствуйте 3APA3A! Сообщаю вам о найденных мною 17.01.2012 многочисленных уязвимостях в Enterprise Java Beans Certificate Authority EJBCA. Это Cross-Site Scripting, Brute Force и Abuse of Functionality уязвимости. EJBCA - это PKI сервер. По информации из официального сайта: A Certification...
VMSA-2012-0002 VMware vCenter Chargeback Manager Information Leak and Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2012-0002 Synopsis: VMware vCenter Chargeback Manager Information Leak and Denial of Service Issue date: 2012-03-08 Updated on:...
Wikidforum 2.10 Multiple security vulnerabilities
Advisory: Wikidforum 2.10 Multiple security vulnerabilities Advisory ID: SSCHADV2012-005 Author: Stefan Schurtz Affected Software: Successfully tested on Wikidforum 2.10 Vendor URL: http://www.wikidforum.com/ Vendor Status: informed ========================== Vulnerability Description...
11in1 CMS v1.2.1 - SQL Injection Vulnerabilities
Title: ====== 11in1 CMS v1.2.1 - SQL Injection Vulnerabilities Date: ===== 2012-03-05 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=465 VL-ID: ===== 465 Introduction: ============= 11in1 is an open-source content management system CMS that is powered by PHP and MySQL...
OSClass directory traversal (leads to arbitrary file upload)
Advisory ID: CSA-12004 Title: OSClass directory traversal vulnerability Product: OSClass Version: 2.3.5 and probably prior Vendor: osclass.org Vulnerability type: Directory traversal Risk level: 2 / 3 Credit: www.codseq.it Vendor notification: 2012-01-25 Public disclosure: 2012-03-07 Original...
Case YVS Image Gallery
http://osvdb.org/show/osvdb/79477 The software "YVS Image Gallery" seems to be full of security issues. For example one can have lots of fun with this. Copy from installation.php: """ caseisset$POST'dbname': $host = $POST'host'; $dbname = $POST'dbname'; $dbusername = $POST'dbusername'; $dbpasswor...
YVS Image Gallery Sql injection
-=--------------------ADVISORY-------------------=- YVS Image Gallery Author: Corrado Liotta Aka CorryL [email protected] -=-----------------------------------------------=- -=+ Application: YVS Image Gallery -=+ Version: 0.0.0.1 -=+ Vendor's URL: http://yvs.vacau.com/gallery.html -=+ Platform:...
FrameJammer DOM based XSS
Software:FrameJammer Author:Hal Pawluk Software Description: FrameJammer is a little javascript code which prevents opening framed pages outside their frameset. FrameJammer used to be distributed as a Macromedia Dreamweaver extension, nowadays web developers are spreading it with copy-paste...
ImgPals Photo Host Version 1.0 Admin Account Disactivation
-=--------------------ADVISORY-------------------=- ImgPals Photo Host Version 1.0 STABLE Author: Corrado Liotta Aka CorryL [email protected] -=-----------------------------------------------=- -=+ Application: ImgPals Photo Host -=+ Version: 1.0 STABLE -=+ Vendor's URL:...
WikyBlog 1.7.3RC2 XSS vulnerability
Advisory: WikyBlog 1.7.3RC2 XSS vulnerability Advisory ID: SSCHADV2012-006 Author: Stefan Schurtz Affected Software: Successfully tested on WikyBlog 1.7.3RC2 Vendor URL: http://www.wikyblog.com/ Vendor Status: informed ========================== Vulnerability Description =========================...
Dropbear SSH server use-after-free
No description provided...
Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004
Sense of Security - Security Advisory - SOS-12-004 Release Date. 12-Mar-2012 Last Update. - Vendor Notification Date. 24-Nov-2011 Product. Aurora WebOPAC Platform. Independent Affected versions. 3.5.0e, 3.4.6a, 3.5.3, 3.5.0i, 3.4.7b, 3.5.2.2, 3.4.7b, possibly others Severity Rating. High Impact...
Symfony2 Local File Disclosure - Security Advisory - SOS-12-002
Sense of Security - Security Advisory - SOS-12-002 Release Date. 05-Mar-2012 Last Update. - Vendor Notification Date. 24-Feb-2012 Product. Symfony2 Platform. PHP Affected versions. 2.0.x - 2.0.10 Severity Rating. Medium Impact. Exposure of sensitive information Attack Vector. Remote without...
[SECURITY] [DSA 2431-1] libdbd-pg-perl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2431-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 11, 2012 http://www.debian.org/security/faq -...
Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities
Title: ====== Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=443 VL-ID: ===== 443 Introduction: ============= The Enterasys C5 is a scalable, high-performance Gigabit Ethernet switch...
ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-033 February 22, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: ABB - -- Affected...
Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Small Business SRP 500 Series Multiple Vulnerabilities Advisory ID: cisco-sa-20120223-srp500 Revision 1.0 For Public Release 2012 February 23 16:00 UTC GMT Summary ======= Cisco Small Business SRP 500 Series Services Ready Platforms contain th...
Security advisory for Bugzilla 4.2 and 4.0.5
Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issue has been discovered in Bugzilla: A CSRF vulnerability in the implementation of the XML-RPC API when running under modperl could be used to make changes to bugs or...
Cisco SRP 500 multiple security vulnerabilities
Commands injection, directory traversal, unauthorized configuration uplooad...
Barracuda CudaTel crossite scripting
Stored XSS in different configuration parameters...
[SECURITY] [DSA 2423-1] movabletype-opensource security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2423-1 [email protected] http://www.debian.org/security/ Florian Weimer March 02, 2012 http://www.debian.org/security/faq -...
Multiple XSS in Fork CMS
Advisory ID: HTB23075 Product: Fork CMS Vendor: Fork CMS Vulnerable Versions: 3.2.5 and probably prior Tested Version: 3.2.5 Vendor Notification: 15 February 2012 Vendor Patch: 28 February 2012 Public Disclosure: 7 March 2012 Vulnerability Type: Cross Site Scripting XSS CVE References:...
[SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2432-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 12, 2012 http://www.debian.org/security/faq -...
YAML::LibYAML format string vulnerability
Few format string vulnerabilities...
Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability
OVERVIEW Open-Realty 2.5.8 and lower versions are vulnerable to Local File Inclusion. 2. BACKGROUND Open-Realty is the world's leading real estate listing marketing and management CMS application, and has enjoyed being the real estate web site software of choice for professional web site...
FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability
Title: ====== FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability Date: ===== 2012-03-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=462 VL-ID: ===== 462 Introduction: ============= FlashFXP is a FTP File Transfer Protocol client for Windows, it offers you easy and...
[TSI-ADV-1201] Path Traversal on Polycom Web Management Interface
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===== Tempest Security Intelligence - Advisory 01 / 2012 ============ Path Traversal on Polycom Web Management Interface -------------------------------------------------- Authors: - Heyder Andrade: - @heyderandrade -...
notmuch special characters vulnerabilities
MML tags are not escaped...
Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities
Title: ====== Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities Date: ===== 2012-03-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=228 VL-ID: ===== 228 Introduction: ============= Einfach, schnell und zukunftssicher! Die ideale Losung, um Ihre...
[SECURITY] [DSA 2421-1] moodle security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2421-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 29, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2414-1] fex security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2413-1 [email protected] http://www.debian.org/security/ Nico Golde February 21, 2012 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2416-1] notmuch security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2416-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 22, 2012 http://www.debian.org/security/faq -...
Wolf CMS v0.7.5 - Multiple Web Vulnerabilities
Title: ====== Wolf CMS v0.7.5 - Multiple Web Vulnerabilities Date: ===== 2012-02-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=452 VL-ID: ===== 452 Introduction: ============= Wolf CMS is a content management system and is Free Software published under the GNU...
Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities
OVERVIEW Etano 1.x versions are vulnerable to Cross Site Scripting. 2. BACKGROUND The community builder script we provide - Etano - was built entirely based on requests from customers of our previous dating package Dating Site Builder. Almost every feature ever requested was built into Etano to...
Dropbear SSH server use-after-free vulnerability
Dropbear SSH server use-after-free vulnerability Impact: A remote authenticated user can execute arbitrary code on the target system. Class: Use After Free - CWE-416 CVE ID: CVE-2012-0920 CVSS: 8.5 AV:N/AC:M/AU:S/C:C/I:C/A:C Description: This vulnerability is located within the Dropbear daemon an...
OSQA CMS v3b - Multiple Persistent Vulnerabilities
Title: ====== OSQA CMS v3b - Multiple Persistent Vulnerabilities Date: ===== 2012-02-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=461 VL-ID: ===== 461 Introduction: ============= OSQA is the Open Source Q&A System. It is free software licensed under the GPL, and y...
Multiple vulnerabilities in Elefant CMS
Advisory ID: HTB23076 Product: Elefant CMS Vendor: Elefant CMS Vulnerable Versions: 1.1.3 beta and probably prior Tested Version: 1.1.3 beta Vendor Notification: 22 February 2012 Vendor Patch: 22 February 2012 Public Disclosure: 14 March 2012 Vulnerability Type: SQL Injection, XSS Cross Site...
PHP Gift Registry 1.5.5 SQL Injection
Exploit Title: PHP Gift Registry 1.5.5 SQL Injection Date: 02/22/12 Author: G13 Software Link: https://sourceforge.net/projects/phpgiftreg/ Version: 1.5.5 Category: webapps php Vulnerability The userid parameter in the users.php file is vulnerable to SQL Injection. A user must be signed in to...
Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities
Title: ====== Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=470 VL-ID: ===== 470 Introduction: ============= SysAid IT Enterprise Edition is an IT management solution that includes a suite of...
Iciniti Store SQL Injection - Security Advisory - SOS-12-003
Sense of Security - Security Advisory - SOS-12-003 Release Date. 06-Mar-2012 Last Update. - Vendor Notification Date. 28-Jul-2011 Product. Iciniti Store Platform. Windows Affected versions. 4.3.3683.31484 verified, and possibly others Severity Rating. High Impact. Manipulation of data Attack...
pidgin OTR information leakage
Pidgin transmits OTR off-the-record conversations over DBUS in plaintext. This makes it possible for attackers that have gained user-level access on a host, to listen in on private conversations associated with the victim account. Pidgin is a popular Instant Messenger application that runs on a...